urlscan.io logo urlscan.io
SecurityTrails logo

cepes.demo.guarany.net Open in urlscan Pro
132.255.168.68  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cepes.demo.guarany.net/admin
Effective URL: https://cepes.demo.guarany.net/admin/login?back_to=https%3A%2F%2Fcepes.demo.guarany.net%2Fadmin
Submission: On August 22 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 9 HTTP transactions. The main IP is 132.255.168.68, located in Santarém, Brazil and belongs to CONECTA AMAZONIA TELECOM LTDA. - ME, BR. The main domain is cepes.demo.guarany.net.
TLS certificate: Issued by E5 on August 16th 2024. Valid for: 3 months.
This is the only time cepes.demo.guarany.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 132.255.168.68 264509 (CONECTA A...)
1 2 104.18.94.41 13335 (CLOUDFLAR...)
1 104.18.95.41 13335 (CLOUDFLAR...)
9 3
Apex Domain
Subdomains		 Transfer
8 guarany.net
cepes.demo.guarany.net
290 KB
3 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 3877
15 KB
9 2
Domain Requested by
8 cepes.demo.guarany.net 1 redirects cepes.demo.guarany.net
3 challenges.cloudflare.com 1 redirects cepes.demo.guarany.net
challenges.cloudflare.com
9 2

This site contains no links.

Subject Issuer Validity Valid
cepes.demo.guarany.net
E5		 2024-08-16 -
2024-11-14		 3 months crt.sh
challenges.cloudflare.com
E5		 2024-07-17 -
2024-10-15		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://cepes.demo.guarany.net/admin/login?back_to=https%3A%2F%2Fcepes.demo.guarany.net%2Fadmin
Frame ID: 53DB922A122DAED8A315E251DBD273A5
Requests: 8 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/y21y1/0x4AAAAAAALbal_5-UamjCUj/auto/fbE/normal/auto/
Frame ID: 2989747D7F5F540326F69EBF378B35D7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Zéfiro

Page URL History Show full URLs

  1. https://cepes.demo.guarany.net/admin HTTP 302
    https://cepes.demo.guarany.net/admin/login?back_to=https%3A%2F%2Fcepes.demo.guarany.net%2Fadmin Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

9
Requests

89 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

304 kB
Transfer

960 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cepes.demo.guarany.net/admin HTTP 302
    https://cepes.demo.guarany.net/admin/login?back_to=https%3A%2F%2Fcepes.demo.guarany.net%2Fadmin Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/b/6790c32b9fc9/api.js

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
cepes.demo.guarany.net/admin/
Redirect Chain
  • https://cepes.demo.guarany.net/admin
  • https://cepes.demo.guarany.net/admin/login?back_to=https%3A%2F%2Fcepes.demo.guarany.net%2Fadmin
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cepes.demo.guarany.net/admin/login?back_to=https%3A%2F%2Fcepes.demo.guarany.net%2Fadmin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
132.255.168.68 Santarém, Brazil, ASN264509 (CONECTA AMAZONIA TELECOM LTDA. - ME, BR),
Reverse DNS
132-255-168-68.reverse.redeconectatelecom.net.br
Software
nginx /
Resource Hash
1fdba71a4c2e34e5fd1de7bdc90f47c46d9bb359b9d976240136b8343b89b648
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 22 Aug 2024 05:37:30 GMT
etag
W/"1fdba71a4c2e34e5fd1de7bdc90f47c4"
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=15724800; includeSubdomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
21188cf8-8265-4fbe-b2f9-b1fcd0f81b53
x-runtime
0.036650
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache
content-type
text/html; charset=utf-8
date
Thu, 22 Aug 2024 05:37:30 GMT
location
https://cepes.demo.guarany.net/admin/login?back_to=https%3A%2F%2Fcepes.demo.guarany.net%2Fadmin
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=15724800; includeSubdomains
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
3bb790ba-b8a0-44c1-ac3c-377fc4f8bf75
x-runtime
0.080652
x-xss-protection
1; mode=block
login-b695513496ec500502f655976f1fab2df5f875c25de91291f85f35cb2e9c81b0.css
cepes.demo.guarany.net/assets/ 		182 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cepes.demo.guarany.net/assets/login-b695513496ec500502f655976f1fab2df5f875c25de91291f85f35cb2e9c81b0.css
Requested by
Host: cepes.demo.guarany.net
URL: https://cepes.demo.guarany.net/admin/login?back_to=https%3A%2F%2Fcepes.demo.guarany.net%2Fadmin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
132.255.168.68 Santarém, Brazil, ASN264509 (CONECTA AMAZONIA TELECOM LTDA. - ME, BR),
Reverse DNS
132-255-168-68.reverse.redeconectatelecom.net.br
Software
nginx /
Resource Hash
d17eacb4b2bc93f08450407b4ebdafcf85ec90e4352404eb76d95b41aebc2af6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubdomains

Request headers

Referer
https://cepes.demo.guarany.net/admin/login?back_to=https%3A%2F%2Fcepes.demo.guarany.net%2Fadmin
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 05:37:31 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubdomains
last-modified
Thu, 18 Apr 2024 19:26:22 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
content-length
33544
application-7af796dc5df7764db4fca57264102c3b700218d3d70940332851006cda0ce588.js
cepes.demo.guarany.net/assets/ 		628 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cepes.demo.guarany.net/assets/application-7af796dc5df7764db4fca57264102c3b700218d3d70940332851006cda0ce588.js
Requested by
Host: cepes.demo.guarany.net
URL: https://cepes.demo.guarany.net/admin/login?back_to=https%3A%2F%2Fcepes.demo.guarany.net%2Fadmin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
132.255.168.68 Santarém, Brazil, ASN264509 (CONECTA AMAZONIA TELECOM LTDA. - ME, BR),
Reverse DNS
132-255-168-68.reverse.redeconectatelecom.net.br
Software
nginx /
Resource Hash
7af796dc5df7764db4fca57264102c3b700218d3d70940332851006cda0ce588
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubdomains

Request headers

Referer
https://cepes.demo.guarany.net/admin/login?back_to=https%3A%2F%2Fcepes.demo.guarany.net%2Fadmin
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 05:37:31 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubdomains
last-modified
Thu, 18 Apr 2024 19:22:00 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
content-length
162248
logo-zefiro-492de9623c882d9fb3045d746829ed183706501ee5e8587cce662c4b3a09ba70.svg
cepes.demo.guarany.net/assets/ 		13 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cepes.demo.guarany.net/assets/logo-zefiro-492de9623c882d9fb3045d746829ed183706501ee5e8587cce662c4b3a09ba70.svg
Requested by
Host: cepes.demo.guarany.net
URL: https://cepes.demo.guarany.net/admin/login?back_to=https%3A%2F%2Fcepes.demo.guarany.net%2Fadmin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
132.255.168.68 Santarém, Brazil, ASN264509 (CONECTA AMAZONIA TELECOM LTDA. - ME, BR),
Reverse DNS
132-255-168-68.reverse.redeconectatelecom.net.br
Software
nginx /
Resource Hash
492de9623c882d9fb3045d746829ed183706501ee5e8587cce662c4b3a09ba70
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubdomains

Request headers

Referer
https://cepes.demo.guarany.net/admin/login?back_to=https%3A%2F%2Fcepes.demo.guarany.net%2Fadmin
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 05:37:31 GMT
strict-transport-security
max-age=15724800; includeSubdomains
content-encoding
gzip
last-modified
Thu, 18 Apr 2024 19:13:17 GMT
server
nginx
vary
Accept-Encoding
content-type
image/svg+xml
api.js
challenges.cloudflare.com/turnstile/v0/b/6790c32b9fc9/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit
  • https://challenges.cloudflare.com/turnstile/v0/b/6790c32b9fc9/api.js
44 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/6790c32b9fc9/api.js
Requested by
Host: cepes.demo.guarany.net
URL: https://cepes.demo.guarany.net/admin/login?back_to=https%3A%2F%2Fcepes.demo.guarany.net%2Fadmin
Protocol
H3
Server
104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7eda47b0c02c44bdaa43a5b14857f1257ddbd620b0397c32aa3ae8baf769ab55

Request headers

Referer
https://cepes.demo.guarany.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 05:37:31 GMT
content-encoding
br
last-modified
Thu, 15 Aug 2024 16:28:23 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
cross-origin-resource-policy
cross-origin
cf-ray
8b7082e9ba2aabc4-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 22 Aug 2024 05:37:31 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-origin
*
location
/turnstile/v0/b/6790c32b9fc9/api.js
cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
cross-origin-resource-policy
cross-origin
cf-ray
8b7082e97a0eabc4-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
error.ogg
cepes.demo.guarany.net/sounds/ 		22 KB
22 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cepes.demo.guarany.net/sounds/error.ogg
Requested by
Host: cepes.demo.guarany.net
URL: https://cepes.demo.guarany.net/admin/login?back_to=https%3A%2F%2Fcepes.demo.guarany.net%2Fadmin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
132.255.168.68 Santarém, Brazil, ASN264509 (CONECTA AMAZONIA TELECOM LTDA. - ME, BR),
Reverse DNS
132-255-168-68.reverse.redeconectatelecom.net.br
Software
nginx /
Resource Hash
1ba4db8288376e2993378956ff432abe36b9c1f0bf07ea77717ca1e45ae5b702
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubdomains

Request headers

Referer
https://cepes.demo.guarany.net/admin/login?back_to=https%3A%2F%2Fcepes.demo.guarany.net%2Fadmin
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-22735/22736
date
Thu, 22 Aug 2024 05:37:32 GMT
strict-transport-security
max-age=15724800; includeSubdomains
last-modified
Mon, 05 Aug 2024 20:47:24 GMT
server
nginx
Content-Length
22736
content-type
application/ogg
/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/y21y1/0x4AAAAAAALbal_5-UamjCUj/auto/fbE/normal/auto/ Frame 2989 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/y21y1/0x4AAAAAAALbal_5-UamjCUj/auto/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.95.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Referer
https://cepes.demo.guarany.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8b7082f08a39ab99-YYZ
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Thu, 22 Aug 2024 05:37:32 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
fa-solid-900-ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d.woff2
cepes.demo.guarany.net/assets/font-awesome/ 		66 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cepes.demo.guarany.net/assets/font-awesome/fa-solid-900-ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d.woff2
Requested by
Host: cepes.demo.guarany.net
URL: https://cepes.demo.guarany.net/assets/login-b695513496ec500502f655976f1fab2df5f875c25de91291f85f35cb2e9c81b0.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
132.255.168.68 Santarém, Brazil, ASN264509 (CONECTA AMAZONIA TELECOM LTDA. - ME, BR),
Reverse DNS
132-255-168-68.reverse.redeconectatelecom.net.br
Software
nginx /
Resource Hash
ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubdomains

Request headers

Referer
https://cepes.demo.guarany.net/assets/login-b695513496ec500502f655976f1fab2df5f875c25de91291f85f35cb2e9c81b0.css
Origin
https://cepes.demo.guarany.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 05:37:32 GMT
strict-transport-security
max-age=15724800; includeSubdomains
last-modified
Thu, 18 Apr 2024 19:26:22 GMT
server
nginx
content-length
67400
content-type
application/font-woff2
favicon-32x32.png
cepes.demo.guarany.net/favicons/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cepes.demo.guarany.net/favicons/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
132.255.168.68 Santarém, Brazil, ASN264509 (CONECTA AMAZONIA TELECOM LTDA. - ME, BR),
Reverse DNS
132-255-168-68.reverse.redeconectatelecom.net.br
Software
nginx /
Resource Hash
f535976d59eb1dfaf7cee43c225cdddc3acaa154460f25edea5890bf4e5ecb7a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubdomains

Request headers

Referer
https://cepes.demo.guarany.net/admin/login?back_to=https%3A%2F%2Fcepes.demo.guarany.net%2Fadmin
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 05:37:32 GMT
strict-transport-security
max-age=15724800; includeSubdomains
last-modified
Mon, 05 Aug 2024 20:47:24 GMT
server
nginx
content-length
1386
content-type
image/png

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| setDisciplinasMarcadas function| checkRow function| fetchZefiro function| disableELement function| enableELement function| copyTextToClipboard function| onReCapSuccess function| checkAlert function| setHidedTextareas function| validateFileSize function| setOptionsSelect function| awaitAndRedirect function| setHistory function| setActiveListgroupItem function| checkerInput function| installApp function| imgError function| addListenerMulti function| checkUserPass function| $ function| jQuery object| Rails boolean| _rails_loaded function| Popper object| bootstrap object| Chartkick object| disciplinas object| ActionCable object| App object| Pace object| Webcam function| isNull function| isBlank object| turnstile

1 Cookies

Domain/Path Name / Value
cepes.demo.guarany.net/ Name: _zefiro_session
Value: 848ed8637a71a620a96446f3ca7284fd

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://cepes.demo.guarany.net/admin/login?back_to=https%3A%2F%2Fcepes.demo.guarany.net%2Fadmin
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block