banco.flbank.com.br Open in urlscan Pro
177.53.142.209 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://banco.flbank.com.br/
Effective URL:
https://banco.flbank.com.br/acessar-conta
Submission: On July 25 via automatic, source certstream-suspicious (July 25th 2020, 1:11:49 pm UTC)

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 15 HTTP transactions. The main IP is 177.53.142.209, located in Brazil and belongs to Brasil Site Informatica LTDA, BR. The main domain is banco.flbank.com.br.
TLS certificate: Issued by Let's Encrypt Authority X3 on July 25th 2020. Valid for: 3 months.

This is the only time banco.flbank.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	177.53.142.209 177.53.142.209	53243 (Brasil Si...) (Brasil Site Informatica LTDA)
3	151.139.128.8 151.139.128.8	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE)
15	4

8 177.53.142.209 (Brazil) 1 redirects

ASN53243 (Brasil Site Informatica LTDA, BR)

banco.flbank.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.139.128.8 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kit-free.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	flbank.com.br 1 redirects banco.flbank.com.br	1 MB
4	gstatic.com fonts.gstatic.com	53 KB
3	fontawesome.com kit.fontawesome.com kit-free.fontawesome.com	20 KB
1	googleapis.com fonts.googleapis.com	809 B
15	4

	Domain	Requested by
8	banco.flbank.com.br	1 redirects banco.flbank.com.br
4	fonts.gstatic.com
2	kit-free.fontawesome.com	kit.fontawesome.com
1	fonts.googleapis.com	banco.flbank.com.br
1	kit.fontawesome.com	banco.flbank.com.br
15	5

This site contains no links.

Subject Issuer	Validity	Valid
www.banco.banco.flbank.com.br Let's Encrypt Authority X3	`2020-07-25` - `2020-10-23`	3 months	crt.sh
*.fontawesome.com DigiCert SHA2 Secure Server CA	`2019-10-28` - `2020-12-23`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://banco.flbank.com.br/acessar-conta
Frame ID: C0CB6E71222FAD8263759211EA0B2B0D
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://banco.flbank.com.br/ HTTP 302
https://banco.flbank.com.br/acessar-conta Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

15
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

4
IPs

3
Countries

1106 kB
Transfer

1175 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://banco.flbank.com.br/ HTTP 302
https://banco.flbank.com.br/acessar-conta Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request acessar-conta Show response
banco.flbank.com.br/
Redirect Chain

https://banco.flbank.com.br/
https://banco.flbank.com.br/acessar-conta

1 KB
2 KB

248ms
248ms

Document
text/html

177.53.142.209
Brasil Site Infor...

General

Check archive.org

Show headers Download Go to

Full URL

https://banco.flbank.com.br/acessar-conta

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

177.53.142.209 , Brazil, ASN53243 (Brasil Site Informatica LTDA, BR),

Reverse DNS

Software

Apache /

Resource Hash

199304efaace4d5d966fd79be18981ddd11d83b55bb590d060f32141527f59e2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .fontawesome.com .googleapis.com .gstatic.com https://static.zdassets.com https://ekr.zdassets.com https://.zopim.com wss://.zopim.com https://.zopim.io https://viacep.com.br; style-src 'self' .fontawesome.com .googleapis.com .gstatic.com 'unsafe-inline'; img-src 'self' .googleapis.com .zopim.io .zopim.com data:;;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: banco.flbank.com.br
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: PHPSESSID=9d178cc86f2c3636dc12641d22b70e60
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 25 Jul 2020 13:11:29 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate public
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self' *.fontawesome.com *.googleapis.com *.gstatic.com https://static.zdassets.com https://ekr.zdassets.com https://*.zopim.com wss://*.zopim.com https://*.zopim.io https://viacep.com.br; style-src 'self' *.fontawesome.com *.googleapis.com *.gstatic.com 'unsafe-inline'; img-src 'self' *.googleapis.com *.zopim.io *.zopim.com data:;;
Vary: User-Agent
Connection: keep-alive, Keep-Alive
Keep-Alive: timeout=5, max=99
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8

Redirect headers

Date: Sat, 25 Jul 2020 13:11:28 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate public
Pragma: no-cache
Set-Cookie: PHPSESSID=9d178cc86f2c3636dc12641d22b70e60; expires=Thu, 19-Feb-2071 02:22:56 GMT; Max-Age=1595855488; path=/; secure; HttpOnly
X-Frame-Options: SAMEORIGIN
Location: https://banco.flbank.com.br/acessar-conta
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self' *.fontawesome.com *.googleapis.com *.gstatic.com https://static.zdassets.com https://ekr.zdassets.com https://*.zopim.com wss://*.zopim.com https://*.zopim.io https://viacep.com.br; style-src 'self' *.fontawesome.com *.googleapis.com *.gstatic.com 'unsafe-inline'; img-src 'self' *.googleapis.com *.zopim.io *.zopim.com data:;;
Vary: User-Agent
Connection: keep-alive, Keep-Alive
Keep-Alive: timeout=5, max=100
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK css.css
banco.flbank.com.br/sistema/assets/css/ 137 KB
137 KB 246ms
245ms Stylesheet
text/css 177.53.142.209
Brasil Site Infor...

General

Check archive.org

Show headers Download Go to

Full URL

https://banco.flbank.com.br/sistema/assets/css/css.css

Requested by

Host: banco.flbank.com.br
URL: https://banco.flbank.com.br/acessar-conta

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

177.53.142.209 , Brazil, ASN53243 (Brasil Site Informatica LTDA, BR),

Reverse DNS

Software

Apache /

Resource Hash

f8f360c727874fcc53be521724c14a59dd65eb9541621c1d0181a8384123f1c9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .fontawesome.com .googleapis.com .gstatic.com https://static.zdassets.com https://ekr.zdassets.com https://.zopim.com wss://.zopim.com https://.zopim.io 'unsafe-inline' https://viacep.com.br; style-src 'self' .fontawesome.com .googleapis.com .gstatic.com 'unsafe-inline'; img-src 'self' .googleapis.com .zopim.io .zopim.com data:;;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://banco.flbank.com.br/acessar-conta
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 25 Jul 2020 13:11:29 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive, Keep-Alive
Vary: User-Agent
Content-Length: 139877
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 31 Jan 2020 15:33:25 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Content-Type: text/css
Cache-Control: max-age=31536000, public, public
Content-Security-Policy: default-src 'self' *.fontawesome.com *.googleapis.com *.gstatic.com https://static.zdassets.com https://ekr.zdassets.com https://*.zopim.com wss://*.zopim.com https://*.zopim.io 'unsafe-inline' https://viacep.com.br; style-src 'self' *.fontawesome.com *.googleapis.com *.gstatic.com 'unsafe-inline'; img-src 'self' *.googleapis.com *.zopim.io *.zopim.com data:;;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Expires: Sun, 25 Jul 2021 13:11:29 GMT

GET
H2 200 706080138a.js Show response
kit.fontawesome.com/ 4 KB
2 KB 92ms
32ms Script
text/javascript 151.139.128.8
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/706080138a.js
Requested by: Host: banco.flbank.com.br
URL: https://banco.flbank.com.br/acessar-conta
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.8 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 78430aacded9bc766ca632d544407a3ded6eb62f7c296f29e668e21feefa5e3b

Request headers

Referer: https://banco.flbank.com.br/acessar-conta
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 25 Jul 2020 13:11:31 GMT
content-encoding: gzip
last-modified: Wed, 03 Jul 2019 20:47:13 GMT
status: 200
etag: "5d98adc2c09b812c26cb7d74dd50152e"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-hw: 1595682691.cds068.sk1.hn,1595682691.cds065.sk1.c
content-type: text/javascript
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, private, must-revalidate
access-control-allow-methods: GET
accept-ranges: bytes
content-length: 1723

GET
H/1.1 200
OK logo-login.png
banco.flbank.com.br/sistema/assets/images/ 6 KB
7 KB 734ms
246ms Image
image/png 177.53.142.209
Brasil Site Infor...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banco.flbank.com.br/sistema/assets/images/logo-login.png

Requested by

Host: banco.flbank.com.br
URL: https://banco.flbank.com.br/acessar-conta

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

177.53.142.209 , Brazil, ASN53243 (Brasil Site Informatica LTDA, BR),

Reverse DNS

Software

Apache /

Resource Hash

186047814a8f577765798a9d734f4064ae99af62f4e62514a2dca454322c8b1c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .fontawesome.com .googleapis.com .gstatic.com https://static.zdassets.com https://ekr.zdassets.com https://.zopim.com wss://.zopim.com https://.zopim.io 'unsafe-inline' https://viacep.com.br; style-src 'self' .fontawesome.com .googleapis.com .gstatic.com 'unsafe-inline'; img-src 'self' .googleapis.com .zopim.io .zopim.com data:;;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://banco.flbank.com.br/acessar-conta
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 25 Jul 2020 13:11:29 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive, Keep-Alive
Vary: User-Agent
Content-Length: 6652
X-XSS-Protection: 1; mode=block
Last-Modified: Sat, 25 Jul 2020 12:53:13 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: max-age=2592000, public, public
Content-Security-Policy: default-src 'self' *.fontawesome.com *.googleapis.com *.gstatic.com https://static.zdassets.com https://ekr.zdassets.com https://*.zopim.com wss://*.zopim.com https://*.zopim.io 'unsafe-inline' https://viacep.com.br; style-src 'self' *.fontawesome.com *.googleapis.com *.gstatic.com 'unsafe-inline'; img-src 'self' *.googleapis.com *.zopim.io *.zopim.com data:;;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Mon, 24 Aug 2020 13:11:29 GMT

GET
H2 200 free-v4-shims.min.css
kit-free.fontawesome.com/releases/latest/css/ 26 KB
4 KB 37ms
35ms Stylesheet
text/css 151.139.128.8
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://kit-free.fontawesome.com/releases/latest/css/free-v4-shims.min.css
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/706080138a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.8 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: e7067ebd80b3644eb678de99e0936f638d54628ce9775e304d42300821fd8b79

Request headers

Referer: https://banco.flbank.com.br/acessar-conta
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 25 Jul 2020 13:11:31 GMT
content-encoding: gzip
last-modified: Wed, 15 Jul 2020 17:35:35 GMT
status: 200
etag: "1594834535"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-hw: 1595682691.cds068.sk1.hn,1595682691.cds045.sk1.c
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, private, must-revalidate
access-control-allow-methods: GET
accept-ranges: bytes
content-length: 4429

GET
H2 200 free.min.css
kit-free.fontawesome.com/releases/latest/css/ 59 KB
13 KB 32ms
30ms Stylesheet
text/css 151.139.128.8
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://kit-free.fontawesome.com/releases/latest/css/free.min.css
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/706080138a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.8 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 2ee7d7bd8d1d9bfc925f53386e4b0ab58883361cf2f5177c91ef778895a98b88

Request headers

Referer: https://banco.flbank.com.br/acessar-conta
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 25 Jul 2020 13:11:31 GMT
content-encoding: gzip
last-modified: Wed, 15 Jul 2020 17:35:37 GMT
status: 200
etag: "1594834537"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-hw: 1595682691.cds068.sk1.hn,1595682691.cds019.sk1.c
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, private, must-revalidate
access-control-allow-methods: GET
accept-ranges: bytes
content-length: 13623

GET
H2 200 css
fonts.googleapis.com/ 8 KB
809 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700

Requested by

Host: banco.flbank.com.br
URL: https://banco.flbank.com.br/acessar-conta

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dfa03b5dee58c316ca0be1918ac2a62cc89c73fc7833898072eee86bf646c03c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://banco.flbank.com.br/acessar-conta
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 25 Jul 2020 12:59:13 GMT
server: ESF
date: Sat, 25 Jul 2020 13:11:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 25 Jul 2020 13:11:32 GMT

GET
H/1.1 200
OK magnific-popup.css
banco.flbank.com.br/sistema/assets/css/ 9 KB
10 KB 246ms
246ms Stylesheet
text/css 177.53.142.209
Brasil Site Infor...

General

Check archive.org

Show headers Download Go to

Full URL

https://banco.flbank.com.br/sistema/assets/css/magnific-popup.css

Requested by

Host: banco.flbank.com.br
URL: https://banco.flbank.com.br/acessar-conta

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

177.53.142.209 , Brazil, ASN53243 (Brasil Site Informatica LTDA, BR),

Reverse DNS

Software

Apache /

Resource Hash

9b7a5159b1ae9be05dd512c532444a7ef3f075051b14eb0d524d3330e94e6323

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .fontawesome.com .googleapis.com .gstatic.com https://static.zdassets.com https://ekr.zdassets.com https://.zopim.com wss://.zopim.com https://.zopim.io 'unsafe-inline' https://viacep.com.br; style-src 'self' .fontawesome.com .googleapis.com .gstatic.com 'unsafe-inline'; img-src 'self' .googleapis.com .zopim.io .zopim.com data:;;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://banco.flbank.com.br/acessar-conta
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 25 Jul 2020 13:11:30 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive, Keep-Alive
Vary: User-Agent
Content-Length: 9048
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 31 Jan 2020 15:04:33 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Content-Type: text/css
Cache-Control: max-age=31536000, public, public
Content-Security-Policy: default-src 'self' *.fontawesome.com *.googleapis.com *.gstatic.com https://static.zdassets.com https://ekr.zdassets.com https://*.zopim.com wss://*.zopim.com https://*.zopim.io 'unsafe-inline' https://viacep.com.br; style-src 'self' *.fontawesome.com *.googleapis.com *.gstatic.com 'unsafe-inline'; img-src 'self' *.googleapis.com *.zopim.io *.zopim.com data:;;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Expires: Sun, 25 Jul 2021 13:11:30 GMT

GET
H/1.1 200
OK select2.min.css
banco.flbank.com.br/sistema/assets/css/ 15 KB
16 KB 246ms
245ms Stylesheet
text/css 177.53.142.209
Brasil Site Infor...

General

Check archive.org

Show headers Download Go to

Full URL

https://banco.flbank.com.br/sistema/assets/css/select2.min.css

Requested by

Host: banco.flbank.com.br
URL: https://banco.flbank.com.br/acessar-conta

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

177.53.142.209 , Brazil, ASN53243 (Brasil Site Informatica LTDA, BR),

Reverse DNS

Software

Apache /

Resource Hash

1100388fbf996eb7b0090bf027336657188a330191b295cc1a0b7b23a0008aab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .fontawesome.com .googleapis.com .gstatic.com https://static.zdassets.com https://ekr.zdassets.com https://.zopim.com wss://.zopim.com https://.zopim.io 'unsafe-inline' https://viacep.com.br; style-src 'self' .fontawesome.com .googleapis.com .gstatic.com 'unsafe-inline'; img-src 'self' .googleapis.com .zopim.io .zopim.com data:;;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://banco.flbank.com.br/acessar-conta
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 25 Jul 2020 13:11:30 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive, Keep-Alive
Vary: User-Agent
Content-Length: 15275
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 31 Jan 2020 15:04:33 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Content-Type: text/css
Cache-Control: max-age=31536000, public, public
Content-Security-Policy: default-src 'self' *.fontawesome.com *.googleapis.com *.gstatic.com https://static.zdassets.com https://ekr.zdassets.com https://*.zopim.com wss://*.zopim.com https://*.zopim.io 'unsafe-inline' https://viacep.com.br; style-src 'self' *.fontawesome.com *.googleapis.com *.gstatic.com 'unsafe-inline'; img-src 'self' *.googleapis.com *.zopim.io *.zopim.com data:;;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: Sun, 25 Jul 2021 13:11:30 GMT

GET
H/1.1 200
OK bg_login.jpg
banco.flbank.com.br/sistema/assets/images/ 791 KB
792 KB 246ms
246ms Image
image/jpeg 177.53.142.209
Brasil Site Infor...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banco.flbank.com.br/sistema/assets/images/bg_login.jpg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

177.53.142.209 , Brazil, ASN53243 (Brasil Site Informatica LTDA, BR),

Reverse DNS

Software

Apache /

Resource Hash

a9d3fad34c41399c860505e8c386a66856ba73bfe2182c77fa8fa9e287fb2960

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .fontawesome.com .googleapis.com .gstatic.com https://static.zdassets.com https://ekr.zdassets.com https://.zopim.com wss://.zopim.com https://.zopim.io 'unsafe-inline' https://viacep.com.br; style-src 'self' .fontawesome.com .googleapis.com .gstatic.com 'unsafe-inline'; img-src 'self' .googleapis.com .zopim.io .zopim.com data:;;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://banco.flbank.com.br/sistema/assets/css/css.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 25 Jul 2020 13:11:30 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive, Keep-Alive
Vary: User-Agent
Content-Length: 809731
X-XSS-Protection: 1; mode=block
Last-Modified: Sat, 25 Jul 2020 12:53:13 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=2592000, public, public
Content-Security-Policy: default-src 'self' *.fontawesome.com *.googleapis.com *.gstatic.com https://static.zdassets.com https://ekr.zdassets.com https://*.zopim.com wss://*.zopim.com https://*.zopim.io 'unsafe-inline' https://viacep.com.br; style-src 'self' *.fontawesome.com *.googleapis.com *.gstatic.com 'unsafe-inline'; img-src 'self' *.googleapis.com *.zopim.io *.zopim.com data:;;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Expires: Mon, 24 Aug 2020 13:11:30 GMT

GET
H/1.1 200
OK login_image.jpg
banco.flbank.com.br/sistema/assets/images/ 66 KB
67 KB 245ms
245ms Image
image/jpeg 177.53.142.209
Brasil Site Infor...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banco.flbank.com.br/sistema/assets/images/login_image.jpg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

177.53.142.209 , Brazil, ASN53243 (Brasil Site Informatica LTDA, BR),

Reverse DNS

Software

Apache /

Resource Hash

e5c2e9d7762a8cb12ff98549b6addb673b69f9bb254387b7191cd095a134cc16

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .fontawesome.com .googleapis.com .gstatic.com https://static.zdassets.com https://ekr.zdassets.com https://.zopim.com wss://.zopim.com https://.zopim.io 'unsafe-inline' https://viacep.com.br; style-src 'self' .fontawesome.com .googleapis.com .gstatic.com 'unsafe-inline'; img-src 'self' .googleapis.com .zopim.io .zopim.com data:;;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://banco.flbank.com.br/sistema/assets/css/css.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 25 Jul 2020 13:11:30 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive, Keep-Alive
Vary: User-Agent
Content-Length: 67955
X-XSS-Protection: 1; mode=block
Last-Modified: Sat, 25 Jul 2020 12:53:12 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=2592000, public, public
Content-Security-Policy: default-src 'self' *.fontawesome.com *.googleapis.com *.gstatic.com https://static.zdassets.com https://ekr.zdassets.com https://*.zopim.com wss://*.zopim.com https://*.zopim.io 'unsafe-inline' https://viacep.com.br; style-src 'self' *.fontawesome.com *.googleapis.com *.gstatic.com 'unsafe-inline'; img-src 'self' *.googleapis.com *.zopim.io *.zopim.com data:;;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Expires: Mon, 24 Aug 2020 13:11:30 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700
Origin: https://banco.flbank.com.br

Response headers

date: Fri, 24 Jul 2020 10:06:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:48 GMT
server: sffe
age: 97527
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13708
x-xss-protection: 0
expires: Sat, 24 Jul 2021 10:06:05 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700
Origin: https://banco.flbank.com.br

Response headers

date: Fri, 24 Jul 2020 04:57:18 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:47:06 GMT
server: sffe
age: 116054
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13612
x-xss-protection: 0
expires: Sat, 24 Jul 2021 04:57:18 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_ZpC3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_ZpC3gnD_vx3rCs.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cedb226bd7759d04b58baa1a609e1aeecc1aa5c6c3280c4db153019f426f3de0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700
Origin: https://banco.flbank.com.br

Response headers

date: Wed, 15 Jul 2020 20:11:15 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:41 GMT
server: sffe
age: 838817
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13640
x-xss-protection: 0
expires: Thu, 15 Jul 2021 20:11:15 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700
Origin: https://banco.flbank.com.br

Response headers

date: Thu, 09 Jul 2020 04:13:09 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:50 GMT
server: sffe
age: 1414703
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13464
x-xss-protection: 0
expires: Fri, 09 Jul 2021 04:13:09 GMT

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| FontAwesomeKitConfig object| prefixesArray string| prefixesSelectorString

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' .fontawesome.com .googleapis.com .gstatic.com https://static.zdassets.com https://ekr.zdassets.com https://.zopim.com wss://.zopim.com https://.zopim.io https://viacep.com.br; style-src 'self' .fontawesome.com .googleapis.com .gstatic.com 'unsafe-inline'; img-src 'self' .googleapis.com .zopim.io .zopim.com data:;;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

banco.flbank.com.br
fonts.googleapis.com
fonts.gstatic.com
kit-free.fontawesome.com
kit.fontawesome.com
151.139.128.8
177.53.142.209
2a00:1450:4001:800::200a
2a00:1450:4001:818::2003
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
1100388fbf996eb7b0090bf027336657188a330191b295cc1a0b7b23a0008aab
186047814a8f577765798a9d734f4064ae99af62f4e62514a2dca454322c8b1c
199304efaace4d5d966fd79be18981ddd11d83b55bb590d060f32141527f59e2
2ee7d7bd8d1d9bfc925f53386e4b0ab58883361cf2f5177c91ef778895a98b88
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
78430aacded9bc766ca632d544407a3ded6eb62f7c296f29e668e21feefa5e3b
9b7a5159b1ae9be05dd512c532444a7ef3f075051b14eb0d524d3330e94e6323
a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082
a9d3fad34c41399c860505e8c386a66856ba73bfe2182c77fa8fa9e287fb2960
cedb226bd7759d04b58baa1a609e1aeecc1aa5c6c3280c4db153019f426f3de0
dfa03b5dee58c316ca0be1918ac2a62cc89c73fc7833898072eee86bf646c03c
e5c2e9d7762a8cb12ff98549b6addb673b69f9bb254387b7191cd095a134cc16
e7067ebd80b3644eb678de99e0936f638d54628ce9775e304d42300821fd8b79
f8f360c727874fcc53be521724c14a59dd65eb9541621c1d0181a8384123f1c9

banco.flbank.com.br Open in urlscan Pro 177.53.142.209 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

50 %IPv6

4 Domains

5 Subdomains

4 IPs

3 Countries

1106 kBTransfer

1175 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

banco.flbank.com.br Open in urlscan Pro
177.53.142.209 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

4
IPs

3
Countries

1106 kB
Transfer

1175 kB
Size

0
Cookies

15 HTTP transactions
0 data transactions