portaldeincentivos.worten.pt Open in urlscan Pro
104.22.47.238 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://portaldeincentivos.worten.pt/users
Effective URL:
https://portaldeincentivos.worten.pt/login
Submission: On November 25 via manual (November 25th 2021, 2:19:09 pm UTC) from PT — Scanned from DE

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 13 HTTP transactions. The main IP is 104.22.47.238, located in and belongs to CLOUDFLARENET, US. The main domain is portaldeincentivos.worten.pt.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 3rd 2021. Valid for: a year.

This is the only time portaldeincentivos.worten.pt was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	104.22.47.238 104.22.47.238	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.186.106 142.250.186.106	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
13	4

10 104.22.47.238 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

portaldeincentivos.worten.pt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	worten.pt 1 redirects portaldeincentivos.worten.pt	98 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	gstatic.com fonts.gstatic.com
13	3

	Domain	Requested by
10	portaldeincentivos.worten.pt	1 redirects portaldeincentivos.worten.pt
2	fonts.googleapis.com	portaldeincentivos.worten.pt
1	fonts.gstatic.com	fonts.googleapis.com
13	3

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://portaldeincentivos.worten.pt/login
Frame ID: 9E583EDD1A1CA54FA6A1BD92763EC2EB
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login

Page URL History Show full URLs

https://portaldeincentivos.worten.pt/users HTTP 302
https://portaldeincentivos.worten.pt/login Page URL

Page Statistics

13
Requests

92 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

99 kB
Transfer

432 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://portaldeincentivos.worten.pt/users HTTP 302
https://portaldeincentivos.worten.pt/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
portaldeincentivos.worten.pt/
Redirect Chain

https://portaldeincentivos.worten.pt/users
https://portaldeincentivos.worten.pt/login

5 KB
2 KB

391ms
390ms

Document
text/html

104.22.47.238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldeincentivos.worten.pt/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.47.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.17
Resource Hash: 03126f102d2780a1deb4b4bfb50abd789078faf9341c671d86b6e9dc4941316d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 25 Nov 2021 14:19:05 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.17
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-max-age: 0
access-control-allow-credentials: true
pragma: no-cache
expires: 0
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b3b828ace654327-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Thu, 25 Nov 2021 14:19:04 GMT
content-type: text/html; charset=UTF-8
content-length: 414
x-powered-by: PHP/7.3.17
cache-control: no-cache, no-store, must-revalidate
location: https://portaldeincentivos.worten.pt/login
access-control-allow-origin
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-max-age: 0
access-control-allow-credentials: true
pragma: no-cache
expires: 0
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b3b82882fa94327-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 bootstrap.min.css
portaldeincentivos.worten.pt/bs3/css/ 99 KB
18 KB 219ms
218ms Stylesheet
text/css 104.22.47.238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldeincentivos.worten.pt/bs3/css/bootstrap.min.css
Requested by: Host: portaldeincentivos.worten.pt
URL: https://portaldeincentivos.worten.pt/login
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.22.47.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11c74aed50911d54c04455fe1d9c04f42c5f6cf438a94976f890f25f2a59f699

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldeincentivos.worten.pt/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 14:19:05 GMT
content-encoding: br
cf-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 6b3b828d5f0d5ca4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H3 200 bootstrap-reset.css
portaldeincentivos.worten.pt/css/ 7 KB
2 KB 42ms
41ms Stylesheet
text/css 104.22.47.238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldeincentivos.worten.pt/css/bootstrap-reset.css
Requested by: Host: portaldeincentivos.worten.pt
URL: https://portaldeincentivos.worten.pt/login
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.22.47.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 498630a8be1ea58733da60c141926aa2fc718d4b79374fd83b217ad4115a9af1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldeincentivos.worten.pt/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 14:19:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 25 Nov 2021 13:37:02 GMT
server: cloudflare
age: 2523
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, must-revalidate
cf-ray: 6b3b828d5f125ca4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H3 200 font-awesome.css
portaldeincentivos.worten.pt/font-awesome/css/ 21 KB
4 KB 160ms
159ms Stylesheet
text/css 104.22.47.238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldeincentivos.worten.pt/font-awesome/css/font-awesome.css
Requested by: Host: portaldeincentivos.worten.pt
URL: https://portaldeincentivos.worten.pt/login
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.22.47.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d68459db82a6e791ef7cd186fdf2002e51e9f38a7fc1aa6951bd054cd0663b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldeincentivos.worten.pt/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 14:19:05 GMT
content-encoding: br
cf-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 6b3b828d5f135ca4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H3 200 style.css
portaldeincentivos.worten.pt/css/ 107 KB
23 KB 34ms
33ms Stylesheet
text/css 104.22.47.238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldeincentivos.worten.pt/css/style.css
Requested by: Host: portaldeincentivos.worten.pt
URL: https://portaldeincentivos.worten.pt/login
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.22.47.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1ead8b1f549bc63df68593432538ec6f812d752d96cb016d012f3772bf74bb8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldeincentivos.worten.pt/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 14:19:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 25 Nov 2021 13:37:02 GMT
server: cloudflare
age: 2523
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, must-revalidate
cf-ray: 6b3b828d5f175ca4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H3 200 style-responsive.css
portaldeincentivos.worten.pt/css/ 7 KB
2 KB 48ms
47ms Stylesheet
text/css 104.22.47.238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldeincentivos.worten.pt/css/style-responsive.css
Requested by: Host: portaldeincentivos.worten.pt
URL: https://portaldeincentivos.worten.pt/login
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.22.47.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b0dfcbda89fbce0688ecd4d3cb535ab09e87b156f99e08801503c12a4fb1657

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldeincentivos.worten.pt/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 14:19:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 25 Nov 2021 13:37:02 GMT
server: cloudflare
age: 2523
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, must-revalidate
cf-ray: 6b3b828d5f1c5ca4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H3 200 jquery.js Show response
portaldeincentivos.worten.pt/js/ 91 KB
33 KB 43ms
42ms Script
application/javascript 104.22.47.238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldeincentivos.worten.pt/js/jquery.js
Requested by: Host: portaldeincentivos.worten.pt
URL: https://portaldeincentivos.worten.pt/login
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.22.47.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3a7b608ebfa8d1dfe658bc119e6236a6aaf878a779e7c560aa11dd30881a56a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldeincentivos.worten.pt/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 14:19:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 25 Nov 2021 13:37:02 GMT
server: cloudflare
age: 2523
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
cf-ray: 6b3b828d5f215ca4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H3 200 bootstrap.min.js Show response
portaldeincentivos.worten.pt/bs3/js/ 28 KB
8 KB 166ms
166ms Script
application/javascript 104.22.47.238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldeincentivos.worten.pt/bs3/js/bootstrap.min.js
Requested by: Host: portaldeincentivos.worten.pt
URL: https://portaldeincentivos.worten.pt/login
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.22.47.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03bf371e3ca4739cfe6bea61f0126b7cbb94e4713e970651f9acd5acb3d9e399

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldeincentivos.worten.pt/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 14:19:05 GMT
content-encoding: br
cf-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 6b3b828d5f225ca4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 26 KB
2 KB 451ms
55ms Stylesheet
text/css 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic

Requested by

Host: portaldeincentivos.worten.pt
URL: https://portaldeincentivos.worten.pt/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f10.1e100.net

Software

ESF /

Resource Hash

035f76cad89b4436226962589da4573cdba89378ed3ef64029e73035d4e122c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldeincentivos.worten.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 13:54:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 25 Nov 2021 14:19:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Nov 2021 14:19:05 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
649 B 457ms
62ms Stylesheet
text/css 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,100,100italic,300,300italic,400italic,700,700italic,900,900italic

Requested by

Host: portaldeincentivos.worten.pt
URL: https://portaldeincentivos.worten.pt/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f10.1e100.net

Software

ESF /

Resource Hash

50069dd80a131b78b7fd612ad86927814782ddff1f58c06c376f0d9bf90ff051

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldeincentivos.worten.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 14:13:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 25 Nov 2021 14:19:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Nov 2021 14:19:05 GMT

GET
H3 200 bucket-ico-fonts.css
portaldeincentivos.worten.pt/css/ 27 KB
5 KB 31ms
30ms Stylesheet
text/css 104.22.47.238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldeincentivos.worten.pt/css/bucket-ico-fonts.css
Requested by: Host: portaldeincentivos.worten.pt
URL: https://portaldeincentivos.worten.pt/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.22.47.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ea12f45520d3895c73a662e88b48b0ec0bd0a502be3f52419b93c440bf10f78

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldeincentivos.worten.pt/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 14:19:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 25 Nov 2021 13:37:03 GMT
server: cloudflare
age: 2522
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, must-revalidate
cf-ray: 6b3b828dafe55ca4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 7 KB
0 1121ms
836ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://portaldeincentivos.worten.pt
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 15:57:38 GMT
x-content-type-options: nosniff
age: 80487
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 24 Nov 2022 15:57:38 GMT

GET S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.gstatic.com
URL: https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			portaldeincentivos.worten.pt/	1970-01-19 22:57:37	Name: XSRF-TOKEN Value: eyJpdiI6InluakZBQ043Sm1FdEZNMkJnOTY3NVE9PSIsInZhbHVlIjoiTUhZcVwvWE1nMGxqOVN2Ymh0aFhaWUNHZWpBWHYybXV5Y0pEWGVEWjQ3NmY1b0JpWHJaZnpOaEZ5WGpuRXB5RjEiLCJtYWMiOiI5NzE0ZmI4NDVmMGJlZjY4NjA0NDNjZmU5MWMzMDFkZjg2NDg3MWVlZWM3MDJkYzVlZmE3OTc2NmY4OTUzZmFmIn0%3D
			portaldeincentivos.worten.pt/	1970-01-19 22:57:37	Name: laravel_session Value: eyJpdiI6IjE5UjgrZTd0aER5ZTlmVWNYMVhcL1VnPT0iLCJ2YWx1ZSI6IlV2QU1Eem5yUkRKQldDMjk0NHBcL082UWVTUHlscVV1cjljV0RLaWZPVG1cL1ordmlWeXdvcUNYZmxsTkVuY1wvM3kiLCJtYWMiOiI5YmRjM2FlNGE5NmU1ODk2MDNiMDc0MDUyMWMwOWVjZjViN2E5M2I2N2Q4NGVlYjdiNjcwMzJmMWNmYTE3NTdmIn0%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
portaldeincentivos.worten.pt
fonts.gstatic.com
104.22.47.238
142.250.186.106
2a00:1450:4001:812::2003
03126f102d2780a1deb4b4bfb50abd789078faf9341c671d86b6e9dc4941316d
035f76cad89b4436226962589da4573cdba89378ed3ef64029e73035d4e122c5
03bf371e3ca4739cfe6bea61f0126b7cbb94e4713e970651f9acd5acb3d9e399
0b0dfcbda89fbce0688ecd4d3cb535ab09e87b156f99e08801503c12a4fb1657
11c74aed50911d54c04455fe1d9c04f42c5f6cf438a94976f890f25f2a59f699
1d68459db82a6e791ef7cd186fdf2002e51e9f38a7fc1aa6951bd054cd0663b1
498630a8be1ea58733da60c141926aa2fc718d4b79374fd83b217ad4115a9af1
50069dd80a131b78b7fd612ad86927814782ddff1f58c06c376f0d9bf90ff051
7ea12f45520d3895c73a662e88b48b0ec0bd0a502be3f52419b93c440bf10f78
c3a7b608ebfa8d1dfe658bc119e6236a6aaf878a779e7c560aa11dd30881a56a
d1ead8b1f549bc63df68593432538ec6f812d752d96cb016d012f3772bf74bb8

portaldeincentivos.worten.pt Open in urlscan Pro 104.22.47.238 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

13 Requests

92 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

4 IPs

3 Countries

99 kBTransfer

432 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

2 Cookies

Indicators

portaldeincentivos.worten.pt Open in urlscan Pro
104.22.47.238 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

92 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

99 kB
Transfer

432 kB
Size

2
Cookies

13 HTTP transactions
0 data transactions