urlscan.io logo urlscan.io
SecurityTrails logo

minhaloja.boticario.com.br Open in urlscan Pro
143.204.98.13  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://meucatalogodigital.boticario.com.br/
Effective URL: https://minhaloja.boticario.com.br/
Submission: On December 23 via manual from BR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 3 countries across 16 domains to perform 82 HTTP transactions. The main IP is 143.204.98.13, located in United States and belongs to AMAZON-02, US. The main domain is minhaloja.boticario.com.br.
TLS certificate: Issued by Amazon on November 26th 2021. Valid for: a year.
This is the only time minhaloja.boticario.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    143.204.98.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-100.fra50.r.cloudfront.net
meucatalogodigital.boticario.com.br
39    143.204.98.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-13.fra50.r.cloudfront.net
minhaloja.boticario.com.br
vc.hotjar.io
6    2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
4    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    143.204.98.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-103.fra50.r.cloudfront.net
gb-assets.grupoboticario.digital
1    2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
1    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2606:4700:10::6816:1a9f (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-global.configcat.com
1    143.204.98.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-44.fra50.r.cloudfront.net
meucatalogodigitalresources.grupoboticario.digital
4    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
5    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    143.204.98.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-82.fra50.r.cloudfront.net
static.hotjar.com
1    162.247.242.20 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-8.nr-data.net
bam.nr-data.net
1    143.204.98.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-33.fra50.r.cloudfront.net
script.hotjar.com
1    143.204.98.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-102.fra50.r.cloudfront.net
vars.hotjar.com
Domain Requested by
38 minhaloja.boticario.com.br minhaloja.boticario.com.br
6 www.google.com minhaloja.boticario.com.br
www.gstatic.com
6 cdn.cookielaw.org minhaloja.boticario.com.br
cdn.cookielaw.org
5 www.gstatic.com minhaloja.boticario.com.br
www.google.com
4 www.google-analytics.com minhaloja.boticario.com.br
4 fonts.googleapis.com minhaloja.boticario.com.br
3 fonts.gstatic.com fonts.googleapis.com
3 gb-assets.grupoboticario.digital minhaloja.boticario.com.br
2 cdn-global.configcat.com minhaloja.boticario.com.br
2 meucatalogodigital.boticario.com.br 2 redirects
1 vc.hotjar.io minhaloja.boticario.com.br
1 vars.hotjar.com minhaloja.boticario.com.br
1 script.hotjar.com minhaloja.boticario.com.br
1 bam.nr-data.net minhaloja.boticario.com.br
1 static.hotjar.com minhaloja.boticario.com.br
1 js-agent.newrelic.com minhaloja.boticario.com.br
1 stats.g.doubleclick.net minhaloja.boticario.com.br
1 meucatalogodigitalresources.grupoboticario.digital minhaloja.boticario.com.br
1 www.googletagmanager.com minhaloja.boticario.com.br
1 geolocation.onetrust.com minhaloja.boticario.com.br
0 www.google.co.uk Failed minhaloja.boticario.com.br
82 21

This site contains links to these domains. Also see Links.

Domain
privacidade.grupoboticario.com.br
Subject Issuer Validity Valid
*.boticario.com.br
Amazon		 2021-11-26 -
2022-12-25		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2021-06-01 -
2022-05-31		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.grupoboticario.digital
Amazon		 2021-02-04 -
2022-03-05		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2021-02-12 -
2022-02-11		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.configcat.com
AlphaSSL CA - SHA256 - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-10-06 -
2022-11-07		 a year crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh
*.hotjar.io
Amazon		 2021-08-17 -
2022-09-15		 a year crt.sh

This page contains 4 frames:

Primary Page: https://minhaloja.boticario.com.br/
Frame ID: BBF33826B875F22AC68590BA745949AA
Requests: 73 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Leoe7oZAAAAACyDwF4Q4kLm08evbEee2_9Trxp5&co=aHR0cHM6Ly9taW5oYWxvamEuYm90aWNhcmlvLmNvbS5icjo0NDM.&hl=de&type=image&v=VZKEDW9wslPbEc9RmzMqaOAP&theme=light&size=invisible&badge=bottomright&cb=wu2y5vy5bpt6
Frame ID: F13F57DB49A53ABCBE4FE92AC901C33E
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&k=6Leoe7oZAAAAACyDwF4Q4kLm08evbEee2_9Trxp5
Frame ID: 9368D4ECF227B70C9C662A8C1DE94A11
Requests: 4 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html
Frame ID: 99937B9600FDF907EF05C9FDA371BC32
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

O Boticário | Minha Loja Digital

Page URL History Show full URLs

  1. http://meucatalogodigital.boticario.com.br/ HTTP 301
    https://meucatalogodigital.boticario.com.br/ HTTP 301
    https://minhaloja.boticario.com.br/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

82
Requests

99 %
HTTPS

53 %
IPv6

16
Domains

21
Subdomains

19
IPs

3
Countries

1989 kB
Transfer

5945 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://meucatalogodigital.boticario.com.br/ HTTP 301
    https://meucatalogodigital.boticario.com.br/ HTTP 301
    https://minhaloja.boticario.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

82 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
minhaloja.boticario.com.br/
Redirect Chain
  • http://meucatalogodigital.boticario.com.br/
  • https://meucatalogodigital.boticario.com.br/
  • https://minhaloja.boticario.com.br/
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://minhaloja.boticario.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-13.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d4995bdb0d79766a30b0c3af9ba395424f11a67b0a0dcde618c210ba2b67f3df
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html
last-modified
Wed, 22 Dec 2021 13:17:20 GMT
x-amz-server-side-encryption
AES256
server
AmazonS3
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
referrer-policy
same-origin
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
service-worker-allowed
/
content-encoding
gzip
date
Thu, 23 Dec 2021 14:49:51 GMT
cache-control
max-age=300, public
etag
W/"6b9c01986aa681d685438f098e4d97f5"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
8RIcEJ2F24GNn63cLKQX-26XNS3xcDbkqk-IVeKiZLTZGG3nNqSL6A==

Redirect headers

content-length
0
location
https://minhaloja.boticario.com.br/
date
Thu, 23 Dec 2021 14:49:50 GMT
server
AmazonS3
x-cache
Miss from cloudfront
via
1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
4y71-2nfyWNEOEyFOs05ol_HxEPRT3weySerljbwvJ1LsAIx0eDiDw==
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d2a74d8b25e1ccd4b1294b0b937804bc24aeea7f46edad3f3c1f91604d2708c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 23 Dec 2021 14:49:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
BXRr8anumVFsMvgN5QlueA==
age
7910
vary
Accept-Encoding
content-length
6508
x-ms-lease-status
unlocked
last-modified
Fri, 17 Dec 2021 17:08:36 GMT
server
cloudflare
etag
0x8D9C17FDD6FB88D
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
52c8446c-501e-0127-6d63-f404fa000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6c22661a3c7b5b6e-FRA
css2
fonts.googleapis.com/ 		4 KB
705 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@400;500&display=swap
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f9714289219fcd069b4b97027f6cc40309ff4b22aa46070c4c03e77ca0df7b05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 14:49:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 14:49:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 14:49:50 GMT
css2
fonts.googleapis.com/ 		2 KB
462 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Red+Hat+Display:wght@500;700&display=swap
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8a883974729df810eb42dda5ee43ba10e8a9be598ed5a97610cfa56358991e8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 14:49:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 14:49:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 14:49:50 GMT
css2
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&display=swap
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0ed1c09a270e3ec711b4aaf5b05d2cb99d62c25360e798a1434711bd397de575
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 13:17:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 14:49:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 14:49:50 GMT
MaisonNeueExt.css
gb-assets.grupoboticario.digital/eam/font/ 		586 B
986 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gb-assets.grupoboticario.digital/eam/font/MaisonNeueExt.css
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-103.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1582818ac1ba9ee326fa08cdb4db4791a2bf031aaf976a8e121ac535b594c398

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
WrBWy07eUZsh2LrUoSv4F0NiFKk7NZXx
via
1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified
Wed, 24 Mar 2021 20:46:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"19e3943c5cbbc9a825de521ca27fe18a"
x-cache
Hit from cloudfront
content-type
text/css
date
Thu, 23 Dec 2021 14:49:50 GMT
x-amz-meta-version-id
XSuhmhsEC3wkBYbURCtRjU1TPBW7XswB
accept-ranges
bytes
content-length
586
x-amz-cf-id
xcNxtL2C0KFmWot6CPdRSJuElN0rNiFD3-wC5cV-6SSCv6bNyP4cxg==
css2
fonts.googleapis.com/ 		2 KB
503 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=DM+Sans:wght@400;500;700&display=swap
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
24508b82a87ed41e1dbec0e55a404055cab488d5417d0a0352adb1551ff98aa0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 12:51:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 14:49:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 14:49:50 GMT
reset.css
minhaloja.boticario.com.br/container/latest/css/ 		1005 B
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://minhaloja.boticario.com.br/container/latest/css/reset.css
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-13.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
121e8b47d5e772c09d51347f5ceff9edf192b637d35d454b6fb69acbb3b366af
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://minhaloja.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 13:28:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
91278
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
service-worker-allowed
/
referrer-policy
same-origin
last-modified
Wed, 22 Dec 2021 13:17:19 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
W/"365d8e12df781834ff2eabf790a8c382"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
text/css
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
0n3sJ7hVEmwE5bnvwo9xVXBVC4I3Nlmi2y9trwya9fxlS4NRgU9F5w==
normalize.css
minhaloja.boticario.com.br/container/latest/css/ 		9 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://minhaloja.boticario.com.br/container/latest/css/normalize.css
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-13.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e66647558738216efd2c6a0460f380175b08b7c8407dbbebde8e3f7bbe1eeefb
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://minhaloja.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 13:28:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
91278
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
service-worker-allowed
/
referrer-policy
same-origin
last-modified
Wed, 22 Dec 2021 13:17:19 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
W/"e1874f392ad93753772d2f8a65dedc6d"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
text/css
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
9iT8a06IYoZTxdGO3A1ivpb__sAvwWvehbgGdALOJYG5kZHjN-yxsQ==
main.bundle.5a8123f787e0a4950994.js
minhaloja.boticario.com.br/container/latest/js/ 		9 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://minhaloja.boticario.com.br/container/latest/js/main.bundle.5a8123f787e0a4950994.js?a9abaf2c7acf8ae3beb6
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-13.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
11d6ee17bd470d906704e12f6cfe99d1c87519aa9b52239aff003646fa5e6190
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://minhaloja.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 13:28:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
91266
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
service-worker-allowed
/
referrer-policy
same-origin
last-modified
Wed, 22 Dec 2021 13:17:37 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
W/"5991ee190ca963cdd6ae0243b39417aa"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
application/javascript
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
e7jtlOCmK25fD2gVARQE9OLcjFKbsufs_IMgX5UJur9ntuM1fxnqxg==
newRelicSnippet.js
minhaloja.boticario.com.br/container/latest/scripts/ 		27 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-13.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
da9ddaf5cac3f0e3e7a3b7df692dd604a9579d5a58e8f0eb08cc4e71581cbf6d
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://minhaloja.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 13:28:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
91266
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
service-worker-allowed
/
referrer-policy
same-origin
last-modified
Wed, 22 Dec 2021 13:17:38 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
W/"f41e2d42ee9366c7fa9d2f2a479fdf44"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
application/javascript
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
7_CdlzIkCAuiPdKly_JQgAMgJ26QktV2h7eRqhHHLp_23d_W8gzE2Q==
5c7a925d-2987-4be9-a60b-fc346dae1f61.json
cdn.cookielaw.org/consent/5c7a925d-2987-4be9-a60b-fc346dae1f61/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/5c7a925d-2987-4be9-a60b-fc346dae1f61/5c7a925d-2987-4be9-a60b-fc346dae1f61.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6af7f2a7319a700fa7d79c2ee318a8f468b39325b04b8740f963a2678932beeb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 23 Dec 2021 14:49:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-md5
TsaOYtk1a75+WvHucPBJGg==
vary
Accept-Encoding
content-length
1307
x-ms-lease-status
unlocked
last-modified
Wed, 22 Sep 2021 12:58:20 GMT
server
cloudflare
etag
0x8D97DC8A7A69726
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
b1a20eba-a01e-005b-3b14-b6df9a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6c22661a6c865b3e-FRA
expires
Thu, 23 Dec 2021 18:49:50 GMT
20.bundle.3e6a3d2e9c34190533de.js
minhaloja.boticario.com.br/container/latest/js/ 		162 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://minhaloja.boticario.com.br/container/latest/js/20.bundle.3e6a3d2e9c34190533de.js
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-13.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee8a8114c7658b7865e50235668f485cb48a22439d8f9afd987eb2a3f9ff1359
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://minhaloja.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 13:28:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
91265
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
service-worker-allowed
/
referrer-policy
same-origin
last-modified
Wed, 22 Dec 2021 13:17:22 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
W/"e5e20c024c65ed774352af296474f875"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
application/javascript
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
JGd3vfHE8NYdjLTRkCRIhzIbxDSogJdoQX_xlgn4wL6P_TFFoe3kzw==
remoteEntry.js
minhaloja.boticario.com.br/admin/latest/ 		10 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://minhaloja.boticario.com.br/admin/latest/remoteEntry.js
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-13.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0fc5b4dedeb4acc1a01efc2b226aa9a7904a82b9a4cab6e2b90dd26a4068856e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://minhaloja.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 14:49:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
service-worker-allowed
/
referrer-policy
same-origin
last-modified
Wed, 22 Dec 2021 13:21:00 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
W/"4885cc14c8ba00cdbbaca1de3fb98b56"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
application/javascript
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
cache-control
no-store, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-id
GmB7pAiP1wEooAewuy_Na7Zbox3_vYZ_yyWsTjQpxvwOd0cIR72ZSA==
remoteEntry.js
minhaloja.boticario.com.br/vitrine/latest/ 		8 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://minhaloja.boticario.com.br/vitrine/latest/remoteEntry.js
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-13.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
394f74a2fd40f8a7d48ab0fef108547ce5b4580f4e87ed22cd69f76e6415f2e4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://minhaloja.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 14:49:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
service-worker-allowed
/
referrer-policy
same-origin
last-modified
Wed, 22 Dec 2021 13:19:55 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
W/"e2b92fc20ac420bfca16400489953a0f"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
application/javascript
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
cache-control
no-store, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-id
xO8M5lYWTqzxTJsqoc7x9hSInKeQdW3dTOPLRFrGVHZVt20Wvn0FIg==
354.bundle.69ba24080f07000ff039.js
minhaloja.boticario.com.br/container/latest/js/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://minhaloja.boticario.com.br/container/latest/js/354.bundle.69ba24080f07000ff039.js
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-13.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f34893a704d4a71da0fa274dd428284f6fb17b549008ae11148b851435a3e51
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://minhaloja.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 13:28:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
91265
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
service-worker-allowed
/
referrer-policy
same-origin
last-modified
Wed, 22 Dec 2021 13:17:27 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
W/"2654cf521e826cddb21f01d06bf5e41c"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
application/javascript
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
d4B0Fk5o6eavnqPkWLnnv39lM0GlE9YA5INEsoLaVOjDMryivMzskg==
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		165 B
374 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77ae4fb56d2da594993ef6f0203c0cef103af28f7e4c5e0ac045909137422cf9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 14:49:50 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6c22661b6e58692b-FRA
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.24.0/ 		317 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.24.0/otBannerSdk.js
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec2f6762f857fdc509ffa369c2b398982af1fa6cd2c0298d6088046fa757b852
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 23 Dec 2021 14:49:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
V5hcbF1dEgrls6P2M61C9g==
age
5668939
vary
Accept-Encoding
content-length
77260
x-ms-lease-status
unlocked
last-modified
Thu, 30 Sep 2021 02:38:37 GMT
server
cloudflare
etag
0x8D983BB67EEBDFE
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
646ab96e-a01e-00d8-5b6c-c47f37000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6c22661b8edf5b6e-FRA
pt.json
cdn.cookielaw.org/consent/5c7a925d-2987-4be9-a60b-fc346dae1f61/ab330c12-9ad3-4177-9183-63541ae111ae/ 		38 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/5c7a925d-2987-4be9-a60b-fc346dae1f61/ab330c12-9ad3-4177-9183-63541ae111ae/pt.json
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
858d3ae73f132b8f3d872db375db917a266b904a671ef12213fe898b038d9237
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 23 Dec 2021 14:49:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-md5
s5rLtE5nBT0RlXFZPJ+G/g==
vary
Accept-Encoding
content-length
12228
x-ms-lease-status
unlocked
last-modified
Wed, 22 Sep 2021 12:58:23 GMT
server
cloudflare
etag
0x8D97DC8A953ADD6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
eb94c73a-201e-0145-65bc-cb4322000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6c22661bcf045b3e-FRA
expires
Thu, 23 Dec 2021 18:49:50 GMT
otFloatingFlat.json
cdn.cookielaw.org/scripttemplates/6.24.0/assets/ 		10 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.24.0/assets/otFloatingFlat.json
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29a93d731434e92cd8081bb2af123c2cea435d7893245a04134d7fbf713518f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 23 Dec 2021 14:49:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-md5
9rK3Ikd9KsAnky96tLlwvw==
vary
Accept-Encoding
content-length
2675
x-ms-lease-status
unlocked
last-modified
Thu, 30 Sep 2021 02:38:28 GMT
server
cloudflare
etag
0x8D983BB62C7DDA4
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
ba238190-e01e-00b9-4e0c-f63be8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6c22661ca8a65b3e-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.24.0/assets/ 		20 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.24.0/assets/otCommonStyles.css
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 23 Dec 2021 14:49:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Ye6OeZcNyuFoWog7CYs00A==
age
4872081
vary
Accept-Encoding
x-ms-lease-status
unlocked
last-modified
Thu, 30 Sep 2021 02:38:45 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
a790b2cd-001e-0116-45bc-cb5f2d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
6c22661ca8a85b3e-FRA
truncated
/ 		817 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
294.bundle.db5a5817d696cd923f92.js
minhaloja.boticario.com.br/vitrine/latest/js/ 		7 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://minhaloja.boticario.com.br/vitrine/latest/js/294.bundle.db5a5817d696cd923f92.js
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-13.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
437ba48e15c6a06a669c284df1c9516ca2678f6aaae8e080a26a3662c0891c03
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://minhaloja.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 13:28:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
91264
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
service-worker-allowed
/
referrer-policy
same-origin
last-modified
Wed, 22 Dec 2021 13:19:44 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
W/"eaf67ee7b7d4506295dc159c56606594"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
application/javascript
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
Ag_03GVnLhNh2C4GR5cXcriGSP9aFqIgJf9qA9ZOYkA8-NFKfNvxEg==
935.bundle.7cddea9ad86acda3f1f6.js
minhaloja.boticario.com.br/vitrine/latest/js/ 		121 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://minhaloja.boticario.com.br/vitrine/latest/js/935.bundle.7cddea9ad86acda3f1f6.js
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-13.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e07b00827f5f6d2c71523bac1292216711543a067a8d0f2532454ba28266cfcb
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://minhaloja.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 13:28:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
91264
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
service-worker-allowed
/
referrer-policy
same-origin
last-modified
Wed, 22 Dec 2021 13:19:52 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
W/"73e5f7497a2659bee49d2195e7a07b2f"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
application/javascript
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
n-wisqClzG7sPF9Xkab1_NKDZFXSeBQU_JKTir4-EAZcj3eWjgjO5w==
216.bundle.7b0e68737d14c69187ab.js
minhaloja.boticario.com.br/vitrine/latest/js/ 		11 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://minhaloja.boticario.com.br/vitrine/latest/js/216.bundle.7b0e68737d14c69187ab.js
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-13.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f54a6119d3615df97b64f039557b186019f21742edd3915754aaf88aa7b4e2e9
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://minhaloja.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 13:25:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
91455
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
service-worker-allowed
/
referrer-policy
same-origin
last-modified
Wed, 22 Dec 2021 13:19:42 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
W/"8b919cf09863b223ac6557d72a8027d7"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
application/javascript
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
tWogCaNDEeYDKMWLhsP2ifEW3-FNqaZiQFx1Hztci6QXiKfAMrlcsg==
961.bundle.7f03cc7bc617a1dd06c7.js
minhaloja.boticario.com.br/vitrine/latest/js/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://minhaloja.boticario.com.br/vitrine/latest/js/961.bundle.7f03cc7bc617a1dd06c7.js
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-13.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d723c4ceb0f73b7ebd59aa950a0324f05b8d7d109faf1f27e3b84f47c7d60e0b
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://minhaloja.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 13:28:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
91264
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
service-worker-allowed
/
referrer-policy
same-origin
last-modified
Wed, 22 Dec 2021 13:19:54 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
W/"c23db646efd40be3aac63a42db660fe7"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
application/javascript
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
e4uiwNEowlAwePE2JHJb7C3WQrSq0g7BYap_A6Ck2FVWzFyZmp-Fsg==
163.bundle.92211029fba5215177b0.js
minhaloja.boticario.com.br/vitrine/latest/js/ 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://minhaloja.boticario.com.br/vitrine/latest/js/163.bundle.92211029fba5215177b0.js
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-13.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d9decf32d1f341945c160f048ab3fc63f1d0c6df7f745dd0f49cdfc3117b5b4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://minhaloja.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 13:28:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
91264
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
service-worker-allowed
/
referrer-policy
same-origin
last-modified
Wed, 22 Dec 2021 13:19:42 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
W/"abb567f08eb6961816e060d91679cc94"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
application/javascript
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
muBabGb7YeC5oFOIl7a5lJTMclGCUeWeBRv6ghOYDBF75DstIlVXKg==
gtm.js
www.googletagmanager.com/ 		179 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PTX3XVW&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b57a6b841549a82b9d1ac783a8d2deafdd0b4fc854446625a7de9ab44c1f551e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 14:49:51 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63834
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 23 Dec 2021 14:49:51 GMT
938.bundle.73d6e2ffbf16aeeef39b.js
minhaloja.boticario.com.br/container/latest/js/ 		641 B
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://minhaloja.boticario.com.br/container/latest/js/938.bundle.73d6e2ffbf16aeeef39b.js
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-13.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bbffe137df9de30504c9a813fff9ee7c6b60b2e802daf9aeb7e3d476ac90614a
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://minhaloja.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 13:25:40 GMT
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
91452
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
641
x-xss-protection
1; mode=block
service-worker-allowed
/
referrer-policy
same-origin
last-modified
Wed, 22 Dec 2021 13:17:34 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"abdffcd62a0de5ceb88da3962097dcff"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
application/javascript
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
KMkH8xSYn9GnvU8ZiwMvPqM8bAikNd3IUyC7VOQ4qVbiGUIoOhbcqw==
6802.bundle.ae4335c4b622ec099c60.js
minhaloja.boticario.com.br/admin/latest/js/ 		59 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://minhaloja.boticario.com.br/admin/latest/js/6802.bundle.ae4335c4b622ec099c60.js
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-13.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7ff92102b6f813e294c4bbd27c6b2c526f69a5d13636eaecdcd94e92fffc2552
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://minhaloja.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 14:13:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
88572
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
service-worker-allowed
/
referrer-policy
same-origin
last-modified
Wed, 22 Dec 2021 13:20:49 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
W/"4990e4205189ca6326be5f2c04fc7120"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
application/javascript
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
6Q37AQxcDjc9mnhddz1j71lnjaksx2TtfDlZRdwcM-CNHj8AErMHGw==
5262.bundle.1d9fd27a7c8de7e1da71.js
minhaloja.boticario.com.br/admin/latest/js/ 		72 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://minhaloja.boticario.com.br/admin/latest/js/5262.bundle.1d9fd27a7c8de7e1da71.js
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-13.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e1d3f2ecd8f883d83fb05bca8f430a39877676475b620e6db6eccf61c5fa8daf
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://minhaloja.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 14:31:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
87496
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
service-worker-allowed
/
referrer-policy
same-origin
last-modified
Wed, 22 Dec 2021 13:20:42 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
W/"682355a3a40f677f6ce9e5245bfec437"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
application/javascript
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
NrVz7VcsqYLJ36vW9sXCdk2G73GS3e52RH_2HJyUAKS3pcPvrC5byA==
3356.bundle.3acb13eb1c89517d2205.js
minhaloja.boticario.com.br/admin/latest/js/ 		231 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://minhaloja.boticario.com.br/admin/latest/js/3356.bundle.3acb13eb1c89517d2205.js
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-13.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fb9950bf5f0a01a67b38064c58d15a8aff6e674e4f3c494733ffc861fe815912
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://minhaloja.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 14:31:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
87496
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
service-worker-allowed
/
referrer-policy
same-origin
last-modified
Wed, 22 Dec 2021 13:20:37 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
W/"7ac2ee58b82a09d56403ec81565eb0a5"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
application/javascript
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
sLPCq7sIpaQ28Rnxo3EDXiY3GrJAsy_6geyiUNiaSHDZlmxC4TZITQ==
3665.bundle.5c51d88d95d8da096ec9.js
minhaloja.boticario.com.br/admin/latest/js/ 		82 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://minhaloja.boticario.com.br/admin/latest/js/3665.bundle.5c51d88d95d8da096ec9.js
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-13.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d285fae14a8b969bb0d4e5f10ea88e6ec60610d5090818b1ade3e244a03fc832
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://minhaloja.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 14:13:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
88571
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
service-worker-allowed
/
referrer-policy
same-origin
last-modified
Wed, 22 Dec 2021 13:20:38 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
W/"4d16d9973d3dc30ae6bd2819d6cbc6d5"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
application/javascript
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
jhPxVO8JmoOeS5eEYGhwwHW6Nkw3e1NSj33T_WcldGTI17Jv47eEJg==
config_v5.json
cdn-global.configcat.com/configuration-files/9D3YCJhyTUOPJjMCSwiK0g/UwYPlWK-2UGO5uENhLY5gA/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn-global.configcat.com/configuration-files/9D3YCJhyTUOPJjMCSwiK0g/UwYPlWK-2UGO5uENhLY5gA/config_v5.json
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1a9f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
cache-control,x-configcat-useragent
Origin
https://minhaloja.boticario.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 23 Dec 2021 14:49:51 GMT
content-type
text/plain; charset=utf-8
content-length
0
access-control-allow-origin
*
access-control-allow-methods
GET, OPTIONS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,X-ConfigCat-UserAgent,If-None-Match,Pragma,Accept-Language
access-control-expose-headers
Content-Length,Content-Range,ETag,Last-Modified,Date,Content-Encoding
access-control-max-age
1728000
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c22661e9aea4ea9-FRA
config_v5.json
cdn-global.configcat.com/configuration-files/9D3YCJhyTUOPJjMCSwiK0g/UwYPlWK-2UGO5uENhLY5gA/ 		22 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn-global.configcat.com/configuration-files/9D3YCJhyTUOPJjMCSwiK0g/UwYPlWK-2UGO5uENhLY5gA/config_v5.json
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1a9f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11007819187396a8ecfea1c297fc53956fd653ec19c02451ef83a814e9acfe0b

Request headers

X-ConfigCat-UserAgent
ConfigCat-JS/a-4.5.0
Cache-Control
no-cache
Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 14:49:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 21 Dec 2021 22:44:54 GMT
server
cloudflare
etag
W/"61c258e6-56c7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range,ETag,Last-Modified,Date,Content-Encoding
cf-ray
6c22661efb944ea9-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,X-ConfigCat-UserAgent,If-None-Match,Pragma,Accept-Language
1762.bundle.d9db2952256f89e1cb19.js
minhaloja.boticario.com.br/admin/latest/js/ 		285 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://minhaloja.boticario.com.br/admin/latest/js/1762.bundle.d9db2952256f89e1cb19.js
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-13.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4f99354072168678ad38aeb06685a45f79a18b3136378ad6680625cd60d97cd0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://minhaloja.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 14:38:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
87112
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
service-worker-allowed
/
referrer-policy
same-origin
last-modified
Wed, 22 Dec 2021 13:20:31 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
W/"578f2032a104f6b97d129facf35c77e4"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
application/javascript
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
vJ4i45_9m5LDluBuRcGd698kuPosKE0UIieR36_uSmwHRziJh9fndg==
2688.bundle.20297ca23e09a6fe705e.js
minhaloja.boticario.com.br/admin/latest/js/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://minhaloja.boticario.com.br/admin/latest/js/2688.bundle.20297ca23e09a6fe705e.js
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-13.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
18f52f0fa5c52403fdb0afaf3827b883e079d6c4137aa725a4111de217cbd696
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://minhaloja.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 14:31:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
87494
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
service-worker-allowed
/
referrer-policy
same-origin
last-modified
Wed, 22 Dec 2021 13:20:35 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
W/"2bca7dcc36c5545769a6b385c5a9a715"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
application/javascript
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
jVk8pqbDJSajvi2VoFtcSTTMGcj9t48J-o5e4MyqZW_ZH3K9VU1CNA==
3082.bundle.f82168288f4d5084ba3b.js
minhaloja.boticario.com.br/admin/latest/js/ 		8 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://minhaloja.boticario.com.br/admin/latest/js/3082.bundle.f82168288f4d5084ba3b.js
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-13.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
850f66e3a3525eeadd67a295859122a1ec870b53376d34281e1a88ef06e4d225
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://minhaloja.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 23:49:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54042
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
service-worker-allowed
/
referrer-policy
same-origin
last-modified
Wed, 22 Dec 2021 13:20:36 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
W/"d93884b14522b9b8aa2bde87611da0f8"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
application/javascript
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
aq0DVmMfYAQzjzg0TOm3VXPRGg05TDzn2LySGtngEWhgGrH7gmfnAA==
386.bundle.a8a9ae35abd20a5a86d6.js
minhaloja.boticario.com.br/vitrine/latest/js/ 		60 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://minhaloja.boticario.com.br/vitrine/latest/js/386.bundle.a8a9ae35abd20a5a86d6.js
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-13.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e55d635023217556467008ffd60527fab5337cb0620cd985c18de654dc8d0f99
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://minhaloja.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 13:28:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
91264
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
service-worker-allowed
/
referrer-policy
same-origin
last-modified
Wed, 22 Dec 2021 13:19:46 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
W/"ae131cf40c7a721f9454d45d268973ac"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
application/javascript
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
1MT1FPKeSEXubz_9HypTENUlaO8pytyOr65lktNowY0ov698ocsslw==
385.bundle.6231c8d8b583b567d165.js
minhaloja.boticario.com.br/vitrine/latest/js/ 		2 MB
335 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://minhaloja.boticario.com.br/vitrine/latest/js/385.bundle.6231c8d8b583b567d165.js
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-13.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
07a5d470d342b317c9184b20856080b4a083f463293971ec7751f0be48039f8f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://minhaloja.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 13:28:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
91259
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
service-worker-allowed
/
referrer-policy
same-origin
last-modified
Wed, 22 Dec 2021 13:19:45 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
W/"ecb61910e5f3d8fbfbb1cbe8fb9a943d"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
application/javascript
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
BXe5V7hYv_G1z9VrQSfazWX4UovxciInIa98mUItUVn8JtGb-yD2_w==
6455.bundle.2f7412c1d35ce8bb5369.js
minhaloja.boticario.com.br/admin/latest/js/ 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://minhaloja.boticario.com.br/admin/latest/js/6455.bundle.2f7412c1d35ce8bb5369.js
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-13.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
36cd8ebd7e467fa9ec7416eba5abc3e912e7154dfb17eecf62db02ca53348abb
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://minhaloja.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 14:38:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
87111
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
service-worker-allowed
/
referrer-policy
same-origin
last-modified
Wed, 22 Dec 2021 13:20:47 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
W/"d801dc9311ed287bb9c660179065f642"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
application/javascript
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
5Y3TP_TDI1B_RvuvQQfwAfSEaqosNTSyFAhA3-oue_HIN0E1l9YNBw==
544.bundle.2221a7f33cd17a48d97b.js
minhaloja.boticario.com.br/admin/latest/js/ 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://minhaloja.boticario.com.br/admin/latest/js/544.bundle.2221a7f33cd17a48d97b.js
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-13.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e35d3121e39bb7d96a8fbe1bd46b1ea79c1ce954c5e1d6cf3fb6f8117dfa7599
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://minhaloja.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 19:01:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71296
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
service-worker-allowed
/
referrer-policy
same-origin
last-modified
Wed, 22 Dec 2021 13:20:43 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
W/"cde2588563fa843a8b307bba9314e1f8"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
application/javascript
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
nf1U_YbNFPkz1WhiWWoaTAM4f4_Jr69hxvoYbTfVURSUZn09NCHflw==
desk_pattern_bot.jpg
meucatalogodigitalresources.grupoboticario.digital/assets/images/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://meucatalogodigitalresources.grupoboticario.digital/assets/images/desk_pattern_bot.jpg
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-44.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
582b1075b04787e0090c0d6585b647018b4a203a04cb693fe8f4f99b1a0fd1ce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://minhaloja.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 14:49:52 GMT
via
1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 15:08:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"c2b36391a971727278cbf1059ce6ab06"
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
57992
x-amz-cf-id
c4e3UQ5LcRFQ8_jqtxrqoapyiJoZwE2OzDABKUhqJP_Ge9HRXut06Q==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4497
date
Thu, 23 Dec 2021 13:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 23 Dec 2021 15:34:54 GMT
zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v9/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v9/zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c540c2421660f25afa9edabf188e3409753d3d94dc01a4fd6662df787a2767f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://minhaloja.boticario.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 14:13:45 GMT
x-content-type-options
nosniff
age
174966
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18940
x-xss-protection
0
last-modified
Wed, 18 Aug 2021 16:52:53 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 21 Dec 2022 14:13:45 GMT
zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
fonts.gstatic.com/s/ibmplexsans/v9/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v9/zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
392f196c197758bafbfb4a917625b5a20a84cd7977433a134140f9c6f745058f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://minhaloja.boticario.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 07:56:04 GMT
x-content-type-options
nosniff
age
197627
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18096
x-xss-protection
0
last-modified
Wed, 18 Aug 2021 16:52:22 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 21 Dec 2022 07:56:04 GMT
rP2Cp2ywxg089UriAWCrCBimCw.woff2
fonts.gstatic.com/s/dmsans/v6/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dmsans/v6/rP2Cp2ywxg089UriAWCrCBimCw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=DM+Sans:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d3411c961b332008c61452f483ada3da4cd0fd06cc264c7f2facfb01bc4b1d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://minhaloja.boticario.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 13:22:00 GMT
x-content-type-options
nosniff
age
523671
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18296
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:00:23 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 17 Dec 2022 13:22:00 GMT
api.js
www.google.com/recaptcha/ 		909 B
994 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
58341529f6331985c1d3f44df3124f3e047a7403a5077f3311dbeae51a57846c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 14:49:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
581
x-xss-protection
1; mode=block
expires
Thu, 23 Dec 2021 14:49:51 GMT
pack-phones.jpg
minhaloja.boticario.com.br/admin/latest/ 		92 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://minhaloja.boticario.com.br/admin/latest/pack-phones.jpg
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-13.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d9658bca2195c58f043af25ae6d94e676a34b1d0a6fc524e28fb68bb40922733
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://minhaloja.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 17:09:37 GMT
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
78015
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
94144
x-xss-protection
1; mode=block
service-worker-allowed
/
referrer-policy
same-origin
last-modified
Wed, 22 Dec 2021 13:21:00 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"64d80cb5fa30576c10e38e420100f8e8"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
image/jpeg
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
o3WV7aLSFXv4_xI5uyONVV2OHEMNjV85PSj4csi9EwK0iGJGw1Ai3g==
anfora.svg
gb-assets.grupoboticario.digital/boticario/image/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gb-assets.grupoboticario.digital/boticario/image/anfora.svg
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-103.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
672a9ad399cc43bb9249f7e53bac67a0dff2c85fe47edc6309d38117bbbfd63b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
036mmZVsxq955Ey29PI2Kpa2bdqr2ArY
content-encoding
gzip
last-modified
Fri, 26 Feb 2021 18:49:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
W/"f30938de71b8eb608a92dea0758c43d2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
date
Thu, 23 Dec 2021 14:49:51 GMT
x-amz-cf-id
zUbQoxMiN5Utg5tn2J6kDbevKFtHNFv3br76Mcg6H2PtMDipayegDQ==
logo-black.svg
gb-assets.grupoboticario.digital/eam/logo/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gb-assets.grupoboticario.digital/eam/logo/logo-black.svg
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-103.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0d92282204c7d00a22f29a05fb6f52dda15db1f76f80a6ed0d91ca95b52bddf8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
xx7LQ_lQKmlr_QTDAYwiZgGCQo0V2RPl
content-encoding
gzip
last-modified
Fri, 26 Feb 2021 18:51:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
W/"6457864a700b1283ef56e437f7989cfd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
date
Thu, 23 Dec 2021 14:49:51 GMT
x-amz-cf-id
29RXlCu3F3sbuxoEJLujBrj_AUVuSA5VXwPJHOUCwszhtbTe8d5yrA==
bot-highlight-estoque.png
minhaloja.boticario.com.br/admin/latest/ 		23 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://minhaloja.boticario.com.br/admin/latest/bot-highlight-estoque.png
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-13.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8cdf15484b8fac7ba673ff0c21b82efc89484d4a1d6b5a71b5074dcca3fff87f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://minhaloja.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 19:01:37 GMT
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
71295
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
23818
x-xss-protection
1; mode=block
service-worker-allowed
/
referrer-policy
same-origin
last-modified
Wed, 22 Dec 2021 13:20:25 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"1b6ea699a4de39800ff661f0921460f5"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
image/png
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
5bXLM5OeCHyzF7jy2nmKNr0Z8QN4iw9lndkaEF6m7N-1kZG7ybFleg==
bot-highlight-filtro.png
minhaloja.boticario.com.br/admin/latest/ 		32 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://minhaloja.boticario.com.br/admin/latest/bot-highlight-filtro.png
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-13.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f269023a49d89d46d2fab43a6a8f014112775912a166a91ad34296f802281b1a
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://minhaloja.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 19:01:37 GMT
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
71295
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
32564
x-xss-protection
1; mode=block
service-worker-allowed
/
referrer-policy
same-origin
last-modified
Wed, 22 Dec 2021 13:20:25 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"40f46f382008507325e7bda7a77efaec"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
image/png
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
I8JUQDQq0aXpmxOKoUU5n88YBSeGD3aeXPkjyvHEZ0EQ_S6EhqcxVg==
bot-highlight-pedidos.png
minhaloja.boticario.com.br/admin/latest/ 		25 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://minhaloja.boticario.com.br/admin/latest/bot-highlight-pedidos.png
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-13.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
095e9d3805dae1c743e5c9d8405467d0b333547d4228d45d349921a6c588fd24
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://minhaloja.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 19:01:37 GMT
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
71295
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
25385
x-xss-protection
1; mode=block
service-worker-allowed
/
referrer-policy
same-origin
last-modified
Wed, 22 Dec 2021 13:20:25 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"7a3df3e8032e8b8a6b775788c5b43d77"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
image/png
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
a1DybN-PtY509OpX3VGrFs7ox-IuYXdc4eyNrFrvi9DV-BurNfV-YA==
bot-item-1.png
minhaloja.boticario.com.br/admin/latest/ 		6 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://minhaloja.boticario.com.br/admin/latest/bot-item-1.png
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-13.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fb685b96686de6581ceab6d5651013085e9fd8cbdce3c19931efc5186e625de6
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://minhaloja.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 19:01:37 GMT
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
71295
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
5845
x-xss-protection
1; mode=block
service-worker-allowed
/
referrer-policy
same-origin
last-modified
Wed, 22 Dec 2021 13:20:26 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"dace377229ea1e5cdba3a958ec2d7a85"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
image/png
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
pdCsLYkU3wju82JnD16JoONcH9_SxnKRjnSiw85IRQw9QRWePQzA2Q==
bot-item-2.png
minhaloja.boticario.com.br/admin/latest/ 		2 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://minhaloja.boticario.com.br/admin/latest/bot-item-2.png
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-13.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0f99f0ee4b5a89a6d1478e40a0624b299db2aa8abe07af223bf0a56f62e3c377
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://minhaloja.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 19:01:37 GMT
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
71295
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2235
x-xss-protection
1; mode=block
service-worker-allowed
/
referrer-policy
same-origin
last-modified
Wed, 22 Dec 2021 13:20:26 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"2215382bb78bd51954e691dd9cb6e7ee"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
image/png
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
bNQyJywxPuh0DuQkDmVr4kPNKEf_A8JKN4sriyCXjmaOur5m5rxkJA==
bot-item-3.png
minhaloja.boticario.com.br/admin/latest/ 		3 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://minhaloja.boticario.com.br/admin/latest/bot-item-3.png
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-13.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4640b89ad8c3d0b2f461f0a2fdc32f92bea359847930664af0d5d0534e1c04a4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://minhaloja.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 23:49:11 GMT
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
54041
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
3058
x-xss-protection
1; mode=block
service-worker-allowed
/
referrer-policy
same-origin
last-modified
Wed, 22 Dec 2021 13:20:27 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"57861ec17f1553d79e6163bb11fd526f"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
image/png
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
kKHXXH61fEEFOtCqWHX1Ih8GV8ZRUs-nWPmFqMcAccJrVuoPeGZe0A==
bot-item-4.png
minhaloja.boticario.com.br/admin/latest/ 		4 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://minhaloja.boticario.com.br/admin/latest/bot-item-4.png
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-13.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
54bb80435ce3ae2318083218742a1812eb896a9f723eeca7d969d648c40bb039
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://minhaloja.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 23:49:11 GMT
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
54041
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
4062
x-xss-protection
1; mode=block
service-worker-allowed
/
referrer-policy
same-origin
last-modified
Wed, 22 Dec 2021 13:20:27 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"2242e2e4105fa71c7972c070dbe45e52"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
image/png
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
nfHEiV39wEkDKL8fPvGQbxu2mvO3yc7juWQa3IvGYyRRJlM733PyIQ==
bot-highlight-pwa.png
minhaloja.boticario.com.br/admin/latest/ 		14 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://minhaloja.boticario.com.br/admin/latest/bot-highlight-pwa.png
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-13.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8df17bf92140c0d62dced6b505f313f18cc791ef8724b650fd22edad73f409d1
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://minhaloja.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 19:01:37 GMT
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
71295
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
13947
x-xss-protection
1; mode=block
service-worker-allowed
/
referrer-policy
same-origin
last-modified
Wed, 22 Dec 2021 13:20:26 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"40b99a5c441c889570b449444cccf40a"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
image/png
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
0N-LKVm62W6MLejAwr7ZjV5oeC57RrPQkX9RGXGhk05GmQfoV8xdSw==
bot-highlight-informacoes.png
minhaloja.boticario.com.br/admin/latest/ 		20 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://minhaloja.boticario.com.br/admin/latest/bot-highlight-informacoes.png
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-13.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8b3131e6870e949cadfc22b61edc1c9fa1aec159e5a5269d223af01310620773
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://minhaloja.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 23:49:11 GMT
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
54041
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
20322
x-xss-protection
1; mode=block
service-worker-allowed
/
referrer-policy
same-origin
last-modified
Wed, 22 Dec 2021 13:20:25 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"4bae0fd3cf2824490ed1b41b89bc4287"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
image/png
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
Uechx4cyqeIbwzoD9fWXLsgJBzzTWsZp8oa1vcaBRiUeZAO1AeRxEg==
bot-highlight-promocao.png
minhaloja.boticario.com.br/admin/latest/ 		38 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://minhaloja.boticario.com.br/admin/latest/bot-highlight-promocao.png
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-13.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
07a7abe9a9b0f78881290bbf7ccdc79bb726010ea4d133e78dbdbed922d897c9
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://minhaloja.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 23:49:12 GMT
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
54040
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
39105
x-xss-protection
1; mode=block
service-worker-allowed
/
referrer-policy
same-origin
last-modified
Wed, 22 Dec 2021 13:20:25 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"9eeaae744545df663bacfdec7355f06b"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
image/png
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
-B0KbyKnguax9OIbet66fWSXrP6iMV9MzixnLo7Bwd_3z57hHVWnNQ==
bot-highlight-zoom.png
minhaloja.boticario.com.br/admin/latest/ 		23 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://minhaloja.boticario.com.br/admin/latest/bot-highlight-zoom.png
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-13.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0c0a47ff752b5b8a8dca61bcaf2bd3f37e0c199cf1dc78c7839085ebce0e04c5
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://minhaloja.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 19:01:37 GMT
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
71294
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
23377
x-xss-protection
1; mode=block
service-worker-allowed
/
referrer-policy
same-origin
last-modified
Wed, 22 Dec 2021 13:20:26 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"7d58e6ae449e6d8868d88289ec6e4bd3"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
image/png
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
WprUq-nkgqnBWoS_DAgn0yPRbubkpdhlXYSk3YXK5Ul_Xit5MGqBvw==
js
www.google-analytics.com/gtm/ 		89 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-T7T2928&t=gtm9&cid=5924706.1640270991
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e7eacafef70c702693c54f69ffac7a2e9038128c6651e3e5724af1edbf858799
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 14:49:51 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36101
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 23 Dec 2021 14:49:51 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ 		348 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
295409307a58f3d19608932eac3c022cff1cacc8671dd26b5614a28f7e25e0b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://minhaloja.boticario.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 14:31:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1131
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
139097
x-xss-protection
0
last-modified
Mon, 13 Dec 2021 05:04:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Fri, 23 Dec 2022 14:31:00 GMT
collect
stats.g.doubleclick.net/j/ 		7 B
452 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-158569306-2&cid=5924706.1640270991&jid=826673364&gjid=470717148&_gid=975966191.1640270991&_u=aGDAgEADQAAAAE~&z=2072850093
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 23 Dec 2021 14:49:51 GMT
content-type
text/plain
access-control-allow-origin
https://minhaloja.boticario.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=646996793&t=pageview&_s=1&dl=https%3A%2F%2Fminhaloja.boticario.com.br%2F&ul=en-us&de=UTF-8&dt=O%20Botic%C3%A1rio%20%7C%20Minha%20Loja%20Digital&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEADQ~&jid=826673364&gjid=470717148&cid=5924706.1640270991&tid=UA-158569306-2&_gid=975966191.1640270991&gtm=2wgc10PTX3XVW&cd4=boticario&cd7=562ca8-0076-172a-78d-6c8ae8a4a436&cd9=revendedor&cd15=web&z=394189383
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Dec 2021 19:07:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
70919
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame F13F 		40 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Leoe7oZAAAAACyDwF4Q4kLm08evbEee2_9Trxp5&co=aHR0cHM6Ly9taW5oYWxvamEuYm90aWNhcmlvLmNvbS5icjo0NDM.&hl=de&type=image&v=VZKEDW9wslPbEc9RmzMqaOAP&theme=light&size=invisible&badge=bottomright&cb=wu2y5vy5bpt6
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6aa3cfee7f16088787d5767de07d881cdc3567e357ce0b438240433f2d19fc9d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Ganv0Xg9tT7TV8YtG9ie0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 23 Dec 2021 14:49:51 GMT
content-security-policy
script-src 'report-sample' 'nonce-Ganv0Xg9tT7TV8YtG9ie0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
20956
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-158569306-2&cid=5924706.1640270991&jid=826673364&_u=aGDAgEADQAAAAE~&z=594175882
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 14:49:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		0
0
styles__ltr.css
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ Frame F13F 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Leoe7oZAAAAACyDwF4Q4kLm08evbEee2_9Trxp5&co=aHR0cHM6Ly9taW5oYWxvamEuYm90aWNhcmlvLmNvbS5icjo0NDM.&hl=de&type=image&v=VZKEDW9wslPbEc9RmzMqaOAP&theme=light&size=invisible&badge=bottomright&cb=wu2y5vy5bpt6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1ac5bc2d2f0c446b2d5bc135db7414a2662ade7b701bc199456d05f51bfc261
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 14:31:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1119
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24152
x-xss-protection
0
last-modified
Mon, 13 Dec 2021 05:04:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Fri, 23 Dec 2022 14:31:12 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ Frame F13F 		348 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Leoe7oZAAAAACyDwF4Q4kLm08evbEee2_9Trxp5&co=aHR0cHM6Ly9taW5oYWxvamEuYm90aWNhcmlvLmNvbS5icjo0NDM.&hl=de&type=image&v=VZKEDW9wslPbEc9RmzMqaOAP&theme=light&size=invisible&badge=bottomright&cb=wu2y5vy5bpt6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
295409307a58f3d19608932eac3c022cff1cacc8671dd26b5614a28f7e25e0b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 14:31:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1131
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
139097
x-xss-protection
0
last-modified
Mon, 13 Dec 2021 05:04:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Fri, 23 Dec 2022 14:31:00 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame F13F 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6644e1c59baf705e99dacc5acb0a1eae7687b5ba94e66a1cdb74959837d17a63
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Leoe7oZAAAAACyDwF4Q4kLm08evbEee2_9Trxp5&co=aHR0cHM6Ly9taW5oYWxvamEuYm90aWNhcmlvLmNvbS5icjo0NDM.&hl=de&type=image&v=VZKEDW9wslPbEc9RmzMqaOAP&theme=light&size=invisible&badge=bottomright&cb=wu2y5vy5bpt6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 14:49:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Thu, 23 Dec 2021 14:49:51 GMT
bframe
www.google.com/recaptcha/api2/ Frame 9368 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&k=6Leoe7oZAAAAACyDwF4Q4kLm08evbEee2_9Trxp5
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1ab0d0edd49c637330d40be0badd4864ee779e10acab49a17b602ac5c4527d3f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bfWD0qS3Nj+HenLqFCdOUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 23 Dec 2021 14:49:51 GMT
content-security-policy
script-src 'report-sample' 'nonce-bfWD0qS3Nj+HenLqFCdOUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1113
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ Frame 9368 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&k=6Leoe7oZAAAAACyDwF4Q4kLm08evbEee2_9Trxp5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1ac5bc2d2f0c446b2d5bc135db7414a2662ade7b701bc199456d05f51bfc261
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 14:31:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1119
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24152
x-xss-protection
0
last-modified
Mon, 13 Dec 2021 05:04:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Fri, 23 Dec 2022 14:31:12 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ Frame 9368 		348 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&k=6Leoe7oZAAAAACyDwF4Q4kLm08evbEee2_9Trxp5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
295409307a58f3d19608932eac3c022cff1cacc8671dd26b5614a28f7e25e0b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 14:31:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1131
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
139097
x-xss-protection
0
last-modified
Mon, 13 Dec 2021 05:04:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Fri, 23 Dec 2022 14:31:00 GMT
reload
www.google.com/recaptcha/api2/ Frame 9368 		35 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6Leoe7oZAAAAACyDwF4Q4kLm08evbEee2_9Trxp5
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b2d8ab61a3195e15fc2209eebf97fbf24ea868c631392346dd9974628345832f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/bframe?hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&k=6Leoe7oZAAAAACyDwF4Q4kLm08evbEee2_9Trxp5
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Thu, 23 Dec 2021 14:49:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21144
x-xss-protection
1; mode=block
expires
Thu, 23 Dec 2021 14:49:51 GMT
nr-spa-1209.min.js
js-agent.newrelic.com/ 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1209.min.js
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
49cd7e514d20a427de78b14e516213d02b2c7ec0cee399584eab79f889c55964

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
d4wwExyN0N4Ag7LHjGXgHn7eRha876Bt
content-encoding
gzip
etag
"0a1d4ac0ed6107cdf844f28cc3ba3b82"
x-amz-request-id
QQ4FS7V4RPFE46MS
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
15799
x-amz-id-2
ewB1A1tIEAtnm2v4G7x83yG7vXnNNwgUr2BOXI5GWRslKllsaYudiFL1cQPle38sUrpSJEqH6T0=
x-served-by
cache-fra19164-FRA
last-modified
Thu, 20 May 2021 23:21:19 GMT
server
AmazonS3
x-timer
S1640270992.769394,VS0,VE0
date
Thu, 23 Dec 2021 14:49:51 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
8
hotjar-1745554.js
static.hotjar.com/c/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1745554.js?sv=7
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-82.fra50.r.cloudfront.net
Software
/
Resource Hash
1b1123ed276cdf8f850856bb1c7e4300ba3b33edbda10a989d125d4dea9ae239
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 14:49:51 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
FRA50-C1
etag
W/1b2cc00c13c6157c63244c997f3337fe
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
yZYgzHJ7Z8Y-y9HzBxI_ciZdTfNe86kmSspra9U0O_zx2vJWljUijQ==
via
1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=646996793&t=event&ni=1&_s=1&dl=https%3A%2F%2Fminhaloja.boticario.com.br%2F&ul=en-us&de=UTF-8&dt=O%20Botic%C3%A1rio%20%7C%20Minha%20Loja%20Digital&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll&ea=scrolling&el=25&_u=aGDAgEADQAAAAE~&jid=&gjid=&cid=5924706.1640270991&tid=UA-158569306-2&_gid=975966191.1640270991&gtm=2wgc10PTX3XVW&cd4=boticario&cd7=562ca8-0076-172a-78d-6c8ae8a4a436&cd9=revendedor&cd15=web&z=633685577
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Dec 2021 19:07:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
70919
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
NRJS-d142cb7d067b4c9c598
bam.nr-data.net/1/ 		57 B
322 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/NRJS-d142cb7d067b4c9c598?a=514334442&sa=1&v=1209.f04e2b9&t=Unnamed%20Transaction&rst=2046&ck=1&ref=https://minhaloja.boticario.com.br/&be=788&fe=2009&dc=797&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1640270989736,%22n%22:0,%22f%22:158,%22dn%22:158,%22dne%22:202,%22c%22:202,%22s%22:207,%22ce%22:225,%22rq%22:225,%22rp%22:654,%22rpe%22:655,%22dl%22:659,%22di%22:793,%22ds%22:796,%22de%22:797,%22dc%22:2009,%22l%22:2009,%22le%22:2010%7D,%22navigation%22:%7B%7D%7D&fp=1242&fcp=1242&jsonp=NREUM.setToken
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.20 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-8.nr-data.net
Software
/
Resource Hash
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Cross-Origin-Resource-Policy
cross-origin
Content-Type
text/javascript;charset=iso-8859-1
Content-Length
57
Expires
Thu, 01 Jan 1970 00:00:00 GMT
modules.6d5409da698bc5e020b1.js
script.hotjar.com/ 		228 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.6d5409da698bc5e020b1.js
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-33.fra50.r.cloudfront.net
Software
/
Resource Hash
9c4e5748b76ca33caac131e0225d2e86ccbf6e156ad007145f6a9c4d34cecbf9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 16:10:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
167985
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
61259
access-control-allow-origin
*
last-modified
Tue, 21 Dec 2021 16:09:54 GMT
etag
"a250696209ae851dce97a4101057f333"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
0m7TN4s3tirmj20qQkoROBOrV3Wmp6A5oJ40xzgH-XFJtEtVB-_sSw==
box-a1ae2079824d1c48aa9ce06efb256f18.html
vars.hotjar.com/ Frame 9993 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-102.fra50.r.cloudfront.net
Software
/
Resource Hash
d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html
content-length
1044
date
Thu, 02 Dec 2021 15:53:06 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
etag
"6215abf691a11c2f451680e635d30daa"
last-modified
Thu, 02 Dec 2021 15:52:57 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
3YyVX0UtoDlnf1YDs334nORVrc4ZEGeABPh9LxkeayJCtinedZfivA==
age
1810605
1745554
vc.hotjar.io/sessions/ 		0
256 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/1745554?s=0.25&r=0.10271229990169051
Requested by
Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-13.fra50.r.cloudfront.net
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 14:49:52 GMT
via
1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
server
Python/3.7 aiohttp/3.5.4
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
hl22eBchccxCH3nE99agyYd7hJzFrgZ2_V9ZhrRfnpuo245dczWwNA==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google.co.uk
URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-158569306-2&cid=5924706.1640270991&jid=826673364&_u=aGDAgEADQAAAAE~&z=594175882

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer function| OptanonWrapper object| NREUM object| newrelic function| __nr_require object| webpackChunkcontainer function| jsonFeed object| otStubData object| Optanon object| OneTrust object| admin object| webpackChunkadmin object| vitrine object| webpackChunkvitrine number| 2f1acc6c3a606b082e5eef5e54414ffb object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaplugins object| gaGlobal object| gaData object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_optimize object| recaptcha object| closure_lm_723040 function| hj object| _hjSettings object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules

12 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09ABBMTcMFMghIaGTzKS2IQ4dcq5R64tIwnmBWJWeXE3rb2A58AnVT1ZP_DxCgDHay5cdN3sGgABAVfFDGFUvli8s
.minhaloja.boticario.com.br/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Thu+Dec+23+2021+14%3A49%3A50+GMT%2B0000+(GMT)&version=6.24.0&isIABGlobal=false&hosts=&consentId=11eaa7e5-c154-4a61-b80b-2d37641da579&interactionCount=0&landingPath=https%3A%2F%2Fminhaloja.boticario.com.br%2F&groups=C0001%3A1%2CC0002%3A1%2CC0003%3A1%2CC0004%3A1
.boticario.com.br/ Name: _gcl_au
Value: 1.1.1116092189.1640270991
.boticario.com.br/ Name: _ga
Value: GA1.3.5924706.1640270991
.boticario.com.br/ Name: _gid
Value: GA1.3.975966191.1640270991
.boticario.com.br/ Name: _dc_gtm_UA-158569306-2
Value: 1
.boticario.com.br/ Name: _hjSessionUser_1745554
Value: eyJpZCI6ImUwY2U1NDQxLTQ1OWQtNTRhYy04Y2IxLTRlYmJiYWNmZDkzYyIsImNyZWF0ZWQiOjE2NDAyNzA5OTE4ODgsImV4aXN0aW5nIjpmYWxzZX0=
.boticario.com.br/ Name: _hjFirstSeen
Value: 1
.boticario.com.br/ Name: _hjSession_1745554
Value: eyJpZCI6IjNmNDc3ZWZlLTM5OGItNDRjNS05MjRlLTFkOTAxZjliZGFjMiIsImNyZWF0ZWQiOjE2NDAyNzA5OTE5Njh9
minhaloja.boticario.com.br/ Name: _hjIncludedInSessionSample
Value: 0
.boticario.com.br/ Name: _hjAbsoluteSessionInProgress
Value: 1
.nr-data.net/ Name: JSESSIONID
Value: 4d2749158e4484e0

1 Console Messages

Source Level URL
Text
security error URL: https://minhaloja.boticario.com.br/
Message:
Refused to load the image 'https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-158569306-2&cid=5924706.1640270991&jid=826673364&_u=aGDAgEADQAAAAE~&z=594175882' because it violates the following Content Security Policy directive: "img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob:".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
cdn-global.configcat.com
cdn.cookielaw.org
fonts.googleapis.com
fonts.gstatic.com
gb-assets.grupoboticario.digital
geolocation.onetrust.com
js-agent.newrelic.com
meucatalogodigital.boticario.com.br
meucatalogodigitalresources.grupoboticario.digital
minhaloja.boticario.com.br
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
vc.hotjar.io
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.gstatic.com
www.google.co.uk
143.204.98.100
143.204.98.102
143.204.98.103
143.204.98.13
143.204.98.33
143.204.98.44
143.204.98.82
151.101.194.137
162.247.242.20
2606:4700:10::6814:b844
2606:4700:10::6816:1a9f
2606:4700::6810:9440
2a00:1450:4001:801::2008
2a00:1450:4001:802::200a
2a00:1450:4001:80f::2004
2a00:1450:4001:811::200e
2a00:1450:4001:812::2003
2a00:1450:4001:82a::2003
2a00:1450:400c:c0c::9a
07a5d470d342b317c9184b20856080b4a083f463293971ec7751f0be48039f8f
07a7abe9a9b0f78881290bbf7ccdc79bb726010ea4d133e78dbdbed922d897c9
095e9d3805dae1c743e5c9d8405467d0b333547d4228d45d349921a6c588fd24
0c0a47ff752b5b8a8dca61bcaf2bd3f37e0c199cf1dc78c7839085ebce0e04c5
0d92282204c7d00a22f29a05fb6f52dda15db1f76f80a6ed0d91ca95b52bddf8
0ed1c09a270e3ec711b4aaf5b05d2cb99d62c25360e798a1434711bd397de575
0f99f0ee4b5a89a6d1478e40a0624b299db2aa8abe07af223bf0a56f62e3c377
0fc5b4dedeb4acc1a01efc2b226aa9a7904a82b9a4cab6e2b90dd26a4068856e
11007819187396a8ecfea1c297fc53956fd653ec19c02451ef83a814e9acfe0b
11d6ee17bd470d906704e12f6cfe99d1c87519aa9b52239aff003646fa5e6190
121e8b47d5e772c09d51347f5ceff9edf192b637d35d454b6fb69acbb3b366af
1582818ac1ba9ee326fa08cdb4db4791a2bf031aaf976a8e121ac535b594c398
18f52f0fa5c52403fdb0afaf3827b883e079d6c4137aa725a4111de217cbd696
1ab0d0edd49c637330d40be0badd4864ee779e10acab49a17b602ac5c4527d3f
1b1123ed276cdf8f850856bb1c7e4300ba3b33edbda10a989d125d4dea9ae239
24508b82a87ed41e1dbec0e55a404055cab488d5417d0a0352adb1551ff98aa0
295409307a58f3d19608932eac3c022cff1cacc8671dd26b5614a28f7e25e0b0
29a93d731434e92cd8081bb2af123c2cea435d7893245a04134d7fbf713518f9
2d9decf32d1f341945c160f048ab3fc63f1d0c6df7f745dd0f49cdfc3117b5b4
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
36cd8ebd7e467fa9ec7416eba5abc3e912e7154dfb17eecf62db02ca53348abb
392f196c197758bafbfb4a917625b5a20a84cd7977433a134140f9c6f745058f
394f74a2fd40f8a7d48ab0fef108547ce5b4580f4e87ed22cd69f76e6415f2e4
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
437ba48e15c6a06a669c284df1c9516ca2678f6aaae8e080a26a3662c0891c03
4640b89ad8c3d0b2f461f0a2fdc32f92bea359847930664af0d5d0534e1c04a4
49cd7e514d20a427de78b14e516213d02b2c7ec0cee399584eab79f889c55964
4d2a74d8b25e1ccd4b1294b0b937804bc24aeea7f46edad3f3c1f91604d2708c
4f99354072168678ad38aeb06685a45f79a18b3136378ad6680625cd60d97cd0
54bb80435ce3ae2318083218742a1812eb896a9f723eeca7d969d648c40bb039
582b1075b04787e0090c0d6585b647018b4a203a04cb693fe8f4f99b1a0fd1ce
58341529f6331985c1d3f44df3124f3e047a7403a5077f3311dbeae51a57846c
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
6644e1c59baf705e99dacc5acb0a1eae7687b5ba94e66a1cdb74959837d17a63
672a9ad399cc43bb9249f7e53bac67a0dff2c85fe47edc6309d38117bbbfd63b
6aa3cfee7f16088787d5767de07d881cdc3567e357ce0b438240433f2d19fc9d
6af7f2a7319a700fa7d79c2ee318a8f468b39325b04b8740f963a2678932beeb
77ae4fb56d2da594993ef6f0203c0cef103af28f7e4c5e0ac045909137422cf9
7f34893a704d4a71da0fa274dd428284f6fb17b549008ae11148b851435a3e51
7ff92102b6f813e294c4bbd27c6b2c526f69a5d13636eaecdcd94e92fffc2552
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
850f66e3a3525eeadd67a295859122a1ec870b53376d34281e1a88ef06e4d225
858d3ae73f132b8f3d872db375db917a266b904a671ef12213fe898b038d9237
8a883974729df810eb42dda5ee43ba10e8a9be598ed5a97610cfa56358991e8d
8b3131e6870e949cadfc22b61edc1c9fa1aec159e5a5269d223af01310620773
8cdf15484b8fac7ba673ff0c21b82efc89484d4a1d6b5a71b5074dcca3fff87f
8d3411c961b332008c61452f483ada3da4cd0fd06cc264c7f2facfb01bc4b1d5
8df17bf92140c0d62dced6b505f313f18cc791ef8724b650fd22edad73f409d1
9c4e5748b76ca33caac131e0225d2e86ccbf6e156ad007145f6a9c4d34cecbf9
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b2d8ab61a3195e15fc2209eebf97fbf24ea868c631392346dd9974628345832f
b57a6b841549a82b9d1ac783a8d2deafdd0b4fc854446625a7de9ab44c1f551e
bbffe137df9de30504c9a813fff9ee7c6b60b2e802daf9aeb7e3d476ac90614a
c540c2421660f25afa9edabf188e3409753d3d94dc01a4fd6662df787a2767f3
d285fae14a8b969bb0d4e5f10ea88e6ec60610d5090818b1ade3e244a03fc832
d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca
d4995bdb0d79766a30b0c3af9ba395424f11a67b0a0dcde618c210ba2b67f3df
d723c4ceb0f73b7ebd59aa950a0324f05b8d7d109faf1f27e3b84f47c7d60e0b
d9658bca2195c58f043af25ae6d94e676a34b1d0a6fc524e28fb68bb40922733
da9ddaf5cac3f0e3e7a3b7df692dd604a9579d5a58e8f0eb08cc4e71581cbf6d
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
e07b00827f5f6d2c71523bac1292216711543a067a8d0f2532454ba28266cfcb
e1d3f2ecd8f883d83fb05bca8f430a39877676475b620e6db6eccf61c5fa8daf
e35d3121e39bb7d96a8fbe1bd46b1ea79c1ce954c5e1d6cf3fb6f8117dfa7599
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55d635023217556467008ffd60527fab5337cb0620cd985c18de654dc8d0f99
e66647558738216efd2c6a0460f380175b08b7c8407dbbebde8e3f7bbe1eeefb
e7eacafef70c702693c54f69ffac7a2e9038128c6651e3e5724af1edbf858799
ec2f6762f857fdc509ffa369c2b398982af1fa6cd2c0298d6088046fa757b852
ee8a8114c7658b7865e50235668f485cb48a22439d8f9afd987eb2a3f9ff1359
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ac5bc2d2f0c446b2d5bc135db7414a2662ade7b701bc199456d05f51bfc261
f269023a49d89d46d2fab43a6a8f014112775912a166a91ad34296f802281b1a
f54a6119d3615df97b64f039557b186019f21742edd3915754aaf88aa7b4e2e9
f9714289219fcd069b4b97027f6cc40309ff4b22aa46070c4c03e77ca0df7b05
fb685b96686de6581ceab6d5651013085e9fd8cbdce3c19931efc5186e625de6
fb9950bf5f0a01a67b38064c58d15a8aff6e674e4f3c494733ffc861fe815912