45.5.132.20 Open in urlscan Pro
45.5.132.20 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://contratos.mdnetfibra.com.br/
Effective URL:
http://45.5.132.20:1982/Login.php?Erro=TempoLogado
Submission: On August 30 via api (August 30th 2021, 4:21:33 pm UTC) from NL

Summary HTTP 16 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 16 HTTP transactions. The main IP is 45.5.132.20, located in Campinas, Brazil and belongs to MDNet Fibra, BR. The main domain is 45.5.132.20.

This is the only time 45.5.132.20 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	187.103.161.18 187.103.161.18	53102 (S.I. TELE...) (S.I. TELECOM. SERVICOS DE TELEFONIA LTDA EPP)
14	45.5.132.20 45.5.132.20	266112 (MDNet Fibra) (MDNet Fibra)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
16	3

1 187.103.161.18 (Sumaré, Brazil) 1 redirects

ASN53102 (S.I. TELECOM. SERVICOS DE TELEFONIA LTDA EPP, BR)
PTR: painel.sitel.com.br

contratos.mdnetfibra.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 45.5.132.20 (Campinas, Brazil)

ASN266112 (MDNet Fibra, BR)

45.5.132.20	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	gstatic.com fonts.gstatic.com	15 KB
1	googleapis.com fonts.googleapis.com	741 B
1	mdnetfibra.com.br 1 redirects contratos.mdnetfibra.com.br	252 B
16	3

	Domain	Requested by
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	45.5.132.20
1	contratos.mdnetfibra.com.br	1 redirects
16	3

This site contains links to these domains. Also see Links.

Domain
www.topsapp.com.br

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1O1	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://45.5.132.20:1982/Login.php?Erro=TempoLogado
Frame ID: D2202ED3D38412D0043C2984EFBD7E08
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Central do Assinante

Page URL History Show full URLs

http://contratos.mdnetfibra.com.br/ HTTP 301
http://45.5.132.20:1982/ver_contrato.php Page URL
http://45.5.132.20:1982/Login.php?Erro=TempoLogado Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

16
Requests

13 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

332 kB
Transfer

335 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.topsapp.com.br/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://contratos.mdnetfibra.com.br/ HTTP 301
http://45.5.132.20:1982/ver_contrato.php Page URL
http://45.5.132.20:1982/Login.php?Erro=TempoLogado Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://contratos.mdnetfibra.com.br/ HTTP 301
http://45.5.132.20:1982/ver_contrato.php

Request Chain 13

http://fonts.googleapis.com/css?family=Roboto:400,700,300,100 HTTP 307
https://fonts.googleapis.com/css?family=Roboto:400,700,300,100

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Cookie set ver_contrato.php
45.5.132.20/
Redirect Chain

http://contratos.mdnetfibra.com.br/
http://45.5.132.20:1982/ver_contrato.php

92 B
548 B

549ms
257ms

Document
text/html

45.5.132.20
MDNet Fibra

General

Check archive.org

Show headers Download Go to

Full URL

http://45.5.132.20:1982/ver_contrato.php

Protocol

HTTP/1.1

Server

45.5.132.20 Campinas, Brazil, ASN266112 (MDNet Fibra, BR),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: 45.5.132.20:1982
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 30 Aug 2021 16:21:08 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Set-Cookie: PHPSESSID=cjlspvmdphntv97tt98npuj224; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 92
Connection: close
Content-Type: text/html; charset=ISO-8859-1

Redirect headers

Server: nginx
Date: Mon, 30 Aug 2021 16:21:07 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 248
Connection: keep-alive
Location: http://45.5.132.20:1982/ver_contrato.php
X-Powered-By: PleskLin

GET
H/1.1 200
OK Primary Request Login.php Show response
45.5.132.20/ 2 KB
2 KB 558ms
237ms Document
text/html 45.5.132.20
MDNet Fibra

General

Check archive.org

Show headers Download Go to

Full URL

http://45.5.132.20:1982/Login.php?Erro=TempoLogado

Requested by

Host: 45.5.132.20
URL: http://45.5.132.20:1982/ver_contrato.php

Protocol

HTTP/1.1

Server

45.5.132.20 Campinas, Brazil, ASN266112 (MDNet Fibra, BR),

Reverse DNS

Software

Apache /

Resource Hash

c25173bfd2b578d68a310ed60c51c34886470d692506415b4e8f4c8e6879a791

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: 45.5.132.20:1982
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://45.5.132.20:1982/ver_contrato.php
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: PHPSESSID=cjlspvmdphntv97tt98npuj224
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: http://45.5.132.20:1982/ver_contrato.php

Response headers

Date: Mon, 30 Aug 2021 16:21:09 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 2226
Connection: close
Content-Type: text/html; charset=ISO-8859-1

GET
H/1.1 200
OK style_Login.php
45.5.132.20/Css/ 7 KB
8 KB 613ms
265ms Stylesheet
text/css 45.5.132.20
MDNet Fibra

General

Check archive.org

Show headers Download Go to

Full URL

http://45.5.132.20:1982/Css/style_Login.php

Requested by

Host: 45.5.132.20
URL: http://45.5.132.20:1982/Login.php?Erro=TempoLogado

Protocol

HTTP/1.1

Server

45.5.132.20 Campinas, Brazil, ASN266112 (MDNet Fibra, BR),

Reverse DNS

Software

Apache /

Resource Hash

1c0c7712f38ec78f55e56acdefc854c8050853b9a596753ecbe5cbad5555a960

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 45.5.132.20:1982
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://45.5.132.20:1982/Login.php?Erro=TempoLogado
Cookie: PHPSESSID=cjlspvmdphntv97tt98npuj224
Connection: keep-alive
Cache-Control: no-cache
Referer: http://45.5.132.20:1982/Login.php?Erro=TempoLogado
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 30 Aug 2021 16:21:09 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Connection: close
Content-Length: 7483
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jQuery.js Show response
45.5.132.20/js/ 256 KB
256 KB 602ms
254ms Script
text/javascript 45.5.132.20
MDNet Fibra

General

Check archive.org

Show headers Download Go to

Full URL

http://45.5.132.20:1982/js/jQuery.js

Requested by

Host: 45.5.132.20
URL: http://45.5.132.20:1982/Login.php?Erro=TempoLogado

Protocol

HTTP/1.1

Server

45.5.132.20 Campinas, Brazil, ASN266112 (MDNet Fibra, BR),

Reverse DNS

Software

Apache /

Resource Hash

12afb434915afbdf591d2adf538f3d791485a1aa31081fb31917ef1df4494af7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 45.5.132.20:1982
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: */*
Referer: http://45.5.132.20:1982/Login.php?Erro=TempoLogado
Cookie: PHPSESSID=cjlspvmdphntv97tt98npuj224
Connection: keep-alive
Cache-Control: no-cache
Referer: http://45.5.132.20:1982/Login.php?Erro=TempoLogado
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 30 Aug 2021 16:21:09 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 12 Sep 2020 13:03:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 262297
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK upload_form.js Show response
45.5.132.20/js/ 5 KB
5 KB 604ms
251ms Script
text/javascript 45.5.132.20
MDNet Fibra

General

Check archive.org

Show headers Download Go to

Full URL

http://45.5.132.20:1982/js/upload_form.js

Requested by

Host: 45.5.132.20
URL: http://45.5.132.20:1982/Login.php?Erro=TempoLogado

Protocol

HTTP/1.1

Server

45.5.132.20 Campinas, Brazil, ASN266112 (MDNet Fibra, BR),

Reverse DNS

Software

Apache /

Resource Hash

7a298f3ed157a58b01039d8879cbe162eacae3be4907035c579fdb64edc5b6d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 45.5.132.20:1982
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: */*
Referer: http://45.5.132.20:1982/Login.php?Erro=TempoLogado
Cookie: PHPSESSID=cjlspvmdphntv97tt98npuj224
Connection: keep-alive
Cache-Control: no-cache
Referer: http://45.5.132.20:1982/Login.php?Erro=TempoLogado
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 30 Aug 2021 16:21:09 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 12 Sep 2020 13:03:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 5151
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.form.js Show response
45.5.132.20/js/ 24 KB
24 KB 610ms
251ms Script
text/javascript 45.5.132.20
MDNet Fibra

General

Check archive.org

Show headers Download Go to

Full URL

http://45.5.132.20:1982/js/jquery.form.js

Requested by

Host: 45.5.132.20
URL: http://45.5.132.20:1982/Login.php?Erro=TempoLogado

Protocol

HTTP/1.1

Server

45.5.132.20 Campinas, Brazil, ASN266112 (MDNet Fibra, BR),

Reverse DNS

Software

Apache /

Resource Hash

498abcc3f4570b9976e9dbbccff4277a4f7a840e5caef4ae0b09e8640eaf9127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 45.5.132.20:1982
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: */*
Referer: http://45.5.132.20:1982/Login.php?Erro=TempoLogado
Cookie: PHPSESSID=cjlspvmdphntv97tt98npuj224
Connection: keep-alive
Cache-Control: no-cache
Referer: http://45.5.132.20:1982/Login.php?Erro=TempoLogado
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 30 Aug 2021 16:21:09 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 12 Sep 2020 13:03:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 24554
X-XSS-Protection: 1; mode=block

GET
H/1.0 500
Internal Server Error ResizeBasic.php
45.5.132.20/adm/Logo/ 0
269 B 555ms
312ms Image
text/html 45.5.132.20
MDNet Fibra

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://45.5.132.20:1982/adm/Logo/ResizeBasic.php?filename=logo_1552157087.png&width=200&height=120

Requested by

Host: 45.5.132.20
URL: http://45.5.132.20:1982/Login.php?Erro=TempoLogado

Protocol

HTTP/1.0

Server

45.5.132.20 Campinas, Brazil, ASN266112 (MDNet Fibra, BR),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 45.5.132.20:1982
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://45.5.132.20:1982/Login.php?Erro=TempoLogado
Cookie: PHPSESSID=cjlspvmdphntv97tt98npuj224
Connection: keep-alive
Cache-Control: no-cache
Referer: http://45.5.132.20:1982/Login.php?Erro=TempoLogado
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 30 Aug 2021 16:21:10 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=ISO-8859-1
Connection: close
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK icon_login_06.png
45.5.132.20/Imagens/ 1 KB
1 KB 718ms
273ms Image
image/png 45.5.132.20
MDNet Fibra

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://45.5.132.20:1982/Imagens/icon_login_06.png

Requested by

Host: 45.5.132.20
URL: http://45.5.132.20:1982/Login.php?Erro=TempoLogado

Protocol

HTTP/1.1

Server

45.5.132.20 Campinas, Brazil, ASN266112 (MDNet Fibra, BR),

Reverse DNS

Software

Apache /

Resource Hash

8d275b01bcf804de730b1097252fceda6471d25ed006a538583ec62741122488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 45.5.132.20:1982
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://45.5.132.20:1982/Login.php?Erro=TempoLogado
Cookie: PHPSESSID=cjlspvmdphntv97tt98npuj224
Connection: keep-alive
Cache-Control: no-cache
Referer: http://45.5.132.20:1982/Login.php?Erro=TempoLogado
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 30 Aug 2021 16:21:11 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 12 Sep 2020 13:03:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 1182
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK icon_login_03.png
45.5.132.20/Imagens/ 404 B
704 B 798ms
255ms Image
image/png 45.5.132.20
MDNet Fibra

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://45.5.132.20:1982/Imagens/icon_login_03.png

Requested by

Host: 45.5.132.20
URL: http://45.5.132.20:1982/Login.php?Erro=TempoLogado

Protocol

HTTP/1.1

Server

45.5.132.20 Campinas, Brazil, ASN266112 (MDNet Fibra, BR),

Reverse DNS

Software

Apache /

Resource Hash

7fcbc317d2dcfbd5c32912acc4404317d82e7e80692614e9253ee57f5ad18642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 45.5.132.20:1982
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://45.5.132.20:1982/Login.php?Erro=TempoLogado
Cookie: PHPSESSID=cjlspvmdphntv97tt98npuj224
Connection: keep-alive
Cache-Control: no-cache
Referer: http://45.5.132.20:1982/Login.php?Erro=TempoLogado
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 30 Aug 2021 16:21:11 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 12 Sep 2020 13:03:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 404
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK icon_login_10.png
45.5.132.20/Imagens/ 364 B
664 B 664ms
255ms Image
image/png 45.5.132.20
MDNet Fibra

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://45.5.132.20:1982/Imagens/icon_login_10.png

Requested by

Host: 45.5.132.20
URL: http://45.5.132.20:1982/Login.php?Erro=TempoLogado

Protocol

HTTP/1.1

Server

45.5.132.20 Campinas, Brazil, ASN266112 (MDNet Fibra, BR),

Reverse DNS

Software

Apache /

Resource Hash

026f6481be9407097ef04c6752ec58b07e2fc6120694c94bc5b0580de6e5ff31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 45.5.132.20:1982
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://45.5.132.20:1982/Login.php?Erro=TempoLogado
Cookie: PHPSESSID=cjlspvmdphntv97tt98npuj224
Connection: keep-alive
Cache-Control: no-cache
Referer: http://45.5.132.20:1982/Login.php?Erro=TempoLogado
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 30 Aug 2021 16:21:11 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 12 Sep 2020 13:03:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 364
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK icons_inicial_central_58.png
45.5.132.20/Imagens/ 3 KB
3 KB 649ms
255ms Image
image/png 45.5.132.20
MDNet Fibra

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://45.5.132.20:1982/Imagens/icons_inicial_central_58.png

Requested by

Host: 45.5.132.20
URL: http://45.5.132.20:1982/Login.php?Erro=TempoLogado

Protocol

HTTP/1.1

Server

45.5.132.20 Campinas, Brazil, ASN266112 (MDNet Fibra, BR),

Reverse DNS

Software

Apache /

Resource Hash

544a4644be8c00eec5bed7b5b4b7d8986b5b88808a03eded4dcedfe7996cf8ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 45.5.132.20:1982
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://45.5.132.20:1982/Login.php?Erro=TempoLogado
Cookie: PHPSESSID=cjlspvmdphntv97tt98npuj224
Connection: keep-alive
Cache-Control: no-cache
Referer: http://45.5.132.20:1982/Login.php?Erro=TempoLogado
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 30 Aug 2021 16:21:11 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 12 Sep 2020 13:03:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 3024
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK reset.css
45.5.132.20/Css/ 3 KB
3 KB 447ms
221ms Stylesheet
text/css 45.5.132.20
MDNet Fibra

General

Check archive.org

Show headers Download Go to

Full URL

http://45.5.132.20:1982/Css/reset.css

Requested by

Host: 45.5.132.20
URL: http://45.5.132.20:1982/Css/style_Login.php

Protocol

HTTP/1.1

Server

45.5.132.20 Campinas, Brazil, ASN266112 (MDNet Fibra, BR),

Reverse DNS

Software

Apache /

Resource Hash

c123d4021301fc9734e1ec78c7b4bbf48d24493547eecbef06bc2a085bb49a8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 45.5.132.20:1982
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://45.5.132.20:1982/Css/style_Login.php
Cookie: PHPSESSID=cjlspvmdphntv97tt98npuj224
Connection: keep-alive
Cache-Control: no-cache
Referer: http://45.5.132.20:1982/Css/style_Login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 30 Aug 2021 16:21:10 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 12 Sep 2020 13:03:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 2785
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK select.php
45.5.132.20/Css/ 10 KB
10 KB 501ms
255ms Stylesheet
text/css 45.5.132.20
MDNet Fibra

General

Check archive.org

Show headers Download Go to

Full URL

http://45.5.132.20:1982/Css/select.php

Requested by

Host: 45.5.132.20
URL: http://45.5.132.20:1982/Css/style_Login.php

Protocol

HTTP/1.1

Server

45.5.132.20 Campinas, Brazil, ASN266112 (MDNet Fibra, BR),

Reverse DNS

Software

Apache /

Resource Hash

68d58b088d5f5293b6910e11c18c87663f87e9ec661cfe0eb3e40171b77a204e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 45.5.132.20:1982
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://45.5.132.20:1982/Css/style_Login.php
Cookie: PHPSESSID=cjlspvmdphntv97tt98npuj224
Connection: keep-alive
Cache-Control: no-cache
Referer: http://45.5.132.20:1982/Css/style_Login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 30 Aug 2021 16:21:10 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Transfer-Encoding: chunked
Connection: close
X-XSS-Protection: 1; mode=block

GET
H/1.1 404
Not Found prettyPhoto.css
45.5.132.20/Css/ 0
0 507ms
261ms Stylesheet
text/html 45.5.132.20
MDNet Fibra

General

Check archive.org

Show headers Download Go to

Full URL

http://45.5.132.20:1982/Css/prettyPhoto.css

Requested by

Host: 45.5.132.20
URL: http://45.5.132.20:1982/Css/style_Login.php

Protocol

HTTP/1.1

Server

45.5.132.20 Campinas, Brazil, ASN266112 (MDNet Fibra, BR),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 45.5.132.20:1982
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://45.5.132.20:1982/Css/style_Login.php
Cookie: PHPSESSID=cjlspvmdphntv97tt98npuj224
Connection: keep-alive
Cache-Control: no-cache
Referer: http://45.5.132.20:1982/Css/style_Login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 30 Aug 2021 16:21:10 GMT
Server: Apache
Connection: close
Content-Length: 280
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=iso-8859-1

GET
H3-29

200

css
fonts.googleapis.com/
Redirect Chain

http://fonts.googleapis.com/css?family=Roboto:400,700,300,100
https://fonts.googleapis.com/css?family=Roboto:400,700,300,100

8 KB
741 B

50ms
15ms

Stylesheet
text/css

2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700,300,100

Requested by

Host: 45.5.132.20
URL: http://45.5.132.20:1982/Css/style_Login.php

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ce2b0b266b13c3d67ce5cebafd300fa5fc9c8d550ff40e6f3db05e9b65f110ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://45.5.132.20:1982/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 16:21:10 GMT
server: ESF
date: Mon, 30 Aug 2021 16:21:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 30 Aug 2021 16:21:10 GMT

Redirect headers

Location: https://fonts.googleapis.com/css?family=Roboto:400,700,300,100
Non-Authoritative-Reason: HSTS

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 71ms
10ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300,100

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://45.5.132.20:1982
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 11:31:42 GMT
x-content-type-options: nosniff
age: 190169
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 11:31:42 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			45.5.132.20/	1969-12-31 23:59:59	Name: PHPSESSID Value: cjlspvmdphntv97tt98npuj224

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

contratos.mdnetfibra.com.br
fonts.googleapis.com
fonts.gstatic.com
187.103.161.18
2a00:1450:4001:811::200a
2a00:1450:4001:831::2003
45.5.132.20
026f6481be9407097ef04c6752ec58b07e2fc6120694c94bc5b0580de6e5ff31
12afb434915afbdf591d2adf538f3d791485a1aa31081fb31917ef1df4494af7
1c0c7712f38ec78f55e56acdefc854c8050853b9a596753ecbe5cbad5555a960
498abcc3f4570b9976e9dbbccff4277a4f7a840e5caef4ae0b09e8640eaf9127
544a4644be8c00eec5bed7b5b4b7d8986b5b88808a03eded4dcedfe7996cf8ce
68d58b088d5f5293b6910e11c18c87663f87e9ec661cfe0eb3e40171b77a204e
7a298f3ed157a58b01039d8879cbe162eacae3be4907035c579fdb64edc5b6d4
7fcbc317d2dcfbd5c32912acc4404317d82e7e80692614e9253ee57f5ad18642
8d275b01bcf804de730b1097252fceda6471d25ed006a538583ec62741122488
c123d4021301fc9734e1ec78c7b4bbf48d24493547eecbef06bc2a085bb49a8b
c25173bfd2b578d68a310ed60c51c34886470d692506415b4e8f4c8e6879a791
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce2b0b266b13c3d67ce5cebafd300fa5fc9c8d550ff40e6f3db05e9b65f110ea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

45.5.132.20 Open in urlscan Pro 45.5.132.20 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

13 %HTTPS

50 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

332 kBTransfer

335 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

45.5.132.20 Open in urlscan Pro
45.5.132.20 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

13 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

332 kB
Transfer

335 kB
Size

1
Cookies

16 HTTP transactions
0 data transactions