acesso.detoxpmsp.com.br Open in urlscan Pro
173.212.200.60 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://acesso.detoxpmsp.com.br/
Effective URL:
https://acesso.detoxpmsp.com.br/login
Submission: On January 16 via api (January 16th 2024, 2:44:18 am UTC) from US — Scanned from US

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 16 HTTP transactions. The main IP is 173.212.200.60, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is acesso.detoxpmsp.com.br.
TLS certificate: Issued by R3 on December 17th 2023. Valid for: 3 months.

This is the only time acesso.detoxpmsp.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	173.212.200.60 173.212.200.60	51167 (CONTABO) (CONTABO)
5	2606:4700:20:... 2606:4700:20::ac43:449a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4004:c17::5f	15169 (GOOGLE) (GOOGLE)
1	2606:4700:21:... 2606:4700:21::681b:c258	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:c62	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	20.150.111.4 20.150.111.4	() ()
3	2607:f8b0:400... 2607:f8b0:4004:c08::5e	() ()
16	7

2 173.212.200.60 (Nuremberg, Germany) 1 redirects

ASN51167 (CONTABO, DE)
PTR: m5600.contaboserver.net

acesso.detoxpmsp.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::ac43:449a (United States)

ASN13335 (CLOUDFLARENET, US)

students.leadlovers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c17::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:21::681b:c258 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.plyr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:c62 (United States)

ASN13335 (CLOUDFLARENET, US)

students-api.leadlovers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.150.111.4 (None, )

ASN- ()

llbr.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c08::5e (None, )

ASN- ()

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	leadlovers.com students.leadlovers.com students-api.leadlovers.com	520 KB
3	gstatic.com fonts.gstatic.com	184 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	2 KB
2	detoxpmsp.com.br 1 redirects acesso.detoxpmsp.com.br	2 KB
1	windows.net llbr.blob.core.windows.net	44 KB
1	plyr.io cdn.plyr.io — Cisco Umbrella Rank: 13372	5 KB
16	6

	Domain	Requested by
5	students.leadlovers.com	acesso.detoxpmsp.com.br students.leadlovers.com
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	students.leadlovers.com
2	students-api.leadlovers.com	students.leadlovers.com
2	acesso.detoxpmsp.com.br	1 redirects
1	llbr.blob.core.windows.net
1	cdn.plyr.io	students.leadlovers.com
16	7

This site contains no links.

Subject Issuer	Validity	Valid
acesso.detoxpmsp.com.br R3	`2023-12-17` - `2024-03-16`	3 months	crt.sh
leadlovers.com Cloudflare Inc ECC CA-3	`2023-07-13` - `2024-07-12`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
cdn.plyr.io Cloudflare Inc ECC CA-3	`2023-04-12` - `2024-04-10`	a year	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 01	`2023-09-28` - `2024-09-28`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://acesso.detoxpmsp.com.br/login
Frame ID: 990840DEF413E83A844F1ED3788542E3
Requests: 1 HTTP requests in this frame

Frame: https://students.leadlovers.com/
Frame ID: 1C2F997DD75EC652E146A45588CBB1FD
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login - Detox Polícia Militar - SP

Page URL History Show full URLs

https://acesso.detoxpmsp.com.br/ HTTP 302
https://acesso.detoxpmsp.com.br/login Page URL

Detected technologies

Plyr (Video players) Expand

Overall confidence: 100%
Detected patterns

https://cdn\.plyr\.io/([0-9.]+)/.+\.js

Page Statistics

16
Requests

100 %
HTTPS

71 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

756 kB
Transfer

3057 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://acesso.detoxpmsp.com.br/ HTTP 302
https://acesso.detoxpmsp.com.br/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
acesso.detoxpmsp.com.br/
Redirect Chain

https://acesso.detoxpmsp.com.br/
https://acesso.detoxpmsp.com.br/login

3 KB
1 KB

1253ms
1250ms

Document
text/html

173.212.200.60
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://acesso.detoxpmsp.com.br/login
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 173.212.200.60 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: m5600.contaboserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f94c8b93618ad14e3bb40bd811541e6f3fb834396aabc0b876678be24af29cd9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: no-cache
content-encoding: gzip
content-length: 1210
content-type: text/html; charset=utf-8
date: Tue, 16 Jan 2024 02:44:10 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.0
x-powered-by: ASP.NET

Redirect headers

access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: no-cache
content-length: 123
content-type: text/html; charset=utf-8
date: Tue, 16 Jan 2024 02:44:09 GMT
location: /login
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.0
x-powered-by: ASP.NET

GET
H2 200 / Show response
students.leadlovers.com/ Frame 1C2F 2 KB
2 KB 1649ms
1004ms Document
text/html 2606:4700:20::ac43:449a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://students.leadlovers.com/
Requested by: Host: acesso.detoxpmsp.com.br
URL: https://acesso.detoxpmsp.com.br/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:449a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ARR/3.0 ASP.NET
Resource Hash: aea5368e4b2c21a00dd58ea6d4b6e370fb8629a70c197020477cc70e177feb26

Request headers

Referer: https://acesso.detoxpmsp.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-railgun: direct (starting new WAN connection)
cf-ray: 846303e87d7c74aa-MIA
content-disposition: inline; filename="index.html"
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 16 Jan 2024 02:44:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9P81GF4ij8Rxc7bxzY5xNBnJ%2Fwnavk%2FnKuGd2kn3%2BfkUINgOv947R7DBPh25oI8GsAIPE2HwieLWqK2hwrkx3pKvdiI268upnTZG%2BXbu%2FXIaCJypn18KTlBvEZOgB3RcT57M2QW83PacFVkHlrtJCrjdmZT2"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: ARR/3.0 ASP.NET

GET
H2 200 css
fonts.googleapis.com/ Frame 1C2F 8 KB
1 KB 182ms
69ms Stylesheet
text/css 2607:f8b0:4004:c17::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500,600,700,900

Requested by

Host: students.leadlovers.com
URL: https://students.leadlovers.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4d2f192eb698e6c1110e2fe71fba82baa92d44a3324c4f2ecf97fdc92c98c7ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://students.leadlovers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 16 Jan 2024 02:44:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 02:40:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Jan 2024 02:44:13 GMT

GET
H2 200 icon
fonts.googleapis.com/ Frame 1C2F 569 B
439 B 182ms
70ms Stylesheet
text/css 2607:f8b0:4004:c17::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: students.leadlovers.com
URL: https://students.leadlovers.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://students.leadlovers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 16 Jan 2024 02:44:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 02:44:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Jan 2024 02:44:13 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1C2F 616 B
440 B 184ms
72ms Stylesheet
text/css 2607:f8b0:4004:c17::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Material+Icons+Outlined

Requested by

Host: students.leadlovers.com
URL: https://students.leadlovers.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3f93939a32d53667337d1f980bb4fcac832e561c97882de60da2b9e49426d95a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://students.leadlovers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 16 Jan 2024 02:44:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 02:44:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Jan 2024 02:44:13 GMT

GET
H2 200 plyr.css
cdn.plyr.io/3.5.6/ Frame 1C2F 24 KB
5 KB 107ms
41ms Stylesheet
text/css 2606:4700:21::681b:c258
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plyr.io/3.5.6/plyr.css
Requested by: Host: students.leadlovers.com
URL: https://students.leadlovers.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c258 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5f83e386df031cade263caabcb055c46a6d731b64fccd6ba9205d1845942631

Request headers

accept-language: en-US,en;q=0.9
Referer: https://students.leadlovers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 02:44:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4029432
cf-polished: origSize=24885
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 20 Apr 2023 10:33:42 GMT
server: cloudflare
etag: W/"453448ce115fb0fbace542e40db696e6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=34pMzSF8AT0WoYDrN8H%2FpMsM6taVrPu0fpk55uPFthohHelIyYUcl0q66VZuJDLHIk%2F6e339bE37Kx%2FOjjn4P72iPWO5WxS0dbgU7b0YipuztbzWUbj2LuY75xYMOHfSC2cvL2Ft%2BzjJ"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 846303ef39b53dcc-MIA

GET
H2 200 iframeCommunication.js Show response
students.leadlovers.com/ Frame 1C2F 3 KB
1 KB 969ms
967ms Script
application/javascript 2606:4700:20::ac43:449a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://students.leadlovers.com/iframeCommunication.js?2af72f102
Requested by: Host: students.leadlovers.com
URL: https://students.leadlovers.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:449a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ARR/3.0, ASP.NET
Resource Hash: 943ab733ad3e34b7aad17745942dbd497fdf896ff56f666d1b58638a26834f99

Request headers

accept-language: en-US,en;q=0.9
Referer: https://students.leadlovers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 02:44:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"ea6ae11d388439713a1371d0b7bad422448dd63d"
x-powered-by: ARR/3.0, ASP.NET
cf-railgun: direct (starting new WAN connection)
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PfC65b%2Fsc7kzH9JEFrUXwE9S%2BjWdJ2rQWSpxWQw9z%2FE41KTSQr2gJPk6DNV9W9WhkQWqr8XyYkd5SsK4ZKhDzDVVJeGbiujcCvGMC1G%2BOY%2F6hthfuxUreG1eyoW%2FFP%2FFf6vdYhYs9gs%2F4%2BFSy9tUCSXIqMb5"}],"group":"cf-nel","max_age":604800}
content-disposition: inline; filename="iframeCommunication.js"
cf-ray: 846303eeca1f74aa-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 2.bed85200.chunk.css
students.leadlovers.com/static/css/ Frame 1C2F 227 KB
41 KB 41ms
40ms Stylesheet
text/css 2606:4700:20::ac43:449a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://students.leadlovers.com/static/css/2.bed85200.chunk.css
Requested by: Host: students.leadlovers.com
URL: https://students.leadlovers.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:449a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ARR/3.0, ASP.NET
Resource Hash: 3a6327ecf111dc08bc8440dfc963635e770d35d4adac83e9d837d944f2dd198f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://students.leadlovers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 02:44:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3504
etag: W/"c60367a9c75171034def34ccc10c73397dc990fa"
x-powered-by: ARR/3.0, ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2pXNmgWos0zxg%2BzDpL3o5%2Bpn3yAn5ZcZAd9ifwiLbNZFM5MLsapAGei6j42ZsQ2NunR0vmG8W0YwEGGPLbcYJ1HxRXAvSsgoDan20PV5VJPRZEl35vhOHNKfpcvnogrVlr6FU3lx%2BHUr88MDhVQPHKPy7LFu"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=7200
content-disposition: inline; filename="2.bed85200.chunk.css"
cf-ray: 846303eeca1d74aa-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 2.846ab376.chunk.js Show response
students.leadlovers.com/static/js/ Frame 1C2F 2 MB
396 KB 73ms
72ms Script
application/javascript 2606:4700:20::ac43:449a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://students.leadlovers.com/static/js/2.846ab376.chunk.js
Requested by: Host: students.leadlovers.com
URL: https://students.leadlovers.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:449a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ARR/3.0, ASP.NET
Resource Hash: d1a42bd3c0482e2ac41670ef776c5bf0bab61f279de86cf7971032a93f3f303b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://students.leadlovers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 02:44:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2284
etag: W/"60a58c45fbb6f296d87c3b0df1dc01bb5c10ec66"
x-powered-by: ARR/3.0, ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5g1EJdXUn%2FAChBvz1WDgknMAe0kQ6bAhL1xbzTNq9h3QOJ%2B1sKOoMTjgwLKX6UyQ%2F3NWbKhBwdnfGZqgmM17Ytk56EROZAWU3O%2FGFMbx53zXU2MYpOnz1YRzjhGvX3OmrEOEd4BoUgOdsl9ecNXfZ1bYVxun"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=7200
content-disposition: inline; filename="2.846ab376.chunk.js"
cf-ray: 846303eeca2174aa-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 main.e42d4c96.chunk.js Show response
students.leadlovers.com/static/js/ Frame 1C2F 371 KB
79 KB 45ms
44ms Script
application/javascript 2606:4700:20::ac43:449a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://students.leadlovers.com/static/js/main.e42d4c96.chunk.js
Requested by: Host: students.leadlovers.com
URL: https://students.leadlovers.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:449a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ARR/3.0, ASP.NET
Resource Hash: 64a1a415c1e18de7a63e29b02d026f887be0715ea5fb6119f7f5da51d3eb70ce

Request headers

accept-language: en-US,en;q=0.9
Referer: https://students.leadlovers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 02:44:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3667
etag: W/"f2975565439b302d1a73ef0c5f86a1d6f8e7ac4f"
x-powered-by: ARR/3.0, ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1r48W2ROjcQLRjNKveDE8Mv4mdSwUpps95GtpYl%2Fe5Z5VxDQB7G3MDNv95BUO8J7bkxUkIGSyuzQCreVWVaF1yiM767oq73ODts8RMMSbBPjT12h%2FIyZDF2iGmFtUcEVxBEeH5kv0VDvuVQEE2UY9qPmGDkg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=7200
content-disposition: inline; filename="main.e42d4c96.chunk.js"
cf-ray: 846303eeda2374aa-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 Config Show response
students-api.leadlovers.com/ Frame 1C2F 1 KB
949 B 207ms
206ms XHR
application/json 2606:4700:20::681a:c62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://students-api.leadlovers.com/Config
Requested by: Host: students.leadlovers.com
URL: https://students.leadlovers.com/static/js/2.846ab376.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ARR/3.0, ASP.NET
Resource Hash: 16ac921b7e310f5afe471bd53a65338343aff0e445d227d10a9864a6d675e0b8

Request headers

Accept: application/json, text/plain, */*
Referer: https://students.leadlovers.com/
accept-language: en-US,en;q=0.9
product: acesso.detoxpmsp.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 02:44:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: ARR/3.0, ASP.NET
cf-railgun: 69fd5619ba stream 0.000000 0210 57da
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FJLuV61O1jKoIDeyw6dyy3tLkL0UEdXs8ytmQRtApM6ty%2FoRo16tGjz9O6qPLdI7kFi4YOUw5UK9h3gO1ADNGzTRo8Y5kw2BW3DanpSOLKX2AIy8W%2BlOmJoiNz1qLSUw0Ob%2FjLv0E5EPVTIWra29l9bgaHNlawkY6w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 846303fb18ae3370-MIA
alt-svc: h3=":443"; ma=86400

OPTIONS
H2 204 Config
students-api.leadlovers.com/ Frame 0
0 757ms
669ms Preflight 2606:4700:20::681a:c62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://students-api.leadlovers.com/Config
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ARR/3.0 ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: product
Access-Control-Request-Method: GET
Origin: https://students.leadlovers.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: product
access-control-allow-methods: GET
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-railgun: 83c33f33be stream 0.000000 0200 57da
cf-ray: 846303f6f8cb3370-MIA
date: Tue, 16 Jan 2024 02:44:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xsdzGUFlErBm37TnurEedsCs3ktgQiNWMYntqYIqpD9tepKDvkiqAc07ZKcUyM5uRzEnCcpwQvEIK4zweS4kB7GQ7HQ61imfypiJsmwra5GZ56ErZZOOMZT0RXz5XfE7Gn3AyY0VMu1jRpZJjQMfC%2BDHZ99g7NqCeA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
x-powered-by: ARR/3.0 ASP.NET

GET
H/1.1 200
OK d06183e4bbf44c9faca2-5340641-20231221-182252.png
llbr.blob.core.windows.net/machine-user-images/ Frame 1C2F 44 KB
44 KB 1136ms
184ms Image
image/png 20.150.111.4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://llbr.blob.core.windows.net/machine-user-images/d06183e4bbf44c9faca2-5340641-20231221-182252.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.150.111.4 -, , ASN (),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c92204adc544f6c738455d2b53efe7352395c48b6e051e1e4e61ef6fe5e7c9c0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://students.leadlovers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 16 Jan 2024 02:44:16 GMT
Last-Modified: Thu, 21 Dec 2023 21:22:53 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: l40x2TcpByyFlz8/eAIpLg==
ETag: 0x8DC026AFE7BCDCE
Content-Type: image/png
Access-Control-Allow-Origin: *
x-ms-request-id: 9df4db5e-b01e-004a-1e25-48da0c000000
x-ms-version: 2009-09-19
Content-Length: 44909

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1C2F 16 KB
16 KB 242ms
131ms Font
font/woff2 2607:f8b0:4004:c08::5e

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,600,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://students.leadlovers.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:25:19 GMT
x-content-type-options: nosniff
age: 22736
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Jan 2025 20:25:19 GMT

GET
H2 200 gok-H7zzDkdnRel8-DQ6KAXJ69wP1tGnf4ZGhUce.woff2
fonts.gstatic.com/s/materialiconsoutlined/v109/ Frame 1C2F 152 KB
152 KB 177ms
67ms Font
font/woff2 2607:f8b0:4004:c08::5e

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialiconsoutlined/v109/gok-H7zzDkdnRel8-DQ6KAXJ69wP1tGnf4ZGhUce.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Material+Icons+Outlined

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

35dca8a7145a17c8d1306f25a3ca091578e15396f0b22d61eb8e73262ac75577

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://students.leadlovers.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:35:34 GMT
x-content-type-options: nosniff
age: 22121
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 155276
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 20:24:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Jan 2025 20:35:34 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1C2F 15 KB
16 KB 163ms
54ms Font
font/woff2 2607:f8b0:4004:c08::5e

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,600,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://students.leadlovers.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:27:37 GMT
x-content-type-options: nosniff
age: 22598
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Jan 2025 20:27:37 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| iframeEl

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			acesso.detoxpmsp.com.br/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: fogcemdz4kotnx3vcaytfu4g

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acesso.detoxpmsp.com.br
cdn.plyr.io
fonts.googleapis.com
fonts.gstatic.com
llbr.blob.core.windows.net
students-api.leadlovers.com
students.leadlovers.com
173.212.200.60
20.150.111.4
2606:4700:20::681a:c62
2606:4700:20::ac43:449a
2606:4700:21::681b:c258
2607:f8b0:4004:c08::5e
2607:f8b0:4004:c17::5f
16ac921b7e310f5afe471bd53a65338343aff0e445d227d10a9864a6d675e0b8
35dca8a7145a17c8d1306f25a3ca091578e15396f0b22d61eb8e73262ac75577
3a6327ecf111dc08bc8440dfc963635e770d35d4adac83e9d837d944f2dd198f
3f93939a32d53667337d1f980bb4fcac832e561c97882de60da2b9e49426d95a
4d2f192eb698e6c1110e2fe71fba82baa92d44a3324c4f2ecf97fdc92c98c7ea
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
64a1a415c1e18de7a63e29b02d026f887be0715ea5fb6119f7f5da51d3eb70ce
943ab733ad3e34b7aad17745942dbd497fdf896ff56f666d1b58638a26834f99
aea5368e4b2c21a00dd58ea6d4b6e370fb8629a70c197020477cc70e177feb26
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
c92204adc544f6c738455d2b53efe7352395c48b6e051e1e4e61ef6fe5e7c9c0
d1a42bd3c0482e2ac41670ef776c5bf0bab61f279de86cf7971032a93f3f303b
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5f83e386df031cade263caabcb055c46a6d731b64fccd6ba9205d1845942631
f94c8b93618ad14e3bb40bd811541e6f3fb834396aabc0b876678be24af29cd9

acesso.detoxpmsp.com.br Open in urlscan Pro 173.212.200.60 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

71 %IPv6

6 Domains

7 Subdomains

7 IPs

2 Countries

756 kBTransfer

3057 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

1 Cookies

Indicators

acesso.detoxpmsp.com.br Open in urlscan Pro
173.212.200.60 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

71 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

756 kB
Transfer

3057 kB
Size

1
Cookies

16 HTTP transactions
0 data transactions