admin.demo.balcaovirtual.safetec.com.br Open in urlscan Pro
2607:f8b0:4006:808::2013 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://admin.demo.balcaovirtual.safetec.com.br/
Submission: On November 14 via api (November 14th 2024, 3:10:08 pm UTC) from US — Scanned from US

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 19 HTTP transactions. The main IP is 2607:f8b0:4006:808::2013, located in United States and belongs to . The main domain is admin.demo.balcaovirtual.safetec.com.br.
TLS certificate: Issued by WR3 on November 14th 2024. Valid for: 3 months.

This is the only time admin.demo.balcaovirtual.safetec.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	2607:f8b0:400... 2607:f8b0:4006:808::2013	() ()
3	2607:f8b0:400... 2607:f8b0:4004:c19::54	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80a::200a	15169 (GOOGLE) (GOOGLE)
4	34.151.204.236 34.151.204.236	() ()
1	142.250.81.227 142.250.81.227	15169 (GOOGLE) (GOOGLE)
19	5

10 2607:f8b0:4006:808::2013 (United States)

ASN- ()

admin.demo.balcaovirtual.safetec.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c19::54 (Washington, United States)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80a::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.151.204.236 (São Paulo, Brazil)

ASN- ()
PTR: 236.204.151.34.bc.googleusercontent.com

ws.balcaovirtual.safetec.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.81.227 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	safetec.com.br admin.demo.balcaovirtual.safetec.com.br ws.balcaovirtual.safetec.com.br	2 MB
3	google.com accounts.google.com — Cisco Umbrella Rank: 26	86 KB
1	gstatic.com fonts.gstatic.com	23 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 55	1 KB
19	4

	Domain	Requested by
10	admin.demo.balcaovirtual.safetec.com.br	admin.demo.balcaovirtual.safetec.com.br
4	ws.balcaovirtual.safetec.com.br	admin.demo.balcaovirtual.safetec.com.br
3	accounts.google.com	admin.demo.balcaovirtual.safetec.com.br accounts.google.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	admin.demo.balcaovirtual.safetec.com.br
19	5

This site contains no links.

Subject Issuer	Validity	Valid
admin.demo.balcaovirtual.safetec.com.br WR3	`2024-11-14` - `2025-02-12`	3 months	crt.sh
accounts.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
ws.balcaovirtual.safetec.com.br E6	`2024-10-04` - `2025-01-02`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://admin.demo.balcaovirtual.safetec.com.br/
Frame ID: C9C140D662A16203F94C463CC99E0344
Requests: 18 HTTP requests in this frame

Frame: https://accounts.google.com/gsi/button?theme=outline&size=large&client_id=620071074846-ue2t0efv1niqekljg9bni7mbij5cpvu7.apps.googleusercontent.com&iframe_id=gsi_995329_202202&as=AzoFzIzaD2ngBvwEJMMtQA
Frame ID: 5B2ED1E7AB6612192F7A1F6C9B73FBAF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Auth - Balcão Virtual

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Page Statistics

19
Requests

100 %
HTTPS

60 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

2644 kB
Transfer

4995 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
admin.demo.balcaovirtual.safetec.com.br/ 2 KB
928 B 1191ms
198ms Document
text/html 2607:f8b0:4006:808::2013

General

Check archive.org

Show headers Download Go to

Full URL: https://admin.demo.balcaovirtual.safetec.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:808::2013 , United States, ASN (),
Reverse DNS
Software: Google Frontend /
Resource Hash: 23510996b6c92113aa8d43cdb0b4a90f8c12947bb265e3ecb59f7760a8b31649

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: public, max-age=600
content-encoding: gzip
content-type: text/html
date: Thu, 14 Nov 2024 15:09:53 GMT
etag: "kltvrQ"
expires: Thu, 14 Nov 2024 15:19:53 GMT
server: Google Frontend
x-cloud-trace-context: 13c63fd8adadf13023f05b4fcfc666ce

GET
H2 200 client Show response
accounts.google.com/gsi/ 226 KB
86 KB 290ms
167ms Script
application/javascript 2607:f8b0:4004:c19::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: admin.demo.balcaovirtual.safetec.com.br
URL: https://admin.demo.balcaovirtual.safetec.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::54 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ea0aae50b2c1ea03ba98b091c67917b5ef302667919b1fcc4d6fbe60779b18e3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kHB60l3sYj1STjGUwFGUkw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://admin.demo.balcaovirtual.safetec.com.br/

Response headers

content-security-policy: script-src 'report-sample' 'nonce-kHB60l3sYj1STjGUwFGUkw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cache-control: private, max-age=1800
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
x-content-type-options: nosniff
expires: Thu, 14 Nov 2024 15:09:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
date: Thu, 14 Nov 2024 15:09:53 GMT
x-xss-protection: 0
content-type: application/javascript; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 chunk-vendors.87ce1aef.js Show response
admin.demo.balcaovirtual.safetec.com.br/js/ 2 MB
642 KB 350ms
349ms Script
text/javascript 2607:f8b0:4006:808::2013

General

Check archive.org

Show headers Download Go to

Full URL: https://admin.demo.balcaovirtual.safetec.com.br/js/chunk-vendors.87ce1aef.js
Requested by: Host: admin.demo.balcaovirtual.safetec.com.br
URL: https://admin.demo.balcaovirtual.safetec.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:808::2013 , United States, ASN (),
Reverse DNS
Software: Google Frontend /
Resource Hash: 20bff2148d510ff66231c9bedc44c6b532784af5ac7a4f0160c22f799474664b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://admin.demo.balcaovirtual.safetec.com.br/

Response headers

cache-control: public, max-age=600
content-encoding: gzip
etag: "kltvrQ"
expires: Thu, 14 Nov 2024 15:19:53 GMT
date: Thu, 14 Nov 2024 15:09:53 GMT
x-cloud-trace-context: ea2a34fbc6d4d252de8fd5456cb72188
content-type: text/javascript
server: Google Frontend

GET
H2 200 app.7e532d14.js Show response
admin.demo.balcaovirtual.safetec.com.br/js/ 89 KB
28 KB 198ms
198ms Script
text/javascript 2607:f8b0:4006:808::2013

General

Check archive.org

Show headers Download Go to

Full URL: https://admin.demo.balcaovirtual.safetec.com.br/js/app.7e532d14.js
Requested by: Host: admin.demo.balcaovirtual.safetec.com.br
URL: https://admin.demo.balcaovirtual.safetec.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:808::2013 , United States, ASN (),
Reverse DNS
Software: Google Frontend /
Resource Hash: 282645ecb81c8a294a84fa5590d440ffd2f63f98ef21962da2e99ef82baf9b03

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://admin.demo.balcaovirtual.safetec.com.br/

Response headers

cache-control: public, max-age=600
content-encoding: gzip
etag: "kltvrQ"
expires: Thu, 14 Nov 2024 15:19:53 GMT
date: Thu, 14 Nov 2024 15:09:53 GMT
x-cloud-trace-context: 96fe70e1739a10df3a58438a21e6eafa
content-type: text/javascript
server: Google Frontend

GET
H2 200 chunk-vendors.498aa21a.css
admin.demo.balcaovirtual.safetec.com.br/css/ 785 KB
138 KB 193ms
192ms Stylesheet
text/css 2607:f8b0:4006:808::2013

General

Check archive.org

Show headers Download Go to

Full URL: https://admin.demo.balcaovirtual.safetec.com.br/css/chunk-vendors.498aa21a.css
Requested by: Host: admin.demo.balcaovirtual.safetec.com.br
URL: https://admin.demo.balcaovirtual.safetec.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:808::2013 , United States, ASN (),
Reverse DNS
Software: Google Frontend /
Resource Hash: 8b69bb87a163a3f0a43020fe1b6e8e03624579d15ba8171f11484cf6295adb11

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://admin.demo.balcaovirtual.safetec.com.br/

Response headers

cache-control: public, max-age=600
content-encoding: gzip
etag: "kltvrQ"
expires: Thu, 14 Nov 2024 15:19:53 GMT
date: Thu, 14 Nov 2024 15:09:53 GMT
x-cloud-trace-context: 649530c183b7687fca9afe7a5fc45991;o=1
content-type: text/css
server: Google Frontend

GET
H2 200 app.ac2ea0f6.css
admin.demo.balcaovirtual.safetec.com.br/css/ 2 KB
906 B 157ms
157ms Stylesheet
text/css 2607:f8b0:4006:808::2013

General

Check archive.org

Show headers Download Go to

Full URL: https://admin.demo.balcaovirtual.safetec.com.br/css/app.ac2ea0f6.css
Requested by: Host: admin.demo.balcaovirtual.safetec.com.br
URL: https://admin.demo.balcaovirtual.safetec.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:808::2013 , United States, ASN (),
Reverse DNS
Software: Google Frontend /
Resource Hash: 0a09bd2d12345921e722b9f36f2e5c9da6aaa08b4810531c3678747180a4e27d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://admin.demo.balcaovirtual.safetec.com.br/

Response headers

cache-control: public, max-age=600
content-encoding: gzip
etag: "kltvrQ"
expires: Thu, 14 Nov 2024 15:19:53 GMT
date: Thu, 14 Nov 2024 15:09:53 GMT
x-cloud-trace-context: ea2a34fbc6d4d252de8fd5456cb72188
content-type: text/css
server: Google Frontend

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
1 KB 230ms
81ms Stylesheet
text/css 2607:f8b0:4006:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Kufam&display=swap

Requested by

Host: admin.demo.balcaovirtual.safetec.com.br
URL: https://admin.demo.balcaovirtual.safetec.com.br/css/app.ac2ea0f6.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

36654032c41644a4ab6cc8c4c93a26debe864f2e8a298740a29088b2f64c09a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://admin.demo.balcaovirtual.safetec.com.br/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 14 Nov 2024 15:09:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 15:09:53 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 14 Nov 2024 15:09:53 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H/1.1 200
OK / Show response
ws.balcaovirtual.safetec.com.br/socket.io/ 118 B
339 B 522ms
141ms XHR
text/plain 34.151.204.236

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.balcaovirtual.safetec.com.br/socket.io/?EIO=4&transport=polling&t=g53sf6d9
Requested by: Host: admin.demo.balcaovirtual.safetec.com.br
URL: https://admin.demo.balcaovirtual.safetec.com.br/js/chunk-vendors.87ce1aef.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.151.204.236 São Paulo, Brazil, ASN (),
Reverse DNS: 236.204.151.34.bc.googleusercontent.com
Software: nginx/1.22.1 /
Resource Hash: d0ccbc8f147caf200a9de3aeac35c289df0b707e0e6be1f7d595550049d108e0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: */*
Referer: https://admin.demo.balcaovirtual.safetec.com.br/

Response headers

Access-Control-Allow-Origin: *
cache-control: no-store
Content-Length: 118
Date: Thu, 14 Nov 2024 15:09:54 GMT
Content-Type: text/plain; charset=UTF-8
Server: nginx/1.22.1
Connection: keep-alive

GET
H3 200 C8c-4cY7pG7w_oSJDszBXsKCcBH3lqkLrgqI.woff2
fonts.gstatic.com/s/kufam/v21/ 23 KB
23 KB 132ms
61ms Font
font/woff2 142.250.81.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kufam/v21/C8c-4cY7pG7w_oSJDszBXsKCcBH3lqkLrgqI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Kufam&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f3.1e100.net

Software

sffe /

Resource Hash

19f41faf1f817d0702de1ac2c6eddef6152a4e47318cb6a8524ca4a48b78bde7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://admin.demo.balcaovirtual.safetec.com.br
Referer: https://fonts.googleapis.com/

Response headers

age: 584145
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 07 Nov 2025 20:54:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 07 Nov 2024 20:54:09 GMT
last-modified: Wed, 13 Sep 2023 22:29:27 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23364
x-xss-protection: 0
server: sffe

GET
H2 200 Roboto-Regular.475ba9e4.woff2
admin.demo.balcaovirtual.safetec.com.br/fonts/ 63 KB
63 KB 170ms
168ms Font
font/woff2 2607:f8b0:4006:808::2013

General

Check archive.org

Show headers Download Go to

Full URL: https://admin.demo.balcaovirtual.safetec.com.br/fonts/Roboto-Regular.475ba9e4.woff2
Requested by: Host: admin.demo.balcaovirtual.safetec.com.br
URL: https://admin.demo.balcaovirtual.safetec.com.br/css/chunk-vendors.498aa21a.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:808::2013 , United States, ASN (),
Reverse DNS
Software: Google Frontend /
Resource Hash: 47107401d0adb375ab9aa167f9d62489a849d510e740a307b5a4db60e5db3562

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://admin.demo.balcaovirtual.safetec.com.br
Referer: https://admin.demo.balcaovirtual.safetec.com.br/css/chunk-vendors.498aa21a.css

Response headers

expires: Thu, 14 Nov 2024 15:19:54 GMT
cache-control: public, max-age=600
date: Thu, 14 Nov 2024 15:09:54 GMT
etag: "kltvrQ"
x-cloud-trace-context: 0be72cc5cc0ee5d309c63f11dd8075af
content-type: font/woff2
server: Google Frontend

GET
H2 200 Roboto-Bold.447291a8.woff2
admin.demo.balcaovirtual.safetec.com.br/fonts/ 63 KB
63 KB 147ms
146ms Font
font/woff2 2607:f8b0:4006:808::2013

General

Check archive.org

Show headers Download Go to

Full URL: https://admin.demo.balcaovirtual.safetec.com.br/fonts/Roboto-Bold.447291a8.woff2
Requested by: Host: admin.demo.balcaovirtual.safetec.com.br
URL: https://admin.demo.balcaovirtual.safetec.com.br/css/chunk-vendors.498aa21a.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:808::2013 , United States, ASN (),
Reverse DNS
Software: Google Frontend /
Resource Hash: 8e44376b735dcc9027acbcc8a0df64c3f886a23529eff27b022f344d719e90f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://admin.demo.balcaovirtual.safetec.com.br
Referer: https://admin.demo.balcaovirtual.safetec.com.br/css/chunk-vendors.498aa21a.css

Response headers

expires: Thu, 14 Nov 2024 15:19:54 GMT
cache-control: public, max-age=600
date: Thu, 14 Nov 2024 15:09:54 GMT
etag: "kltvrQ"
x-cloud-trace-context: 0be72cc5cc0ee5d309c63f11dd8075af
content-type: font/woff2
server: Google Frontend

GET
H2 200 left-background.096238ae.png
admin.demo.balcaovirtual.safetec.com.br/img/ 2 MB
2 MB 195ms
195ms Image
image/png 2607:f8b0:4006:808::2013

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://admin.demo.balcaovirtual.safetec.com.br/img/left-background.096238ae.png
Requested by: Host: admin.demo.balcaovirtual.safetec.com.br
URL: https://admin.demo.balcaovirtual.safetec.com.br/auth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:808::2013 , United States, ASN (),
Reverse DNS
Software: Google Frontend /
Resource Hash: 737a02cbe060a18520eee7196c219f7060cf25b0772bc3d6896fceca38ddca4d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://admin.demo.balcaovirtual.safetec.com.br/auth

Response headers

expires: Thu, 14 Nov 2024 15:19:54 GMT
cache-control: public, max-age=600
date: Thu, 14 Nov 2024 15:09:54 GMT
etag: "kltvrQ"
x-cloud-trace-context: 79fea1717d65277673a9d0f51a0a6215
content-type: image/png
server: Google Frontend

POST
H/1.1 200
OK / Show response
ws.balcaovirtual.safetec.com.br/socket.io/ 2 B
205 B 142ms
141ms XHR
text/html 34.151.204.236

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.balcaovirtual.safetec.com.br/socket.io/?EIO=4&transport=polling&t=g54713wb&sid=U-HmeDsrH4gWKMM7AIWl
Requested by: Host: admin.demo.balcaovirtual.safetec.com.br
URL: https://admin.demo.balcaovirtual.safetec.com.br/js/chunk-vendors.87ce1aef.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.151.204.236 São Paulo, Brazil, ASN (),
Reverse DNS: 236.204.151.34.bc.googleusercontent.com
Software: nginx/1.22.1 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://admin.demo.balcaovirtual.safetec.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: */*
Content-type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
cache-control: no-store
Content-Length: 2
Date: Thu, 14 Nov 2024 15:09:54 GMT
Content-Type: text/html
Server: nginx/1.22.1
Connection: keep-alive

GET
H/1.1 200
OK / Show response
ws.balcaovirtual.safetec.com.br/socket.io/ 32 B
252 B 283ms
141ms XHR
text/plain 34.151.204.236

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.balcaovirtual.safetec.com.br/socket.io/?EIO=4&transport=polling&t=g5472j1d&sid=U-HmeDsrH4gWKMM7AIWl
Requested by: Host: admin.demo.balcaovirtual.safetec.com.br
URL: https://admin.demo.balcaovirtual.safetec.com.br/js/chunk-vendors.87ce1aef.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.151.204.236 São Paulo, Brazil, ASN (),
Reverse DNS: 236.204.151.34.bc.googleusercontent.com
Software: nginx/1.22.1 /
Resource Hash: b72da5eafebc5392931f2d2faa35d7a050ebe16d57a2ef7e31381ff1e752dc35

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: */*
Referer: https://admin.demo.balcaovirtual.safetec.com.br/

Response headers

Access-Control-Allow-Origin: *
cache-control: no-store
Content-Length: 32
Date: Thu, 14 Nov 2024 15:09:54 GMT
Content-Type: text/plain; charset=UTF-8
Server: nginx/1.22.1
Connection: keep-alive

GET
H2 404 favicon.svg
admin.demo.balcaovirtual.safetec.com.br/img/icons/ 298 B
360 B 108ms
108ms Other
text/html 2607:f8b0:4006:808::2013

General

Check archive.org

Show headers Download Go to

Full URL: https://admin.demo.balcaovirtual.safetec.com.br/img/icons/favicon.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:808::2013 , United States, ASN (),
Reverse DNS
Software: Google Frontend /
Resource Hash: 7780ffa5801d497fba7f365d76835b35d1faa1178abab9ccce88e0f41ed6837d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://admin.demo.balcaovirtual.safetec.com.br/auth

Response headers

content-length: 298
date: Thu, 14 Nov 2024 15:09:54 GMT
x-cloud-trace-context: 1221b115e3ac491042d035b650259298
content-type: text/html; charset=UTF-8
server: Google Frontend

GET
H/1.1 200
OK / Show response
ws.balcaovirtual.safetec.com.br/socket.io/ 1 B
220 B 365ms
365ms XHR
text/plain 34.151.204.236

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.balcaovirtual.safetec.com.br/socket.io/?EIO=4&transport=polling&t=g54f3vpy&sid=U-HmeDsrH4gWKMM7AIWl
Requested by: Host: admin.demo.balcaovirtual.safetec.com.br
URL: https://admin.demo.balcaovirtual.safetec.com.br/js/chunk-vendors.87ce1aef.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.151.204.236 São Paulo, Brazil, ASN (),
Reverse DNS: 236.204.151.34.bc.googleusercontent.com
Software: nginx/1.22.1 /
Resource Hash: e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: */*
Referer: https://admin.demo.balcaovirtual.safetec.com.br/

Response headers

Access-Control-Allow-Origin: *
cache-control: no-store
Content-Length: 1
Date: Thu, 14 Nov 2024 15:09:55 GMT
Content-Type: text/plain; charset=UTF-8
Server: nginx/1.22.1
Connection: keep-alive

GET
H2 200 favicon-32x32.png
admin.demo.balcaovirtual.safetec.com.br/img/icons/ 1 KB
1 KB 150ms
149ms Other
image/png 2607:f8b0:4006:808::2013

General

Check archive.org

Show headers Download Go to

Full URL: https://admin.demo.balcaovirtual.safetec.com.br/img/icons/favicon-32x32.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:808::2013 , United States, ASN (),
Reverse DNS
Software: Google Frontend /
Resource Hash: 02f64bb479a7bd0d7ad052123fcce9c7daf6200f9fb4dccdf5337dbe6968b2a8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://admin.demo.balcaovirtual.safetec.com.br/auth

Response headers

expires: Thu, 14 Nov 2024 15:19:55 GMT
cache-control: public, max-age=600
date: Thu, 14 Nov 2024 15:09:55 GMT
etag: "kltvrQ"
x-cloud-trace-context: 858d328031b19dc11d9231db9f04a0d6
content-type: image/png
server: Google Frontend

GET
H2 200 style
accounts.google.com/gsi/ 533 B
611 B 85ms
84ms Stylesheet
text/css 2607:f8b0:4004:c19::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::54 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xS8T_iFNC9awCB5VLPWWuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://admin.demo.balcaovirtual.safetec.com.br/

Response headers

content-security-policy: script-src 'report-sample' 'nonce-xS8T_iFNC9awCB5VLPWWuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cache-control: private, max-age=86400
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
x-content-type-options: nosniff
expires: Thu, 14 Nov 2024 15:09:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
date: Thu, 14 Nov 2024 15:09:55 GMT
x-xss-protection: 0
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 403 button
accounts.google.com/gsi/ Frame 5B2E 0
0 206ms
100ms Document
text/html 2607:f8b0:4004:c19::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/button?theme=outline&size=large&client_id=620071074846-ue2t0efv1niqekljg9bni7mbij5cpvu7.apps.googleusercontent.com&iframe_id=gsi_995329_202202&as=AzoFzIzaD2ngBvwEJMMtQA

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::54 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kGnvDcSPIoNfr9RzxjP-dQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://admin.demo.balcaovirtual.safetec.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-kGnvDcSPIoNfr9RzxjP-dQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Nov 2024 15:09:55 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	Message: A bad HTTP response code (404) was received when fetching the script.
network	error	URL: https://admin.demo.balcaovirtual.safetec.com.br/img/icons/favicon.svg Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
admin.demo.balcaovirtual.safetec.com.br
fonts.googleapis.com
fonts.gstatic.com
ws.balcaovirtual.safetec.com.br
142.250.81.227
2607:f8b0:4004:c19::54
2607:f8b0:4006:808::2013
2607:f8b0:4006:80a::200a
34.151.204.236
02f64bb479a7bd0d7ad052123fcce9c7daf6200f9fb4dccdf5337dbe6968b2a8
0a09bd2d12345921e722b9f36f2e5c9da6aaa08b4810531c3678747180a4e27d
19f41faf1f817d0702de1ac2c6eddef6152a4e47318cb6a8524ca4a48b78bde7
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
20bff2148d510ff66231c9bedc44c6b532784af5ac7a4f0160c22f799474664b
23510996b6c92113aa8d43cdb0b4a90f8c12947bb265e3ecb59f7760a8b31649
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
282645ecb81c8a294a84fa5590d440ffd2f63f98ef21962da2e99ef82baf9b03
36654032c41644a4ab6cc8c4c93a26debe864f2e8a298740a29088b2f64c09a8
47107401d0adb375ab9aa167f9d62489a849d510e740a307b5a4db60e5db3562
737a02cbe060a18520eee7196c219f7060cf25b0772bc3d6896fceca38ddca4d
7780ffa5801d497fba7f365d76835b35d1faa1178abab9ccce88e0f41ed6837d
8b69bb87a163a3f0a43020fe1b6e8e03624579d15ba8171f11484cf6295adb11
8e44376b735dcc9027acbcc8a0df64c3f886a23529eff27b022f344d719e90f2
b72da5eafebc5392931f2d2faa35d7a050ebe16d57a2ef7e31381ff1e752dc35
d0ccbc8f147caf200a9de3aeac35c289df0b707e0e6be1f7d595550049d108e0
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683
ea0aae50b2c1ea03ba98b091c67917b5ef302667919b1fcc4d6fbe60779b18e3

admin.demo.balcaovirtual.safetec.com.br Open in urlscan Pro 2607:f8b0:4006:808::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

19 Requests

100 %HTTPS

60 %IPv6

4 Domains

5 Subdomains

5 IPs

2 Countries

2644 kBTransfer

4995 kBSize

0 Cookies

0 Outgoing links

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

admin.demo.balcaovirtual.safetec.com.br Open in urlscan Pro
2607:f8b0:4006:808::2013 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

100 %
HTTPS

60 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

2644 kB
Transfer

4995 kB
Size

0
Cookies

19 HTTP transactions
0 data transactions