urlscan.io logo urlscan.io
SecurityTrails logo

bancocarrefour.wecare.app.br Open in urlscan Pro
3.232.242.170  Public Scan

Go To Rescan Add Verdict Report
URL: https://bancocarrefour.wecare.app.br/
Submission Tags: demotag1 demotag2 Search All
Submission: On December 12 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 5 countries across 13 domains to perform 29 HTTP transactions. The main IP is 3.232.242.170, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is bancocarrefour.wecare.app.br.
TLS certificate: Issued by R3 on November 30th 2021. Valid for: 3 months.
This is the only time bancocarrefour.wecare.app.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

4    3.232.242.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-242-170.compute-1.amazonaws.com
bancocarrefour.wecare.app.br
4    34.242.125.171 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-125-171.eu-west-1.compute.amazonaws.com
reports-api.sqreen.io
2    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    54.144.30.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-30-232.compute-1.amazonaws.com
chat.movidesk.com
1    52.219.108.218 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.us-east-2.amazonaws.com
wecare-production.s3.us-east-2.amazonaws.com
1    52.218.120.64 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com
s3-eu-west-1.amazonaws.com
3    2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
3    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    18.66.122.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-45.fra60.r.cloudfront.net
cdn.app.movidesk.com
1    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    54.231.198.104 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
Domain Requested by
4 reports-api.sqreen.io bancocarrefour.wecare.app.br
4 bancocarrefour.wecare.app.br 1 redirects bancocarrefour.wecare.app.br
3 cdn.app.movidesk.com code.jquery.com
bancocarrefour.wecare.app.br
3 fonts.gstatic.com fonts.googleapis.com
3 unpkg.com 2 redirects bancocarrefour.wecare.app.br
3 chat.movidesk.com bancocarrefour.wecare.app.br
code.jquery.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com bancocarrefour.wecare.app.br
1 s3.amazonaws.com bancocarrefour.wecare.app.br
1 www.google.com bancocarrefour.wecare.app.br
1 stats.g.doubleclick.net www.google-analytics.com
1 code.jquery.com chat.movidesk.com
1 fonts.googleapis.com bancocarrefour.wecare.app.br
1 s3-eu-west-1.amazonaws.com bancocarrefour.wecare.app.br
1 wecare-production.s3.us-east-2.amazonaws.com bancocarrefour.wecare.app.br
0 www.google.de Failed bancocarrefour.wecare.app.br
29 16

This site contains links to these domains. Also see Links.

Domain
www.sejawecare.com.br
facebook.com
instagram.com
www.sqreen.com
Subject Issuer Validity Valid
bancocarrefour.wecare.app.br
R3		 2021-11-30 -
2022-02-28		 3 months crt.sh
reports-api.sqreen.com
Amazon		 2021-11-16 -
2022-12-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
movidesk.com
Amazon		 2021-04-28 -
2022-05-27		 a year crt.sh
*.s3-eu-west-1.amazonaws.com
Amazon		 2021-03-26 -
2022-03-08		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-06-23 -
2022-07-24		 a year crt.sh

This page contains 3 frames:

Primary Page: https://bancocarrefour.wecare.app.br/
Frame ID: 946380DFAA02124747185C14850B3688
Requests: 27 HTTP requests in this frame

Frame: https://reports-api.sqreen.io/browser/v0/csp-violations/csp_f9d9fc25f1cd26a5921fc3b47b9e7683
Frame ID: 1A42344A210FA25B6ED444B958BB3B94
Requests: 1 HTTP requests in this frame

Frame: https://reports-api.sqreen.io/browser/v0/csp-violations/csp_f9d9fc25f1cd26a5921fc3b47b9e7683
Frame ID: 06BBE641DAC564CE5F90018F40351199
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

WeCareicone_chat copy 9icone_chat

Page Statistics

29
Requests

90 %
HTTPS

53 %
IPv6

13
Domains

16
Subdomains

16
IPs

5
Countries

362 kB
Transfer

1145 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://bancocarrefour.wecare.app.br/rails/active_storage/blobs/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBcjFSIiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--1d3d772e0d5c4f5279263d70bcf019f54d47f473/crf_banco_logo_horizontal_colour_cmyk%20(1).png HTTP 302
  • https://wecare-production.s3.us-east-2.amazonaws.com/nhr9ufzn49sb9zx062gbpfgz958d?response-content-disposition=inline%3B%20filename%3D%22crf_banco_logo_horizontal_colour_cmyk%20%25281%2529.png%22%3B%20filename%2A%3DUTF-8%27%27crf_banco_logo_horizontal_colour_cmyk%2520%25281%2529.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIA26ZKFK6VFZCKHFG5%2F20211212%2Fus-east-2%2Fs3%2Faws4_request&X-Amz-Date=20211212T193648Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=9eb1a447dd0a90395c9339b9328f9214d36d00bb653b29d9b007136df32812fa
Request Chain 7
  • https://unpkg.com/feather-icons HTTP 302
  • https://unpkg.com/feather-icons@4.28.0 HTTP 302
  • https://unpkg.com/feather-icons@4.28.0/dist/feather.min.js

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bancocarrefour.wecare.app.br/ 		8 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bancocarrefour.wecare.app.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.232.242.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-242-170.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
d4160a445695530c06eaf8673c45764658e8b738d8c241458a3510d3a35da881
Security Headers
Name Value
Content-Security-Policy child-src 'self'; connect-src 'self' http://*.jsdelivr.net http://localhost:3035 https://*.amazonaws.com https://*.fontawesome.com https://*.g.doubleclick.net https://*.google-analytics.com https://*.jsdelivr.net https://*.microsoftonline.com https://*.movidesk.com https://*.scoutapp.com https://*.simpleanalyticscdn.com https://*.tawk.to https://*.wecare.app.br https://*.wecarecorp.com.br https://localhost:3035 ws://localhost:3035 wss://*.movidesk.com wss://*.tawk.to wss://*.wecare.app.br wss://*.wecarecorp.com.br wss://localhost:3035; default-src 'self'; font-src 'self' data: https://*.fontawesome.com https://*.gstatic.com https://*.movidesk.com https://*.tawk.to https://*.typekit.net wss://*.movidesk.com wss://*.tawk.to; frame-src 'self' http://*.googletagmanager.com http://localhost:3000 https://*.google.com https://*.googletagmanager.com https://*.herokucdn.com https://*.movidesk.com https://*.scoutapp.com https://*.tawk.to https://*.typeform.com https://*.wecare.app.br https://*.youtube.com https://form.typeform.com https://localhost:3000 wss://*.movidesk.com wss://*.tawk.to wss://*.wecare.app.br; img-src 'self' data: http://*.googletagmanager.com http://*.jsdelivr.net https://*.amazonaws.com https://*.app.movidesk.com https://*.giphy.com https://*.google-analytics.com https://*.google.com https://*.google.com.br https://*.googletagmanager.com https://*.gstatic.com https://*.jsdelivr.net https://*.microsoft.com https://*.movidesk.com https://*.s3.us-east-2.amazonaws.com https://*.scoutapp.com https://*.simpleanalyticscdn.com https://*.tawk.to https://*.wecare.app.br https://*.wecarecorp.com.br https://*.zscloud.net https://blob: https://dummyimage.com https://scoutapm.com wss://*.movidesk.com wss://*.tawk.to wss://*.wecare.app.br wss://*.wecarecorp.com.br; manifest-src 'self'; media-src 'self' https://*.tawk.to wss://*.tawk.to; object-src 'self'; script-src 'self' 'unsafe-inline' eval: http://*.googletagmanager.com http://*.jquery.com http://*.jsdelivr.net https://*.fontawesome.com https://*.google-analytics.com https://*.googleapis.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com https://*.jsdelivr.net https://*.movidesk.com https://*.scoutapm.com https://*.scoutapp.com https://*.simpleanalyticscdn.com https://*.tawk.to https://*.typeform.com https://*.zscloud.net https://scoutapm.com https://unpkg.com wss://*.movidesk.com wss://*.tawk.to; style-src 'self' 'unsafe-inline' http://*.jsdelivr.net https://*.fontawesome.com https://*.googleapis.com https://*.gstatic.com https://*.jsdelivr.net https://*.movidesk.com https://*.scoutapm.com https://*.scoutapp.com https://*.zscloud.net https://scoutapm.com wss://*.movidesk.com; worker-src 'self'; prefetch-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_f9d9fc25f1cd26a5921fc3b47b9e7683; frame-ancestors http://localhost:3000 https://*.typeform.com https://*.wecare.app.br https://form.typeform.com https://form.typeform.com/ https://localhost:3000 wss://*.wecare.app.br
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
Cowboy
Date
Sun, 12 Dec 2021 19:36:46 GMT
Connection
keep-alive
X-Frame-Options
SAMEORIGIN
X-Xss-Protection
1
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Permitted-Cross-Domain-Policies
none
Referrer-Policy
strict-origin-when-cross-origin
Content-Type
text/html; charset=utf-8
Etag
W/"d4160a445695530c06eaf8673c457646"
Cache-Control
max-age=0, private, must-revalidate
X-Request-Id
3d250fb8-e752-425a-8afa-9c16f2cbbe5e
X-Protected-By
Sqreen
Content-Security-Policy
child-src 'self'; connect-src 'self' http://*.jsdelivr.net http://localhost:3035 https://*.amazonaws.com https://*.fontawesome.com https://*.g.doubleclick.net https://*.google-analytics.com https://*.jsdelivr.net https://*.microsoftonline.com https://*.movidesk.com https://*.scoutapp.com https://*.simpleanalyticscdn.com https://*.tawk.to https://*.wecare.app.br https://*.wecarecorp.com.br https://localhost:3035 ws://localhost:3035 wss://*.movidesk.com wss://*.tawk.to wss://*.wecare.app.br wss://*.wecarecorp.com.br wss://localhost:3035; default-src 'self'; font-src 'self' data: https://*.fontawesome.com https://*.gstatic.com https://*.movidesk.com https://*.tawk.to https://*.typekit.net wss://*.movidesk.com wss://*.tawk.to; frame-src 'self' http://*.googletagmanager.com http://localhost:3000 https://*.google.com https://*.googletagmanager.com https://*.herokucdn.com https://*.movidesk.com https://*.scoutapp.com https://*.tawk.to https://*.typeform.com https://*.wecare.app.br https://*.youtube.com https://form.typeform.com https://localhost:3000 wss://*.movidesk.com wss://*.tawk.to wss://*.wecare.app.br; img-src 'self' data: http://*.googletagmanager.com http://*.jsdelivr.net https://*.amazonaws.com https://*.app.movidesk.com https://*.giphy.com https://*.google-analytics.com https://*.google.com https://*.google.com.br https://*.googletagmanager.com https://*.gstatic.com https://*.jsdelivr.net https://*.microsoft.com https://*.movidesk.com https://*.s3.us-east-2.amazonaws.com https://*.scoutapp.com https://*.simpleanalyticscdn.com https://*.tawk.to https://*.wecare.app.br https://*.wecarecorp.com.br https://*.zscloud.net https://blob: https://dummyimage.com https://scoutapm.com wss://*.movidesk.com wss://*.tawk.to wss://*.wecare.app.br wss://*.wecarecorp.com.br; manifest-src 'self'; media-src 'self' https://*.tawk.to wss://*.tawk.to; object-src 'self'; script-src 'self' 'unsafe-inline' eval: http://*.googletagmanager.com http://*.jquery.com http://*.jsdelivr.net https://*.fontawesome.com https://*.google-analytics.com https://*.googleapis.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com https://*.jsdelivr.net https://*.movidesk.com https://*.scoutapm.com https://*.scoutapp.com https://*.simpleanalyticscdn.com https://*.tawk.to https://*.typeform.com https://*.zscloud.net https://scoutapm.com https://unpkg.com wss://*.movidesk.com wss://*.tawk.to; style-src 'self' 'unsafe-inline' http://*.jsdelivr.net https://*.fontawesome.com https://*.googleapis.com https://*.gstatic.com https://*.jsdelivr.net https://*.movidesk.com https://*.scoutapm.com https://*.scoutapp.com https://*.zscloud.net https://scoutapm.com wss://*.movidesk.com; worker-src 'self'; prefetch-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_f9d9fc25f1cd26a5921fc3b47b9e7683; frame-ancestors http://localhost:3000 https://*.typeform.com https://*.wecare.app.br https://form.typeform.com https://form.typeform.com/ https://localhost:3000 wss://*.wecare.app.br
X-Runtime
0.050722
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Origin
Transfer-Encoding
chunked
Via
1.1 vegur
csp_f9d9fc25f1cd26a5921fc3b47b9e7683
reports-api.sqreen.io/browser/v0/csp-violations/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://reports-api.sqreen.io/browser/v0/csp-violations/csp_f9d9fc25f1cd26a5921fc3b47b9e7683
Requested by
Host: bancocarrefour.wecare.app.br
URL: https://bancocarrefour.wecare.app.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.125.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-125-171.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bancocarrefour.wecare.app.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/csp-report

Response headers
application-a35abd0f8ffbe9f11965ab9273813b5f9dd588b26cd4c67762aad35c3ef5816d.css
bancocarrefour.wecare.app.br/assets/ 		418 KB
71 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bancocarrefour.wecare.app.br/assets/application-a35abd0f8ffbe9f11965ab9273813b5f9dd588b26cd4c67762aad35c3ef5816d.css
Requested by
Host: bancocarrefour.wecare.app.br
URL: https://bancocarrefour.wecare.app.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.232.242.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-242-170.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
da3ec83ba88b926645f4d396ffaaf3bd0c0331c5cc7ad91e24df3d66f213ed99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bancocarrefour.wecare.app.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 12 Dec 2021 19:36:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Dec 2021 23:59:58 GMT
Server
Cowboy
Vary
Accept-Encoding, Origin
Content-Type
text/css
Via
1.1 vegur
Connection
keep-alive
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Length
72745
devise-7eb13b5f7f6d2bf4c47220b05ee830f9a2d9428078c8ae74e07bb6e49e3825ca.js
bancocarrefour.wecare.app.br/assets/ 		254 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bancocarrefour.wecare.app.br/assets/devise-7eb13b5f7f6d2bf4c47220b05ee830f9a2d9428078c8ae74e07bb6e49e3825ca.js
Requested by
Host: bancocarrefour.wecare.app.br
URL: https://bancocarrefour.wecare.app.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.232.242.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-242-170.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
3e0715cf34e9b2a2b03631f1d54d5596ac2629fc42f7f491bbc35888e713404f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bancocarrefour.wecare.app.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 12 Dec 2021 19:36:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 26 Oct 2021 15:21:32 GMT
Server
Cowboy
Vary
Accept-Encoding, Origin
Content-Type
application/javascript
Via
1.1 vegur
Connection
keep-alive
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Length
71606
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-88178856-1
Requested by
Host: bancocarrefour.wecare.app.br
URL: https://bancocarrefour.wecare.app.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0840156a6dbed83896f0bd48017bf1a892f5a4cd53d634f0cf49b7588e6df998
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bancocarrefour.wecare.app.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 19:36:48 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36251
x-xss-protection
0
last-modified
Sun, 12 Dec 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 12 Dec 2021 19:36:48 GMT
chat-widget.min.js
chat.movidesk.com/Scripts/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chat.movidesk.com/Scripts/chat-widget.min.js
Requested by
Host: bancocarrefour.wecare.app.br
URL: https://bancocarrefour.wecare.app.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.30.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-30-232.compute-1.amazonaws.com
Software
/
Resource Hash
86698478457ef45efdce307bb1221ad34bd3427d96311b20f94e1fc34769bddc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bancocarrefour.wecare.app.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 19:36:48 GMT
content-encoding
gzip
last-modified
Thu, 30 Sep 2021 01:09:06 GMT
server
etag
"0e5c6c397b5d71:0"
vary
Accept-Encoding
p3p
CP = "IDC DSP COR ADM Devi Taii PSA PSD Ivaí IVDi CONi HIS OUR IND CNT"
x-stackifyid
V1|7f9695a1-d9ac-45e1-89fa-cfd04471424f|C63188|CD1|
cache-control
private, max-age=28800
accept-ranges
bytes
content-type
application/javascript
content-length
4321
nhr9ufzn49sb9zx062gbpfgz958d
wecare-production.s3.us-east-2.amazonaws.com/
Redirect Chain
  • https://bancocarrefour.wecare.app.br/rails/active_storage/blobs/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBcjFSIiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--1d3d772e0d5c4f5279263d70bcf019f54d47f473/crf_banco_...
  • https://wecare-production.s3.us-east-2.amazonaws.com/nhr9ufzn49sb9zx062gbpfgz958d?response-content-disposition=inline%3B%20filename%3D%22crf_banco_logo_horizontal_colour_cmyk%20%25281%2529.png%22%3...
16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wecare-production.s3.us-east-2.amazonaws.com/nhr9ufzn49sb9zx062gbpfgz958d?response-content-disposition=inline%3B%20filename%3D%22crf_banco_logo_horizontal_colour_cmyk%20%25281%2529.png%22%3B%20filename%2A%3DUTF-8%27%27crf_banco_logo_horizontal_colour_cmyk%2520%25281%2529.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIA26ZKFK6VFZCKHFG5%2F20211212%2Fus-east-2%2Fs3%2Faws4_request&X-Amz-Date=20211212T193648Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=9eb1a447dd0a90395c9339b9328f9214d36d00bb653b29d9b007136df32812fa
Requested by
Host: bancocarrefour.wecare.app.br
URL: https://bancocarrefour.wecare.app.br/
Protocol
HTTP/1.1
Server
52.219.108.218 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.us-east-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
b3f790a59525e90181f719a35eacbadb57d20e5beb3d5a77550cc671156d0f1f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bancocarrefour.wecare.app.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 12 Dec 2021 19:36:49 GMT
Last-Modified
Tue, 21 Sep 2021 13:55:59 GMT
Server
AmazonS3
x-amz-request-id
5B44YSP3G67925K8
ETag
"2992b4662db7665342a77e4f244b082b"
x-amz-version-id
O4dGJ9.ITuOcn9r4152GDoaqECqX2azZ
Content-Disposition
inline; filename="crf_banco_logo_horizontal_colour_cmyk %281%29.png"; filename*=UTF-8''crf_banco_logo_horizontal_colour_cmyk%20%281%29.png
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
16401
x-amz-id-2
lzG4S8MmFwRNpPu8BXmR1MBf90RE/pZG8NiC3Q86beXnzu2PzwAPc/sw7v88wZhkup7eHF4DSLM=

Redirect headers

Date
Sun, 12 Dec 2021 19:36:48 GMT
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
X-Protected-By
Sqreen
Connection
keep-alive
Vary
Origin
X-Xss-Protection
1
X-Request-Id
56ce70e3-a690-4533-9a04-30d8de43181a
X-Runtime
0.023000
Referrer-Policy
strict-origin-when-cross-origin
Server
Cowboy
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/html; charset=utf-8
Location
https://wecare-production.s3.us-east-2.amazonaws.com/nhr9ufzn49sb9zx062gbpfgz958d?response-content-disposition=inline%3B%20filename%3D%22crf_banco_logo_horizontal_colour_cmyk%20%25281%2529.png%22%3B%20filename%2A%3DUTF-8%27%27crf_banco_logo_horizontal_colour_cmyk%2520%25281%2529.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIA26ZKFK6VFZCKHFG5%2F20211212%2Fus-east-2%2Fs3%2Faws4_request&X-Amz-Date=20211212T193648Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=9eb1a447dd0a90395c9339b9328f9214d36d00bb653b29d9b007136df32812fa
Cache-Control
max-age=300, private
Content-Security-Policy
child-src 'self'; connect-src 'self' http://*.jsdelivr.net http://localhost:3035 https://*.amazonaws.com https://*.fontawesome.com https://*.g.doubleclick.net https://*.google-analytics.com https://*.jsdelivr.net https://*.microsoftonline.com https://*.movidesk.com https://*.scoutapp.com https://*.simpleanalyticscdn.com https://*.tawk.to https://*.wecare.app.br https://*.wecarecorp.com.br https://localhost:3035 ws://localhost:3035 wss://*.movidesk.com wss://*.tawk.to wss://*.wecare.app.br wss://*.wecarecorp.com.br wss://localhost:3035; default-src 'self'; font-src 'self' data: https://*.fontawesome.com https://*.gstatic.com https://*.movidesk.com https://*.tawk.to https://*.typekit.net wss://*.movidesk.com wss://*.tawk.to; frame-src 'self' http://*.googletagmanager.com http://localhost:3000 https://*.google.com https://*.googletagmanager.com https://*.herokucdn.com https://*.movidesk.com https://*.scoutapp.com https://*.tawk.to https://*.typeform.com https://*.wecare.app.br https://*.youtube.com https://form.typeform.com https://localhost:3000 wss://*.movidesk.com wss://*.tawk.to wss://*.wecare.app.br; img-src 'self' data: http://*.googletagmanager.com http://*.jsdelivr.net https://*.amazonaws.com https://*.app.movidesk.com https://*.giphy.com https://*.google-analytics.com https://*.google.com https://*.google.com.br https://*.googletagmanager.com https://*.gstatic.com https://*.jsdelivr.net https://*.microsoft.com https://*.movidesk.com https://*.s3.us-east-2.amazonaws.com https://*.scoutapp.com https://*.simpleanalyticscdn.com https://*.tawk.to https://*.wecare.app.br https://*.wecarecorp.com.br https://*.zscloud.net https://blob: https://dummyimage.com https://scoutapm.com wss://*.movidesk.com wss://*.tawk.to wss://*.wecare.app.br wss://*.wecarecorp.com.br; manifest-src 'self'; media-src 'self' https://*.tawk.to wss://*.tawk.to; object-src 'self'; script-src 'self' 'unsafe-inline' eval: http://*.googletagmanager.com http://*.jquery.com http://*.jsdelivr.net https://*.fontawesome.com https://*.google-analytics.com https://*.googleapis.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com https://*.jsdelivr.net https://*.movidesk.com https://*.scoutapm.com https://*.scoutapp.com https://*.simpleanalyticscdn.com https://*.tawk.to https://*.typeform.com https://*.zscloud.net https://scoutapm.com https://unpkg.com wss://*.movidesk.com wss://*.tawk.to; style-src 'self' 'unsafe-inline' http://*.jsdelivr.net https://*.fontawesome.com https://*.googleapis.com https://*.gstatic.com https://*.jsdelivr.net https://*.movidesk.com https://*.scoutapm.com https://*.scoutapp.com https://*.zscloud.net https://scoutapm.com wss://*.movidesk.com; worker-src 'self'; prefetch-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_f9d9fc25f1cd26a5921fc3b47b9e7683; frame-ancestors http://localhost:3000 https://*.typeform.com https://*.wecare.app.br https://form.typeform.com https://form.typeform.com/ https://localhost:3000 wss://*.wecare.app.br
sqreen-light-badge.svg
s3-eu-west-1.amazonaws.com/sqreen-assets/badges/20171107/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-eu-west-1.amazonaws.com/sqreen-assets/badges/20171107/sqreen-light-badge.svg
Requested by
Host: bancocarrefour.wecare.app.br
URL: https://bancocarrefour.wecare.app.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.120.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
7dcf4dbd2ec98aac130fc6028affd9c50e57653e5222bfadaa2d4a49979c7405

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bancocarrefour.wecare.app.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 12 Dec 2021 19:36:49 GMT
Last-Modified
Thu, 09 Nov 2017 09:40:30 GMT
Server
AmazonS3
x-amz-request-id
5B48YB4ECT5Q8RQQ
ETag
"eb0d746201ffc3d99ac3c88020540f6d"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
4496
x-amz-id-2
O73KRbK8rTsWFanm7UEYWvL8l0iumwisntLhhi2HIH4FKmbG+d6isbTmvneheYOxWaZ9qH/9iTI=
feather.min.js
unpkg.com/feather-icons@4.28.0/dist/
Redirect Chain
  • https://unpkg.com/feather-icons
  • https://unpkg.com/feather-icons@4.28.0
  • https://unpkg.com/feather-icons@4.28.0/dist/feather.min.js
74 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/feather-icons@4.28.0/dist/feather.min.js
Requested by
Host: bancocarrefour.wecare.app.br
URL: https://bancocarrefour.wecare.app.br/
Protocol
H2
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dfcdd882f92d647a26beb3d974ef2ef27b96bcef8b01abaef32b8bbb2d38ef9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bancocarrefour.wecare.app.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 19:36:48 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
2209532
fly-request-id
01FMP761VCTFKYP82WKDSDZJC5
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"12803-VGvmKj49iNws8jK+EoeSCbRlrvE"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6bc96758294342fd-FRA

Redirect headers

date
Sun, 12 Dec 2021 19:36:48 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01FK4T2WPTDYRZ45JHTM0JV3K0
server
cloudflare
age
3867435
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/feather-icons@4.28.0/dist/feather.min.js
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6bc9675808f442fd-FRA
access-control-allow-origin
*
css2
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap
Requested by
Host: bancocarrefour.wecare.app.br
URL: https://bancocarrefour.wecare.app.br/assets/application-a35abd0f8ffbe9f11965ab9273813b5f9dd588b26cd4c67762aad35c3ef5816d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
44990a4cec1b4b6ab6044f05f2e4946f8a552f7ef15a245892591231ce2f8165
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bancocarrefour.wecare.app.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 12 Dec 2021 19:36:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 12 Dec 2021 19:36:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 12 Dec 2021 19:36:48 GMT
gtm.js
www.googletagmanager.com/ 		73 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W2XS3SB
Requested by
Host: bancocarrefour.wecare.app.br
URL: https://bancocarrefour.wecare.app.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3b356f7de52d5bada636247ec784f35681efdc4c283a458204bda4bdeb583640
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bancocarrefour.wecare.app.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 19:36:48 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29660
x-xss-protection
0
last-modified
Sun, 12 Dec 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 12 Dec 2021 19:36:48 GMT
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: chat.movidesk.com
URL: https://chat.movidesk.com/Scripts/chat-widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bancocarrefour.wecare.app.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 19:36:48 GMT
content-encoding
gzip
last-modified
Tue, 02 Mar 2021 17:27:20 GMT
server
nginx
etag
W/"603e7578-15d9d"
vary
Accept-Encoding
x-hw
1639337808.dop242.am5.t,1639337808.cds241.am5.hn,1639337808.cds007.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bancocarrefour.wecare.app.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 10 Dec 2021 04:07:14 GMT
x-content-type-options
nosniff
age
228574
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7988
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:02:10 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 10 Dec 2022 04:07:14 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bancocarrefour.wecare.app.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 11 Dec 2021 14:28:31 GMT
x-content-type-options
nosniff
age
104897
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7900
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:02:01 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 11 Dec 2022 14:28:31 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bancocarrefour.wecare.app.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 10 Dec 2021 04:20:35 GMT
x-content-type-options
nosniff
age
227773
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7832
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:01:48 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 10 Dec 2022 04:20:35 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-88178856-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bancocarrefour.wecare.app.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
114
date
Sun, 12 Dec 2021 19:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 12 Dec 2021 21:34:54 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=738712107&t=pageview&_s=1&dl=https%3A%2F%2Fbancocarrefour.wecare.app.br%2F&ul=en-us&de=UTF-8&dt=WeCare&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=2063028387&gjid=1947970373&cid=810521838.1639337809&tid=UA-88178856-1&_gid=164927005.1639337809&_r=1&gtm=2ouc10&z=670527930
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bancocarrefour.wecare.app.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 12 Dec 2021 19:36:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bancocarrefour.wecare.app.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-88178856-1&cid=810521838.1639337809&jid=2063028387&gjid=1947970373&_gid=164927005.1639337809&_u=YEBAAUAAAAAAAC~&z=317701944
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bancocarrefour.wecare.app.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 12 Dec 2021 19:36:49 GMT
content-type
text/plain
access-control-allow-origin
https://bancocarrefour.wecare.app.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
chat-widget.min.css
chat.movidesk.com/Content/css/ 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://chat.movidesk.com/Content/css/chat-widget.min.css?v=10
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.30.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-30-232.compute-1.amazonaws.com
Software
/
Resource Hash
63fe8df524ad3ac21462e768a0ee3e804a6a49c2504b9d5e538ef1ef8c707c25

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bancocarrefour.wecare.app.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 19:36:48 GMT
content-encoding
gzip
last-modified
Thu, 19 Aug 2021 22:29:22 GMT
server
etag
"0cd54a84995d71:0"
vary
Accept-Encoding
p3p
CP = "IDC DSP COR ADM Devi Taii PSA PSD Ivaí IVDi CONi HIS OUR IND CNT"
x-stackifyid
V1|2176f4ef-8e52-4b69-935f-90bc0f97e454|C63188|CD1|
accept-ranges
bytes
content-type
text/css
content-length
3028
csp_f9d9fc25f1cd26a5921fc3b47b9e7683
reports-api.sqreen.io/browser/v0/csp-violations/ Frame 1A42 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://reports-api.sqreen.io/browser/v0/csp-violations/csp_f9d9fc25f1cd26a5921fc3b47b9e7683
Requested by
Host: bancocarrefour.wecare.app.br
URL: https://bancocarrefour.wecare.app.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.125.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-125-171.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/csp-report

Response headers
csp_f9d9fc25f1cd26a5921fc3b47b9e7683
reports-api.sqreen.io/browser/v0/csp-violations/ Frame 06BB 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://reports-api.sqreen.io/browser/v0/csp-violations/csp_f9d9fc25f1cd26a5921fc3b47b9e7683
Requested by
Host: bancocarrefour.wecare.app.br
URL: https://bancocarrefour.wecare.app.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.125.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-125-171.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/csp-report

Response headers
icon-collapse.svg
cdn.app.movidesk.com/Content/img/ChatWidgetIcons/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.app.movidesk.com/Content/img/ChatWidgetIcons/icon-collapse.svg
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-45.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a970cb2759096728483c4a1d4706e9bb9f1b7e7013e8aa9f751e7a60b9937fc3

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://bancocarrefour.wecare.app.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 2816426ad1adbedbdd23d4cdf80c2de3.cloudfront.net (CloudFront)
etag
"f0d1a331afbed7ea63930411dc06730c"
x-amz-cf-pop
FRA60-P2
x-cache
Hit from cloudfront
access-control-max-age
3000
content-length
1104
last-modified
Thu, 21 Nov 2019 16:59:53 GMT
server
AmazonS3
date
Sun, 12 Dec 2021 19:36:49 GMT
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
702iCfHZnjme2bK2rCiGu7a6ENwFiV3GFY6qcjjrnl46BARi6FmUcQ==
GetConfig
chat.movidesk.com/ChatWidget/ 		632 B
878 B 		Script
General
Check archive.org
Download Go to
Full URL
https://chat.movidesk.com/ChatWidget/GetConfig?callback=JSONPgetConfigCallback&id=0BF2131A07314DCBAB1C02DAB1213E1B&format=json
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.30.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-30-232.compute-1.amazonaws.com
Software
/
Resource Hash
7b1a1514ab7bcd7f394d1abd8aeab0ded0381ccc954716aa53d977118916934f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bancocarrefour.wecare.app.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 19:36:48 GMT
content-encoding
gzip
server
vary
Accept-Encoding
p3p
CP = "IDC DSP COR ADM Devi Taii PSA PSD Ivaí IVDi CONi HIS OUR IND CNT"
x-stackifyid
V1|f08b8c40-1740-4bdf-86ab-bd16c5d9328a|C63188|CD1|
cache-control
private
content-type
application/javascript; charset=utf-8
content-length
539
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-88178856-1&cid=810521838.1639337809&jid=2063028387&_u=YEBAAUAAAAAAAC~&z=1954740516
Requested by
Host: bancocarrefour.wecare.app.br
URL: https://bancocarrefour.wecare.app.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bancocarrefour.wecare.app.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Dec 2021 19:36:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csp_f9d9fc25f1cd26a5921fc3b47b9e7683
reports-api.sqreen.io/browser/v0/csp-violations/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://reports-api.sqreen.io/browser/v0/csp-violations/csp_f9d9fc25f1cd26a5921fc3b47b9e7683
Requested by
Host: bancocarrefour.wecare.app.br
URL: https://bancocarrefour.wecare.app.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.125.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-125-171.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bancocarrefour.wecare.app.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/csp-report

Response headers
ga-audiences
www.google.de/ads/ 		0
0
chat_widget_background.svg
cdn.app.movidesk.com/Content/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.app.movidesk.com/Content/img/chat_widget_background.svg
Requested by
Host: bancocarrefour.wecare.app.br
URL: https://bancocarrefour.wecare.app.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-45.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c3e75ab38842b99b9d1257b7f00fc85df602ad23c9a9695cdab84dc17c774cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bancocarrefour.wecare.app.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 01:36:06 GMT
via
1.1 1662abbf731d8832e73c83b2467e7f38.cloudfront.net (CloudFront)
last-modified
Fri, 01 Nov 2019 18:31:15 GMT
server
AmazonS3
age
64844
etag
"1724a4cc2d8cc393f0b75f97865f3b8b"
x-cache
Hit from cloudfront
x-amz-version-id
null
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-type
image/svg+xml
content-length
7139
x-amz-cf-id
mVSaRxK5FG8Mj2wtciG2a8Vu-jPmM9GRbu4gCGyDHfHJfw0KRR4uJQ==
icon-smile.svg
cdn.app.movidesk.com/Content/img/ChatWidgetIcons/ 		484 B
951 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.app.movidesk.com/Content/img/ChatWidgetIcons/icon-smile.svg
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-45.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee67ac8a0c106c4eb25b57a5fd1f7ddf39c45124aa75b593c617ad59733e65f5

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://bancocarrefour.wecare.app.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 2816426ad1adbedbdd23d4cdf80c2de3.cloudfront.net (CloudFront)
etag
"e96678b5db9b22ea48a8b68b2f29c210"
x-amz-cf-pop
FRA60-P2
x-cache
RefreshHit from cloudfront
access-control-max-age
3000
content-length
484
last-modified
Tue, 19 Nov 2019 18:04:41 GMT
server
AmazonS3
date
Sun, 12 Dec 2021 19:36:50 GMT
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
alAif0gMNop39CkPHxzk0TfRpogQ9kb9K2-OlGer1f4CBOIrWaCOMg==
27F7BB9A2FCD6BDC49A6A0D628487310
s3.amazonaws.com/movidesk-files/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/movidesk-files/27F7BB9A2FCD6BDC49A6A0D628487310
Requested by
Host: bancocarrefour.wecare.app.br
URL: https://bancocarrefour.wecare.app.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.198.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
5661560c405ff84ef6da6916cf6d2d688c29eae2cab75888e096a83cd216d328

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bancocarrefour.wecare.app.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 12 Dec 2021 19:36:50 GMT
Last-Modified
Sun, 03 Jan 2021 17:14:57 GMT
Server
AmazonS3
x-amz-request-id
SPSFVRPD5CE6R8R2
ETag
"27f7bb9a2fcd6bdc49a6a0d628487310"
x-amz-version-id
BHyedwiagfnUlEf1X3ZIL2iz_gePaMKU
Content-Disposition
attachment; filename = "coracion.png"
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
6788
x-amz-id-2
+cG5ko7LF2t8ozNnkdBIbGk/RkTua84GTkuMLNfq4XQjaDH3ItN9i/CoXiuAX9WsFcuxB4hsnE8=

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-88178856-1&cid=810521838.1639337809&jid=2063028387&_u=YEBAAUAAAAAAAC~&z=1954740516

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| sendLevelData function| companyLevelsChannel function| completionRatePerPrograms function| completionAndParticipationRatePerGoals function| mostCompletedGoals function| goalAssignmentCount function| goalAssignmentPerGoals function| engagedUsers function| goalsDashboardChannel function| loadFeedItem function| feedChannel function| sendData function| calculateRanking function| appGoalRankingChannel function| companyChannel function| downloadChannel function| goalAssignmentChannel function| goalProgramChannel function| catalogsChannel function| getMetrics function| managersGoalMetricsChannel function| uploadChannel function| replaceFeather undefined| companyId undefined| goalProgramWecareId undefined| companyLevelId undefined| userId function| $ function| jQuery function| Popper object| Util function| Tab function| Toast function| Collapse function| Button function| Tooltip function| Popover function| Carousel function| ScrollSpy function| Modal function| Dropdown function| Alert object| ActionCable object| App object| Turbolinks function| gtag object| dataLayer string| mdChatClient function| movideskLogin function| movideskChatWidgetChangeWindowState function| executeLogin function| __mdWrap object| MovideskChatUserStatus object| ChatWidgetPosition object| ChatWidgetType undefined| mdInternalChatLoginData string| mdChatFrameHref string| mdChatCookieEmail undefined| lastDate object| movideskChatWidget object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| feather object| gaplugins object| gaGlobal object| gaData

8 Cookies

Domain/Path Name / Value
bancocarrefour.wecare.app.br/ Name: ahoy_visitor
Value: c004a41c-c9b7-49d5-83d8-55e0e196d3bc
bancocarrefour.wecare.app.br/ Name: ahoy_visit
Value: 8d5bec3b-6c35-42e1-9ce4-278f397513f6
bancocarrefour.wecare.app.br/ Name: _wecare_session
Value: gxF46cliGUq%2BR59z5ud1SqfzCfrYuEHCiDKq84FTTn%2F83%2BlFBdIEW1fvBuKWwoSv%2Bhfx8dYs%2F%2FfeIabQa3pt92pevS2dphboNjf%2FBjs7ZvyCfHyNxkfsDPgARfaDnSeUU3V92VHVt0VANe35Z17LoYgHnHEkgFmHAIXJAR3kTNynyLeWHHcZBRJWs7nzCds0Y0LLtDLI3AtB2JERDrIoRi7djDDDCnoNPeMIDm1pZP%2BbwZzJ9Wmu%2F%2ByPhKbdrvT2C6xxDafwQw68mJWRU0AjagWQ3XfAIJU%3D--yto6Mom65idcOJnL--nt1dMtB1w7uJPMRimcPKwg%3D%3D
.wecare.app.br/ Name: _ga
Value: GA1.3.810521838.1639337809
.wecare.app.br/ Name: _gid
Value: GA1.3.164927005.1639337809
.wecare.app.br/ Name: _gat_gtag_UA_88178856_1
Value: 1
bancocarrefour.wecare.app.br/ Name: chatWidgetWindowState0BF2131A07314DCBAB1C02DAB1213E1B
Value: false
chat.movidesk.com/ Name: culture
Value: pt-BR

6 Console Messages

Source Level URL
Text
security error URL: https://bancocarrefour.wecare.app.br/
Message:
The source list for the Content Security Policy directive 'img-src' contains an invalid source: 'https://blob:'. It will be ignored.
security error URL: https://code.jquery.com/jquery-3.6.0.min.js(Line 1)
Message:
The source list for the Content Security Policy directive 'img-src' contains an invalid source: 'https://blob:'. It will be ignored.
security error URL: https://code.jquery.com/jquery-3.6.0.min.js(Line 1)
Message:
The source list for the Content Security Policy directive 'img-src' contains an invalid source: 'https://blob:'. It will be ignored.
security error URL: https://code.jquery.com/jquery-3.6.0.min.js(Line 1)
Message:
The source list for the Content Security Policy directive 'img-src' contains an invalid source: 'https://blob:'. It will be ignored.
security error URL: https://code.jquery.com/jquery-3.6.0.min.js(Line 1)
Message:
The source list for the Content Security Policy directive 'img-src' contains an invalid source: 'https://blob:'. It will be ignored.
security error URL: https://bancocarrefour.wecare.app.br/
Message:
Refused to load the image 'https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-88178856-1&cid=810521838.1639337809&jid=2063028387&_u=YEBAAUAAAAAAAC~&z=1954740516' because it violates the following Content Security Policy directive: "img-src 'self' data: http://*.googletagmanager.com http://*.jsdelivr.net https://*.amazonaws.com https://*.app.movidesk.com https://*.giphy.com https://*.google-analytics.com https://*.google.com https://*.google.com.br https://*.googletagmanager.com https://*.gstatic.com https://*.jsdelivr.net https://*.microsoft.com https://*.movidesk.com https://*.s3.us-east-2.amazonaws.com https://*.scoutapp.com https://*.simpleanalyticscdn.com https://*.tawk.to https://*.wecare.app.br https://*.wecarecorp.com.br https://*.zscloud.net https://blob: https://dummyimage.com https://scoutapm.com wss://*.movidesk.com wss://*.tawk.to wss://*.wecare.app.br wss://*.wecarecorp.com.br".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy child-src 'self'; connect-src 'self' http://*.jsdelivr.net http://localhost:3035 https://*.amazonaws.com https://*.fontawesome.com https://*.g.doubleclick.net https://*.google-analytics.com https://*.jsdelivr.net https://*.microsoftonline.com https://*.movidesk.com https://*.scoutapp.com https://*.simpleanalyticscdn.com https://*.tawk.to https://*.wecare.app.br https://*.wecarecorp.com.br https://localhost:3035 ws://localhost:3035 wss://*.movidesk.com wss://*.tawk.to wss://*.wecare.app.br wss://*.wecarecorp.com.br wss://localhost:3035; default-src 'self'; font-src 'self' data: https://*.fontawesome.com https://*.gstatic.com https://*.movidesk.com https://*.tawk.to https://*.typekit.net wss://*.movidesk.com wss://*.tawk.to; frame-src 'self' http://*.googletagmanager.com http://localhost:3000 https://*.google.com https://*.googletagmanager.com https://*.herokucdn.com https://*.movidesk.com https://*.scoutapp.com https://*.tawk.to https://*.typeform.com https://*.wecare.app.br https://*.youtube.com https://form.typeform.com https://localhost:3000 wss://*.movidesk.com wss://*.tawk.to wss://*.wecare.app.br; img-src 'self' data: http://*.googletagmanager.com http://*.jsdelivr.net https://*.amazonaws.com https://*.app.movidesk.com https://*.giphy.com https://*.google-analytics.com https://*.google.com https://*.google.com.br https://*.googletagmanager.com https://*.gstatic.com https://*.jsdelivr.net https://*.microsoft.com https://*.movidesk.com https://*.s3.us-east-2.amazonaws.com https://*.scoutapp.com https://*.simpleanalyticscdn.com https://*.tawk.to https://*.wecare.app.br https://*.wecarecorp.com.br https://*.zscloud.net https://blob: https://dummyimage.com https://scoutapm.com wss://*.movidesk.com wss://*.tawk.to wss://*.wecare.app.br wss://*.wecarecorp.com.br; manifest-src 'self'; media-src 'self' https://*.tawk.to wss://*.tawk.to; object-src 'self'; script-src 'self' 'unsafe-inline' eval: http://*.googletagmanager.com http://*.jquery.com http://*.jsdelivr.net https://*.fontawesome.com https://*.google-analytics.com https://*.googleapis.com https://*.googletagmanager.com https://*.gstatic.com https://*.jquery.com https://*.jsdelivr.net https://*.movidesk.com https://*.scoutapm.com https://*.scoutapp.com https://*.simpleanalyticscdn.com https://*.tawk.to https://*.typeform.com https://*.zscloud.net https://scoutapm.com https://unpkg.com wss://*.movidesk.com wss://*.tawk.to; style-src 'self' 'unsafe-inline' http://*.jsdelivr.net https://*.fontawesome.com https://*.googleapis.com https://*.gstatic.com https://*.jsdelivr.net https://*.movidesk.com https://*.scoutapm.com https://*.scoutapp.com https://*.zscloud.net https://scoutapm.com wss://*.movidesk.com; worker-src 'self'; prefetch-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_f9d9fc25f1cd26a5921fc3b47b9e7683; frame-ancestors http://localhost:3000 https://*.typeform.com https://*.wecare.app.br https://form.typeform.com https://form.typeform.com/ https://localhost:3000 wss://*.wecare.app.br
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bancocarrefour.wecare.app.br
cdn.app.movidesk.com
chat.movidesk.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
reports-api.sqreen.io
s3-eu-west-1.amazonaws.com
s3.amazonaws.com
stats.g.doubleclick.net
unpkg.com
wecare-production.s3.us-east-2.amazonaws.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.google.de
18.66.122.45
2001:4de0:ac18::1:a:2b
2606:4700::6810:7eaf
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2004
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:830::200a
2a00:1450:400c:c06::9d
3.232.242.170
34.242.125.171
52.218.120.64
52.219.108.218
54.144.30.232
54.231.198.104
0840156a6dbed83896f0bd48017bf1a892f5a4cd53d634f0cf49b7588e6df998
2c3e75ab38842b99b9d1257b7f00fc85df602ad23c9a9695cdab84dc17c774cd
3b356f7de52d5bada636247ec784f35681efdc4c283a458204bda4bdeb583640
3e0715cf34e9b2a2b03631f1d54d5596ac2629fc42f7f491bbc35888e713404f
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
44990a4cec1b4b6ab6044f05f2e4946f8a552f7ef15a245892591231ce2f8165
5661560c405ff84ef6da6916cf6d2d688c29eae2cab75888e096a83cd216d328
5dfcdd882f92d647a26beb3d974ef2ef27b96bcef8b01abaef32b8bbb2d38ef9
63fe8df524ad3ac21462e768a0ee3e804a6a49c2504b9d5e538ef1ef8c707c25
7b1a1514ab7bcd7f394d1abd8aeab0ded0381ccc954716aa53d977118916934f
7dcf4dbd2ec98aac130fc6028affd9c50e57653e5222bfadaa2d4a49979c7405
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86698478457ef45efdce307bb1221ad34bd3427d96311b20f94e1fc34769bddc
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a970cb2759096728483c4a1d4706e9bb9f1b7e7013e8aa9f751e7a60b9937fc3
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b3f790a59525e90181f719a35eacbadb57d20e5beb3d5a77550cc671156d0f1f
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
d4160a445695530c06eaf8673c45764658e8b738d8c241458a3510d3a35da881
da3ec83ba88b926645f4d396ffaaf3bd0c0331c5cc7ad91e24df3d66f213ed99
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee67ac8a0c106c4eb25b57a5fd1f7ddf39c45124aa75b593c617ad59733e65f5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e