treinamento.mdspirit.com.br Open in urlscan Pro
167.86.84.206 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://treinamento.mdspirit.com.br/
Effective URL:
http://treinamento.mdspirit.com.br/login
Submission: On February 15 via manual (February 15th 2022, 1:27:52 pm UTC) from BR — Scanned from DE

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 16 HTTP transactions. The main IP is 167.86.84.206, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is treinamento.mdspirit.com.br.

This is the only time treinamento.mdspirit.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	167.86.84.206 167.86.84.206	51167 (CONTABO) (CONTABO)
5	2606:4700:20:... 2606:4700:20::681a:d62	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:c62	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	191.233.128.42 191.233.128.42	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
16	7

2 167.86.84.206 (Nuremberg, Germany) 1 redirects

ASN51167 (CONTABO, DE)
PTR: m12606.contaboserver.net

treinamento.mdspirit.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::681a:d62 (United States)

ASN13335 (CLOUDFLARENET, US)

students.leadlovers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.plyr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:c62 (United States)

ASN13335 (CLOUDFLARENET, US)

students-api.leadlovers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 191.233.128.42 (Campinas, Brazil)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

llbr.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	leadlovers.com students.leadlovers.com students-api.leadlovers.com	519 KB
3	gstatic.com fonts.gstatic.com	177 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	2 KB
2	mdspirit.com.br 1 redirects treinamento.mdspirit.com.br	2 KB
1	windows.net llbr.blob.core.windows.net	7 KB
1	plyr.io cdn.plyr.io — Cisco Umbrella Rank: 13707	5 KB
16	6

	Domain	Requested by
5	students.leadlovers.com	treinamento.mdspirit.com.br students.leadlovers.com
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	students.leadlovers.com
2	students-api.leadlovers.com	students.leadlovers.com
2	treinamento.mdspirit.com.br	1 redirects
1	llbr.blob.core.windows.net
1	cdn.plyr.io	students.leadlovers.com
16	7

This site contains no links.

Subject Issuer	Validity	Valid
leadlovers.com Cloudflare Inc ECC CA-3	`2021-09-12` - `2022-09-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-04-03` - `2022-04-02`	a year	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 01	`2021-11-15` - `2022-11-15`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://treinamento.mdspirit.com.br/login
Frame ID: 6B358E7A64D26042C5C2BA86F927B7F8
Requests: 1 HTTP requests in this frame

Frame: https://students.leadlovers.com/
Frame ID: 79BFDE9BD1E6F76390D134638929E5B8
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login - Treinamentos Produtos

Page URL History Show full URLs

http://treinamento.mdspirit.com.br/ HTTP 302
http://treinamento.mdspirit.com.br/login Page URL

Detected technologies

Plyr (Video players) Expand

Overall confidence: 100%
Detected patterns

https://cdn\.plyr\.io/([0-9.]+)/.+\.js

Page Statistics

16
Requests

94 %
HTTPS

71 %
IPv6

6
Domains

7
Subdomains

7
IPs

3
Countries

712 kB
Transfer

3008 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://treinamento.mdspirit.com.br/ HTTP 302
http://treinamento.mdspirit.com.br/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request login Show response
treinamento.mdspirit.com.br/
Redirect Chain

http://treinamento.mdspirit.com.br/
http://treinamento.mdspirit.com.br/login

2 KB
1 KB

27ms
26ms

Document
text/html

167.86.84.206
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://treinamento.mdspirit.com.br/login
Protocol: HTTP/1.1
Server: 167.86.84.206 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: m12606.contaboserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f49c1264837325e4e0cecc6ac9964812709dd2ff15782f16695bba913c6a1111

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Access-Control-Max-Age: 1728000
X-AspNetMvc-Version: 5.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
Date: Tue, 15 Feb 2022 13:27:47 GMT
Content-Length: 983

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: /login
Server: Microsoft-IIS/10.0
Access-Control-Max-Age: 1728000
X-AspNetMvc-Version: 5.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
Date: Tue, 15 Feb 2022 13:27:47 GMT
Content-Length: 123

GET
H2 200 / Show response
students.leadlovers.com/ Frame 79BF 2 KB
2 KB 104ms
64ms Document
text/html 2606:4700:20::681a:d62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://students.leadlovers.com/
Requested by: Host: treinamento.mdspirit.com.br
URL: http://treinamento.mdspirit.com.br/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ARR/3.0 ASP.NET
Resource Hash: 91033eed6b8bbdd97eb2d746f650a2da0a6d8a4cb6d4ec930929c481efa09d29

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://treinamento.mdspirit.com.br/

Response headers

date: Tue, 15 Feb 2022 13:27:47 GMT
content-type: text/html; charset=utf-8
cf-railgun: direct (starting new WAN connection)
content-disposition: inline; filename="index.html"
vary: Accept-Encoding
x-powered-by: ARR/3.0 ASP.NET
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WvoiIfvdQ6LebMJPhUWPPbnQqyImaCVDEhG2UcX%2B2TAFsGXb5E%2BVXqlLt3IN9T5LkOpM81XrVutBrI7jav1b2uF3DZ34rlWGa%2FVk5eiCorQl99nuKlo4e8BwDEB6gSC0zRrZrcNRbc3Ag9k2H3CXMi3Ev8QO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6ddee02b1dae6940-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ Frame 79BF 8 KB
1 KB 140ms
50ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500,600,700,900

Requested by

Host: students.leadlovers.com
URL: https://students.leadlovers.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cc70316051f3e7b64d28dbcf8d62ae4790dd5e75a18961b2be394b13f5dba0e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://students.leadlovers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 13:27:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Feb 2022 13:27:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Feb 2022 13:27:47 GMT

GET
H2 200 icon
fonts.googleapis.com/ Frame 79BF 569 B
416 B 141ms
51ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: students.leadlovers.com
URL: https://students.leadlovers.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d44a3249e2be052d683c7b58d03890937199b056a6313bd7ae0834281a70a2d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://students.leadlovers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 13:27:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Feb 2022 13:27:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Feb 2022 13:27:47 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 79BF 615 B
439 B 141ms
52ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Material+Icons+Outlined

Requested by

Host: students.leadlovers.com
URL: https://students.leadlovers.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2f05db9289bd3c1b5eeaa47434a7d856f901574dcaba091006e189dd6ddba6b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://students.leadlovers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 13:27:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Feb 2022 13:27:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Feb 2022 13:27:47 GMT

GET
H2 200 plyr.css
cdn.plyr.io/3.5.6/ Frame 79BF 24 KB
5 KB 77ms
44ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plyr.io/3.5.6/plyr.css
Requested by: Host: students.leadlovers.com
URL: https://students.leadlovers.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5f83e386df031cade263caabcb055c46a6d731b64fccd6ba9205d1845942631

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://students.leadlovers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 13:27:47 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1837384
cf-polished: origSize=24885
x-cache: HIT, HIT
x-cache-hits: 1, 1
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 47XPF498DXVNKK3G
x-amz-id-2: wLvxLbIOWcv/Vxi6nhBb80PJrxH6mJQ7U3UUBdWV6ovJLmzkNAEGDwMCBBh6vNdzxIveL6foYgM=
x-served-by: cache-iad-kcgs7200054-IAD, cache-fra19154-FRA
last-modified: Fri, 21 Jun 2019 02:30:42 GMT
server: cloudflare
x-timer: S1643094284.578342,VS0,VE1
etag: W/"453448ce115fb0fbace542e40db696e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vv8VDbouRZXW%2BmGAsKAOZRvGTSW7iOzXtfF8m5rQ6RaBJDvm7B6V0szSPag9EaNEl2zE4uCyPROMRoj6LP%2BBr4sAPr%2BijkRaPBTr13JmgZirk85DijWnjap8hBumTeNP52l7w7RFRIr7pw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Date, Cache-Control, Content-Type, Accept, Origin, Accept
cache-control: max-age=31536000
cf-ray: 6ddee02bd8139034-FRA
cf-bgj: minify

GET
H2 200 iframeCommunication.js Show response
students.leadlovers.com/ Frame 79BF 2 KB
1 KB 49ms
48ms Script
application/javascript 2606:4700:20::681a:d62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://students.leadlovers.com/iframeCommunication.js?2af72f102
Requested by: Host: students.leadlovers.com
URL: https://students.leadlovers.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ARR/3.0, ASP.NET
Resource Hash: 1533f9ec8fa4698320a1bea0ef943a0131cd5b3e46689100f4c5a06d7ea743da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://students.leadlovers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 13:27:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: ARR/3.0, ASP.NET
etag: W/"9e4406a9ece0ed42a99debac30dfefc0b57304fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ppyKUKlLgB0nNnN1SYZdYcaFtRJd3OMgHOBdc1KmXpXXq7AGTGRC%2FIluhLnCHHukDYcMc4kSzIjo4GdqSAjUHIpUpQ7vIZWUWkBfazM4pNLSuKtJDuEWZtoLYLamsI9MzHQASIrMfaYeakZ53o2hA13FMiB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
content-disposition: inline; filename="iframeCommunication.js"
cf-ray: 6ddee02b9ef66940-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-railgun: direct (starting new WAN connection)

GET
H2 200 2.bed85200.chunk.css
students.leadlovers.com/static/css/ Frame 79BF 227 KB
41 KB 58ms
58ms Stylesheet
text/css 2606:4700:20::681a:d62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://students.leadlovers.com/static/css/2.bed85200.chunk.css
Requested by: Host: students.leadlovers.com
URL: https://students.leadlovers.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ARR/3.0, ASP.NET
Resource Hash: 3a6327ecf111dc08bc8440dfc963635e770d35d4adac83e9d837d944f2dd198f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://students.leadlovers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 13:27:47 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: ARR/3.0, ASP.NET
etag: W/"c60367a9c75171034def34ccc10c73397dc990fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2BNz8chDRkWXyqWBXnROdEYZAVaT%2BViIQGFhDo8hXHG6V%2BBkR7wD8HoEA9ExZigWf8t0hiRRKoXgNyYwF3AGifabStvnKBYk1T%2BYsdMpG5lmg2wb5fR%2FNZEhTcOGAhyTvTdKAiF2wDQbSaYi%2Bq2%2F1D0Hln0a"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=7200
content-disposition: inline; filename="2.bed85200.chunk.css"
cf-ray: 6ddee02b9ef76940-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 2.9d2370c7.chunk.js Show response
students.leadlovers.com/static/js/ Frame 79BF 2 MB
396 KB 67ms
67ms Script
application/javascript 2606:4700:20::681a:d62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://students.leadlovers.com/static/js/2.9d2370c7.chunk.js
Requested by: Host: students.leadlovers.com
URL: https://students.leadlovers.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ARR/3.0, ASP.NET
Resource Hash: a7a289362bd571fef4970fa090474e9ab2c044235384ce3d50c75eb7818f8c01

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://students.leadlovers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 13:27:47 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: ARR/3.0, ASP.NET
etag: W/"94feb745bf2d25134e45573eb5d1b41ce507f04f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Gtq3Jim4OlQHQQhpALYDnU3sKt8%2FvEw7EKPRAw3Q1UIpmyMsouN7t7bsQyCXI2Cz4NgoLYWuAVcCPYdtF%2BDoX0FjbEEhHPyn1LRsjEe%2BuRtYKYY5QEKS3%2BruWG16LdVbsD9ftvk1gHZEuQ0ZbYSjTsSmMk5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=7200
content-disposition: inline; filename="2.9d2370c7.chunk.js"
cf-ray: 6ddee02b9ef96940-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 main.1cf6c891.chunk.js Show response
students.leadlovers.com/static/js/ Frame 79BF 368 KB
79 KB 59ms
59ms Script
application/javascript 2606:4700:20::681a:d62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://students.leadlovers.com/static/js/main.1cf6c891.chunk.js
Requested by: Host: students.leadlovers.com
URL: https://students.leadlovers.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ARR/3.0, ASP.NET
Resource Hash: ace1c25c8f482fce70bd87bc8db8292d1b962486eb12287526cf85249d300a05

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://students.leadlovers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 13:27:47 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: ARR/3.0, ASP.NET
etag: W/"49393149f83cfc757a938c7f15214c0f8d68644f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4AVGqlthT%2Bky%2F%2BloolB%2BezTIkxPq1ysQNiTJCT0UgKe7AJ2tQ%2Brm5O8i%2BVVpUh6DSqdOVNvzDtAT5WxhAotx%2B4d0niGOJSdbGp%2BhQrbwL%2FMBkpgJCzTgVDQaZ20Zn%2Bng8Gvcxb2N%2Fz4VVJPHsI%2F70w7zoAob"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=7200
content-disposition: inline; filename="main.1cf6c891.chunk.js"
cf-ray: 6ddee02b9efd6940-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H2 204 Config
students-api.leadlovers.com/ Frame 0
0 95ms
57ms Preflight 2606:4700:20::681a:c62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://students-api.leadlovers.com/Config
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ARR/3.0 ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: product
Origin: https://students.leadlovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 15 Feb 2022 13:27:48 GMT
access-control-allow-credentials: true
access-control-allow-headers: product
access-control-allow-methods: GET
access-control-allow-origin: *
cf-railgun: 3ec31d6d10 stream 0.000000 0200 57da
vary: Origin
x-powered-by: ARR/3.0 ASP.NET
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oM%2BhVfvfG7rFXRtDgiGJBJ9hua7J30j9lKDGyLS%2FhcJq%2BgG19P00QmHusHp2%2FbcRx3aOdCj6wr657qhW1Do2Ci3t3fcKIDvneVAfo9Onf%2Fb0Ze8bAzu9urGxcz%2Fu%2F2BWQwIlqkoHK%2FEE8aNj610hCa5tfDhBWlk0Hw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6ddee02d8acf922b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Config Show response
students-api.leadlovers.com/ Frame 79BF 911 B
1 KB 117ms
93ms XHR
application/json 2606:4700:20::681a:c62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://students-api.leadlovers.com/Config
Requested by: Host: students.leadlovers.com
URL: https://students.leadlovers.com/static/js/2.9d2370c7.chunk.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:c62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ARR/3.0, ASP.NET
Resource Hash: 0bbd11912acc2aeca071ac9a1ae2b05d19807462a991076479cd5cdfd2b08d48

Request headers

Accept: application/json, text/plain, */*
Referer: https://students.leadlovers.com/
Accept-Language: de-DE,de;q=0.9
product: treinamento.mdspirit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 13:27:48 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: ARR/3.0, ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2BW7muAMeemWG%2F%2BBy3Yej5we1f4pBfAH3iHcZA20by79r7WireopSU0zVYAcXNu3kVhjeUNx11YX%2BKaZnq9fZdwUUEYT%2FCxwVgyVixJeaQgSvEmoQxQwaN2i5ByG3PpJpNnB7H244N7ivHCC7g4GP1xwB%2FtNpcUQQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 6ddee02e0e889214-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-railgun: direct (starting new WAN connection)

GET
H/1.1 200
OK 081fcb77f89c48a3b820-4074998-20220103-112024.png
llbr.blob.core.windows.net/machine-user-images/ Frame 79BF 7 KB
7 KB 841ms
205ms Image
image/png 191.233.128.42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://llbr.blob.core.windows.net/machine-user-images/081fcb77f89c48a3b820-4074998-20220103-112024.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 191.233.128.42 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 98833696accd384b5c1709eecee3f1307e2729526a87734f5362ee9b583ba3cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://students.leadlovers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 15 Feb 2022 13:27:48 GMT
Last-Modified: Mon, 03 Jan 2022 14:20:24 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: QXY+wgkTRbf+dv6xpORgpA==
ETag: 0x8D9CEC42EED135E
Content-Type: image/png
x-ms-request-id: 5e96cefd-801e-0049-796f-2295a0000000
x-ms-version: 2009-09-19
Content-Length: 7189

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 79BF 16 KB
16 KB 126ms
39ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,600,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://students.leadlovers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 14:02:00 GMT
x-content-type-options: nosniff
age: 602748
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Feb 2023 14:02:00 GMT

GET
H2 200 gok-H7zzDkdnRel8-DQ6KAXJ69wP1tGnf4ZGhUce.woff2
fonts.gstatic.com/s/materialiconsoutlined/v95/ Frame 79BF 145 KB
145 KB 172ms
85ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialiconsoutlined/v95/gok-H7zzDkdnRel8-DQ6KAXJ69wP1tGnf4ZGhUce.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Material+Icons+Outlined

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a74248b4bc5ce591888d507154626d15fe35b034169ef4a6f2457f137a6b9b53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://students.leadlovers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 19:47:37 GMT
x-content-type-options: nosniff
age: 582011
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148392
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 19:20:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Feb 2023 19:47:37 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 79BF 15 KB
16 KB 139ms
53ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,600,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://students.leadlovers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 502289
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Feb 2023 17:56:19 GMT

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| iframeEl

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			treinamento.mdspirit.com.br/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: ro3r42r1lhafcnr5hah0ypkj

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.plyr.io
fonts.googleapis.com
fonts.gstatic.com
llbr.blob.core.windows.net
students-api.leadlovers.com
students.leadlovers.com
treinamento.mdspirit.com.br
167.86.84.206
191.233.128.42
2606:4700:20::681a:c62
2606:4700:20::681a:d62
2a00:1450:4001:808::200a
2a00:1450:4001:829::2003
2a06:98c1:3120::7
0bbd11912acc2aeca071ac9a1ae2b05d19807462a991076479cd5cdfd2b08d48
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1533f9ec8fa4698320a1bea0ef943a0131cd5b3e46689100f4c5a06d7ea743da
2f05db9289bd3c1b5eeaa47434a7d856f901574dcaba091006e189dd6ddba6b0
3a6327ecf111dc08bc8440dfc963635e770d35d4adac83e9d837d944f2dd198f
91033eed6b8bbdd97eb2d746f650a2da0a6d8a4cb6d4ec930929c481efa09d29
98833696accd384b5c1709eecee3f1307e2729526a87734f5362ee9b583ba3cf
a74248b4bc5ce591888d507154626d15fe35b034169ef4a6f2457f137a6b9b53
a7a289362bd571fef4970fa090474e9ab2c044235384ce3d50c75eb7818f8c01
ace1c25c8f482fce70bd87bc8db8292d1b962486eb12287526cf85249d300a05
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
cc70316051f3e7b64d28dbcf8d62ae4790dd5e75a18961b2be394b13f5dba0e8
d44a3249e2be052d683c7b58d03890937199b056a6313bd7ae0834281a70a2d6
f49c1264837325e4e0cecc6ac9964812709dd2ff15782f16695bba913c6a1111
f5f83e386df031cade263caabcb055c46a6d731b64fccd6ba9205d1845942631

treinamento.mdspirit.com.br Open in urlscan Pro 167.86.84.206 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

94 %HTTPS

71 %IPv6

6 Domains

7 Subdomains

7 IPs

3 Countries

712 kBTransfer

3008 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

1 Cookies

Indicators

treinamento.mdspirit.com.br Open in urlscan Pro
167.86.84.206 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

94 %
HTTPS

71 %
IPv6

6
Domains

7
Subdomains

7
IPs

3
Countries

712 kB
Transfer

3008 kB
Size

1
Cookies

16 HTTP transactions
0 data transactions