minhaloja.boticario.com.br Open in urlscan Pro
143.204.98.82 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://meucatalogodigital.boticario.com.br/
Effective URL:
https://minhaloja.boticario.com.br/
Submission: On December 23 via manual (December 23rd 2021, 3:10:14 pm UTC) from BR — Scanned from DE

Summary HTTP 81 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 15 domains to perform 81 HTTP transactions. The main IP is 143.204.98.82, located in United States and belongs to AMAZON-02, US. The main domain is minhaloja.boticario.com.br.
TLS certificate: Issued by Amazon on November 26th 2021. Valid for: a year.

This is the only time minhaloja.boticario.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	143.204.98.100 143.204.98.100	16509 (AMAZON-02) (AMAZON-02)
38	143.204.98.82 143.204.98.82	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
4	143.204.98.18 143.204.98.18	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::6816:1b9f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
1	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
1	143.204.98.76 143.204.98.76	16509 (AMAZON-02) (AMAZON-02)
1	162.247.242.31 162.247.242.31	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1	143.204.98.104 143.204.98.104	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.69 143.204.98.69	16509 (AMAZON-02) (AMAZON-02)
81	18

2 143.204.98.100 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-100.fra50.r.cloudfront.net

meucatalogodigital.boticario.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 143.204.98.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-82.fra50.r.cloudfront.net

minhaloja.boticario.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.98.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-18.fra50.r.cloudfront.net

gb-assets.grupoboticario.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
meucatalogodigitalresources.grupoboticario.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:1b9f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-global.configcat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-76.fra50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.242.31 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: service.newrelic.co.uk

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-104.fra50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-69.fra50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	boticario.com.br 2 redirects meucatalogodigital.boticario.com.br minhaloja.boticario.com.br	1 MB
8	gstatic.com fonts.gstatic.com www.gstatic.com	510 KB
6	google.com www.google.com	44 KB
6	cookielaw.org cdn.cookielaw.org	104 KB
4	google-analytics.com www.google-analytics.com	54 KB
4	grupoboticario.digital gb-assets.grupoboticario.digital meucatalogodigitalresources.grupoboticario.digital	62 KB
4	googleapis.com fonts.googleapis.com	3 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	65 KB
2	configcat.com cdn-global.configcat.com	4 KB
1	nr-data.net bam.nr-data.net	322 B
1	newrelic.com js-agent.newrelic.com	16 KB
1	doubleclick.net stats.g.doubleclick.net	452 B
1	googletagmanager.com www.googletagmanager.com	63 KB
1	onetrust.com geolocation.onetrust.com	374 B
0	google.co.uk Failed www.google.co.uk Failed
81	15

	Domain	Requested by
38	minhaloja.boticario.com.br	minhaloja.boticario.com.br
6	www.google.com	minhaloja.boticario.com.br www.gstatic.com
6	cdn.cookielaw.org	minhaloja.boticario.com.br cdn.cookielaw.org
5	www.gstatic.com	minhaloja.boticario.com.br www.google.com
4	www.google-analytics.com	minhaloja.boticario.com.br
4	fonts.googleapis.com	minhaloja.boticario.com.br
3	fonts.gstatic.com	fonts.googleapis.com
3	gb-assets.grupoboticario.digital	minhaloja.boticario.com.br
2	cdn-global.configcat.com	minhaloja.boticario.com.br
2	meucatalogodigital.boticario.com.br	2 redirects
1	vars.hotjar.com	minhaloja.boticario.com.br
1	script.hotjar.com	minhaloja.boticario.com.br
1	bam.nr-data.net	minhaloja.boticario.com.br
1	static.hotjar.com	minhaloja.boticario.com.br
1	js-agent.newrelic.com	minhaloja.boticario.com.br
1	stats.g.doubleclick.net	minhaloja.boticario.com.br
1	meucatalogodigitalresources.grupoboticario.digital	minhaloja.boticario.com.br
1	www.googletagmanager.com	minhaloja.boticario.com.br
1	geolocation.onetrust.com	minhaloja.boticario.com.br
0	www.google.co.uk Failed	minhaloja.boticario.com.br
81	20

This site contains links to these domains. Also see Links.

Domain
privacidade.grupoboticario.com.br

Subject Issuer	Validity	Valid
*.boticario.com.br Amazon	`2021-11-26` - `2022-12-25`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.grupoboticario.digital Amazon	`2021-02-04` - `2022-03-05`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.configcat.com AlphaSSL CA - SHA256 - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh

This page contains 4 frames:

Primary Page: https://minhaloja.boticario.com.br/
Frame ID: 0F98F69581A648802B3F91166ACF9163
Requests: 72 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Leoe7oZAAAAACyDwF4Q4kLm08evbEee2_9Trxp5&co=aHR0cHM6Ly9taW5oYWxvamEuYm90aWNhcmlvLmNvbS5icjo0NDM.&hl=de&type=image&v=VZKEDW9wslPbEc9RmzMqaOAP&theme=light&size=invisible&badge=bottomright&cb=40503i3dw9a
Frame ID: 13CF2C43C827BA2080BE48C88B056D47
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&k=6Leoe7oZAAAAACyDwF4Q4kLm08evbEee2_9Trxp5
Frame ID: DBF350BDF980CE2E4E87562FB796AF16
Requests: 4 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html
Frame ID: B02872D5470F9419AF60DB672BFC03CD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

O Boticário | Minha Loja Digital

Page URL History Show full URLs

http://meucatalogodigital.boticario.com.br/ HTTP 301
https://meucatalogodigital.boticario.com.br/ HTTP 301
https://minhaloja.boticario.com.br/ Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

81
Requests

99 %
HTTPS

56 %
IPv6

15
Domains

20
Subdomains

18
IPs

3
Countries

1988 kB
Transfer

5942 kB
Size

12
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://privacidade.grupoboticario.com.br/
Title: Política de privacidade

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://meucatalogodigital.boticario.com.br/ HTTP 301
https://meucatalogodigital.boticario.com.br/ HTTP 301
https://minhaloja.boticario.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

81 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
minhaloja.boticario.com.br/
Redirect Chain

http://meucatalogodigital.boticario.com.br/
https://meucatalogodigital.boticario.com.br/
https://minhaloja.boticario.com.br/

3 KB
3 KB

48ms
25ms

Document
text/html

143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-82.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d4995bdb0d79766a30b0c3af9ba395424f11a67b0a0dcde618c210ba2b67f3df

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html
last-modified: Wed, 22 Dec 2021 13:17:20 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
referrer-policy: same-origin
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
service-worker-allowed: /
content-encoding: gzip
date: Thu, 23 Dec 2021 15:10:08 GMT
cache-control: max-age=300, public
etag: W/"6b9c01986aa681d685438f098e4d97f5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: AaGPlf_UY06YshQaKewZs3RRmoVMUbsRdDpBDc195lFbV4clHkuJsA==

Redirect headers

content-length: 0
location: https://minhaloja.boticario.com.br/
date: Thu, 23 Dec 2021 15:10:09 GMT
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: THpmQ0VMQSGv39hQwy9nY3YdVYI0edW_Pupr6ih_8JvIu6A5ToLmEg==

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 19 KB
7 KB 54ms
37ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d2a74d8b25e1ccd4b1294b0b937804bc24aeea7f46edad3f3c1f91604d2708c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 23 Dec 2021 15:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: BXRr8anumVFsMvgN5QlueA==
age: 9128
vary: Accept-Encoding
content-length: 6508
x-ms-lease-status: unlocked
last-modified: Fri, 17 Dec 2021 17:08:36 GMT
server: cloudflare
etag: 0x8D9C17FDD6FB88D
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 52c8446c-501e-0127-6d63-f404fa000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6c2283d7890b690d-FRA

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
705 B 40ms
16ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@400;500&display=swap

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f9714289219fcd069b4b97027f6cc40309ff4b22aa46070c4c03e77ca0df7b05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 23 Dec 2021 15:10:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 23 Dec 2021 15:10:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Dec 2021 15:10:08 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
914 B 39ms
15ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Red+Hat+Display:wght@500;700&display=swap

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8a883974729df810eb42dda5ee43ba10e8a9be598ed5a97610cfa56358991e8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 23 Dec 2021 15:02:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 23 Dec 2021 15:10:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Dec 2021 15:10:08 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
706 B 47ms
23ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&display=swap

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0ed1c09a270e3ec711b4aaf5b05d2cb99d62c25360e798a1434711bd397de575

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 23 Dec 2021 14:54:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 23 Dec 2021 15:10:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Dec 2021 15:10:08 GMT

GET
H2 200 MaisonNeueExt.css
gb-assets.grupoboticario.digital/eam/font/ 586 B
996 B 54ms
9ms Stylesheet
text/css 143.204.98.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gb-assets.grupoboticario.digital/eam/font/MaisonNeueExt.css
Requested by: Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-18.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1582818ac1ba9ee326fa08cdb4db4791a2bf031aaf976a8e121ac535b594c398

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: WrBWy07eUZsh2LrUoSv4F0NiFKk7NZXx
via: 1.1 e6d97713eb9b65f883e0f86b833878dd.cloudfront.net (CloudFront)
last-modified: Wed, 24 Mar 2021 20:46:18 GMT
server: AmazonS3
age: 15759
etag: "19e3943c5cbbc9a825de521ca27fe18a"
x-cache: Hit from cloudfront
content-type: text/css
date: Thu, 23 Dec 2021 14:49:50 GMT
x-amz-meta-version-id: XSuhmhsEC3wkBYbURCtRjU1TPBW7XswB
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 586
x-amz-cf-id: bRc4enx3I5dySHOdoch3Eqg5iLtONfYPcz0r900rH-F6CW8IY8t4TA==

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
503 B 47ms
24ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=DM+Sans:wght@400;500;700&display=swap

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

24508b82a87ed41e1dbec0e55a404055cab488d5417d0a0352adb1551ff98aa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 23 Dec 2021 14:19:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 23 Dec 2021 15:10:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Dec 2021 15:10:08 GMT

GET
H2 200 reset.css
minhaloja.boticario.com.br/container/latest/css/ 1005 B
3 KB 10ms
9ms Stylesheet
text/css 143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/container/latest/css/reset.css

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-82.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

121e8b47d5e772c09d51347f5ceff9edf192b637d35d454b6fb69acbb3b366af

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:28:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92496
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:17:19 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"365d8e12df781834ff2eabf790a8c382"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: text/css
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: c7mRBRcEfRi8bp38k9LOIIhzqG8lf_1gKcLKzxEtfj28sL7KaxiDmg==

GET
H2 200 normalize.css
minhaloja.boticario.com.br/container/latest/css/ 9 KB
5 KB 11ms
10ms Stylesheet
text/css 143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/container/latest/css/normalize.css

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-82.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e66647558738216efd2c6a0460f380175b08b7c8407dbbebde8e3f7bbe1eeefb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:28:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92496
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:17:19 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"e1874f392ad93753772d2f8a65dedc6d"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: text/css
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 85RKhJF_ghdcMTenjM2-Q-473lZcZwECQnYNqVnkefsasTZH1NurfQ==

GET
H2 200 main.bundle.5a8123f787e0a4950994.js Show response
minhaloja.boticario.com.br/container/latest/js/ 9 KB
6 KB 10ms
10ms Script
application/javascript 143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/container/latest/js/main.bundle.5a8123f787e0a4950994.js?a9abaf2c7acf8ae3beb6

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-82.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

11d6ee17bd470d906704e12f6cfe99d1c87519aa9b52239aff003646fa5e6190

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:28:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92484
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:17:37 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"5991ee190ca963cdd6ae0243b39417aa"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: drs5_vUc1VoBtGoUX2tJVxE-m4y366wJzp30AzCyewg9bEoJN4VYrA==

GET
H2 200 newRelicSnippet.js Show response
minhaloja.boticario.com.br/container/latest/scripts/ 27 KB
12 KB 12ms
11ms Script
application/javascript 143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-82.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

da9ddaf5cac3f0e3e7a3b7df692dd604a9579d5a58e8f0eb08cc4e71581cbf6d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:28:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92484
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:17:38 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"f41e2d42ee9366c7fa9d2f2a479fdf44"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: wth8mn60jGhvj9ucoTQiqaWjSPGyKsnMYN91kN4X1LNv2PMAIfqv4w==

GET
H2 200 5c7a925d-2987-4be9-a60b-fc346dae1f61.json Show response
cdn.cookielaw.org/consent/5c7a925d-2987-4be9-a60b-fc346dae1f61/ 3 KB
2 KB 35ms
20ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/5c7a925d-2987-4be9-a60b-fc346dae1f61/5c7a925d-2987-4be9-a60b-fc346dae1f61.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6af7f2a7319a700fa7d79c2ee318a8f468b39325b04b8740f963a2678932beeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 23 Dec 2021 15:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: TsaOYtk1a75+WvHucPBJGg==
age: 1218
vary: Accept-Encoding
content-length: 1307
x-ms-lease-status: unlocked
last-modified: Wed, 22 Sep 2021 12:58:20 GMT
server: cloudflare
etag: 0x8D97DC8A7A69726
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: b1a20eba-a01e-005b-3b14-b6df9a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6c2283d7d8e75b44-FRA
expires: Thu, 23 Dec 2021 19:10:08 GMT

GET
H2 200 20.bundle.3e6a3d2e9c34190533de.js Show response
minhaloja.boticario.com.br/container/latest/js/ 162 KB
47 KB 11ms
10ms Script
application/javascript 143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/container/latest/js/20.bundle.3e6a3d2e9c34190533de.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-82.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ee8a8114c7658b7865e50235668f485cb48a22439d8f9afd987eb2a3f9ff1359

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:28:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92483
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:17:22 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"e5e20c024c65ed774352af296474f875"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 7HvWfILCzKwAs9OOR4it7Q3jTrryKfkMZUdFk74tOeMog8-ysdTE8A==

GET
H2 200 remoteEntry.js Show response
minhaloja.boticario.com.br/admin/latest/ 10 KB
7 KB 520ms
520ms Script
application/javascript 143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/admin/latest/remoteEntry.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-82.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0fc5b4dedeb4acc1a01efc2b226aa9a7904a82b9a4cab6e2b90dd26a4068856e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 15:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:21:00 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"4885cc14c8ba00cdbbaca1de3fb98b56"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cache-control: no-store, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-id: ZikR39-Cmqw2nYlHhC0SfW8zhUk80Fkn54hKKIBYx6sc3D8S1rqjFA==

GET
H2 200 remoteEntry.js Show response
minhaloja.boticario.com.br/vitrine/latest/ 8 KB
6 KB 637ms
637ms Script
application/javascript 143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/vitrine/latest/remoteEntry.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-82.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

394f74a2fd40f8a7d48ab0fef108547ce5b4580f4e87ed22cd69f76e6415f2e4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 15:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:19:55 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"e2b92fc20ac420bfca16400489953a0f"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cache-control: no-store, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-id: O7KHaCCztMH7hbGCNtkFPPGeGFZNWUmjQm_mn6ezNIO8SOytGJLnxw==

GET
H2 200 354.bundle.69ba24080f07000ff039.js Show response
minhaloja.boticario.com.br/container/latest/js/ 23 KB
8 KB 16ms
16ms Script
application/javascript 143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/container/latest/js/354.bundle.69ba24080f07000ff039.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-82.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

7f34893a704d4a71da0fa274dd428284f6fb17b549008ae11148b851435a3e51

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:28:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92483
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:17:27 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"2654cf521e826cddb21f01d06bf5e41c"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: sUhrH0oiq-sQ0T56m4zZezvU69kOutvIKJMKFj6pLNlw5MfzPSJ9sA==

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 165 B
374 B 47ms
28ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77ae4fb56d2da594993ef6f0203c0cef103af28f7e4c5e0ac045909137422cf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 15:10:08 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6c2283d81b063233-FRA

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.24.0/ 317 KB
76 KB 17ms
17ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.24.0/otBannerSdk.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec2f6762f857fdc509ffa369c2b398982af1fa6cd2c0298d6088046fa757b852

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 23 Dec 2021 15:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: V5hcbF1dEgrls6P2M61C9g==
age: 5670157
vary: Accept-Encoding
content-length: 77260
x-ms-lease-status: unlocked
last-modified: Thu, 30 Sep 2021 02:38:37 GMT
server: cloudflare
etag: 0x8D983BB67EEBDFE
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 646ab96e-a01e-00d8-5b6c-c47f37000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6c2283d84b29690d-FRA

GET
H2 200 pt.json Show response
cdn.cookielaw.org/consent/5c7a925d-2987-4be9-a60b-fc346dae1f61/ab330c12-9ad3-4177-9183-63541ae111ae/ 38 KB
12 KB 16ms
16ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/5c7a925d-2987-4be9-a60b-fc346dae1f61/ab330c12-9ad3-4177-9183-63541ae111ae/pt.json

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

858d3ae73f132b8f3d872db375db917a266b904a671ef12213fe898b038d9237

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 23 Dec 2021 15:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: s5rLtE5nBT0RlXFZPJ+G/g==
age: 1218
vary: Accept-Encoding
content-length: 12228
x-ms-lease-status: unlocked
last-modified: Wed, 22 Sep 2021 12:58:23 GMT
server: cloudflare
etag: 0x8D97DC8A953ADD6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: eb94c73a-201e-0145-65bc-cb4322000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6c2283d91b0e5b44-FRA
expires: Thu, 23 Dec 2021 19:10:08 GMT

GET
H2 200 otFloatingFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.24.0/assets/ 10 KB
3 KB 16ms
16ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.24.0/assets/otFloatingFlat.json

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29a93d731434e92cd8081bb2af123c2cea435d7893245a04134d7fbf713518f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 23 Dec 2021 15:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 9rK3Ikd9KsAnky96tLlwvw==
age: 1218
vary: Accept-Encoding
content-length: 2675
x-ms-lease-status: unlocked
last-modified: Thu, 30 Sep 2021 02:38:28 GMT
server: cloudflare
etag: 0x8D983BB62C7DDA4
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: ba238190-e01e-00b9-4e0c-f63be8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6c2283d94b615b44-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.24.0/assets/ 20 KB
4 KB 13ms
13ms Fetch
text/css 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.24.0/assets/otCommonStyles.css

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 23 Dec 2021 15:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Ye6OeZcNyuFoWog7CYs00A==
age: 4873299
vary: Accept-Encoding
x-ms-lease-status: unlocked
last-modified: Thu, 30 Sep 2021 02:38:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: a790b2cd-001e-0116-45bc-cb5f2d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6c2283d94b685b44-FRA

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 294.bundle.db5a5817d696cd923f92.js Show response
minhaloja.boticario.com.br/vitrine/latest/js/ 7 KB
5 KB 9ms
9ms Script
application/javascript 143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/vitrine/latest/js/294.bundle.db5a5817d696cd923f92.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-82.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

437ba48e15c6a06a669c284df1c9516ca2678f6aaae8e080a26a3662c0891c03

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:28:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92483
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:19:44 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"eaf67ee7b7d4506295dc159c56606594"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: _VJ2Sa5yIxyFCHHrBXEH61nk4kJNChCQKOuFj2K9xEpUb9ZvbBlleQ==

GET
H2 200 935.bundle.7cddea9ad86acda3f1f6.js Show response
minhaloja.boticario.com.br/vitrine/latest/js/ 121 KB
42 KB 9ms
9ms Script
application/javascript 143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/vitrine/latest/js/935.bundle.7cddea9ad86acda3f1f6.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-82.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e07b00827f5f6d2c71523bac1292216711543a067a8d0f2532454ba28266cfcb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:28:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92483
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:19:52 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"73e5f7497a2659bee49d2195e7a07b2f"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: V7waNfQ9Hp9owJ_cgCNYPl71t98RAm2PYAv-8c4mWHW4FFAGFUm0lw==

GET
H2 200 216.bundle.7b0e68737d14c69187ab.js Show response
minhaloja.boticario.com.br/vitrine/latest/js/ 11 KB
6 KB 13ms
13ms Script
application/javascript 143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/vitrine/latest/js/216.bundle.7b0e68737d14c69187ab.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-82.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f54a6119d3615df97b64f039557b186019f21742edd3915754aaf88aa7b4e2e9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:25:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92674
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:19:42 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"8b919cf09863b223ac6557d72a8027d7"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: XHJg4vN98zJgDvTEU4A8ZvVDlAY9-32MIq6D8lSTJacge2kFgazfzg==

GET
H2 200 961.bundle.7f03cc7bc617a1dd06c7.js Show response
minhaloja.boticario.com.br/vitrine/latest/js/ 4 KB
4 KB 12ms
11ms Script
application/javascript 143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/vitrine/latest/js/961.bundle.7f03cc7bc617a1dd06c7.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-82.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d723c4ceb0f73b7ebd59aa950a0324f05b8d7d109faf1f27e3b84f47c7d60e0b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:28:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92483
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:19:54 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"c23db646efd40be3aac63a42db660fe7"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: lIZjKfkve6ww6DKZhDIky9yBFmpIkLYbktA9xIHzhM9vSV-9PWiRvg==

GET
H2 200 163.bundle.92211029fba5215177b0.js Show response
minhaloja.boticario.com.br/vitrine/latest/js/ 37 KB
16 KB 12ms
12ms Script
application/javascript 143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/vitrine/latest/js/163.bundle.92211029fba5215177b0.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-82.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

2d9decf32d1f341945c160f048ab3fc63f1d0c6df7f745dd0f49cdfc3117b5b4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:28:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92483
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:19:42 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"abb567f08eb6961816e060d91679cc94"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 9XGUgu9aqYui7JZ4WRveIURxsiKlxOS7gniTuweITdQl5Rh7UEtJiw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 179 KB
63 KB 53ms
29ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PTX3XVW&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f9443abdeea626ca122757962b3bab20fdc677bffaa6b17a72639702a9a7a855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 15:10:09 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63834
x-xss-protection: 0
expires: Thu, 23 Dec 2021 15:10:09 GMT

GET
H2 200 938.bundle.73d6e2ffbf16aeeef39b.js Show response
minhaloja.boticario.com.br/container/latest/js/ 641 B
3 KB 9ms
8ms Script
application/javascript 143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/container/latest/js/938.bundle.73d6e2ffbf16aeeef39b.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-82.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

bbffe137df9de30504c9a813fff9ee7c6b60b2e802daf9aeb7e3d476ac90614a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:25:40 GMT
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 92670
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 641
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:17:34 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "abdffcd62a0de5ceb88da3962097dcff"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: POmQAYghDF5iEmkp5wSaHRXJhgaz5bTXZt9yiLVm1CUB_LmFA9_dHw==

GET
H2 200 6802.bundle.ae4335c4b622ec099c60.js Show response
minhaloja.boticario.com.br/admin/latest/js/ 59 KB
21 KB 9ms
9ms Script
application/javascript 143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/admin/latest/js/6802.bundle.ae4335c4b622ec099c60.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-82.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

7ff92102b6f813e294c4bbd27c6b2c526f69a5d13636eaecdcd94e92fffc2552

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 14:13:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89790
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:20:49 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"4990e4205189ca6326be5f2c04fc7120"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 5e-GaTdM8Xx9ZC3ygPo7tJdr05mV4zjJgy8c92rYjBhLd4x37H_BYA==

GET
H2 200 5262.bundle.1d9fd27a7c8de7e1da71.js Show response
minhaloja.boticario.com.br/admin/latest/js/ 72 KB
12 KB 10ms
9ms Script
application/javascript 143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/admin/latest/js/5262.bundle.1d9fd27a7c8de7e1da71.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-82.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e1d3f2ecd8f883d83fb05bca8f430a39877676475b620e6db6eccf61c5fa8daf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 14:31:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88714
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:20:42 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"682355a3a40f677f6ce9e5245bfec437"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: aU7ueHArtoF4JMx8-L5uOnc5RnkKAHHfDNfQ-cDw84IhJ3JwjWFsbA==

GET
H2 200 3356.bundle.3acb13eb1c89517d2205.js Show response
minhaloja.boticario.com.br/admin/latest/js/ 231 KB
66 KB 10ms
10ms Script
application/javascript 143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/admin/latest/js/3356.bundle.3acb13eb1c89517d2205.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-82.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

fb9950bf5f0a01a67b38064c58d15a8aff6e674e4f3c494733ffc861fe815912

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 14:31:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88714
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:20:37 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"7ac2ee58b82a09d56403ec81565eb0a5"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: y0kjOaoybtbNSlzi427-EZKl5gueHJISKFjpiYIWQbUVjm5QOXIw9g==

GET
H2 200 3665.bundle.5c51d88d95d8da096ec9.js Show response
minhaloja.boticario.com.br/admin/latest/js/ 82 KB
23 KB 14ms
12ms Script
application/javascript 143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/admin/latest/js/3665.bundle.5c51d88d95d8da096ec9.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-82.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d285fae14a8b969bb0d4e5f10ea88e6ec60610d5090818b1ade3e244a03fc832

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 14:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89789
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:20:38 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"4d16d9973d3dc30ae6bd2819d6cbc6d5"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: QkBf-FgZuwgS1tez2wP7F7ZMLzq7LuXN_hLMlxs9c_nj1POPeKltaQ==

OPTIONS
H2 204 config_v5.json
cdn-global.configcat.com/configuration-files/9D3YCJhyTUOPJjMCSwiK0g/UwYPlWK-2UGO5uENhLY5gA/ Frame 0
0 46ms
15ms Preflight
text/plain 2606:4700:10::6816:1b9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-global.configcat.com/configuration-files/9D3YCJhyTUOPJjMCSwiK0g/UwYPlWK-2UGO5uENhLY5gA/config_v5.json
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1b9f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: cache-control,x-configcat-useragent
Origin: https://minhaloja.boticario.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 23 Dec 2021 15:10:09 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,X-ConfigCat-UserAgent,If-None-Match,Pragma,Accept-Language
access-control-expose-headers: Content-Length,Content-Range,ETag,Last-Modified,Date,Content-Encoding
access-control-max-age: 1728000
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6c2283dccc374e44-FRA

GET
H2 200 config_v5.json Show response
cdn-global.configcat.com/configuration-files/9D3YCJhyTUOPJjMCSwiK0g/UwYPlWK-2UGO5uENhLY5gA/ 22 KB
4 KB 21ms
21ms XHR
application/json 2606:4700:10::6816:1b9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-global.configcat.com/configuration-files/9D3YCJhyTUOPJjMCSwiK0g/UwYPlWK-2UGO5uENhLY5gA/config_v5.json
Requested by: Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1b9f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11007819187396a8ecfea1c297fc53956fd653ec19c02451ef83a814e9acfe0b

Request headers

X-ConfigCat-UserAgent: ConfigCat-JS/a-4.5.0
Cache-Control: no-cache
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 15:10:09 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Tue, 21 Dec 2021 22:44:54 GMT
server: cloudflare
etag: W/"61c258e6-56c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range,ETag,Last-Modified,Date,Content-Encoding
cf-ray: 6c2283dcec6e4e44-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,X-ConfigCat-UserAgent,If-None-Match,Pragma,Accept-Language

GET
H2 200 1762.bundle.d9db2952256f89e1cb19.js Show response
minhaloja.boticario.com.br/admin/latest/js/ 285 KB
73 KB 12ms
11ms Script
application/javascript 143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/admin/latest/js/1762.bundle.d9db2952256f89e1cb19.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-82.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4f99354072168678ad38aeb06685a45f79a18b3136378ad6680625cd60d97cd0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 14:38:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88330
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:20:31 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"578f2032a104f6b97d129facf35c77e4"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: ab9hwVpL2fRqxWxegSbz5NdmhFBlIRFKZgm11mViWNd6GzCX9-F3_A==

GET
H2 200 2688.bundle.20297ca23e09a6fe705e.js Show response
minhaloja.boticario.com.br/admin/latest/js/ 14 KB
6 KB 18ms
17ms Script
application/javascript 143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/admin/latest/js/2688.bundle.20297ca23e09a6fe705e.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-82.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

18f52f0fa5c52403fdb0afaf3827b883e079d6c4137aa725a4111de217cbd696

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 14:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88712
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:20:35 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"2bca7dcc36c5545769a6b385c5a9a715"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 3dYyHkkt1BN6ePfWY5OfD7MVlOPQP9W_c6ojCtcx-sUZAYuw0UE8Uw==

GET
H2 200 3082.bundle.f82168288f4d5084ba3b.js Show response
minhaloja.boticario.com.br/admin/latest/js/ 8 KB
5 KB 19ms
17ms Script
application/javascript 143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/admin/latest/js/3082.bundle.f82168288f4d5084ba3b.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-82.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

850f66e3a3525eeadd67a295859122a1ec870b53376d34281e1a88ef06e4d225

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 23:49:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55260
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:20:36 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"d93884b14522b9b8aa2bde87611da0f8"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: HduqZhNazY6kMsWd8iYnQX8TfocmeewwLJ8auAoGAT74FKo4DMmwKA==

GET
H2 200 386.bundle.a8a9ae35abd20a5a86d6.js Show response
minhaloja.boticario.com.br/vitrine/latest/js/ 60 KB
22 KB 19ms
18ms Script
application/javascript 143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/vitrine/latest/js/386.bundle.a8a9ae35abd20a5a86d6.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-82.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e55d635023217556467008ffd60527fab5337cb0620cd985c18de654dc8d0f99

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:28:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92482
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:19:46 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"ae131cf40c7a721f9454d45d268973ac"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: QI9QBXyYaQ2QcG51nysygL579XNZ0-qXU99Kmpw2dqg_hIxL3wqHyQ==

GET
H2 200 385.bundle.6231c8d8b583b567d165.js Show response
minhaloja.boticario.com.br/vitrine/latest/js/ 2 MB
335 KB 22ms
21ms Script
application/javascript 143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/vitrine/latest/js/385.bundle.6231c8d8b583b567d165.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-82.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

07a5d470d342b317c9184b20856080b4a083f463293971ec7751f0be48039f8f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:28:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92477
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:19:45 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"ecb61910e5f3d8fbfbb1cbe8fb9a943d"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: jlLw8BDw6XcF3XAZ57214gh4QsVmWymh6kYmltamwMBaPQYFvMC0aA==

GET
H2 200 6455.bundle.2f7412c1d35ce8bb5369.js Show response
minhaloja.boticario.com.br/admin/latest/js/ 15 KB
7 KB 20ms
19ms Script
application/javascript 143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/admin/latest/js/6455.bundle.2f7412c1d35ce8bb5369.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-82.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

36cd8ebd7e467fa9ec7416eba5abc3e912e7154dfb17eecf62db02ca53348abb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 14:38:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88329
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:20:47 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"d801dc9311ed287bb9c660179065f642"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 8oU6r9P1ojk1rHlV4sPcZ3DtX7wuU0CVyM4RR8103Wbfy51hZc7X2Q==

GET
H2 200 544.bundle.2221a7f33cd17a48d97b.js Show response
minhaloja.boticario.com.br/admin/latest/js/ 27 KB
9 KB 21ms
20ms Script
application/javascript 143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/admin/latest/js/544.bundle.2221a7f33cd17a48d97b.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-82.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e35d3121e39bb7d96a8fbe1bd46b1ea79c1ce954c5e1d6cf3fb6f8117dfa7599

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 19:01:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72514
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:20:43 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"cde2588563fa843a8b307bba9314e1f8"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: uhZGuzeuo7Cl34qPFxYBC9x6_Idj9fl4dCkauk4WxUpfYcigmrPcXw==

GET
H2 200 desk_pattern_bot.jpg
meucatalogodigitalresources.grupoboticario.digital/assets/images/ 57 KB
57 KB 460ms
426ms Image
image/jpeg 143.204.98.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://meucatalogodigitalresources.grupoboticario.digital/assets/images/desk_pattern_bot.jpg
Requested by: Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-18.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 582b1075b04787e0090c0d6585b647018b4a203a04cb693fe8f4f99b1a0fd1ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 15:10:10 GMT
via: 1.1 e6d97713eb9b65f883e0f86b833878dd.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 15:08:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "c2b36391a971727278cbf1059ce6ab06"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 57992
x-amz-cf-id: Cx-XH5dD3Y5TU53MV6nYZhrck8HRHFV7ISLdIdJBFazYwOLF3pFTdA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5715
date: Thu, 23 Dec 2021 13:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 23 Dec 2021 15:34:54 GMT

GET
H2 200 zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v9/ 18 KB
19 KB 44ms
17ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v9/zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c540c2421660f25afa9edabf188e3409753d3d94dc01a4fd6662df787a2767f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://minhaloja.boticario.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 14:13:45 GMT
x-content-type-options: nosniff
age: 176184
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18940
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 16:52:53 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 21 Dec 2022 14:13:45 GMT

GET
H2 200 zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
fonts.gstatic.com/s/ibmplexsans/v9/ 18 KB
18 KB 34ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v9/zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

392f196c197758bafbfb4a917625b5a20a84cd7977433a134140f9c6f745058f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://minhaloja.boticario.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 07:56:04 GMT
x-content-type-options: nosniff
age: 198845
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18096
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 16:52:22 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 21 Dec 2022 07:56:04 GMT

GET
H2 200 rP2Cp2ywxg089UriAWCrCBimCw.woff2
fonts.gstatic.com/s/dmsans/v6/ 18 KB
18 KB 39ms
13ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmsans/v6/rP2Cp2ywxg089UriAWCrCBimCw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=DM+Sans:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3411c961b332008c61452f483ada3da4cd0fd06cc264c7f2facfb01bc4b1d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://minhaloja.boticario.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 13:22:00 GMT
x-content-type-options: nosniff
age: 524889
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18296
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:00:23 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 17 Dec 2022 13:22:00 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 909 B
994 B 45ms
15ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

58341529f6331985c1d3f44df3124f3e047a7403a5077f3311dbeae51a57846c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 15:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 581
x-xss-protection: 1; mode=block
expires: Thu, 23 Dec 2021 15:10:09 GMT

GET
H2 200 pack-phones.jpg
minhaloja.boticario.com.br/admin/latest/ 92 KB
94 KB 9ms
8ms Image
image/jpeg 143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://minhaloja.boticario.com.br/admin/latest/pack-phones.jpg

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-82.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d9658bca2195c58f043af25ae6d94e676a34b1d0a6fc524e28fb68bb40922733

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 17:09:37 GMT
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 79233
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 94144
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:21:00 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "64d80cb5fa30576c10e38e420100f8e8"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/jpeg
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: Rf8017M3gFtL_ERaQbS49qmsAauob1fhJopNweNXjtz4qo17XzlQQw==

GET
H2 200 anfora.svg
gb-assets.grupoboticario.digital/boticario/image/ 2 KB
2 KB 13ms
8ms Image
image/svg+xml 143.204.98.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gb-assets.grupoboticario.digital/boticario/image/anfora.svg
Requested by: Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-18.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 672a9ad399cc43bb9249f7e53bac67a0dff2c85fe47edc6309d38117bbbfd63b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: 036mmZVsxq955Ey29PI2Kpa2bdqr2ArY
content-encoding: gzip
last-modified: Fri, 26 Feb 2021 18:49:53 GMT
server: AmazonS3
age: 5897
etag: W/"f30938de71b8eb608a92dea0758c43d2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 e6d97713eb9b65f883e0f86b833878dd.cloudfront.net (CloudFront)
date: Thu, 23 Dec 2021 14:49:51 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: leTdPSQOR3JMVd-XAt5hqBJpByhkBJlU8t3Y3LaBa-ey_z0Gn8EXHw==

GET
H2 200 logo-black.svg
gb-assets.grupoboticario.digital/eam/logo/ 4 KB
2 KB 11ms
8ms Image
image/svg+xml 143.204.98.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gb-assets.grupoboticario.digital/eam/logo/logo-black.svg
Requested by: Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-18.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0d92282204c7d00a22f29a05fb6f52dda15db1f76f80a6ed0d91ca95b52bddf8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: xx7LQ_lQKmlr_QTDAYwiZgGCQo0V2RPl
content-encoding: gzip
last-modified: Fri, 26 Feb 2021 18:51:35 GMT
server: AmazonS3
age: 5897
etag: W/"6457864a700b1283ef56e437f7989cfd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 e6d97713eb9b65f883e0f86b833878dd.cloudfront.net (CloudFront)
date: Thu, 23 Dec 2021 14:49:51 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: KxxQ1WrMG05eXq8Ra0yOb8lNeTZSeZHiy4n0HY10MAMUidJhRm7sjA==

GET
H2 200 bot-highlight-estoque.png
minhaloja.boticario.com.br/admin/latest/ 23 KB
26 KB 14ms
10ms Image
image/png 143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://minhaloja.boticario.com.br/admin/latest/bot-highlight-estoque.png

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-82.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

8cdf15484b8fac7ba673ff0c21b82efc89484d4a1d6b5a71b5074dcca3fff87f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 19:01:37 GMT
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 72513
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 23818
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:20:25 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "1b6ea699a4de39800ff661f0921460f5"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: Tz_a5an34wl4Hfp4shbL24P58JNUaOKHt-N3k7jZ8RHWvgsrAOCEhg==

GET
H2 200 bot-highlight-filtro.png
minhaloja.boticario.com.br/admin/latest/ 32 KB
34 KB 14ms
11ms Image
image/png 143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://minhaloja.boticario.com.br/admin/latest/bot-highlight-filtro.png

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-82.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f269023a49d89d46d2fab43a6a8f014112775912a166a91ad34296f802281b1a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 19:01:37 GMT
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 72513
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 32564
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:20:25 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "40f46f382008507325e7bda7a77efaec"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: YlaTkmIitvyEC05eTqdT48bohyVd-4bGxwAzG-HZZoe9Z_oXeDyTBQ==

GET
H2 200 bot-highlight-pedidos.png
minhaloja.boticario.com.br/admin/latest/ 25 KB
27 KB 15ms
12ms Image
image/png 143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://minhaloja.boticario.com.br/admin/latest/bot-highlight-pedidos.png

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-82.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

095e9d3805dae1c743e5c9d8405467d0b333547d4228d45d349921a6c588fd24

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 19:01:37 GMT
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 72513
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 25385
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:20:25 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "7a3df3e8032e8b8a6b775788c5b43d77"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: EpvjEMMtE5FU6DUIRVNp07GaX38xW19Vl5n0BW9cnJ2L4cfdfICMTg==

GET
H2 200 bot-item-1.png
minhaloja.boticario.com.br/admin/latest/ 6 KB
8 KB 17ms
14ms Image
image/png 143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://minhaloja.boticario.com.br/admin/latest/bot-item-1.png

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-82.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

fb685b96686de6581ceab6d5651013085e9fd8cbdce3c19931efc5186e625de6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 19:01:37 GMT
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 72513
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 5845
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:20:26 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "dace377229ea1e5cdba3a958ec2d7a85"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: RWkqDA_5a-JsL9VGQBA4YwZO4WKF2vWVdF1Ywfba0l9bPoryfd8L_w==

GET
H2 200 bot-item-2.png
minhaloja.boticario.com.br/admin/latest/ 2 KB
4 KB 17ms
14ms Image
image/png 143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://minhaloja.boticario.com.br/admin/latest/bot-item-2.png

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-82.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0f99f0ee4b5a89a6d1478e40a0624b299db2aa8abe07af223bf0a56f62e3c377

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 19:01:37 GMT
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 72513
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2235
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:20:26 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "2215382bb78bd51954e691dd9cb6e7ee"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: vrFO3jOv9VDEugBIDGC-iWXnrcAtj5bGFachFv-7hQICYTuT2W0e_w==

GET
H2 200 bot-item-3.png
minhaloja.boticario.com.br/admin/latest/ 3 KB
5 KB 18ms
15ms Image
image/png 143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://minhaloja.boticario.com.br/admin/latest/bot-item-3.png

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-82.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4640b89ad8c3d0b2f461f0a2fdc32f92bea359847930664af0d5d0534e1c04a4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 23:49:11 GMT
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 55259
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 3058
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:20:27 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "57861ec17f1553d79e6163bb11fd526f"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: my9yA80RgUXIZwyCXAduPZqdHvIyLf-z6onZMa0T13yxlZsBoqdCSg==

GET
H2 200 bot-item-4.png
minhaloja.boticario.com.br/admin/latest/ 4 KB
6 KB 18ms
16ms Image
image/png 143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://minhaloja.boticario.com.br/admin/latest/bot-item-4.png

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-82.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

54bb80435ce3ae2318083218742a1812eb896a9f723eeca7d969d648c40bb039

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 23:49:11 GMT
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 55259
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 4062
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:20:27 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "2242e2e4105fa71c7972c070dbe45e52"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: fd4UWn_fnEKa966VTfxZWXGhB8faihn7uvZYStZ_ubxjDvSkXH3Ndg==

GET
H2 200 bot-highlight-pwa.png
minhaloja.boticario.com.br/admin/latest/ 14 KB
16 KB 22ms
20ms Image
image/png 143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://minhaloja.boticario.com.br/admin/latest/bot-highlight-pwa.png

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-82.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

8df17bf92140c0d62dced6b505f313f18cc791ef8724b650fd22edad73f409d1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 19:01:37 GMT
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 72513
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 13947
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:20:26 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "40b99a5c441c889570b449444cccf40a"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: oSku1vudPJGvnyMihJBmUyd5-blX4Bo--q_T0V2MijpTQPMbEkHBPQ==

GET
H2 200 bot-highlight-informacoes.png
minhaloja.boticario.com.br/admin/latest/ 20 KB
22 KB 18ms
16ms Image
image/png 143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://minhaloja.boticario.com.br/admin/latest/bot-highlight-informacoes.png

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-82.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

8b3131e6870e949cadfc22b61edc1c9fa1aec159e5a5269d223af01310620773

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 23:49:11 GMT
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 55259
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 20322
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:20:25 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "4bae0fd3cf2824490ed1b41b89bc4287"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 6W35z1Ddv6LdKpFVDs2MKDugpwRUpC1ZeI3wrZr76RSkGk5kRQOB9w==

GET
H2 200 bot-highlight-promocao.png
minhaloja.boticario.com.br/admin/latest/ 38 KB
40 KB 21ms
19ms Image
image/png 143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://minhaloja.boticario.com.br/admin/latest/bot-highlight-promocao.png

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-82.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

07a7abe9a9b0f78881290bbf7ccdc79bb726010ea4d133e78dbdbed922d897c9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 23:49:12 GMT
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 55258
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 39105
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:20:25 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "9eeaae744545df663bacfdec7355f06b"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 8RdORLW5X7TBl9ZbgzyHt1285y-LiZ0wbEygZPcvgyS6vC3zjuCtsA==

GET
H2 200 bot-highlight-zoom.png
minhaloja.boticario.com.br/admin/latest/ 23 KB
25 KB 22ms
20ms Image
image/png 143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://minhaloja.boticario.com.br/admin/latest/bot-highlight-zoom.png

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-82.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0c0a47ff752b5b8a8dca61bcaf2bd3f37e0c199cf1dc78c7839085ebce0e04c5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 19:01:37 GMT
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 72512
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 23377
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:20:26 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "7d58e6ae449e6d8868d88289ec6e4bd3"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: V5cAtMM3H07M8H3RAyiczpi3ejNVntDuen1m69vKguVd94CUPl4kqg==

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 87 KB
34 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-T7T2928&t=gtm9&cid=815838240.1640272210

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c9c033d37c38ddf1d6d5b4c75880f33be6f6ce33998f0c21b786d243e3dd5798

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 15:10:09 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34981
x-xss-protection: 0
expires: Thu, 23 Dec 2021 15:10:09 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ 348 KB
137 KB 30ms
6ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

295409307a58f3d19608932eac3c022cff1cacc8671dd26b5614a28f7e25e0b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://minhaloja.boticario.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 15:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 282
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139097
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 05:04:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Fri, 23 Dec 2022 15:05:27 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
452 B 43ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-158569306-2&cid=815838240.1640272210&jid=767863004&gjid=1015943479&_gid=795823128.1640272210&_u=aGDAgEADQAAAAE~&z=435027985

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 23 Dec 2021 15:10:09 GMT
content-type: text/plain
access-control-allow-origin: https://minhaloja.boticario.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=428772620&t=pageview&_s=1&dl=https%3A%2F%2Fminhaloja.boticario.com.br%2F&ul=en-us&de=UTF-8&dt=O%20Botic%C3%A1rio%20%7C%20Minha%20Loja%20Digital&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEADQ~&jid=767863004&gjid=1015943479&cid=815838240.1640272210&tid=UA-158569306-2&_gid=795823128.1640272210&gtm=2wgc10PTX3XVW&cd4=boticario&cd7=3feb0c-27b7-d507-ee0-78ebc76a55&cd9=revendedor&cd15=web&z=621287027

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Dec 2021 23:27:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 56531
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 13CF 40 KB
20 KB 51ms
35ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Leoe7oZAAAAACyDwF4Q4kLm08evbEee2_9Trxp5&co=aHR0cHM6Ly9taW5oYWxvamEuYm90aWNhcmlvLmNvbS5icjo0NDM.&hl=de&type=image&v=VZKEDW9wslPbEc9RmzMqaOAP&theme=light&size=invisible&badge=bottomright&cb=40503i3dw9a

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c560f92fae9f3708d5f241f6c33e0cfca2c5c2bd5d254d0f78807e83139ab994

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-e5T1fO65CrPR2BkfSSdL7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 23 Dec 2021 15:10:09 GMT
content-security-policy: script-src 'report-sample' 'nonce-e5T1fO65CrPR2BkfSSdL7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20933
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 42ms
31ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-158569306-2&cid=815838240.1640272210&jid=767863004&_u=aGDAgEADQAAAAE~&z=1534608379

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Dec 2021 15:10:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ga-audiences
www.google.co.uk/ads/ 0
0

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ Frame 13CF 51 KB
24 KB 22ms
7ms Stylesheet
text/css 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Leoe7oZAAAAACyDwF4Q4kLm08evbEee2_9Trxp5&co=aHR0cHM6Ly9taW5oYWxvamEuYm90aWNhcmlvLmNvbS5icjo0NDM.&hl=de&type=image&v=VZKEDW9wslPbEc9RmzMqaOAP&theme=light&size=invisible&badge=bottomright&cb=40503i3dw9a

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ac5bc2d2f0c446b2d5bc135db7414a2662ade7b701bc199456d05f51bfc261

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 14:31:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24152
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 05:04:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Fri, 23 Dec 2022 14:31:12 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ Frame 13CF 348 KB
136 KB 24ms
10ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

295409307a58f3d19608932eac3c022cff1cacc8671dd26b5614a28f7e25e0b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 15:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 282
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139097
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 05:04:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Fri, 23 Dec 2022 15:05:27 GMT

GET
H2 200 nr-spa-1209.min.js Show response
js-agent.newrelic.com/ 42 KB
16 KB 34ms
5ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1209.min.js
Requested by: Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 49cd7e514d20a427de78b14e516213d02b2c7ec0cee399584eab79f889c55964

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: d4wwExyN0N4Ag7LHjGXgHn7eRha876Bt
content-encoding: gzip
etag: "0a1d4ac0ed6107cdf844f28cc3ba3b82"
x-amz-request-id: QQ4FS7V4RPFE46MS
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 15799
x-amz-id-2: ewB1A1tIEAtnm2v4G7x83yG7vXnNNwgUr2BOXI5GWRslKllsaYudiFL1cQPle38sUrpSJEqH6T0=
x-served-by: cache-fra19162-FRA
last-modified: Thu, 20 May 2021 23:21:19 GMT
server: AmazonS3
x-timer: S1640272210.952958,VS0,VE0
date: Thu, 23 Dec 2021 15:10:09 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 175

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 13CF 102 B
134 B 21ms
20ms Other
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6644e1c59baf705e99dacc5acb0a1eae7687b5ba94e66a1cdb74959837d17a63

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Leoe7oZAAAAACyDwF4Q4kLm08evbEee2_9Trxp5&co=aHR0cHM6Ly9taW5oYWxvamEuYm90aWNhcmlvLmNvbS5icjo0NDM.&hl=de&type=image&v=VZKEDW9wslPbEc9RmzMqaOAP&theme=light&size=invisible&badge=bottomright&cb=40503i3dw9a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 15:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 23 Dec 2021 15:10:09 GMT

GET
H2 200 hotjar-1745554.js Show response
static.hotjar.com/c/ 9 KB
3 KB 83ms
40ms Script
application/javascript 143.204.98.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1745554.js?sv=7

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-76.fra50.r.cloudfront.net

Software

Resource Hash

95596684304f9395481271b4cda91eadb37795e877ce62b400a6d7234139f53f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 15:10:10 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA50-C1
etag: W/deba450f198e488b904c09124d683c4d
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: bDqpy-k7ADEMt9fA910ggkLPLySRwFbfszUwMQIN3Nv4NXy_IdVvVQ==
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 10ms
9ms Image
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=428772620&t=event&ni=1&_s=1&dl=https%3A%2F%2Fminhaloja.boticario.com.br%2F&ul=en-us&de=UTF-8&dt=O%20Botic%C3%A1rio%20%7C%20Minha%20Loja%20Digital&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll&ea=scrolling&el=25&_u=aGDAgEADQAAAAE~&jid=&gjid=&cid=815838240.1640272210&tid=UA-158569306-2&_gid=795823128.1640272210&gtm=2wgc10PTX3XVW&cd4=boticario&cd7=3feb0c-27b7-d507-ee0-78ebc76a55&cd9=revendedor&cd15=web&z=769654334

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Dec 2021 23:27:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 56531
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame DBF3 7 KB
1 KB 46ms
45ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&k=6Leoe7oZAAAAACyDwF4Q4kLm08evbEee2_9Trxp5

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bd28236fa7425dc4c4d67fb5a26786d36822a23115814544abfe58ac7a199424

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-S8LhZCKUxcdHJSJzL+T2bg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 23 Dec 2021 15:10:10 GMT
content-security-policy: script-src 'report-sample' 'nonce-S8LhZCKUxcdHJSJzL+T2bg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1111
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK NRJS-d142cb7d067b4c9c598 Show response
bam.nr-data.net/1/ 57 B
322 B 449ms
112ms Script
text/javascript 162.247.242.31
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-d142cb7d067b4c9c598?a=514334442&sa=1&v=1209.f04e2b9&t=Unnamed%20Transaction&rst=1744&ck=1&ref=https://minhaloja.boticario.com.br/&be=301&fe=1623&dc=313&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1640272208299,%22n%22:0,%22f%22:172,%22dn%22:173,%22dne%22:173,%22c%22:173,%22s%22:178,%22ce%22:195,%22rq%22:195,%22rp%22:220,%22rpe%22:221,%22dl%22:224,%22di%22:306,%22ds%22:313,%22de%22:313,%22dc%22:1622,%22l%22:1623,%22le%22:1623%7D,%22navigation%22:%7B%7D%7D&fp=592&fcp=592&jsonp=NREUM.setToken
Requested by: Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.31 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: service.newrelic.co.uk
Software: /
Resource Hash: 5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/javascript;charset=iso-8859-1
Content-Length: 57
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 modules.6d5409da698bc5e020b1.js Show response
script.hotjar.com/ 228 KB
60 KB 287ms
9ms Script
application/javascript 143.204.98.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.6d5409da698bc5e020b1.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-104.fra50.r.cloudfront.net

Software

Resource Hash

9c4e5748b76ca33caac131e0225d2e86ccbf6e156ad007145f6a9c4d34cecbf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 16:10:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 169204
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 61259
access-control-allow-origin: *
last-modified: Tue, 21 Dec 2021 16:09:54 GMT
etag: "a250696209ae851dce97a4101057f333"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: J2TmywekkX29HUQXz8x5Dl4gZeN3FaTJa27Wo0KNCanxr_cJhGkkPA==

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ Frame DBF3 51 KB
24 KB 8ms
8ms Stylesheet
text/css 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&k=6Leoe7oZAAAAACyDwF4Q4kLm08evbEee2_9Trxp5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ac5bc2d2f0c446b2d5bc135db7414a2662ade7b701bc199456d05f51bfc261

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 14:31:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2338
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24152
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 05:04:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Fri, 23 Dec 2022 14:31:12 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ Frame DBF3 348 KB
136 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&k=6Leoe7oZAAAAACyDwF4Q4kLm08evbEee2_9Trxp5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

295409307a58f3d19608932eac3c022cff1cacc8671dd26b5614a28f7e25e0b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 15:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 283
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139097
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 05:04:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Fri, 23 Dec 2022 15:05:27 GMT

GET
H2 200 box-a1ae2079824d1c48aa9ce06efb256f18.html Show response
vars.hotjar.com/ Frame B028 2 KB
1 KB 36ms
8ms Document
text/html 143.204.98.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html
Requested by: Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-69.fra50.r.cloudfront.net
Software: /
Resource Hash: d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html
content-length: 1044
date: Thu, 02 Dec 2021 15:53:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "6215abf691a11c2f451680e635d30daa"
last-modified: Thu, 02 Dec 2021 15:52:57 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: ZsoCnEZ2RVqZfUhyNuCOQBr3cLu99DvTrRwb1UbOL5HwRvVQ-Dixag==
age: 1811824

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame DBF3 35 KB
21 KB 48ms
48ms XHR
application/json 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6Leoe7oZAAAAACyDwF4Q4kLm08evbEee2_9Trxp5

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2121feefef7b1cd4c483b0a6c9758ccd42c737be92797ade0d9b88381bc9cc03

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&k=6Leoe7oZAAAAACyDwF4Q4kLm08evbEee2_9Trxp5
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Thu, 23 Dec 2021 15:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21261
x-xss-protection: 1; mode=block
expires: Thu, 23 Dec 2021 15:10:10 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google.co.uk
URL: https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-158569306-2&cid=815838240.1640272210&jid=767863004&_u=aGDAgEADQAAAAE~&z=1534608379

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 03:57:04	Name: _GRECAPTCHA Value: 09ABBMTcOrKnhPQ8uBUz5ypbfBr8i3nKjDT6W7n83Mk0LAd6XsyepDFSLCpUMZup5ewYiv49RGxoVYTmQMTYNO6tk
.minhaloja.boticario.com.br/	1970-01-20 08:23:28	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Thu+Dec+23+2021+15%3A10%3A08+GMT%2B0000+(GMT)&version=6.24.0&isIABGlobal=false&hosts=&consentId=6bfca7b7-5411-4fd8-a239-dbbbe598a789&interactionCount=0&landingPath=https%3A%2F%2Fminhaloja.boticario.com.br%2F&groups=C0001%3A1%2CC0002%3A1%2CC0003%3A1%2CC0004%3A1
.boticario.com.br/	1970-01-20 01:47:28	Name: _gcl_au Value: 1.1.1455232576.1640272209
.boticario.com.br/	1970-01-20 17:09:04	Name: _ga Value: GA1.3.815838240.1640272210
.boticario.com.br/	1970-01-19 23:39:18	Name: _gid Value: GA1.3.795823128.1640272210
.boticario.com.br/	1970-01-19 23:37:52	Name: _dc_gtm_UA-158569306-2 Value: 1
.boticario.com.br/	1970-01-20 08:23:28	Name: _hjSessionUser_1745554 Value: eyJpZCI6IjQ0MmYzMDgzLWQyMjktNTczZi1iMzU4LWU2YTA2MWMzNTdjMiIsImNyZWF0ZWQiOjE2NDAyNzIyMTAzNjksImV4aXN0aW5nIjpmYWxzZX0=
.boticario.com.br/	1970-01-19 23:37:54	Name: _hjFirstSeen Value: 1
.boticario.com.br/	1970-01-19 23:37:54	Name: _hjSession_1745554 Value: eyJpZCI6IjkxZmI4ZmRlLWVlZWUtNDNiNi1hMTgzLTJiNGIwYmYwZTkwNyIsImNyZWF0ZWQiOjE2NDAyNzIyMTAzODZ9
minhaloja.boticario.com.br/	1970-01-19 23:37:52	Name: _hjIncludedInSessionSample Value: 0
.boticario.com.br/	1970-01-19 23:37:54	Name: _hjAbsoluteSessionInProgress Value: 0
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: be26524c0cedd4e0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://minhaloja.boticario.com.br/ Message: Refused to load the image 'https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-158569306-2&cid=815838240.1640272210&jid=767863004&_u=aGDAgEADQAAAAE~&z=1534608379' because it violates the following Content Security Policy directive: "img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob:".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
cdn-global.configcat.com
cdn.cookielaw.org
fonts.googleapis.com
fonts.gstatic.com
gb-assets.grupoboticario.digital
geolocation.onetrust.com
js-agent.newrelic.com
meucatalogodigital.boticario.com.br
meucatalogodigitalresources.grupoboticario.digital
minhaloja.boticario.com.br
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.gstatic.com
www.google.co.uk
143.204.98.100
143.204.98.104
143.204.98.18
143.204.98.69
143.204.98.76
143.204.98.82
151.101.194.137
162.247.242.31
2606:4700:10::6814:b844
2606:4700:10::6816:1b9f
2606:4700::6810:9540
2a00:1450:4001:802::200a
2a00:1450:4001:80e::2004
2a00:1450:4001:810::2003
2a00:1450:4001:811::2008
2a00:1450:4001:812::200e
2a00:1450:4001:830::2003
2a00:1450:400c:c0c::9c
07a5d470d342b317c9184b20856080b4a083f463293971ec7751f0be48039f8f
07a7abe9a9b0f78881290bbf7ccdc79bb726010ea4d133e78dbdbed922d897c9
095e9d3805dae1c743e5c9d8405467d0b333547d4228d45d349921a6c588fd24
0c0a47ff752b5b8a8dca61bcaf2bd3f37e0c199cf1dc78c7839085ebce0e04c5
0d92282204c7d00a22f29a05fb6f52dda15db1f76f80a6ed0d91ca95b52bddf8
0ed1c09a270e3ec711b4aaf5b05d2cb99d62c25360e798a1434711bd397de575
0f99f0ee4b5a89a6d1478e40a0624b299db2aa8abe07af223bf0a56f62e3c377
0fc5b4dedeb4acc1a01efc2b226aa9a7904a82b9a4cab6e2b90dd26a4068856e
11007819187396a8ecfea1c297fc53956fd653ec19c02451ef83a814e9acfe0b
11d6ee17bd470d906704e12f6cfe99d1c87519aa9b52239aff003646fa5e6190
121e8b47d5e772c09d51347f5ceff9edf192b637d35d454b6fb69acbb3b366af
1582818ac1ba9ee326fa08cdb4db4791a2bf031aaf976a8e121ac535b594c398
18f52f0fa5c52403fdb0afaf3827b883e079d6c4137aa725a4111de217cbd696
2121feefef7b1cd4c483b0a6c9758ccd42c737be92797ade0d9b88381bc9cc03
24508b82a87ed41e1dbec0e55a404055cab488d5417d0a0352adb1551ff98aa0
295409307a58f3d19608932eac3c022cff1cacc8671dd26b5614a28f7e25e0b0
29a93d731434e92cd8081bb2af123c2cea435d7893245a04134d7fbf713518f9
2d9decf32d1f341945c160f048ab3fc63f1d0c6df7f745dd0f49cdfc3117b5b4
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
36cd8ebd7e467fa9ec7416eba5abc3e912e7154dfb17eecf62db02ca53348abb
392f196c197758bafbfb4a917625b5a20a84cd7977433a134140f9c6f745058f
394f74a2fd40f8a7d48ab0fef108547ce5b4580f4e87ed22cd69f76e6415f2e4
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
437ba48e15c6a06a669c284df1c9516ca2678f6aaae8e080a26a3662c0891c03
4640b89ad8c3d0b2f461f0a2fdc32f92bea359847930664af0d5d0534e1c04a4
49cd7e514d20a427de78b14e516213d02b2c7ec0cee399584eab79f889c55964
4d2a74d8b25e1ccd4b1294b0b937804bc24aeea7f46edad3f3c1f91604d2708c
4f99354072168678ad38aeb06685a45f79a18b3136378ad6680625cd60d97cd0
54bb80435ce3ae2318083218742a1812eb896a9f723eeca7d969d648c40bb039
582b1075b04787e0090c0d6585b647018b4a203a04cb693fe8f4f99b1a0fd1ce
58341529f6331985c1d3f44df3124f3e047a7403a5077f3311dbeae51a57846c
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
6644e1c59baf705e99dacc5acb0a1eae7687b5ba94e66a1cdb74959837d17a63
672a9ad399cc43bb9249f7e53bac67a0dff2c85fe47edc6309d38117bbbfd63b
6af7f2a7319a700fa7d79c2ee318a8f468b39325b04b8740f963a2678932beeb
77ae4fb56d2da594993ef6f0203c0cef103af28f7e4c5e0ac045909137422cf9
7f34893a704d4a71da0fa274dd428284f6fb17b549008ae11148b851435a3e51
7ff92102b6f813e294c4bbd27c6b2c526f69a5d13636eaecdcd94e92fffc2552
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
850f66e3a3525eeadd67a295859122a1ec870b53376d34281e1a88ef06e4d225
858d3ae73f132b8f3d872db375db917a266b904a671ef12213fe898b038d9237
8a883974729df810eb42dda5ee43ba10e8a9be598ed5a97610cfa56358991e8d
8b3131e6870e949cadfc22b61edc1c9fa1aec159e5a5269d223af01310620773
8cdf15484b8fac7ba673ff0c21b82efc89484d4a1d6b5a71b5074dcca3fff87f
8d3411c961b332008c61452f483ada3da4cd0fd06cc264c7f2facfb01bc4b1d5
8df17bf92140c0d62dced6b505f313f18cc791ef8724b650fd22edad73f409d1
95596684304f9395481271b4cda91eadb37795e877ce62b400a6d7234139f53f
9c4e5748b76ca33caac131e0225d2e86ccbf6e156ad007145f6a9c4d34cecbf9
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
bbffe137df9de30504c9a813fff9ee7c6b60b2e802daf9aeb7e3d476ac90614a
bd28236fa7425dc4c4d67fb5a26786d36822a23115814544abfe58ac7a199424
c540c2421660f25afa9edabf188e3409753d3d94dc01a4fd6662df787a2767f3
c560f92fae9f3708d5f241f6c33e0cfca2c5c2bd5d254d0f78807e83139ab994
c9c033d37c38ddf1d6d5b4c75880f33be6f6ce33998f0c21b786d243e3dd5798
d285fae14a8b969bb0d4e5f10ea88e6ec60610d5090818b1ade3e244a03fc832
d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca
d4995bdb0d79766a30b0c3af9ba395424f11a67b0a0dcde618c210ba2b67f3df
d723c4ceb0f73b7ebd59aa950a0324f05b8d7d109faf1f27e3b84f47c7d60e0b
d9658bca2195c58f043af25ae6d94e676a34b1d0a6fc524e28fb68bb40922733
da9ddaf5cac3f0e3e7a3b7df692dd604a9579d5a58e8f0eb08cc4e71581cbf6d
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
e07b00827f5f6d2c71523bac1292216711543a067a8d0f2532454ba28266cfcb
e1d3f2ecd8f883d83fb05bca8f430a39877676475b620e6db6eccf61c5fa8daf
e35d3121e39bb7d96a8fbe1bd46b1ea79c1ce954c5e1d6cf3fb6f8117dfa7599
e55d635023217556467008ffd60527fab5337cb0620cd985c18de654dc8d0f99
e66647558738216efd2c6a0460f380175b08b7c8407dbbebde8e3f7bbe1eeefb
ec2f6762f857fdc509ffa369c2b398982af1fa6cd2c0298d6088046fa757b852
ee8a8114c7658b7865e50235668f485cb48a22439d8f9afd987eb2a3f9ff1359
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ac5bc2d2f0c446b2d5bc135db7414a2662ade7b701bc199456d05f51bfc261
f269023a49d89d46d2fab43a6a8f014112775912a166a91ad34296f802281b1a
f54a6119d3615df97b64f039557b186019f21742edd3915754aaf88aa7b4e2e9
f9443abdeea626ca122757962b3bab20fdc677bffaa6b17a72639702a9a7a855
f9714289219fcd069b4b97027f6cc40309ff4b22aa46070c4c03e77ca0df7b05
fb685b96686de6581ceab6d5651013085e9fd8cbdce3c19931efc5186e625de6
fb9950bf5f0a01a67b38064c58d15a8aff6e674e4f3c494733ffc861fe815912

minhaloja.boticario.com.br Open in urlscan Pro 143.204.98.82 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

81 Requests

99 %HTTPS

56 %IPv6

15 Domains

20 Subdomains

18 IPs

3 Countries

1988 kBTransfer

5942 kBSize

12 Cookies

1 Outgoing links

Page URL History

Redirected requests

81 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

minhaloja.boticario.com.br Open in urlscan Pro
143.204.98.82 Public Scan

Screenshot
Live screenshot

Full Image

81
Requests

99 %
HTTPS

56 %
IPv6

15
Domains

20
Subdomains

18
IPs

3
Countries

1988 kB
Transfer

5942 kB
Size

12
Cookies

81 HTTP transactions
1 data transactions