www.weco.org.br Open in urlscan Pro
2606:4700:3036::6815:2aba  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.weco.org.br/	9 KB 3 KB	811ms 357ms	Document text/html	2606:4700:3036::6815:2aba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.weco.org.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:2aba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / MODX Revolution Resource Hash 948b1b9066be3fe53569bfcfeae0d4e0be399b371d585cd1ec8cc8bc42827e22 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 845902cc88608de5-MIA content-encoding br content-type text/html; charset=UTF-8 date Sun, 14 Jan 2024 21:35:49 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ry7ucF121f%2BgZCqdXuGMn4H9W26jhzJgNShQwFJE5C8HoWBCcfD%2F1heF9kOoQJl%2BQozINuFqwsz0DD28Ol6468sFpgVeM3ucQpTGScZMYiiOCoIwPOqw42shNRwyjlLUm9FfdtFmO09GH851hSE%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by MODX Revolution
GET H2	200	style.css www.weco.org.br/assets/app/css/	9 KB 2 KB	191ms 189ms	Stylesheet text/css	2606:4700:3036::6815:2aba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.weco.org.br/assets/app/css/style.css Requested by Host: www.weco.org.br URL: https://www.weco.org.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:2aba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 57be7c1cd8cb6e396424765445c4639fc8083aa0ffed37c90c1fef5709451045 Request headers accept-language en-US,en;q=0.9 Referer https://www.weco.org.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 21:35:49 GMT content-encoding br cf-cache-status MISS last-modified Thu, 12 Oct 2023 00:23:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65273c70-2583" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ytoTHa3ds%2F%2BjMsMl%2Bhu%2BCQVi0IExvXPKDZ2Pr7FX%2BDPizlzroe0SQFtMZnCItMkrNTC%2B1jAMBx7687kH%2FsqS3AJBDBf2Ye%2FtGUMByWqIKNhua7UDRkuT06XEE%2BPHN4RsMTAJPfaVY5ZXVKCOK7s%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=2592000 cf-ray 845902cecd638de5-MIA alt-svc h3=":443"; ma=86400
GET H2	200	js Show response www.googletagmanager.com/gtag/	276 KB 92 KB	281ms 118ms	Script application/javascript	2607:f8b0:4020:805::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-SXRNZKLNT3 Requested by Host: www.weco.org.br URL: https://www.weco.org.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:805::2008 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 8135c1c645f770bff7762b0e74287b22bd85388874cbf37fd0f2acfd420470b3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.weco.org.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 21:35:49 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 93614 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sun, 14 Jan 2024 21:35:49 GMT
GET H2	200	logo-header-wc.svg www.weco.org.br/assets/app/images/	2 KB 1 KB	160ms 160ms	Image image/svg+xml	2606:4700:3036::6815:2aba CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.weco.org.br/assets/app/images/logo-header-wc.svg Requested by Host: www.weco.org.br URL: https://www.weco.org.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:2aba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 149e586d5f0733a4c7f99580ef625b82f723c1409b28a29518bc659a4ecec58b Request headers accept-language en-US,en;q=0.9 Referer https://www.weco.org.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 21:35:49 GMT content-encoding br cf-cache-status HIT last-modified Thu, 11 Jan 2024 14:27:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"659ffadc-8ce" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XUWl4xG1qELXsbkubkHMZNV1KXSIUVCjuGbwSZHMfcAE1IhOZuKXHHHhm36U%2BJv2E6g2YbMtOR1GgOJRwbxzNLVxhqNY0X6nEi21CSJTZzZ8yQwaLD3E3y2khq23PoqdRrMDTvd8rvyaLJRWhQ8%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control public, max-age=2592000 cf-ray 845902cecd648de5-MIA alt-svc h3=":443"; ma=86400
GET H2	200	bckg-image.webp www.weco.org.br/assets/app/images/	44 KB 45 KB	655ms 654ms	Image image/webp	2606:4700:3036::6815:2aba CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.weco.org.br/assets/app/images/bckg-image.webp Requested by Host: www.weco.org.br URL: https://www.weco.org.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:2aba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b9a791a6ef6fb3bb75ae68872559174387436a026ceaf4977c351ad090e04bc0 Request headers accept-language en-US,en;q=0.9 Referer https://www.weco.org.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 21:35:50 GMT cf-cache-status MISS last-modified Thu, 11 Jan 2024 13:15:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "659fe9dc-b14c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iZtrhEvucQ2oxVEXwet7y5fduswK3zX19%2FJWzT01xpvGsIXq40cSlhBrFGb2bbeJnMxrlMbjRxb85wZaUwW3zaThwtF7eTPhIGORN6RCko8h2J3K5vDSWON3QXQRjpyJewA%2FrINBYKLghJRPjvo%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=2592000 accept-ranges bytes cf-ray 845902cecd658de5-MIA alt-svc h3=":443"; ma=86400 content-length 45388
GET H2	200	buy-button.js Show response js.stripe.com/v3/	10 KB 4 KB	221ms 58ms	Script text/javascript	52.85.151.41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/buy-button.js Requested by Host: www.weco.org.br URL: https://www.weco.org.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.151.41 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-151-41.iad89.r.cloudfront.net Software Cloudfront / Resource Hash f5a1dfcd39856e5e276857e584d5c92520bf6b9899ffd8fe4cd108d712102b72 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://www.weco.org.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 21:35:49 GMT content-encoding br via 1.1 e89d95d090c0c86ecc7b8930e434625c.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 38 x-amz-cf-pop IAD89-C3 x-cache Hit from cloudfront last-modified Fri, 12 Jan 2024 21:06:26 GMT server Cloudfront etag W/"07c17756aac4f3d90012e60f781791f1" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=60 timing-allow-origin * x-amz-cf-id tg6_HjLyLk3TpVqNQj--F2LsgRbn4mmzNNcJXm0t-W3kSDgFYcq38Q==
GET H3	200	logo-footer-wc.svg www.weco.org.br/assets/app/images/	4 KB 2 KB	184ms 184ms	Image image/svg+xml	2606:4700:3036::6815:2aba CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.weco.org.br/assets/app/images/logo-footer-wc.svg?r=1 Requested by Host: www.weco.org.br URL: https://www.weco.org.br/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:2aba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 11f8df805b4557a33a38bfb949443d57805e4a795146447be7001f701b1020f4 Request headers accept-language en-US,en;q=0.9 Referer https://www.weco.org.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 21:35:49 GMT content-encoding br cf-cache-status MISS last-modified Thu, 11 Jan 2024 14:32:45 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"659ffc0d-ec3" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q7sFeChF9%2FbQmDT6ln8TEHsJFml%2BdyG6DUZ2MO4YSsYiqNP9u0XuYLzpVHaO0j%2B0LQJp5OvD%2B3kz6GDzlF99rz2k8KrUm3OL%2BNzirfg5J6jaLRfAHJezS4ZCO4%2FIcrp1xe9VFQMYSVt7F3fDYFg%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control public, max-age=2592000 cf-ray 845902cfdc828bff-MIA alt-svc h3=":443"; ma=86400
GET H3	200	email-decode.min.js Show response www.weco.org.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 1 KB	36ms 36ms	Script application/javascript	2606:4700:3036::6815:2aba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.weco.org.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: www.weco.org.br URL: https://www.weco.org.br/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:2aba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language en-US,en;q=0.9 Referer https://www.weco.org.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 21:35:49 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 27 Dec 2023 10:36:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"658bfe17-4d7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3rVVF0wYNH6DYK0ZxKTAJjC4AKO8QH7PxcSS5AwpS4r94p0ybDvm%2FKIMdX4VAYGAVU2Kq4YBYR3MoWPoZ0J2DR8eanedHjJ4yXjQRZ4todP%2BEAffUbnd%2Bfs2wn7hN%2BD%2FlBjDoDAc0fcQ4o8G2Iw%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-frame-options DENY cache-control max-age=172800, public cf-ray 845902d00cb38bff-MIA expires Tue, 16 Jan 2024 21:35:49 GMT
GET H3	200	normal.woff2 www.weco.org.br/cf-fonts/s/noto-serif/5.0.15/latin/700/	27 KB 27 KB	185ms 184ms	Font application/octet-stream	2606:4700:3036::6815:2aba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.weco.org.br/cf-fonts/s/noto-serif/5.0.15/latin/700/normal.woff2 Requested by Host: www.weco.org.br URL: https://www.weco.org.br/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:2aba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a0a9ce1553fa74dad4d8cf55b7df7d012a3acdec01cd39d682fce0e5b52e99f2 Request headers Referer https://www.weco.org.br/ Origin https://www.weco.org.br accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 21:35:49 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rvSPO5skNk4WaZx6vXRceeZhd2hz78qimgZ978GuzlmzfLdRzvgh2j7qSk3ZhtdG80t7%2FpfpZa8eIhc4MItVuGJ564ADZxvgbM3SxD%2BgxD%2FwTAlrTdkGfvX%2FfKwStj2HajlgiVclZH7LMrlRNtY%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=31536000, immutable cf-ray 845902d00cc48bff-MIA alt-svc h3=":443"; ma=86400 content-length 27456
GET H3	200	normal.woff2 www.weco.org.br/cf-fonts/s/roboto/5.0.11/latin/400/	15 KB 16 KB	59ms 59ms	Font application/octet-stream	2606:4700:3036::6815:2aba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.weco.org.br/cf-fonts/s/roboto/5.0.11/latin/400/normal.woff2 Requested by Host: www.weco.org.br URL: https://www.weco.org.br/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:2aba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Request headers Referer https://www.weco.org.br/ Origin https://www.weco.org.br accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 21:35:49 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7vOUOxfKbiOVLq4LElhdiMDxBbS7LrQPJurycjalU%2BwiJmJrw3%2FZ116jW%2Bs35ugK4xiAGh%2Begg%2BsMr41VZMK%2BjiA61LYDufQhD7RXc552T4%2FopxgZ0MmkMDyARGI0eE%2FLufH09SLz4FQQVMzl70%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=31536000, immutable cf-ray 845902d00cc68bff-MIA alt-svc h3=":443"; ma=86400 content-length 15744
GET H3	200	normal.woff2 www.weco.org.br/cf-fonts/s/noto-serif/5.0.15/latin/400/	23 KB 24 KB	166ms 166ms	Font application/octet-stream	2606:4700:3036::6815:2aba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.weco.org.br/cf-fonts/s/noto-serif/5.0.15/latin/400/normal.woff2 Requested by Host: www.weco.org.br URL: https://www.weco.org.br/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:2aba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 25475d82cc976fb2c71b15b3e416c22bf636dd247bbb268d312e7c076ec5b6e4 Request headers Referer https://www.weco.org.br/ Origin https://www.weco.org.br accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 21:35:49 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=za8hIi08uB8bdv887GZwrR81pKyY%2FMGbI5YyS6mxWSqPmfGss6%2F495h5GIP%2BuTBnwrfQMPOTpYPDbZRzp5UyTZa6w6HUp4LvAN0Op8I%2Fj6WhuDyBfuEZc6XjTrGHVQSG66CrfIFliCewr4Uiqg4%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=31536000, immutable cf-ray 845902d00cc98bff-MIA alt-svc h3=":443"; ma=86400 content-length 23948
GET		buy-button-app.html js.stripe.com/v3/ Frame A08C	0 0
GET		buy-button-app.html js.stripe.com/v3/ Frame A08C	0 0
GET H2	200	buy-button-app.html Show response js.stripe.com/v3/ Frame A08C	956 B 2 KB	61ms 60ms	Document text/html	52.85.151.41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/buy-button-app.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/buy-button.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.151.41 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-151-41.iad89.r.cloudfront.net Software Cloudfront / Resource Hash 5134007cd28f630734e4579e8ee4d3b28136f9a1d814e806ea969119bad33a8c Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://r.stripe.com https://errors.stripe.com https://merchant-ui-api.stripe.com; default-src 'none'; font-src 'self' https://js.stripe.com; form-action 'none'; frame-src 'self' https://js.stripe.com; img-src 'self' https://js.stripe.com https://stripe-camo.global.ssl.fastly.net https://d1wqzb5bdbcre6.cloudfront.net https://files.stripe.com https://img.stripecdn.com; script-src 'self' https://js.stripe.com; style-src 'self' https://js.stripe.com; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.weco.org.br/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 40 cache-control max-age=60 content-length 956 content-security-policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://r.stripe.com https://errors.stripe.com https://merchant-ui-api.stripe.com; default-src 'none'; font-src 'self' https://js.stripe.com; form-action 'none'; frame-src 'self' https://js.stripe.com; img-src 'self' https://js.stripe.com https://stripe-camo.global.ssl.fastly.net https://d1wqzb5bdbcre6.cloudfront.net https://files.stripe.com https://img.stripecdn.com; script-src 'self' https://js.stripe.com; style-src 'self' https://js.stripe.com; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://api.stripe.com https://r.stripe.com https://errors.stripe.com https://merchant-ui-api.stripe.com; default-src 'none'; font-src 'self' https://js.stripe.com; form-action 'none'; frame-src 'self' https://js.stripe.com; img-src 'self' https://js.stripe.com https://stripe-camo.global.ssl.fastly.net https://d1wqzb5bdbcre6.cloudfront.net https://files.stripe.com https://img.stripecdn.com; script-src 'self' https://js.stripe.com; style-src 'self' https://js.stripe.com; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Sun, 14 Jan 2024 21:35:50 GMT etag "84d366d83533ba47b0c93691f0b878b3" last-modified Fri, 12 Jan 2024 21:06:26 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 e89d95d090c0c86ecc7b8930e434625c.cloudfront.net (CloudFront) x-amz-cf-id wm6G50LndXncDGX5xRFtCZMUasU6P5olPd3GwbULggyI3xs5qM4SjA== x-amz-cf-pop IAD89-C3 x-cache Hit from cloudfront x-content-type-options nosniff
POST H2	204	collect www.google-analytics.com/g/	0 254 B	212ms 78ms	Ping text/plain	2607:f8b0:4006:821::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-SXRNZKLNT3&gtm=45je41a0v9175021073&_p=1705268149744&gcd=11l1l1l1l1&dma=0&cid=353056255.1705268150&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705268150&sct=1&seg=0&dl=https%3A%2F%2Fwww.weco.org.br%2F&dt=We%20Collab&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1350 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-SXRNZKLNT3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:821::200e Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://www.weco.org.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Sun, 14 Jan 2024 21:35:50 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.weco.org.br cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	buy-button-app-ffa3d7b059451a0a3d2708ab83f73dc0.js Show response js.stripe.com/v3/fingerprinted/js/ Frame A08C	545 KB 161 KB	191ms 190ms	Script text/javascript	52.85.151.41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/buy-button-app-ffa3d7b059451a0a3d2708ab83f73dc0.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/buy-button-app.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.151.41 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-151-41.iad89.r.cloudfront.net Software Cloudfront / Resource Hash d0923f8026440155d0d4961f2b7686530984aa85cd502aa5aeac61ead274e662 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://js.stripe.com/v3/buy-button-app.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 21:19:20 GMT content-encoding br via 1.1 e89d95d090c0c86ecc7b8930e434625c.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 1152 x-amz-cf-pop IAD89-C3 x-cache Hit from cloudfront last-modified Fri, 12 Jan 2024 21:06:36 GMT server Cloudfront etag W/"7baecd5d71bd0ab57ab6ec4fe3746126" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id zVcBl5Bi1ZJn8EncM6i5b33boz3kRbsRIhEmqaio2JX14d-_6O5SOA==
GET H2	200	buy-button-app-819a90e187dbfc9e16be57c89f2e7032.css js.stripe.com/v3/fingerprinted/css/ Frame A08C	90 KB 13 KB	64ms 64ms	Stylesheet text/css	52.85.151.41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/css/buy-button-app-819a90e187dbfc9e16be57c89f2e7032.css Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/buy-button-app.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.151.41 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-151-41.iad89.r.cloudfront.net Software Cloudfront / Resource Hash c6c0f9d69b04f72b62e43c12ae597616e58fdb9adb7c6d64c147d54bd93d80f3 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://js.stripe.com/v3/buy-button-app.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 20:52:33 GMT content-encoding br via 1.1 e89d95d090c0c86ecc7b8930e434625c.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 2616 x-amz-cf-pop IAD89-C3 x-cache Hit from cloudfront last-modified Mon, 08 Jan 2024 21:41:44 GMT server Cloudfront etag W/"5ca9cb20ee46cbb8c6a2a4a144d84c8a" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id C_y5uwQThWRzsxS9cINY2qgbZtJ_7YD-5heRfCg4XTLoelW5AnqKPg==
GET H2	200	buy-button-loading-201b8f1bd17fdeb5731de4921ad5877c.js Show response js.stripe.com/v3/fingerprinted/js/ Frame A08C	114 B 613 B	65ms 65ms	Script text/javascript	52.85.151.41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/buy-button-loading-201b8f1bd17fdeb5731de4921ad5877c.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/buy-button-app.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.151.41 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-151-41.iad89.r.cloudfront.net Software Cloudfront / Resource Hash f5d9a4837f23bff5fe3c9722958b0b5c939e1af1cf32addb82bac7981cca59f2 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://js.stripe.com/v3/buy-button-app.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 21:12:19 GMT via 1.1 e89d95d090c0c86ecc7b8930e434625c.cloudfront.net (CloudFront) x-content-type-options nosniff strict-transport-security max-age=31556926; includeSubDomains; preload age 1464 x-amz-cf-pop IAD89-C3 x-cache Hit from cloudfront content-length 114 last-modified Mon, 08 Jan 2024 21:41:54 GMT server Cloudfront etag "68f7b45adc04580b3a05b1a480ad3c10" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin * x-amz-cf-id owlT9qaAVuAJVUFh5e0y6CTFi4UY_4d_fmU40beTA_iGukJKApWZ3Q==
GET H2	200	stripe-ad7b726d891ac69bc8cdd6b21194c9be.js Show response js.stripe.com/v3/fingerprinted/js/ Frame A08C	585 KB 144 KB	72ms 72ms	Script text/javascript	52.85.151.41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/stripe-ad7b726d891ac69bc8cdd6b21194c9be.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/buy-button-app.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.151.41 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-151-41.iad89.r.cloudfront.net Software Cloudfront / Resource Hash d9cf8395ee0a7d904dbbbc5a13c251caf17b06a52199c10015d34556a8cf5a11 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://js.stripe.com/v3/buy-button-app.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 21:07:26 GMT content-encoding br via 1.1 e89d95d090c0c86ecc7b8930e434625c.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 1705 x-amz-cf-pop IAD89-C3 x-cache Hit from cloudfront last-modified Fri, 12 Jan 2024 21:06:40 GMT server Cloudfront etag W/"683b9f5de81fe1d181bceec0c32cc9fe" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id mojW2UOMOYHvdVRXjwtx_uCyM94eFDH0Ir_t1pytyFwjt4kdLfJMMg==
POST H2	200	csp-report q.stripe.com/ Frame A08C	0 717 B	345ms 111ms	Other text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: www.weco.org.br URL: https://www.weco.org.br/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Content-Type application/csp-report Response headers date Sun, 14 Jan 2024 21:35:50 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1705268150389885 x-envoy-upstream-service-time 1 content-length 0 x-stripe-bg-intended-route-color blue pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 0 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1705268150389643 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
POST H2	200	csp-report q.stripe.com/ Frame A08C	0 716 B	360ms 126ms	Other text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: www.weco.org.br URL: https://www.weco.org.br/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Content-Type application/csp-report Response headers date Sun, 14 Jan 2024 21:35:50 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1705268150391383 x-envoy-upstream-service-time 3 content-length 0 x-stripe-bg-intended-route-color blue pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 1 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1705268150389666 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
GET H2	200	.deploy_status_henson.json Show response js.stripe.com/v3/ Frame A08C	474 B 865 B	171ms 56ms	Fetch application/json	52.85.151.41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/.deploy_status_henson.json Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/buy-button-app-ffa3d7b059451a0a3d2708ab83f73dc0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.151.41 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-151-41.iad89.r.cloudfront.net Software Cloudfront / Resource Hash 549478ba46ac97af73018ed0ca78cfa43dae13eddcc812ced06f664bd7d22e57 Request headers Accept application/json Referer https://js.stripe.com/v3/buy-button-app.html accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Sun, 14 Jan 2024 21:34:54 GMT via 1.1 738984066968793a5714282f49fe0ab8.cloudfront.net (CloudFront) last-modified Fri, 12 Jan 2024 21:47:32 GMT server Cloudfront age 57 x-amz-cf-pop IAD89-C3 etag "60455c1489f3dd8c3e61d0d8d0031cfd" vary Accept-Encoding x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control max-age=60 accept-ranges bytes content-length 474 x-amz-cf-id z7HVntD-On1PPddcFcw4wOVi6tU0nekYr4WzMiGD5YaMB0Ig3yruCQ==
GET H2	200	2887-5ff86e2b06bdd8cc946a837743c2d1da.js Show response js.stripe.com/v3/fingerprinted/js/ Frame A08C	148 KB 35 KB	58ms 57ms	Script text/javascript	52.85.151.41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/2887-5ff86e2b06bdd8cc946a837743c2d1da.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/buy-button-app-ffa3d7b059451a0a3d2708ab83f73dc0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.151.41 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-151-41.iad89.r.cloudfront.net Software Cloudfront / Resource Hash 533863d9f2223c70e7c6e4ca5fb45a2f7e6f670ff704762ed3704e842e8cc5f7 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://js.stripe.com/v3/buy-button-app.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 20:41:24 GMT content-encoding br via 1.1 e89d95d090c0c86ecc7b8930e434625c.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 3267 x-amz-cf-pop IAD89-C3 x-cache Hit from cloudfront last-modified Mon, 08 Jan 2024 21:41:53 GMT server Cloudfront etag W/"5fe54b6fa83a2e8abc7381fbd8a19335" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id OIyuz9wLFJRx_lV2ScSL4VTQ4WJZJ-eTm97olQTy4bCZdb6Ejhdsgw==
GET H2	200	phone-numbers-lib-77816fcadf00165f33508b5110d84e70.js Show response js.stripe.com/v3/fingerprinted/js/ Frame A08C	2 KB 1 KB	60ms 60ms	Script text/javascript	52.85.151.41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-77816fcadf00165f33508b5110d84e70.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/buy-button-app-ffa3d7b059451a0a3d2708ab83f73dc0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.151.41 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-151-41.iad89.r.cloudfront.net Software Cloudfront / Resource Hash 14d690bc41a0b55a201b73e45f6b177d36039beac7ff37848fa3b7e7469f441b Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://js.stripe.com/v3/buy-button-app.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 20:54:16 GMT content-encoding br via 1.1 e89d95d090c0c86ecc7b8930e434625c.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 2495 x-amz-cf-pop IAD89-C3 x-cache Hit from cloudfront last-modified Thu, 04 Jan 2024 21:09:58 GMT server Cloudfront etag W/"09f6e213a499193b37f7b7cc157e020d" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id Gx09jvFTiMtHZaSSiGYVbdB8jQH1aOm0YB5B5YccPyt29BFmxZxX3A==
GET H2	200	.deploy_status_henson.json Show response js.stripe.com/v3/ Frame A08C	474 B 864 B	159ms 56ms	Fetch application/json	52.85.151.41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/.deploy_status_henson.json Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/buy-button-app-ffa3d7b059451a0a3d2708ab83f73dc0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.151.41 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-151-41.iad89.r.cloudfront.net Software Cloudfront / Resource Hash 549478ba46ac97af73018ed0ca78cfa43dae13eddcc812ced06f664bd7d22e57 Request headers Accept application/json Referer https://js.stripe.com/v3/buy-button-app.html accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Sun, 14 Jan 2024 21:34:54 GMT via 1.1 738984066968793a5714282f49fe0ab8.cloudfront.net (CloudFront) last-modified Fri, 12 Jan 2024 21:47:32 GMT server Cloudfront age 57 x-amz-cf-pop IAD89-C3 etag "60455c1489f3dd8c3e61d0d8d0031cfd" vary Accept-Encoding x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control max-age=60 accept-ranges bytes content-length 474 x-amz-cf-id N0NiKlBv8zW78DBu0mA0OQ3Yj3y0wXV0ohgCxiS1aN1A7SNEaE2tQQ==
GET H2	200	8433-72e9ba6fe5d4f9d3d8ee8d05b6d8ad97.js Show response js.stripe.com/v3/fingerprinted/js/ Frame A08C	66 KB 20 KB	58ms 58ms	Script text/javascript	52.85.151.41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/8433-72e9ba6fe5d4f9d3d8ee8d05b6d8ad97.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/buy-button-app-ffa3d7b059451a0a3d2708ab83f73dc0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.151.41 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-151-41.iad89.r.cloudfront.net Software Cloudfront / Resource Hash 48f797b00e499c2d8c87ee5b51d22f72648e737bf82ca79e6c414f9730165cd9 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://js.stripe.com/v3/buy-button-app.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 21:13:46 GMT content-encoding gzip via 1.1 e89d95d090c0c86ecc7b8930e434625c.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 1324 x-amz-cf-pop IAD89-C3 x-cache Hit from cloudfront last-modified Thu, 04 Jan 2024 21:09:54 GMT server Cloudfront etag W/"8b4a096f8bbce0c4bd22255a755b0178" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id oBXVjmGU9LD7GUeH_y37j0qBUUq6aWHfkkXH353jC4WJkz_UyUzp4g==
GET H2	200	sentry-react-ba64ba0a4100c796881f980234474b48.js Show response js.stripe.com/v3/fingerprinted/js/ Frame A08C	30 KB 10 KB	59ms 59ms	Script text/javascript	52.85.151.41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/sentry-react-ba64ba0a4100c796881f980234474b48.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/buy-button-app-ffa3d7b059451a0a3d2708ab83f73dc0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.151.41 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-151-41.iad89.r.cloudfront.net Software Cloudfront / Resource Hash 9adf648f1cebe9bd2a677421cecff6ee553e53046058649a9aed34ee17bd77b8 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://js.stripe.com/v3/buy-button-app.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 21:06:15 GMT content-encoding gzip via 1.1 e89d95d090c0c86ecc7b8930e434625c.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 1776 x-amz-cf-pop IAD89-C3 x-cache Hit from cloudfront last-modified Thu, 04 Jan 2024 21:09:59 GMT server Cloudfront etag W/"d654326ccc8838be038037a57b3c2b14" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id TewB3SuC2QqE8Ws_5FBQ9vWnXrsUJtFOGlpkeI0nX79RLl6Jg0P2XA==
GET H2	200	m-outer-3437aaddcdf6922d623e172c2d6f9278.html Show response js.stripe.com/v3/ Frame 968C	200 B 1 KB	55ms 55ms	Document text/html	52.85.151.41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/stripe-ad7b726d891ac69bc8cdd6b21194c9be.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.151.41 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-151-41.iad89.r.cloudfront.net Software Cloudfront / Resource Hash 35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/v3/buy-button-app.html Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 934 cache-control max-age=31536000 content-length 200 content-security-policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Sun, 14 Jan 2024 21:20:17 GMT etag "3437aaddcdf6922d623e172c2d6f9278" last-modified Thu, 04 Jan 2024 21:10:00 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 e89d95d090c0c86ecc7b8930e434625c.cloudfront.net (CloudFront) x-amz-cf-id Su4uZzcXBRmwpeXh4CuMuuS1iSBYdts0iQltPhBxbDeIyjBEKmzkeQ== x-amz-cf-pop IAD89-C3 x-cache Hit from cloudfront x-content-type-options nosniff
GET H2	200	buy_btn_1Nxv9KDc74k83P8ct24ZePVi Show response merchant-ui-api.stripe.com/buy-button/ Frame A08C	2 KB 2 KB	450ms 289ms	Fetch application/json	198.137.150.141 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://merchant-ui-api.stripe.com/buy-button/buy_btn_1Nxv9KDc74k83P8ct24ZePVi?key=pk_live_51NxXzgDc74k83P8cSCYTMPqbu0bsMFRDuoNSz9EqdiEoXzfs0rAKZmaOiCg1UkaBqY2CYhCCynPlaxPH1dFqswMc00YoW9IjIr Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/buy-button-app-ffa3d7b059451a0a3d2708ab83f73dc0.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.137.150.141 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash cec41804fcd24525ef6db83b695397488ae682751bd7e4dc09aed3df397fa608 Security Headers Name Value Content-Security-Policy report-uri https://q.stripe.com/csp-report?p=buy-button%2F%3Abuy_button_id; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self' Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Accept application/json Referer https://js.stripe.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Sun, 14 Jan 2024 21:35:50 GMT content-security-policy report-uri https://q.stripe.com/csp-report?p=buy-button%2F%3Abuy_button_id; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self' strict-transport-security max-age=63072000; includeSubDomains; preload cross-origin-resource-policy same-site content-length 1565 pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx access-control-max-age 300 access-control-allow-methods GET content-type application/json; charset=UTF-8 access-control-allow-origin * cache-control max-age=0, no-cache, no-store, must-revalidate vary Origin access-control-allow-headers x-stripe-csrf-token cross-origin-opener-policy-report-only same-origin; report-to=https://q.stripe.com/coop-report expires 0
POST H2	200	/ errors.stripe.com/api/1028/envelope/ Frame A08C	2 B 0	255ms 129ms	Fetch application/json	198.137.150.91 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://errors.stripe.com/api/1028/envelope/?sentry_key=1078669686944563a3fb3f5e043cd09b&sentry_version=7 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/8433-72e9ba6fe5d4f9d3d8ee8d05b6d8ad97.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.137.150.91 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Content-Security-Policy default-src: none; base-uri: none; form-action: none; frame-ancestors: none; img-src: none; script-src: none; style-src: none; Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://js.stripe.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sun, 14 Jan 2024 21:35:50 GMT content-security-policy default-src: none; base-uri: none; form-action: none; frame-ancestors: none; img-src: none; script-src: none; style-src: none; strict-transport-security max-age=63072000; includeSubDomains; preload content-length 2 pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 300 access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE content-type application/json access-control-allow-origin * access-control-expose-headers Request-Id, Stripe-Manage-Version, Stripe-Should-Retry, X-Stripe-External-Auth-Required, X-Stripe-Privileged-Session-Required, retry-after, x-sentry-error, x-sentry-rate-limits cache-control max-age=0, no-cache, no-store, must-revalidate vary Origin, Origin expires 0
GET H2	200	m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 968C	526 B 1 KB	57ms 55ms	Script text/javascript	52.85.151.41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.151.41 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-151-41.iad89.r.cloudfront.net Software Cloudfront / Resource Hash ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 20:56:23 GMT via 1.1 e89d95d090c0c86ecc7b8930e434625c.cloudfront.net (CloudFront) x-content-type-options nosniff strict-transport-security max-age=31556926; includeSubDomains; preload age 2368 x-amz-cf-pop IAD89-C3 x-cache Hit from cloudfront content-length 526 last-modified Fri, 22 Dec 2023 21:08:16 GMT server Cloudfront etag "d96c709017743c0759cf3853d1806ba5" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin * x-amz-cf-id VgXFvMqDRf16gu7XEW0mIJxDFG_Nw3hgOSxwA1iYvCpbyQq4H0nL8g==
POST H2	200	csp-report q.stripe.com/ Frame 968C	0 715 B	116ms 113ms	Other text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: www.weco.org.br URL: https://www.weco.org.br/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Content-Type application/csp-report Response headers date Sun, 14 Jan 2024 21:35:50 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1705268150519720 x-envoy-upstream-service-time 3 content-length 0 x-stripe-bg-intended-route-color blue pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 1 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1705268150518907 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
POST H2	200	csp-report q.stripe.com/ Frame 968C	0 716 B	117ms 115ms	Other text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: www.weco.org.br URL: https://www.weco.org.br/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Content-Type application/csp-report Response headers date Sun, 14 Jan 2024 21:35:50 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1705268150519581 x-envoy-upstream-service-time 2 content-length 0 x-stripe-bg-intended-route-color blue pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 0 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1705268150518959 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
GET H2	200	inner-preview.html Show response m.stripe.network/ Frame 04C5	930 B 2 KB	246ms 63ms	Document text/html	2600:9000:250a:ec00:19:7d10:bd80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/inner-preview.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:250a:ec00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Cloudfront / Resource Hash 947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1 Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes age 177 cache-control max-age=300, public content-length 930 content-security-policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Sun, 14 Jan 2024 21:33:00 GMT etag "06bfcd88af438673a8bf9b845a11aa6e" last-modified Fri, 30 Jun 2023 14:32:28 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload vary Accept-Encoding, Origin via 1.1 68a3b1d5c75429221abc685a453afb60.cloudfront.net (CloudFront) x-amz-cf-id 39i5EBEEQd5FiWG_xjkuFUYy5VFI3rPvkyM-FwuSjue7797w_IHEqw== x-amz-cf-pop IAD12-P3 x-cache Hit from cloudfront x-content-type-options nosniff
GET H2	200	bb-intl-locale-bundle-pt-BR-d7a66676a9ff1dbf29a1d4f5c36d50f2.js Show response js.stripe.com/v3/fingerprinted/js/ Frame A08C	2 KB 1 KB	64ms 64ms	Script text/javascript	52.85.151.41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/bb-intl-locale-bundle-pt-BR-d7a66676a9ff1dbf29a1d4f5c36d50f2.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/buy-button-app-ffa3d7b059451a0a3d2708ab83f73dc0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.151.41 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-151-41.iad89.r.cloudfront.net Software Cloudfront / Resource Hash 6dfb82cd91c06c3c1c216ccb09b361d0192e099a2d3c1be9a7cc3a0601b838ce Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://js.stripe.com/v3/buy-button-app.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 20:53:28 GMT content-encoding br via 1.1 e89d95d090c0c86ecc7b8930e434625c.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 2543 x-amz-cf-pop IAD89-C3 x-cache Hit from cloudfront last-modified Thu, 04 Jan 2024 21:09:55 GMT server Cloudfront etag W/"81156558cbffcd0af8eeada60a6dac68" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id 8XqxoZt7SUDHWORfuzVn6-3TXRwdui3RHrKWceBD579grPwV0fvoWg==
POST H2	200	csp-report q.stripe.com/ Frame 04C5	0 490 B	116ms 115ms	Other text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: www.weco.org.br URL: https://www.weco.org.br/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Content-Type application/csp-report Response headers date Sun, 14 Jan 2024 21:35:50 GMT strict-transport-security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1705268150959575 x-envoy-upstream-service-time 5 content-length 0 x-stripe-bg-intended-route-color blue pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin x-stripe-server-envoy-upstream-service-time-ms 2 x-stripe-client-envoy-start-time-us 1705268150959059 cache-control max-age=0, no-cache, no-store, must-revalidate x-robots-tag none expires 0
GET H2	200	out-4.5.43.js Show response m.stripe.network/ Frame 04C5	87 KB 16 KB	73ms 73ms	Script text/javascript	2600:9000:250a:ec00:19:7d10:bd80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/out-4.5.43.js Requested by Host: m.stripe.network URL: https://m.stripe.network/inner-preview.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:250a:ec00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Cloudfront / Resource Hash e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://m.stripe.network/inner-preview.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 21:34:34 GMT content-encoding gzip via 1.1 68a3b1d5c75429221abc685a453afb60.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload last-modified Fri, 30 Jun 2023 14:32:28 GMT server Cloudfront age 77 x-content-type-options nosniff etag W/"69cb7809b5011312e716f29b3d19dce6" x-amz-cf-pop IAD12-P3 vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type text/javascript; charset=utf-8 cache-control max-age=300, public x-amz-cf-id RWvRepWWD7Uje_OpPdaBj-de33rPUJJ5Lu0vrFtOA1p85BrB-WlFZg==
POST H2	200	b Show response r.stripe.com/ Frame A08C	0 271 B	135ms 123ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/b Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/8433-72e9ba6fe5d4f9d3d8ee8d05b6d8ad97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sun, 14 Jan 2024 21:35:51 GMT x-stripe-server-envoy-start-time-us 1705268151001378 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 6 x-stripe-client-envoy-start-time-us 1705268151001067 access-control-allow-credentials true content-length 0
POST H2	200	6 Show response m.stripe.com/ Frame 04C5	156 B 668 B	347ms 116ms	XHR application/json	44.238.119.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.com/6 Requested by Host: m.stripe.network URL: https://m.stripe.network/out-4.5.43.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.238.119.32 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-238-119-32.us-west-2.compute.amazonaws.com Software nginx / Resource Hash 3d220eeb5e922d40f280630cb9424c1708769d58b8ba94ba0603d752e657b085 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-stripe-bg-intended-route-color blue date Sun, 14 Jan 2024 21:35:51 GMT strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1705268151459077 server nginx content-type application/json;charset=utf-8 x-stripe-server-envoy-upstream-service-time-ms 2 access-control-allow-origin https://m.stripe.network x-stripe-client-envoy-start-time-us 1705268151458914 access-control-allow-credentials true access-control-allow-headers Content-Type content-length 156
POST H2	200	b Show response r.stripe.com/ Frame A08C	0 271 B	121ms 121ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/b Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/8433-72e9ba6fe5d4f9d3d8ee8d05b6d8ad97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sun, 14 Jan 2024 21:35:52 GMT x-stripe-server-envoy-start-time-us 1705268152206719 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 9 x-stripe-client-envoy-start-time-us 1705268152206431 access-control-allow-credentials true content-length 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

js.stripe.com

URL

https://js.stripe.com/v3/buy-button-app.html

Domain

js.stripe.com

URL

https://js.stripe.com/v3/buy-button-app.html

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.weco.org.br/	1970-01-20 17:51:12	Name: PHPSESSID Value: 05kpqb4kqf2gkjmrd64uk53og0
			.weco.org.br/	1970-01-21 03:17:08	Name: _ga Value: GA1.1.353056255.1705268150
			.weco.org.br/	1970-01-21 03:17:08	Name: _ga_SXRNZKLNT3 Value: GS1.1.1705268150.1.0.1705268150.0.0.0
			m.stripe.com/	1970-01-21 03:17:08	Name: m Value: 2f65385a-a119-48e7-bda5-2260aefffaecda8957

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://js.stripe.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".