urlscan.io logo urlscan.io
SecurityTrails logo

vestibular.demo.guarany.net Open in urlscan Pro
132.255.168.68  Public Scan

Go To Rescan Add Verdict Report
URL: https://vestibular.demo.guarany.net/
Submission: On May 27 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 8 HTTP transactions. The main IP is 132.255.168.68, located in Santarém, Brazil and belongs to CONECTA AMAZONIA TELECOM LTDA. - ME, BR. The main domain is vestibular.demo.guarany.net.
TLS certificate: Issued by R3 on May 27th 2024. Valid for: 3 months.
This is the only time vestibular.demo.guarany.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 132.255.168.68 264509 (CONECTA A...)
2 16.12.0.6 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
8 3
Apex Domain
Subdomains		 Transfer
5 guarany.net
vestibular.demo.guarany.net
199 KB
2 amazonaws.com
fes-zefiro-sp.s3.sa-east-1.amazonaws.com
3 MB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
1 KB
8 3
Domain Requested by
5 vestibular.demo.guarany.net vestibular.demo.guarany.net
2 fes-zefiro-sp.s3.sa-east-1.amazonaws.com vestibular.demo.guarany.net
1 fonts.googleapis.com vestibular.demo.guarany.net
8 3

This site contains links to these domains. Also see Links.

Domain
www.guarany.net
Subject Issuer Validity Valid
vestibular.demo.guarany.net
R3		 2024-05-27 -
2024-08-25		 3 months crt.sh
*.s3-sa-east-1.amazonaws.com
Amazon RSA 2048 M01		 2024-04-12 -
2025-03-30		 a year crt.sh
upload.video.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://vestibular.demo.guarany.net/
Frame ID: 5CFAAEBA0F574B1E141EB51F656C473B
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Vestibular IESPES

Page Statistics

8
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

3019 kB
Transfer

3593 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
vestibular.demo.guarany.net/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vestibular.demo.guarany.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
132.255.168.68 Santarém, Brazil, ASN264509 (CONECTA AMAZONIA TELECOM LTDA. - ME, BR),
Reverse DNS
132-255-168-68.reverse.redeconectatelecom.net.br
Software
nginx /
Resource Hash
361f5eaf5d7fac45c0a47da02d1dd573d914ca720de36186bd942990fdd3cfb2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 27 May 2024 21:56:37 GMT
etag
W/"361f5eaf5d7fac45c0a47da02d1dd573"
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=15724800; includeSubdomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
149f7c6a-7938-489c-94f3-b2f8456a87e1
x-runtime
0.145795
x-xss-protection
1; mode=block
application-6b2324038d0b10881e87ac96331a35e4348ef019f5bf7e2bbf47a338134c95c0.css
vestibular.demo.guarany.net/assets/ 		166 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vestibular.demo.guarany.net/assets/application-6b2324038d0b10881e87ac96331a35e4348ef019f5bf7e2bbf47a338134c95c0.css
Requested by
Host: vestibular.demo.guarany.net
URL: https://vestibular.demo.guarany.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
132.255.168.68 Santarém, Brazil, ASN264509 (CONECTA AMAZONIA TELECOM LTDA. - ME, BR),
Reverse DNS
132-255-168-68.reverse.redeconectatelecom.net.br
Software
nginx /
Resource Hash
6b2324038d0b10881e87ac96331a35e4348ef019f5bf7e2bbf47a338134c95c0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://vestibular.demo.guarany.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 21:56:37 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubdomains
last-modified
Mon, 27 May 2024 18:18:08 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
content-length
27865
application-8916ed27f3b147b441bec8e0ee174e6d9f3bcca2b3bb1eddf8ea9f1fa34776f4.js
vestibular.demo.guarany.net/assets/ 		504 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vestibular.demo.guarany.net/assets/application-8916ed27f3b147b441bec8e0ee174e6d9f3bcca2b3bb1eddf8ea9f1fa34776f4.js
Requested by
Host: vestibular.demo.guarany.net
URL: https://vestibular.demo.guarany.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
132.255.168.68 Santarém, Brazil, ASN264509 (CONECTA AMAZONIA TELECOM LTDA. - ME, BR),
Reverse DNS
132-255-168-68.reverse.redeconectatelecom.net.br
Software
nginx /
Resource Hash
8916ed27f3b147b441bec8e0ee174e6d9f3bcca2b3bb1eddf8ea9f1fa34776f4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://vestibular.demo.guarany.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 21:56:37 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubdomains
last-modified
Mon, 27 May 2024 18:18:52 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
content-length
128667
application-91fc280778cf9d1f7b8e.js
vestibular.demo.guarany.net/packs/js/ 		69 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vestibular.demo.guarany.net/packs/js/application-91fc280778cf9d1f7b8e.js
Requested by
Host: vestibular.demo.guarany.net
URL: https://vestibular.demo.guarany.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
132.255.168.68 Santarém, Brazil, ASN264509 (CONECTA AMAZONIA TELECOM LTDA. - ME, BR),
Reverse DNS
132-255-168-68.reverse.redeconectatelecom.net.br
Software
nginx /
Resource Hash
d06acdd7b6475edb8a50a543aae6dd439bb62e731215a5a7d04b16cf2067ecc2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://vestibular.demo.guarany.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 21:56:37 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubdomains
last-modified
Mon, 27 May 2024 18:19:13 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
content-length
18154
7ejqq47i29ad4r5u2ret87zsaekm
fes-zefiro-sp.s3.sa-east-1.amazonaws.com/ 		1019 KB
1020 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fes-zefiro-sp.s3.sa-east-1.amazonaws.com/7ejqq47i29ad4r5u2ret87zsaekm?response-content-disposition=inline%3B%20filename%3D%22Imagem1.jpg%22%3B%20filename%2A%3DUTF-8%27%27Imagem1.jpg&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAI2ZTPW3V3LXBI6OA%2F20240527%2Fsa-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240527T215637Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=4642bba28a28a802cf28e2b3c91474fdbcf739d5a2337b38b479a65202102525
Requested by
Host: vestibular.demo.guarany.net
URL: https://vestibular.demo.guarany.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.12.0.6 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-sa-east-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
5918560fbd91c45ee2f9a60fda92630e1bde9d3f633ff23a46775877547ca6d8

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://vestibular.demo.guarany.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 27 May 2024 21:56:39 GMT
Last-Modified
Mon, 20 May 2024 17:39:37 GMT
Server
AmazonS3
x-amz-request-id
V0YVVACB5X85TKYJ
ETag
"bfd31c4766e8ffc4d699116dab9cedbb"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Content-Disposition
inline; filename="Imagem1.jpg"; filename*=UTF-8''Imagem1.jpg
Accept-Ranges
bytes
Content-Length
1043694
x-amz-id-2
bWv0GAj+IN400tSNi7bwcYuRZAh9Kt1qT9Z6vxvbWVW2JpSmyqEfI3T1zHIs5DkauaSTD4MFVas=
css2
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Bebas+Neue&family=Russo+One&family=Sriracha&display=swap
Requested by
Host: vestibular.demo.guarany.net
URL: https://vestibular.demo.guarany.net/assets/application-6b2324038d0b10881e87ac96331a35e4348ef019f5bf7e2bbf47a338134c95c0.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1136ce7015a012ad0f4f50a4533302c0945a74a1291af1c4c45f338f3e4cd103
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://vestibular.demo.guarany.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 27 May 2024 21:56:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 27 May 2024 21:56:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 May 2024 21:56:38 GMT
ewqwar1s5riyziurv9mhmm99fir1
fes-zefiro-sp.s3.sa-east-1.amazonaws.com/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fes-zefiro-sp.s3.sa-east-1.amazonaws.com/ewqwar1s5riyziurv9mhmm99fir1?response-content-disposition=inline%3B%20filename%3D%22Imagem2.jpg%22%3B%20filename%2A%3DUTF-8%27%27Imagem2.jpg&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAI2ZTPW3V3LXBI6OA%2F20240527%2Fsa-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240527T215637Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=66f3edffe5925cc8c0f363233a26858b8a75adea78f4d7a218acb49a925c4fff
Requested by
Host: vestibular.demo.guarany.net
URL: https://vestibular.demo.guarany.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.12.0.6 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-sa-east-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
8b947ac51cbb62e679038961472b6c4852988c93cb9bf1b52f2a218d6601fc68

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://vestibular.demo.guarany.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 27 May 2024 21:56:40 GMT
Last-Modified
Mon, 20 May 2024 17:39:35 GMT
Server
AmazonS3
x-amz-request-id
WFF3S46MRP46WGB9
ETag
"97d3aba80a8bd65ec91e49366bafe868"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Content-Disposition
inline; filename="Imagem2.jpg"; filename*=UTF-8''Imagem2.jpg
Accept-Ranges
bytes
Content-Length
1841940
x-amz-id-2
5I2FHlNnrca/Ox4JTMIIHmPvfZgUYbhzD4sIzxTvgXCLSeyxb8cDqX8EW4a15YL3lNebTcP6P/M=
favicon.png
vestibular.demo.guarany.net/ 		24 KB
24 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://vestibular.demo.guarany.net/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
132.255.168.68 Santarém, Brazil, ASN264509 (CONECTA AMAZONIA TELECOM LTDA. - ME, BR),
Reverse DNS
132-255-168-68.reverse.redeconectatelecom.net.br
Software
nginx /
Resource Hash
151e23515978561973ddf9c635c6c5cb9a860492ffe8a0217172d361dc87191b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://vestibular.demo.guarany.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 21:56:40 GMT
strict-transport-security
max-age=15724800; includeSubdomains
last-modified
Mon, 27 May 2024 18:08:27 GMT
server
nginx
content-length
24672
content-type
image/png

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| load_number_masks function| $ function| jQuery function| Popper boolean| _rails_loaded object| Turbolinks function| setTurnos

1 Cookies

Domain/Path Name / Value
vestibular.demo.guarany.net/ Name: _zefiro_vestibular_session
Value: VmwbNxNzA90NwLcQ1neYeMKvhAyvBn2Jd5CgXhlHkFWxEl1QZuIC5fOub3q9XAXFzUiX%2BCzOuFE9B1Yt4Rbk9bFskYQZ85adV0CYGcD9uOAODYMtd9EnxBn1DQWGT9%2Fp55he9RjY7kHsQrl5LtAXuTxN7G%2BPUDzD8odoHOaRnHcNh8PRBSybqNzV3d7O3WzjEo2E0kmcYGMQgzcZZuXOZeNSx9dUoOfZWdlkgqE38m0pP86S1gnGdHrrLzarsv2W31UikvnEGBOOuG22ZV%2FNtJ1hcJPoghDQ0IoEx7YkhkfEOA%3D%3D--49xx4bli5w02QRVt--PEr4AbvnAqmwWeQzdWGOaw%3D%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block