testes.app.pay.must.pt Open in urlscan Pro
34.77.123.233  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response testes.app.pay.must.pt/	57 KB 20 KB	542ms 177ms	Document text/html	34.77.123.233 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://testes.app.pay.must.pt/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.77.123.233 , United States, ASN15169 (GOOGLE, US), Reverse DNS 233.123.77.34.bc.googleusercontent.com Software nginx/1.14.0 (Ubuntu) / Resource Hash e8622669ada16c2bf1e163236735b7cbc0692f694bfbb81c87701103f91fd360 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers :method GET :authority testes.app.pay.must.pt :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers server nginx/1.14.0 (Ubuntu) date Mon, 08 Feb 2021 13:34:21 GMT content-type text/html; charset=utf-8 strict-transport-security max-age=31536000 front-end-https on content-encoding gzip
GET H2	200	vendor.css testes.app.pay.must.pt/0163/assets/	580 KB 581 KB	25ms 24ms	Stylesheet text/css	34.77.123.233 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://testes.app.pay.must.pt/0163/assets/vendor.css Requested by Host: testes.app.pay.must.pt URL: https://testes.app.pay.must.pt/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.77.123.233 , United States, ASN15169 (GOOGLE, US), Reverse DNS 233.123.77.34.bc.googleusercontent.com Software nginx/1.14.0 (Ubuntu) / Resource Hash da38aa15416f5a864887568d29b508b4c1584674e458ef794411b5545e4d44c5 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://testes.app.pay.must.pt/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 08 Feb 2021 13:34:21 GMT last-modified Thu, 19 Mar 2020 11:00:56 GMT server nginx/1.14.0 (Ubuntu) etag "5e7350e8-90fc5" front-end-https on content-type text/css strict-transport-security max-age=31536000 accept-ranges bytes content-length 593861
GET H2	200	index.css testes.app.pay.must.pt/0163/assets/	3 MB 3 MB	53ms 52ms	Stylesheet text/css	34.77.123.233 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://testes.app.pay.must.pt/0163/assets/index.css Requested by Host: testes.app.pay.must.pt URL: https://testes.app.pay.must.pt/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.77.123.233 , United States, ASN15169 (GOOGLE, US), Reverse DNS 233.123.77.34.bc.googleusercontent.com Software nginx/1.14.0 (Ubuntu) / Resource Hash 406f8dc3926fd4005edff45c89534591ff1a95277bd1b5ba70588747d0c2b6d3 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://testes.app.pay.must.pt/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 08 Feb 2021 13:34:21 GMT last-modified Tue, 12 May 2020 20:18:48 GMT server nginx/1.14.0 (Ubuntu) etag "5ebb04a8-2d6ce8" front-end-https on content-type text/css strict-transport-security max-age=31536000 accept-ranges bytes content-length 2977000
GET H2	200	vendor.js Show response testes.app.pay.must.pt/0163/assets/	927 KB 928 KB	47ms 46ms	Script application/javascript	34.77.123.233 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://testes.app.pay.must.pt/0163/assets/vendor.js Requested by Host: testes.app.pay.must.pt URL: https://testes.app.pay.must.pt/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.77.123.233 , United States, ASN15169 (GOOGLE, US), Reverse DNS 233.123.77.34.bc.googleusercontent.com Software nginx/1.14.0 (Ubuntu) / Resource Hash 208703a295c43a9090f601daadc07ab9c687d78223bcd42642510d928be39504 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://testes.app.pay.must.pt/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 08 Feb 2021 13:34:21 GMT last-modified Wed, 13 Jan 2021 22:19:44 GMT server nginx/1.14.0 (Ubuntu) etag "5fff7200-e7cbd" front-end-https on content-type application/javascript strict-transport-security max-age=31536000 accept-ranges bytes content-length 949437
GET H2	200	index.js Show response testes.app.pay.must.pt/0163/assets/	223 KB 223 KB	47ms 46ms	Script application/javascript	34.77.123.233 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://testes.app.pay.must.pt/0163/assets/index.js Requested by Host: testes.app.pay.must.pt URL: https://testes.app.pay.must.pt/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.77.123.233 , United States, ASN15169 (GOOGLE, US), Reverse DNS 233.123.77.34.bc.googleusercontent.com Software nginx/1.14.0 (Ubuntu) / Resource Hash 7a093af5ebe342f74ea5bc728c81c1887c0736098cb14db3d7549aaa22bab96e Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://testes.app.pay.must.pt/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 08 Feb 2021 13:34:21 GMT last-modified Wed, 20 Jan 2021 12:43:34 GMT server nginx/1.14.0 (Ubuntu) etag "60082576-37b77" front-end-https on content-type application/javascript strict-transport-security max-age=31536000 accept-ranges bytes content-length 228215
GET H/1.1	200 OK	app_cq_1080x717_17436509275ddd3a52c41b3.jpg www.freebee.pt/files/app/novidades/	369 KB 370 KB	147ms 19ms	Image image/jpeg	35.205.136.206 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.freebee.pt/files/app/novidades/app_cq_1080x717_17436509275ddd3a52c41b3.jpg Requested by Host: testes.app.pay.must.pt URL: https://testes.app.pay.must.pt/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.205.136.206 , Ascension Island, ASN15169 (GOOGLE, US), Reverse DNS 206.136.205.35.bc.googleusercontent.com Software nginx/1.14.0 / Resource Hash 8d2b9cfbca916402f8fd109187755fff9599a164d122f27dc92faa7c9741a427 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://testes.app.pay.must.pt/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 08 Feb 2021 13:34:21 GMT Last-Modified Tue, 26 Nov 2019 14:44:34 GMT Server nginx/1.14.0 ETag "5ddd3a52-5c5bf" Strict-Transport-Security max-age=31536000 Content-Type image/jpeg Content-Length 378303 Connection keep-alive Accept-Ranges bytes Front-End-Https on
GET H/1.1	200 OK	deltaq_mythiq_8149011845d88ecd47de29.png www.freebee.pt/files/app/novidades/	1 MB 1 MB	164ms 21ms	Image image/png	35.205.136.206 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.freebee.pt/files/app/novidades/deltaq_mythiq_8149011845d88ecd47de29.png Requested by Host: testes.app.pay.must.pt URL: https://testes.app.pay.must.pt/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.205.136.206 , Ascension Island, ASN15169 (GOOGLE, US), Reverse DNS 206.136.205.35.bc.googleusercontent.com Software nginx/1.14.0 / Resource Hash 011a28ec8957d139eb9970a04e14843ae0e9c5c6ebab1197abf0949fbbd5026a Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://testes.app.pay.must.pt/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 08 Feb 2021 13:34:21 GMT Last-Modified Mon, 23 Sep 2019 16:03:32 GMT Server nginx/1.14.0 ETag "5d88ecd4-155a8b" Strict-Transport-Security max-age=31536000 Content-Type image/png Content-Length 1399435 Connection keep-alive Accept-Ranges bytes Front-End-Https on
GET H/1.1	200 OK	listagem_vitorsobral_8670504395d25f885d4e09.jpg www.freebee.pt/files/app/novidades/	281 KB 281 KB	167ms 22ms	Image image/jpeg	35.205.136.206 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.freebee.pt/files/app/novidades/listagem_vitorsobral_8670504395d25f885d4e09.jpg Requested by Host: testes.app.pay.must.pt URL: https://testes.app.pay.must.pt/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.205.136.206 , Ascension Island, ASN15169 (GOOGLE, US), Reverse DNS 206.136.205.35.bc.googleusercontent.com Software nginx/1.14.0 / Resource Hash 2a1833ac265c95e196f52a5752e2e7f1d6693ba65c6e6797822622bef24e58bf Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://testes.app.pay.must.pt/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 08 Feb 2021 13:34:21 GMT Last-Modified Wed, 10 Jul 2019 14:39:01 GMT Server nginx/1.14.0 ETag "5d25f885-46278" Strict-Transport-Security max-age=31536000 Content-Type image/jpeg Content-Length 287352 Connection keep-alive Accept-Ranges bytes Front-End-Https on
GET H/1.1	200 OK	_c0a6181_10116229805db996d7e1480.jpg www.freebee.pt/files/app/novidades/	228 KB 228 KB	167ms 23ms	Image image/jpeg	35.205.136.206 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.freebee.pt/files/app/novidades/_c0a6181_10116229805db996d7e1480.jpg Requested by Host: testes.app.pay.must.pt URL: https://testes.app.pay.must.pt/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.205.136.206 , Ascension Island, ASN15169 (GOOGLE, US), Reverse DNS 206.136.205.35.bc.googleusercontent.com Software nginx/1.14.0 / Resource Hash b068ab25d9342dfa25347f4b9cfd3f23bc2ac7790d15f5558198cd95908fb83c Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://testes.app.pay.must.pt/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 08 Feb 2021 13:34:21 GMT Last-Modified Wed, 30 Oct 2019 13:57:43 GMT Server nginx/1.14.0 ETag "5db996d7-39048" Strict-Transport-Security max-age=31536000 Content-Type image/jpeg Content-Length 233544 Connection keep-alive Accept-Ranges bytes Front-End-Https on
GET DATA	200 OK	truncated /	15 KB 15 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Request headers Origin https://testes.app.pay.must.pt Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type font/woff2
GET DATA	200 OK	truncated /	12 KB 12 KB		Font application/font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a03c82fb29855e0476609ecb7a61e597094751eb3987dbea7ed71aaf6a0ca88a Request headers Origin https://testes.app.pay.must.pt Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type application/font-woff;charset=utf-8
GET DATA	200 OK	truncated /	15 KB 15 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1d5b7c64458f4af91dcfee0354be47adde1f739b5aded03a7ab6068a1bb6ca97 Request headers Origin https://testes.app.pay.must.pt Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type font/woff2
OPTIONS H2	200	signupNewUser www.googleapis.com/identitytoolkit/v3/relyingparty/	0 0	101ms 100ms	Other text/html	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleapis.com/identitytoolkit/v3/relyingparty/signupNewUser?key=AIzaSyAzSuXi5enB_8UPgTo7Gswuc7SIz2B0xRo Protocol H2 Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type,x-client-version Origin https://testes.app.pay.must.pt User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Sec-Fetch-Mode cors Response headers access-control-allow-origin https://testes.app.pay.must.pt vary origin referer x-origin access-control-allow-methods DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT access-control-allow-headers content-type,x-client-version access-control-max-age 3600 date Mon, 08 Feb 2021 13:34:21 GMT content-type text/html server ESF content-length 0 x-xss-protection 0 x-frame-options SAMEORIGIN x-content-type-options nosniff alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H3-Q050	200	signupNewUser Show response www.googleapis.com/identitytoolkit/v3/relyingparty/	1 KB 1 KB	840ms 802ms	XHR application/json	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleapis.com/identitytoolkit/v3/relyingparty/signupNewUser?key=AIzaSyAzSuXi5enB_8UPgTo7Gswuc7SIz2B0xRo Requested by Host: testes.app.pay.must.pt URL: https://testes.app.pay.must.pt/0163/assets/vendor.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ddf4c4ec9b24b6eec821c4e6974c337ab999f5608b4d699c212e37ee6ec90ea8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://testes.app.pay.must.pt/ X-Client-Version Chrome/JsCore/5.11.0/FirebaseCore-web User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/json Response headers pragma no-cache date Mon, 08 Feb 2021 13:34:22 GMT content-encoding gzip x-content-type-options nosniff alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" server ESF x-frame-options SAMEORIGIN content-type application/json; charset=UTF-8 access-control-allow-origin https://testes.app.pay.must.pt access-control-expose-headers date,vary,vary,vary,content-encoding,server,content-length cache-control no-cache, no-store, max-age=0, must-revalidate vary Origin, X-Origin, Referer content-length 917 x-xss-protection 0 expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3-Q050	200	getAccountInfo Show response www.googleapis.com/identitytoolkit/v3/relyingparty/	258 B 231 B	161ms 160ms	XHR application/json	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleapis.com/identitytoolkit/v3/relyingparty/getAccountInfo?key=AIzaSyAzSuXi5enB_8UPgTo7Gswuc7SIz2B0xRo Requested by Host: testes.app.pay.must.pt URL: https://testes.app.pay.must.pt/0163/assets/vendor.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash eff69a200e98e460568c31841f115b30cf12867dea0d21be20f9d56e67f87e10 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://testes.app.pay.must.pt/ X-Client-Version Chrome/JsCore/5.11.0/FirebaseCore-web User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/json Response headers pragma no-cache date Mon, 08 Feb 2021 13:34:22 GMT content-encoding gzip x-content-type-options nosniff alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" server ESF x-frame-options SAMEORIGIN content-type application/json; charset=UTF-8 access-control-allow-origin https://testes.app.pay.must.pt access-control-expose-headers date,vary,vary,vary,content-encoding,server,content-length cache-control no-cache, no-store, max-age=0, must-revalidate vary Origin, X-Origin, Referer content-length 201 x-xss-protection 0 expires Mon, 01 Jan 1990 00:00:00 GMT
OPTIONS H3-Q050	200	getAccountInfo www.googleapis.com/identitytoolkit/v3/relyingparty/	0 0	98ms 98ms	Other text/html	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleapis.com/identitytoolkit/v3/relyingparty/getAccountInfo?key=AIzaSyAzSuXi5enB_8UPgTo7Gswuc7SIz2B0xRo Protocol H3-Q050 Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type,x-client-version Origin https://testes.app.pay.must.pt User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Sec-Fetch-Mode cors Response headers access-control-allow-origin https://testes.app.pay.must.pt vary origin referer x-origin access-control-allow-methods DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT access-control-allow-headers content-type,x-client-version access-control-max-age 3600 date Mon, 08 Feb 2021 13:34:22 GMT content-type text/html server ESF content-length 0 x-xss-protection 0 x-frame-options SAMEORIGIN x-content-type-options nosniff alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H3-Q050	200	token Show response securetoken.googleapis.com/v1/	2 KB 1 KB	175ms 139ms	XHR application/json	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securetoken.googleapis.com/v1/token?key=AIzaSyAzSuXi5enB_8UPgTo7Gswuc7SIz2B0xRo Requested by Host: testes.app.pay.must.pt URL: https://testes.app.pay.must.pt/0163/assets/vendor.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e73451ae42d91a35aad87b8bb05e7124f74732dee5ff7aa05fbd8a3cfdb3d996 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://testes.app.pay.must.pt/ X-Client-Version Chrome/JsCore/5.11.0/FirebaseCore-web User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers pragma no-cache date Mon, 08 Feb 2021 13:34:23 GMT content-encoding gzip x-content-type-options nosniff alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" server ESF x-frame-options SAMEORIGIN content-type application/json; charset=UTF-8 access-control-allow-origin https://testes.app.pay.must.pt access-control-expose-headers date,vary,vary,vary,content-encoding,server,content-length cache-control no-cache, no-store, max-age=0, must-revalidate vary Origin, X-Origin, Referer content-length 937 x-xss-protection 0 expires Mon, 01 Jan 1990 00:00:00 GMT
OPTIONS H2	200	token securetoken.googleapis.com/v1/	0 0	119ms 98ms	Other text/html	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securetoken.googleapis.com/v1/token?key=AIzaSyAzSuXi5enB_8UPgTo7Gswuc7SIz2B0xRo Protocol H2 Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers x-client-version Origin https://testes.app.pay.must.pt User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Sec-Fetch-Mode cors Response headers access-control-allow-origin https://testes.app.pay.must.pt vary origin referer x-origin access-control-allow-methods DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT access-control-allow-headers x-client-version access-control-max-age 3600 date Mon, 08 Feb 2021 13:34:23 GMT content-type text/html server ESF content-length 0 x-xss-protection 0 x-frame-options SAMEORIGIN x-content-type-options nosniff alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| globalContext object| webpackJsonp function| setImmediate function| clearImmediate object| app

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://testes.app.pay.must.pt/0163/assets/index.js(Line 1) Message: APPPP [object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

securetoken.googleapis.com
testes.app.pay.must.pt
www.freebee.pt
www.googleapis.com
2a00:1450:4001:828::200a
2a00:1450:4001:82a::200a
34.77.123.233
35.205.136.206
011a28ec8957d139eb9970a04e14843ae0e9c5c6ebab1197abf0949fbbd5026a
1d5b7c64458f4af91dcfee0354be47adde1f739b5aded03a7ab6068a1bb6ca97
208703a295c43a9090f601daadc07ab9c687d78223bcd42642510d928be39504
2a1833ac265c95e196f52a5752e2e7f1d6693ba65c6e6797822622bef24e58bf
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
406f8dc3926fd4005edff45c89534591ff1a95277bd1b5ba70588747d0c2b6d3
7a093af5ebe342f74ea5bc728c81c1887c0736098cb14db3d7549aaa22bab96e
8d2b9cfbca916402f8fd109187755fff9599a164d122f27dc92faa7c9741a427
a03c82fb29855e0476609ecb7a61e597094751eb3987dbea7ed71aaf6a0ca88a
b068ab25d9342dfa25347f4b9cfd3f23bc2ac7790d15f5558198cd95908fb83c
da38aa15416f5a864887568d29b508b4c1584674e458ef794411b5545e4d44c5
ddf4c4ec9b24b6eec821c4e6974c337ab999f5608b4d699c212e37ee6ec90ea8
e73451ae42d91a35aad87b8bb05e7124f74732dee5ff7aa05fbd8a3cfdb3d996
e8622669ada16c2bf1e163236735b7cbc0692f694bfbb81c87701103f91fd360
eff69a200e98e460568c31841f115b30cf12867dea0d21be20f9d56e67f87e10