Submitted URL: http://billapp-cemig.vercel.app/
Effective URL: https://billapp-cemig.vercel.app/
Submission: On February 01 via manual from BR — Scanned from US

Summary

This website contacted 8 IPs in 2 countries across 8 domains to perform 23 HTTP transactions. The main IP is 76.76.21.241, located in Walnut, United States and belongs to AMAZON-02, US. The main domain is billapp-cemig.vercel.app.
TLS certificate: Issued by R3 on December 15th 2023. Valid for: 3 months.
This is the only time billapp-cemig.vercel.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 76.76.21.241 16509 (AMAZON-02)
1 2600:9000:26f... 16509 (AMAZON-02)
1 184.51.148.217 20940 (AKAMAI-ASN1)
1 2 2801:80:280:c... 28631 (Banrisul)
1 52.206.163.162 14618 (AMAZON-AES)
1 198.17.121.50 264581 (BANCO DO ...)
2 3 104.196.174.199 15169 (GOOGLE)
23 8
Apex Domain
Subdomains
Transfer
16 vercel.app
billapp-cemig.vercel.app
241 KB
3 openid.net
www.certification.openid.net
1 KB
2 banrisul.com.br
www.banrisul.com.br — Cisco Umbrella Rank: 626640
1 KB
1 bnb.gov.br
www.bnb.gov.br
1 sensedia.com
www.sensedia.com
1 bancobmg.com.br
www.bancobmg.com.br
3 KB
1 builder.io
cdn.builder.io — Cisco Umbrella Rank: 21710
1 KB
0 andbank.com.br Failed
www.andbank.com.br Failed
23 8
Domain Requested by
16 billapp-cemig.vercel.app billapp-cemig.vercel.app
3 www.certification.openid.net 2 redirects
2 www.banrisul.com.br 1 redirects
1 www.bnb.gov.br
1 www.sensedia.com
1 www.bancobmg.com.br
1 cdn.builder.io billapp-cemig.vercel.app
0 www.andbank.com.br Failed
23 8

This site contains no links.

Subject Issuer Validity Valid
*.vercel.app
R3
2023-12-15 -
2024-03-14
3 months crt.sh
*.builder.io
Amazon RSA 2048 M01
2023-09-30 -
2024-10-28
a year crt.sh
www.bancobmg.com.br
DigiCert SHA2 Extended Validation Server CA
2023-11-27 -
2024-11-26
a year crt.sh
www.sensedia.com
R3
2024-01-31 -
2024-04-30
3 months crt.sh
www.bnb.gov.br
CERTDATA SSL OV CA [Run by the Issuer]
2023-03-27 -
2024-03-26
a year crt.sh

This page contains 1 frames:

Primary Page: https://billapp-cemig.vercel.app/
Frame ID: 0AF5F3804825E4B0EA309BDE934664A7
Requests: 23 HTTP requests in this frame

Screenshot

Page Title

BillApp PoC

Page URL History Show full URLs

  1. http://billapp-cemig.vercel.app/ HTTP 307
    https://billapp-cemig.vercel.app/ Page URL

Page Statistics

23
Requests

87 %
HTTPS

29 %
IPv6

8
Domains

8
Subdomains

8
IPs

2
Countries

246 kB
Transfer

651 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://billapp-cemig.vercel.app/ HTTP 307
    https://billapp-cemig.vercel.app/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://www.banrisul.com.br/naoseaplica.svg HTTP 302
  • https://www.banrisul.com.br/bob/naoseaplica.svg
Request Chain 21
  • https://www.certification.openid.net/img.svg HTTP 302
  • https://www.certification.openid.net/openid_connect_login HTTP 302
  • https://www.certification.openid.net/login.html

23 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
billapp-cemig.vercel.app/
Redirect Chain
  • http://billapp-cemig.vercel.app/
  • https://billapp-cemig.vercel.app/
12 KB
4 KB
Document
General
Full URL
https://billapp-cemig.vercel.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
bc621982bedb95072811fc22005969bb5c98a2081c372e0344d24899de89f19c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
age
13
cache-control
public, max-age=0, must-revalidate
content-disposition
inline
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 01 Feb 2024 12:40:03 GMT
etag
W/"e990d7ffc6c94e463fe13c9a072fac90"
server
Vercel
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url
x-matched-path
/
x-vercel-cache
HIT
x-vercel-id
cle1::29b5g-1706791203746-f4a74d1bdfd4

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://billapp-cemig.vercel.app/
Non-Authoritative-Reason
HSTS
c9a5bc6a7c948fb0-s.p.woff2
billapp-cemig.vercel.app/_next/static/media/
45 KB
46 KB
Font
General
Full URL
https://billapp-cemig.vercel.app/_next/static/media/c9a5bc6a7c948fb0-s.p.woff2
Requested by
Host: billapp-cemig.vercel.app
URL: https://billapp-cemig.vercel.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
3bcf04ca301e44f13f404c8a04aa4ae707f67a950e12ef30c238f96e784266a1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://billapp-cemig.vercel.app/
Origin
https://billapp-cemig.vercel.app
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 12:40:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
Vercel
x-vercel-id
cle1::29b5g-1706791203993-26c5a62514e7
age
0
x-matched-path
/_next/static/media/c9a5bc6a7c948fb0-s.p.woff2
etag
"74c3556b9dad12fb76f84af53ba69410"
x-vercel-cache
HIT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="c9a5bc6a7c948fb0-s.p.woff2"
accept-ranges
bytes
content-length
46552
dfa741bd0d425c59.css
billapp-cemig.vercel.app/_next/static/css/
29 KB
7 KB
Stylesheet
General
Full URL
https://billapp-cemig.vercel.app/_next/static/css/dfa741bd0d425c59.css
Requested by
Host: billapp-cemig.vercel.app
URL: https://billapp-cemig.vercel.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
b8f7e2d1e64e66b6fd17a45cc44ef23293979c7ccedd7845b34622aa264350b6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://billapp-cemig.vercel.app/
Origin
https://billapp-cemig.vercel.app
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 12:40:04 GMT
content-encoding
br
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
Vercel
x-vercel-id
cle1::xj2hw-1706791203993-77881dc988dc
age
0
x-matched-path
/_next/static/css/dfa741bd0d425c59.css
etag
W/"77ed0a3dec91c7963aa86ca5f0fed685"
x-vercel-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="dfa741bd0d425c59.css"
webpack-eb7dc71d60be1adb.js
billapp-cemig.vercel.app/_next/static/chunks/
3 KB
2 KB
Script
General
Full URL
https://billapp-cemig.vercel.app/_next/static/chunks/webpack-eb7dc71d60be1adb.js
Requested by
Host: billapp-cemig.vercel.app
URL: https://billapp-cemig.vercel.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
c68ce86d39d855da4566ae08970d4ad561294014f049bc2891c0f2704585ec9f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://billapp-cemig.vercel.app/
Origin
https://billapp-cemig.vercel.app
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 12:40:04 GMT
content-encoding
br
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
Vercel
x-vercel-id
cle1::qvkdd-1706791204017-44082a7cadd4
age
0
x-matched-path
/_next/static/chunks/webpack-eb7dc71d60be1adb.js
etag
W/"4fa3146e22877b8aebd237f1f5387f22"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="webpack-eb7dc71d60be1adb.js"
b179b281-213506e40a8734cf.js
billapp-cemig.vercel.app/_next/static/chunks/
168 KB
54 KB
Script
General
Full URL
https://billapp-cemig.vercel.app/_next/static/chunks/b179b281-213506e40a8734cf.js
Requested by
Host: billapp-cemig.vercel.app
URL: https://billapp-cemig.vercel.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
af783b423b24d6eda87ccc793f50a59e3f9119c0b79931e131f61cad95b26f6c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://billapp-cemig.vercel.app/
Origin
https://billapp-cemig.vercel.app
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 12:40:04 GMT
content-encoding
br
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
Vercel
x-vercel-id
cle1::ql84z-1706791204017-cf2e3a666ebc
age
0
x-matched-path
/_next/static/chunks/b179b281-213506e40a8734cf.js
etag
W/"b9436cfaac4d96ca24035e3a38dd5695"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="b179b281-213506e40a8734cf.js"
474-eee1f32734664f2a.js
billapp-cemig.vercel.app/_next/static/chunks/
107 KB
30 KB
Script
General
Full URL
https://billapp-cemig.vercel.app/_next/static/chunks/474-eee1f32734664f2a.js
Requested by
Host: billapp-cemig.vercel.app
URL: https://billapp-cemig.vercel.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
5facf866c32745c6432f24f53af7df6e3535c8e4661f96ee2ebfa664727c98e0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://billapp-cemig.vercel.app/
Origin
https://billapp-cemig.vercel.app
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 12:40:04 GMT
content-encoding
br
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
Vercel
x-vercel-id
cle1::nsbr6-1706791204020-7fa9a3a02c2e
age
0
x-matched-path
/_next/static/chunks/474-eee1f32734664f2a.js
etag
W/"a269e124da56ad01d19953bb9c1a5cb4"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="474-eee1f32734664f2a.js"
main-app-c480e4f040cb1c01.js
billapp-cemig.vercel.app/_next/static/chunks/
461 B
666 B
Script
General
Full URL
https://billapp-cemig.vercel.app/_next/static/chunks/main-app-c480e4f040cb1c01.js
Requested by
Host: billapp-cemig.vercel.app
URL: https://billapp-cemig.vercel.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
2f33c5471a80b7968a4b5f9cccf7637b3ae90506d3ca424460b2907eb22d097c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://billapp-cemig.vercel.app/
Origin
https://billapp-cemig.vercel.app
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 12:40:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
Vercel
x-vercel-id
cle1::29b5g-1706791204017-31092e9d39db
age
0
x-matched-path
/_next/static/chunks/main-app-c480e4f040cb1c01.js
etag
"d3c6dd2e8ae459dbb0fe9f1862ae2003"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="main-app-c480e4f040cb1c01.js"
accept-ranges
bytes
content-length
461
984-b068bbe93f53f29a.js
billapp-cemig.vercel.app/_next/static/chunks/
20 KB
7 KB
Script
General
Full URL
https://billapp-cemig.vercel.app/_next/static/chunks/984-b068bbe93f53f29a.js
Requested by
Host: billapp-cemig.vercel.app
URL: https://billapp-cemig.vercel.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
a03aa3ffbd51aacc0db1a3931a09b68a3353c32d9eceb7b666c032b56ba6eac5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://billapp-cemig.vercel.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 12:40:04 GMT
content-encoding
br
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
Vercel
x-vercel-id
cle1::wrrcn-1706791204017-a11f9eb415dc
age
0
x-matched-path
/_next/static/chunks/984-b068bbe93f53f29a.js
etag
W/"42f22807bb820056448f487eba2cb4e5"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="984-b068bbe93f53f29a.js"
683-3d6354ec4b3ddfec.js
billapp-cemig.vercel.app/_next/static/chunks/
16 KB
6 KB
Script
General
Full URL
https://billapp-cemig.vercel.app/_next/static/chunks/683-3d6354ec4b3ddfec.js
Requested by
Host: billapp-cemig.vercel.app
URL: https://billapp-cemig.vercel.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
ac0a157ac9e995d8eaa7d202e5421f4ff341d63075ad8e4902ef710bc0c044cc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://billapp-cemig.vercel.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 12:40:04 GMT
content-encoding
br
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
Vercel
x-vercel-id
cle1::gprhn-1706791204017-b68d77b599f1
age
0
x-matched-path
/_next/static/chunks/683-3d6354ec4b3ddfec.js
etag
W/"b1c56eb2458fe4d04729d96525cb6ca5"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="683-3d6354ec4b3ddfec.js"
803-72cb0575e87d449f.js
billapp-cemig.vercel.app/_next/static/chunks/
7 KB
3 KB
Script
General
Full URL
https://billapp-cemig.vercel.app/_next/static/chunks/803-72cb0575e87d449f.js
Requested by
Host: billapp-cemig.vercel.app
URL: https://billapp-cemig.vercel.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
ec198d95831f1d0137619f6de529bfe597f77858868645e87db28854fe55ac85
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://billapp-cemig.vercel.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 12:40:04 GMT
content-encoding
br
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
Vercel
x-vercel-id
cle1::tnv8b-1706791204017-385002174581
age
0
x-matched-path
/_next/static/chunks/803-72cb0575e87d449f.js
etag
W/"aceadca96b5975125bfff28e4293735d"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="803-72cb0575e87d449f.js"
217-15d29bf9d3c78b17.js
billapp-cemig.vercel.app/_next/static/chunks/
47 KB
15 KB
Script
General
Full URL
https://billapp-cemig.vercel.app/_next/static/chunks/217-15d29bf9d3c78b17.js
Requested by
Host: billapp-cemig.vercel.app
URL: https://billapp-cemig.vercel.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
1ee14b270a33473be93f1d9dcf56afc72347ba74ed5dce29c39cf77eace0bb1c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://billapp-cemig.vercel.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 12:40:04 GMT
content-encoding
br
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
Vercel
x-vercel-id
cle1::z894d-1706791204017-adc47e728537
age
0
x-matched-path
/_next/static/chunks/217-15d29bf9d3c78b17.js
etag
W/"ce9aeb34dbeb7b0efcf2694e20fd7ed3"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="217-15d29bf9d3c78b17.js"
layout-a85986be30dee341.js
billapp-cemig.vercel.app/_next/static/chunks/app/
7 KB
3 KB
Script
General
Full URL
https://billapp-cemig.vercel.app/_next/static/chunks/app/layout-a85986be30dee341.js
Requested by
Host: billapp-cemig.vercel.app
URL: https://billapp-cemig.vercel.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
0ce9e0ad709588c6adeeb1c7ed2475a41e9b4b1ca85bc98de4c5dc3d002e0968
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://billapp-cemig.vercel.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 12:40:04 GMT
content-encoding
br
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
Vercel
x-vercel-id
cle1::5c74p-1706791204017-8e6865ebc834
age
0
x-matched-path
/_next/static/chunks/app/layout-a85986be30dee341.js
etag
W/"6e87528bcb5529a8c79856f50fb03133"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="layout-a85986be30dee341.js"
page-38d77d37ee014ed0.js
billapp-cemig.vercel.app/_next/static/chunks/app/
14 KB
6 KB
Script
General
Full URL
https://billapp-cemig.vercel.app/_next/static/chunks/app/page-38d77d37ee014ed0.js
Requested by
Host: billapp-cemig.vercel.app
URL: https://billapp-cemig.vercel.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
bbb5efe1fcfbeb0fcef7f21eca2b1ea8521e04bff041561707bb06440da09dc3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://billapp-cemig.vercel.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 12:40:04 GMT
content-encoding
br
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
Vercel
x-vercel-id
cle1::wrrcn-1706791204017-ce2f9de381b4
age
0
x-matched-path
/_next/static/chunks/app/page-38d77d37ee014ed0.js
etag
W/"6d7dd7fd99fa8c766081c83f86efc7f1"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="page-38d77d37ee014ed0.js"
logo.svg
billapp-cemig.vercel.app/providers/cemig/
4 KB
2 KB
Image
General
Full URL
https://billapp-cemig.vercel.app/providers/cemig/logo.svg
Requested by
Host: billapp-cemig.vercel.app
URL: https://billapp-cemig.vercel.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
28cb3a3a6df0d0b2b7a8bb28214e377b44798e7697dcfcc59d3b576d243de450
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://billapp-cemig.vercel.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 12:40:04 GMT
content-encoding
br
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
Vercel
x-vercel-id
cle1::qvkdd-1706791204083-6b4937e8d91f
age
0
x-matched-path
/providers/cemig/logo.svg
etag
W/"0ba6291b2c775048923cb02c6b032389"
x-vercel-cache
HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="logo.svg"
dd9f72946254c1a2fe0c6137a21361ead8f37b5659be8da70b0a270e51e4c23b
cdn.builder.io/api/v1/image/assets/TEMP/
497 B
1 KB
Image
General
Full URL
https://cdn.builder.io/api/v1/image/assets/TEMP/dd9f72946254c1a2fe0c6137a21361ead8f37b5659be8da70b0a270e51e4c23b?apiKey=6f65d7e2e862460c8ffb4d2909ad4de9&
Requested by
Host: billapp-cemig.vercel.app
URL: https://billapp-cemig.vercel.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26fa:1c00:2:cea4:aa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
dd9f72946254c1a2fe0c6137a21361ead8f37b5659be8da70b0a270e51e4c23b
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

accept-language
en-US,en;q=0.9
Referer
https://billapp-cemig.vercel.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-security-policy
script-src 'none'
date
Thu, 01 Feb 2024 12:39:50 GMT
via
1.1 e328ac0201f987aaffe67063ed27028c.cloudfront.net (CloudFront)
access-control-allow-private-network
true
x-amz-cf-pop
JFK52-P1
age
14
x-powered-by
Express
surrogate-control
public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
x-cache
Hit from cloudfront
content-length
497
x-request-id
fd8cbfb0-c0fe-11ee-bf95-c797bcf52892
server
Google Frontend
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
x-cloud-trace-context
bd4093858212b328bf0b27692a613e44
cache-control
public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
function-execution-id
w570pw7fhb7e
x-robots-tag
noindex
access-control-allow-headers
content-type, accept, authorization
x-amz-cf-id
GCnCzTehlIEg-gGFWWDfXca2EvGMDH7SF6_9Zkjiq4efY8h5uEjQSw==
/
billapp-cemig.vercel.app/
129 KB
20 KB
Fetch
General
Full URL
https://billapp-cemig.vercel.app/
Requested by
Host: billapp-cemig.vercel.app
URL: https://billapp-cemig.vercel.app/_next/static/chunks/474-eee1f32734664f2a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel / Next.js
Resource Hash
5183d2ecdac596aee0b59f4516622abbcc090fc89eb8376afa060cf097f88fb6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Next-Url
/
Content-Type
text/plain;charset=UTF-8
Accept
text/x-component
Referer
https://billapp-cemig.vercel.app/
Next-Action
95dbe63aaebb58d2a36d7708ab543485b0f8fb27

Response headers

date
Thu, 01 Feb 2024 12:40:04 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
Vercel
x-vercel-id
cle1::iad1::qvkdd-1706791204240-61e264cf2915
age
0
x-matched-path
/
x-powered-by
Next.js
x-vercel-cache
BYPASS
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url
content-type
text/x-component
cache-control
public, max-age=0, must-revalidate
x-action-revalidated
[[],0,0]
unicef.jpg
billapp-cemig.vercel.app/
36 KB
36 KB
Image
General
Full URL
https://billapp-cemig.vercel.app/unicef.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
de112c2c40412807324c4e51397cb72cc2da425e3f79176c74c4617d2a5539e1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://billapp-cemig.vercel.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 12:40:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
Vercel
x-vercel-id
cle1::wrrcn-1706791204240-365d0053975b
age
0
x-matched-path
/unicef.jpg
etag
"f56c9d789309582906caa62bda3ae617"
x-vercel-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="unicef.jpg"
accept-ranges
bytes
content-length
36704
logo.svg
www.andbank.com.br/
0
0

logo.svg
www.bancobmg.com.br/lumis-theme/br/com/bmg/portal/theme/bmg-portal/img/
7 KB
3 KB
Image
General
Full URL
https://www.bancobmg.com.br/lumis-theme/br/com/bmg/portal/theme/bmg-portal/img/logo.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.148.217 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-148-217.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bfb9d351493a37265179578ed3c5c3b6bbfbbb318f6b6e5b477b31e8b7e8de72
Security Headers
Name Value
Content-Security-Policy default-src https: wss: blob: 'unsafe-inline' 'unsafe-eval' data: https://*.bancobmg.com.br https://bancobmg.chat.blip.ai;
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://billapp-cemig.vercel.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-security-policy
default-src https: wss: blob: 'unsafe-inline' 'unsafe-eval' data: https://*.bancobmg.com.br https://bancobmg.chat.blip.ai;
x-content-type-options
nosniff
date
Thu, 01 Feb 2024 12:40:05 GMT
content-encoding
gzip
x-amz-cf-pop
FOR50-P3
x-apache-server
lumisB-bmg
content-length
2730
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
strict-origin
last-modified
Wed, 31 Jan 2024 21:21:43 GMT
server
Apache
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-max-age
86400
access-control-allow-methods
GET,POST
cache-control
max-age=31536000
access-control-allow-credentials
false
permissions-policy
geolocation=(*),midi=(*),sync-xhr=(*),microphone=(*),camera=(*),magnetometer=(),gyroscope=(),fullscreen=(*),payment=()
access-control-allow-origin
*
access-control-allow-headers
*
x-amz-cf-id
mPf_DnCFSBdxgzp4J_V21JL1tFCtDE1JYQIH-BwXvE_x9VIxers0rQ==
expires
Sat, 02 Mar 2024 12:22:31 GMT
naoseaplica.svg
www.banrisul.com.br/bob/
Redirect Chain
  • https://www.banrisul.com.br/naoseaplica.svg
  • https://www.banrisul.com.br/bob/naoseaplica.svg
0
0
Image
General
Full URL
https://www.banrisul.com.br/bob/naoseaplica.svg
Protocol
HTTP/1.1
Server
2801:80:280:c036::3:7 Belém, Brazil, ASN28631 (Banrisul - Banco do Estado do Rio Grande do Sul, BR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Redirect headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Date
Thu, 01 Feb 2024 12:40:05 GMT
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
Location
https://www.banrisul.com.br/bob/naoseaplica.svg
Cache-Control
private
Permissions-Policy
accelerometer=(),ambient-light-sensor=(),autoplay=(),battery=(),camera=(),display-capture=(),document-domain=(),encrypted-media=(),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),layout-animations=(self),legacy-image-formats=(self),magnetometer=(),microphone=(),midi=(),oversized-images=(self),payment=(),picture-in-picture=(),publickey-credentials-get=(),speaker-selection=(),sync-xhr=(self),unoptimized-images=(self),unsized-media=(self),usb=(),screen-wake-lock=(),web-share=(),xr-spatial-tracking=()
Content-Length
168
X-XSS-Protection
1; mode=block
sensedia.svg
www.sensedia.com/
0
0
Image
General
Full URL
https://www.sensedia.com/sensedia.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.206.163.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-163-162.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://billapp-cemig.vercel.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

logo.svg
www.bnb.gov.br/
0
0
Image
General
Full URL
https://www.bnb.gov.br/logo.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.17.121.50 Fortaleza, Brazil, ASN264581 (BANCO DO NORDESTE DO BRASIL SA, BR),
Reverse DNS
bnb.com.br
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://billapp-cemig.vercel.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

login.html
www.certification.openid.net/
Redirect Chain
  • https://www.certification.openid.net/img.svg
  • https://www.certification.openid.net/openid_connect_login
  • https://www.certification.openid.net/login.html
0
0
Image
General
Full URL
https://www.certification.openid.net/login.html
Protocol
HTTP/1.1
Server
104.196.174.199 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
199.174.196.104.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://billapp-cemig.vercel.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Thu, 01 Feb 2024 12:40:04 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-Content-Type-Options
nosniff
Server
Apache
Vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
X-Frame-Options
SAMEORIGIN
Location
https://www.certification.openid.net/login.html
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.andbank.com.br
URL
https://www.andbank.com.br/logo.svg

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __next_f object| webpackChunk_N_E undefined| _N_E object| next number| __NUMBER_OF_JOTAI_INSTANCES__

0 Cookies

2 Console Messages

Source Level URL
Text
network error URL: https://www.sensedia.com/sensedia.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.bnb.gov.br/logo.svg
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

billapp-cemig.vercel.app
cdn.builder.io
www.andbank.com.br
www.bancobmg.com.br
www.banrisul.com.br
www.bnb.gov.br
www.certification.openid.net
www.sensedia.com
www.andbank.com.br
104.196.174.199
184.51.148.217
198.17.121.50
2600:9000:26fa:1c00:2:cea4:aa80:93a1
2801:80:280:c036::3:7
52.206.163.162
76.76.21.241
0ce9e0ad709588c6adeeb1c7ed2475a41e9b4b1ca85bc98de4c5dc3d002e0968
1ee14b270a33473be93f1d9dcf56afc72347ba74ed5dce29c39cf77eace0bb1c
28cb3a3a6df0d0b2b7a8bb28214e377b44798e7697dcfcc59d3b576d243de450
2f33c5471a80b7968a4b5f9cccf7637b3ae90506d3ca424460b2907eb22d097c
3bcf04ca301e44f13f404c8a04aa4ae707f67a950e12ef30c238f96e784266a1
5183d2ecdac596aee0b59f4516622abbcc090fc89eb8376afa060cf097f88fb6
5facf866c32745c6432f24f53af7df6e3535c8e4661f96ee2ebfa664727c98e0
a03aa3ffbd51aacc0db1a3931a09b68a3353c32d9eceb7b666c032b56ba6eac5
ac0a157ac9e995d8eaa7d202e5421f4ff341d63075ad8e4902ef710bc0c044cc
af783b423b24d6eda87ccc793f50a59e3f9119c0b79931e131f61cad95b26f6c
b8f7e2d1e64e66b6fd17a45cc44ef23293979c7ccedd7845b34622aa264350b6
bbb5efe1fcfbeb0fcef7f21eca2b1ea8521e04bff041561707bb06440da09dc3
bc621982bedb95072811fc22005969bb5c98a2081c372e0344d24899de89f19c
bfb9d351493a37265179578ed3c5c3b6bbfbbb318f6b6e5b477b31e8b7e8de72
c68ce86d39d855da4566ae08970d4ad561294014f049bc2891c0f2704585ec9f
dd9f72946254c1a2fe0c6137a21361ead8f37b5659be8da70b0a270e51e4c23b
de112c2c40412807324c4e51397cb72cc2da425e3f79176c74c4617d2a5539e1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec198d95831f1d0137619f6de529bfe597f77858868645e87db28854fe55ac85