urlscan.io logo urlscan.io
SecurityTrails logo

portal.frotabank.com.br Open in urlscan Pro
20.101.2.157  Public Scan

Go To Rescan Add Verdict Report
URL: https://portal.frotabank.com.br/
Submission: On September 30 via automatic, source certstream-suspicious — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 7 domains to perform 30 HTTP transactions. The main IP is 20.101.2.157, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is portal.frotabank.com.br.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on May 13th 2024. Valid for: 6 months.
This is the only time portal.frotabank.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 20.101.2.157 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 104.18.70.113 13335 (CLOUDFLAR...)
1 104.18.72.113 13335 (CLOUDFLAR...)
1 2001:4860:480... 15169 (GOOGLE)
1 142.250.185.99 15169 (GOOGLE)
3 216.198.54.1 209242 (CLOUDFLAR...)
30 9
14    20.101.2.157 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
portal.frotabank.com.br
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
1    104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)
ekr.zdassets.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net
fonts.gstatic.com
3    216.198.54.1 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
frotabank.zendesk.com
Apex Domain
Subdomains		 Transfer
14 frotabank.com.br
portal.frotabank.com.br
710 KB
9 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 2625
ekr.zdassets.com — Cisco Umbrella Rank: 2970
213 KB
3 zendesk.com
frotabank.zendesk.com
1 KB
1 gstatic.com
fonts.gstatic.com
47 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3391
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 57
87 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
2 KB
30 7
Domain Requested by
14 portal.frotabank.com.br portal.frotabank.com.br
8 static.zdassets.com portal.frotabank.com.br
static.zdassets.com
3 frotabank.zendesk.com static.zdassets.com
1 fonts.gstatic.com fonts.googleapis.com
1 region1.google-analytics.com www.googletagmanager.com
1 ekr.zdassets.com static.zdassets.com
1 www.googletagmanager.com portal.frotabank.com.br
1 fonts.googleapis.com portal.frotabank.com.br
30 8

This site contains no links.

Subject Issuer Validity Valid
portal.frotabank.com.br
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2024-05-13 -
2024-11-13		 6 months crt.sh
upload.video.google.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.google-analytics.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
zdassets.com
WE1		 2024-09-05 -
2024-12-04		 3 months crt.sh
*.gstatic.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
frotabank.zendesk.com
E5		 2024-09-12 -
2024-12-11		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://portal.frotabank.com.br/
Frame ID: E9FEAA1B6716C01DDB3179F2773AAB3F
Requests: 21 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-611804a.js
Frame ID: 299205756BDD999DA4C01C970487C3EA
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Frotabank - Login

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

30
Requests

100 %
HTTPS

38 %
IPv6

7
Domains

8
Subdomains

9
IPs

4
Countries

1061 kB
Transfer

3330 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
portal.frotabank.com.br/ 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://portal.frotabank.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.101.2.157 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fe6c1085e92d630942261a7becd019760d9c6787517cdef17bca44e36ba0a032
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
public, must-revalidate, max-age=30
content-encoding
br
content-type
text/html
date
Mon, 30 Sep 2024 10:58:55 GMT
etag
"86884239"
last-modified
Mon, 16 Sep 2024 20:19:20 GMT
referrer-policy
same-origin
strict-transport-security
max-age=10886400; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
css2
fonts.googleapis.com/ 		23 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700&display=swap
Requested by
Host: portal.frotabank.com.br
URL: https://portal.frotabank.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6ca843c8152080da9858beb844feafe1264162fa3285d61286251ef9be1537e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://portal.frotabank.com.br
Referer

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 30 Sep 2024 10:58:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 30 Sep 2024 10:58:56 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 30 Sep 2024 10:49:56 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
js
www.googletagmanager.com/gtag/ 		242 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-B6QBWJE6XT
Requested by
Host: portal.frotabank.com.br
URL: https://portal.frotabank.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fc977146014b47a01cb9def3ab036dd5191ced5af00b553b834ed687eef8ec0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 30 Sep 2024 10:58:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 30 Sep 2024 10:58:56 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
88757
x-xss-protection
0
server
Google Tag Manager
9.9703c3af.chunk.css
portal.frotabank.com.br/static/css/ 		585 KB
73 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.frotabank.com.br/static/css/9.9703c3af.chunk.css
Requested by
Host: portal.frotabank.com.br
URL: https://portal.frotabank.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.101.2.157 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6588f268662368eead3ba5713070f42036b039b062fab58b0b4405b3aea24fbd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.frotabank.com.br/

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
content-encoding
br
etag
"86884239"
referrer-policy
same-origin
x-content-type-options
nosniff
date
Mon, 30 Sep 2024 10:58:55 GMT
x-xss-protection
1; mode=block
content-type
text/css
last-modified
Mon, 16 Sep 2024 20:19:20 GMT
vary
Accept-Encoding
snippet.js
static.zdassets.com/ekr/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/snippet.js?key=484395c3-81ea-4b6b-8978-f5c2b417147b
Requested by
Host: portal.frotabank.com.br
URL: https://portal.frotabank.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5e73ae42ed4f068014f2ac26f036966e4997aa1fd32c2182859e3163dd1f71a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
0
content-encoding
br
cf-cache-status
HIT
etag
W/"d90dbb2a9f98c3c53cd0f1d480381e2e"
x-amz-version-id
FkgGJxeVVNjmEhoAGFYT4yGKQLf728f6
age
52
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5HNak707%2BxOIaHg4ZynbTcgzpDCpRM7WN24VdnfiYop4VAOUvi8cZ2PAtq5GAgPk3PC26OOvuE2voVnZuxkxH4UW1YYF84kV17n3q2LLF1f7fCVtC7OyDEFknNdgUu%2BdxV1K1mo%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, HEAD
date
Mon, 30 Sep 2024 10:58:56 GMT
content-type
application/javascript
last-modified
Tue, 10 Sep 2024 11:42:28 GMT
vary
Accept-Encoding
x-amz-id-2
nQabZOM3Cgq6WCOCmnASF9CQK97aDG4dQawaUwkcbxKXb54ST5e8o30202jygQxmdtW0v2yPkI0=
access-control-allow-headers
*
strict-transport-security
max-age=0
x-amz-replication-status
COMPLETED
cache-control
public, max-age=3600, s-maxage=60
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
5AGDXJNBH0MTRQX0
cf-ray
8cb3b35c4e083672-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
9.a66e198f.chunk.js
portal.frotabank.com.br/static/js/ 		1 MB
277 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.frotabank.com.br/static/js/9.a66e198f.chunk.js
Requested by
Host: portal.frotabank.com.br
URL: https://portal.frotabank.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.101.2.157 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7eda8499d79df9d7e9cd761bb828b22108dac2a84ebf73749da8b6f18f107c97
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.frotabank.com.br/

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
content-encoding
br
etag
"86884239"
referrer-policy
same-origin
x-content-type-options
nosniff
date
Mon, 30 Sep 2024 10:58:55 GMT
x-xss-protection
1; mode=block
content-type
text/javascript
last-modified
Mon, 16 Sep 2024 20:19:20 GMT
vary
Accept-Encoding
main.d593d149.chunk.js
portal.frotabank.com.br/static/js/ 		127 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.frotabank.com.br/static/js/main.d593d149.chunk.js
Requested by
Host: portal.frotabank.com.br
URL: https://portal.frotabank.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.101.2.157 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5465e6568a570ca46ceb1fd39c8066e2c2972b5f4ff41cda1b650b2e4c995a17
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.frotabank.com.br/

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
content-encoding
br
etag
"86884239"
referrer-policy
same-origin
x-content-type-options
nosniff
date
Mon, 30 Sep 2024 10:58:55 GMT
x-xss-protection
1; mode=block
content-type
text/javascript
last-modified
Mon, 16 Sep 2024 20:19:20 GMT
vary
Accept-Encoding
484395c3-81ea-4b6b-8978-f5c2b417147b
ekr.zdassets.com/compose/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/484395c3-81ea-4b6b-8978-f5c2b417147b
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=484395c3-81ea-4b6b-8978-f5c2b417147b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55987572cc2fa6db5986ad20ca634189f28a301982bab3f9f413227398406f89
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
7200
x-request-id
8c92616ee8124b41-SEA, 8c92616ee8124b41-SEA, 8c92616ee8124b41-SEA
access-control-expose-headers
content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"55987572cc2fa6db5986ad20ca634189"
x-permitted-cross-domain-policies
none
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mLOsdGU1be8dS8SXpOaVKQ7J6%2BxQfkDJUZQwdE7Id8Vp5XKN8k%2Fc7JAW9hoPuJVQYNdPe8XjAEL%2FmHihrygkpqL99ihBifbCWzTt7Mxuowqi8YdxVttISRBfsaRZ5d1Zesc%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
date
Mon, 30 Sep 2024 10:58:56 GMT
content-type
application/json; charset=utf-8
vary
Accept, Origin, Accept-Encoding
x-runtime
0.004364
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
cdn-cache-control
max-age=60
cache-control
max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8cb3b35d1b101951-FRA
access-control-allow-origin
*
x-zendesk-zorg
yes, yes
x-xss-protection
1; mode=block
server
cloudflare
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-B6QBWJE6XT&gtm=45je49p0v877378312za200&_p=1727693936093&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&cid=552462504.1727693936&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1727693936&sct=1&seg=0&dl=https%3A%2F%2Fportal.frotabank.com.br%2F&dt=Frotabank&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=375
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B6QBWJE6XT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://portal.frotabank.com.br
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 30 Sep 2024 10:58:56 GMT
content-type
text/plain
server
Golfe2
0.de70274f.chunk.css
portal.frotabank.com.br/static/css/ 		25 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.frotabank.com.br/static/css/0.de70274f.chunk.css
Requested by
Host: portal.frotabank.com.br
URL: https://portal.frotabank.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.101.2.157 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
769f7d14d6777f01136ad9c4887267c0528f70703be4995dc9ab4ae71dc906eb
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.frotabank.com.br/login

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
content-encoding
br
etag
"86884239"
referrer-policy
same-origin
x-content-type-options
nosniff
date
Mon, 30 Sep 2024 10:58:55 GMT
x-xss-protection
1; mode=block
content-type
text/css
last-modified
Mon, 16 Sep 2024 20:19:20 GMT
vary
Accept-Encoding
0.6198bda4.chunk.js
portal.frotabank.com.br/static/js/ 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.frotabank.com.br/static/js/0.6198bda4.chunk.js
Requested by
Host: portal.frotabank.com.br
URL: https://portal.frotabank.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.101.2.157 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e2924f0b8b998aa0591bb5dfb90bd7c9ec9916d46671f96757af2365e7a9d402
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.frotabank.com.br/login

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
content-encoding
br
etag
"86884239"
referrer-policy
same-origin
x-content-type-options
nosniff
date
Mon, 30 Sep 2024 10:58:55 GMT
x-xss-protection
1; mode=block
content-type
text/javascript
last-modified
Mon, 16 Sep 2024 20:19:20 GMT
vary
Accept-Encoding
1.e6a542e4.chunk.css
portal.frotabank.com.br/static/css/ 		68 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.frotabank.com.br/static/css/1.e6a542e4.chunk.css
Requested by
Host: portal.frotabank.com.br
URL: https://portal.frotabank.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.101.2.157 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b40379f3b965c9fb28f86740024744a8f4b4c54696e1c3549aba2201a56ea9b3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.frotabank.com.br/login

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
content-encoding
br
etag
"86884239"
referrer-policy
same-origin
x-content-type-options
nosniff
date
Mon, 30 Sep 2024 10:58:56 GMT
x-xss-protection
1; mode=block
content-type
text/css
last-modified
Mon, 16 Sep 2024 20:19:20 GMT
vary
Accept-Encoding
1.523598cd.chunk.js
portal.frotabank.com.br/static/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.frotabank.com.br/static/js/1.523598cd.chunk.js
Requested by
Host: portal.frotabank.com.br
URL: https://portal.frotabank.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.101.2.157 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e98878f36dea7c2acc0bd4de52b6b36a32dbac287ce23662347ed88262e06c92
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.frotabank.com.br/login

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
content-encoding
br
etag
"86884239"
referrer-policy
same-origin
x-content-type-options
nosniff
date
Mon, 30 Sep 2024 10:58:56 GMT
x-xss-protection
1; mode=block
content-type
text/javascript
last-modified
Mon, 16 Sep 2024 20:19:20 GMT
vary
Accept-Encoding
3.71e51b12.chunk.js
portal.frotabank.com.br/static/js/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.frotabank.com.br/static/js/3.71e51b12.chunk.js
Requested by
Host: portal.frotabank.com.br
URL: https://portal.frotabank.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.101.2.157 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3fed093e43b2d9e8191e65922748fd93ec5cd19b2cb186082a5720b88ce034fb
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.frotabank.com.br/login

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
content-encoding
br
etag
"86884239"
referrer-policy
same-origin
x-content-type-options
nosniff
date
Mon, 30 Sep 2024 10:58:56 GMT
x-xss-protection
1; mode=block
content-type
text/javascript
last-modified
Mon, 16 Sep 2024 20:19:20 GMT
vary
Accept-Encoding
2.1f832507.chunk.js
portal.frotabank.com.br/static/js/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.frotabank.com.br/static/js/2.1f832507.chunk.js
Requested by
Host: portal.frotabank.com.br
URL: https://portal.frotabank.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.101.2.157 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
555cbe98f1d4588eeb461c86d6fd7067d36b3b17314d8910000d3e67bc0825de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.frotabank.com.br/login

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
content-encoding
br
etag
"86884239"
referrer-policy
same-origin
x-content-type-options
nosniff
date
Mon, 30 Sep 2024 10:58:56 GMT
x-xss-protection
1; mode=block
content-type
text/javascript
last-modified
Mon, 16 Sep 2024 20:19:20 GMT
vary
Accept-Encoding
56.dd2d1b3e.chunk.css
portal.frotabank.com.br/static/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.frotabank.com.br/static/css/56.dd2d1b3e.chunk.css
Requested by
Host: portal.frotabank.com.br
URL: https://portal.frotabank.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.101.2.157 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c8a036ba59d91165e391c63a29d0ce41079c1e4b99ddec9c9caded89d920765c
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.frotabank.com.br/login

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
content-encoding
br
etag
"86884239"
referrer-policy
same-origin
x-content-type-options
nosniff
date
Mon, 30 Sep 2024 10:58:55 GMT
x-xss-protection
1; mode=block
content-type
text/css
last-modified
Mon, 16 Sep 2024 20:19:20 GMT
vary
Accept-Encoding
56.ad36f60f.chunk.js
portal.frotabank.com.br/static/js/ 		127 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.frotabank.com.br/static/js/56.ad36f60f.chunk.js
Requested by
Host: portal.frotabank.com.br
URL: https://portal.frotabank.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.101.2.157 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7e5d4e5569feff363e80489ac7dc93837d923599c67110d3d612c7463235057a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.frotabank.com.br/login

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
content-encoding
br
etag
"86884239"
referrer-policy
same-origin
x-content-type-options
nosniff
date
Mon, 30 Sep 2024 10:58:55 GMT
x-xss-protection
1; mode=block
content-type
text/javascript
last-modified
Mon, 16 Sep 2024 20:19:20 GMT
vary
Accept-Encoding
truncated
/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
71c7dd5714389d74ca42b943f30e1b71d4606305db1ff1a170fa07c864dfc98b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://portal.frotabank.com.br
Referer
https://fonts.googleapis.com/

Response headers

age
359931
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 26 Sep 2025 07:00:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 26 Sep 2024 07:00:05 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
web-widget-main-611804a.js
static.zdassets.com/web_widget/messenger/latest/ Frame 2992 		435 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-611804a.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=484395c3-81ea-4b6b-8978-f5c2b417147b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e9cbfade3bfd0c3895358ee3edec4bc4d65384e3f23ebbb01611d2306763bc8
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
0
content-encoding
br
cf-cache-status
HIT
etag
W/"c45be418ebd0378ab5879841f3077179"
x-amz-version-id
e4wRvWQMLlhWXzynUPnloGArxq9VA4f4
age
350606
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nNk90YjUJEgkE7Bnl5CLh9sJdI6OI8wXkmBrB%2BtGRQnCJH7SEdCX%2BhHhboYczQqt%2B%2BaTKyMyvaKXHkf8SGZTE27z2W3slOLQM%2F1tvFcMuZVBkm9hj3vT8IPNzW8MUtYfoL%2FM1lQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, HEAD
expires
Sat, 20 Sep 2025 14:07:04 GMT
date
Mon, 30 Sep 2024 10:58:56 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 20 Sep 2024 14:07:05 GMT
vary
Accept-Encoding
x-amz-id-2
+kHy3Zif3nY6FIy9mM6KY/I8vCsufb4X/IMJFWdn4HfwntTxEgBLWibXS6Wk3spa8Pt551eCNbM=
access-control-allow-headers
*
strict-transport-security
max-age=0
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3P7FRSPE7BXSYP08
cf-ray
8cb3b3600a553672-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
logoFrotabank.14832124.png
portal.frotabank.com.br/static/media/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.frotabank.com.br/static/media/logoFrotabank.14832124.png
Requested by
Host: portal.frotabank.com.br
URL: https://portal.frotabank.com.br/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.101.2.157 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a08870c938ba9903229dbfee619685035e62e7600fbbe6b5a7d8524d60035a2a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.frotabank.com.br/login

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
etag
"86884239"
referrer-policy
same-origin
x-content-type-options
nosniff
content-length
11184
date
Mon, 30 Sep 2024 10:58:56 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Mon, 16 Sep 2024 20:19:20 GMT
en-us-json-611804a.js
static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/ Frame 2992 		22 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-611804a.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-611804a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fcee1591305b0dca21fb5f518f22e697a85be389bf62f69b7ee37166f37a848
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
0
content-encoding
br
cf-cache-status
HIT
etag
W/"30d674705401633cd05f71aace188d47"
x-amz-version-id
yG_9OgTIu0C1JZ1seYVnnhn9hDqrvNSa
age
350606
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A%2FmB6rvkE%2FFx9kThCfbM9sY2%2BDL0qzWV2l1N7s5mCFTvLGXCpezF0hgvwWqacCmgGlOaa1049GNA0DEsCLyR8ZgwIsWFgmcAnAK0O5odYHwYpd3RnL2pyvlwHJAUBgIYFmnaTC0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, HEAD
expires
Sat, 20 Sep 2025 14:07:05 GMT
date
Mon, 30 Sep 2024 10:58:56 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 20 Sep 2024 14:07:06 GMT
vary
Accept-Encoding
x-amz-id-2
M/y8gGYcT8wJKLy69I91VyEU0Lp9UGuWmH7yQDlJAeqHNYMkAA7fonD2xZj03kTouFlg79rkxXmKCHc5iQhAxA==
access-control-allow-headers
*
strict-transport-security
max-age=0
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3P7B3VK23MGAJ2AP
cf-ray
8cb3b360db463672-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
web-widget-6471-611804a.js
static.zdassets.com/web_widget/messenger/latest/ Frame 2992 		140 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-6471-611804a.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-611804a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c9f5aa5c5fa6b091b723ddbb2c641f30e8be0d81aeaf3fe091bd9d2f2bd620b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
0
content-encoding
br
cf-cache-status
HIT
etag
W/"7f8a2f68ef915890c2bc1aa27d127c06"
x-amz-version-id
rIjBBT6XhKW0lgEa4nqWevDY8IQtW6kI
age
350606
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IpjErZgUAuDXSrJzzRqiVxcryz1i4fr1SWETczLjARIiaNXu42IB4ovIQQ0FPxzReqyEu%2B6Cgurp8I233nAfZx8NHpM6zQBBwFzhWy723%2FsluvoNN6QeFK4ns7BILfkSNLFbGVM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, HEAD
expires
Sat, 20 Sep 2025 14:07:03 GMT
date
Mon, 30 Sep 2024 10:58:56 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 20 Sep 2024 14:07:04 GMT
vary
Accept-Encoding
x-amz-id-2
EF/RXaSjyZWp7/R3pNRZiRTJ8LkvRPLUn7m6KfNmYnoMeTcc6xWLCubHDfEBerH8d/fmO8LXgvPv7h1hWvCmUA==
access-control-allow-headers
*
strict-transport-security
max-age=0
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3P75AR80QBG9N6FN
cf-ray
8cb3b360db473672-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
web-widget-7437-611804a.js
static.zdassets.com/web_widget/messenger/latest/ Frame 2992 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-7437-611804a.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-611804a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
172825dc1b0c65b17b4b9ea902fba091e8dfa426e5780410fdccde55b474f1ec
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
0
content-encoding
br
cf-cache-status
HIT
etag
W/"3e4b7da2fe476e349e36828e2a424b99"
x-amz-version-id
dzXAQkWIT2IQBoXFKiSHzpw7G6d2F46W
age
350606
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yRN0sDah7Z20vFKZ3P2KAFi7G3t9I6ou6z3v8CcYcVD2rpn5o7HMWh7g2F0yGvzDAWqUcGV%2B5PavM%2FOOE3%2Bit7r4N48Lia%2F75C9sElzgLk04VLEc8w6jH0WBHhYUtSqe1PrJaxM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, HEAD
expires
Sat, 20 Sep 2025 14:07:04 GMT
date
Mon, 30 Sep 2024 10:58:56 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 20 Sep 2024 14:07:05 GMT
vary
Accept-Encoding
x-amz-id-2
/T52tks5QDG9x6Y3MtA0q9rJHdSBaYOQaRyxRSQlVWyY+1PGU+CWQCGaQwXJgj1/gs6Gy/Zj2Wl75Wky6/JiTw2RmiJQ5tJn
access-control-allow-headers
*
strict-transport-security
max-age=0
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3P7CS6J1DRT4H2A0
cf-ray
8cb3b360db4a3672-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
web-widget-3190-611804a.js
static.zdassets.com/web_widget/messenger/latest/ Frame 2992 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-3190-611804a.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-611804a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d29ab545fa809eb1e110057fe3fda8de08aaeaebe4789befa355aeca485f954a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
0
content-encoding
br
cf-cache-status
HIT
etag
W/"e35bbaefc57a2f17193994ba3d00da62"
x-amz-version-id
Qqs60i.oBEV5BtHoj0tjYUywhNecTmfU
age
350606
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ivIUNWgJnLidmPL%2Fg%2B91hWJCNF6xa%2BY%2FIi9mPoMenlcPFwQe0zAeWLyA3wm%2FcftfaROVtWhPi76M1J%2BjJd9umcab6VAar1XF8Dvw9AwVme97iD9WKEghZKM700h5DVUOviVcYrw%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, HEAD
expires
Sat, 20 Sep 2025 14:07:03 GMT
date
Mon, 30 Sep 2024 10:58:56 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 20 Sep 2024 14:07:04 GMT
vary
Accept-Encoding
x-amz-id-2
bC2nRqm9bhMsFPk/BaBAsKp8Xzut2wJP5bvbk202Fu0XQ9P7cCH6JrWy/16EN82d7Bcr5kNArTo=
access-control-allow-headers
*
strict-transport-security
max-age=0
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3P70Y2T6M3Z95FG0
cf-ray
8cb3b360db4c3672-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
web-widget-8173-611804a.js
static.zdassets.com/web_widget/messenger/latest/ Frame 2992 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-8173-611804a.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-611804a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b6ba0e6eed66ab5345210b7d09665ad5ab7e8b737b6f6cb0ae65d267372cc44
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
0
content-encoding
br
cf-cache-status
HIT
etag
W/"6ee6bafd5311611f1980bb49422bbfc9"
x-amz-version-id
Afd0765KQYvCJpYoT4.YoblZezJFG6Mt
age
350606
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HCfGN8uEzLry6QAQ3JO%2BUp6NunWnmwBhIzDvCnU91fE6cxUPQ8P0S2R1%2BtCIJeLtq%2BomIN28MU49u90sGXlVstkH6EkJnDdJm5rV7Snic929BYGmUVxdZPf%2F4KfhJg0saODmUOQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, HEAD
expires
Sat, 20 Sep 2025 14:07:04 GMT
date
Mon, 30 Sep 2024 10:58:56 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 20 Sep 2024 14:07:05 GMT
vary
Accept-Encoding
x-amz-id-2
/ncQMppUkaUXim8XD1jy0eniVLysYenPSaA/K5MMlFo6wM0OTu8cALj/zS2ab0yiy1+Xuambdd8=
access-control-allow-headers
*
strict-transport-security
max-age=0
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3P79DGQ6PHDMSAV3
cf-ray
8cb3b360eb4f3672-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
web-widget-9961-611804a.js
static.zdassets.com/web_widget/messenger/latest/ Frame 2992 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-9961-611804a.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-611804a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6b6e98b85f8c643cc8a1c28e197b81329465e9da317fc62c90f233ceaaddf7e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
0
content-encoding
br
cf-cache-status
HIT
etag
W/"175e50983bbd72fe9cb87b59f4ed07fc"
x-amz-version-id
.Zj7OBO2_Wy_NEgMaIgfolmXG8hNWR5K
age
350606
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=86gKPpm2uUK37v4t0MM87Ol7CzANpTI9Aqch0n3r%2BCkpIkZYjQEa7aYOw59a2TpV0AnPmOzsx2Jw3E9jAsNGYOrTcnXWdgR6TgAg4lU%2Ba8XUI0r18wmLFnGAlPiVvX1fXdYGaWc%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, HEAD
expires
Sat, 20 Sep 2025 14:07:04 GMT
date
Mon, 30 Sep 2024 10:58:56 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 20 Sep 2024 14:07:05 GMT
vary
Accept-Encoding
x-amz-id-2
NOFyAt1bOxca9pZjn8VNSGl4nP2hxdT11VsEpkBebBdD3PQ3DwTHq8Wz0D5Lu5c+IBqTCTnYT2zQAsg+4LPJVPhGhs070GyS
access-control-allow-headers
*
strict-transport-security
max-age=0
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3P74VP52GQJQ6DV3
cf-ray
8cb3b360eb503672-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
frota.ico
portal.frotabank.com.br/ 		244 KB
245 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://portal.frotabank.com.br/frota.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.101.2.157 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
acfd5e54433a89a3d91c691a56556cf183a0892135e31b2df106fac64e9704fa
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.frotabank.com.br/login

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
etag
"86884239"
referrer-policy
same-origin
x-content-type-options
nosniff
content-length
250334
date
Mon, 30 Sep 2024 10:58:56 GMT
x-xss-protection
1; mode=block
content-type
image/vnd.microsoft.icon
last-modified
Mon, 16 Sep 2024 20:19:20 GMT
pv
frotabank.zendesk.com/frontendevents/ Frame 2992 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://frotabank.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-611804a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.198.54.1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

x-request-id
8cb3b3638ea006dc-AMS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qZxMY1ALUCMy2Wvp%2BBdgONhppvI1aSDOo6SRtNkqo7rplEEwzJ39bxcrX3amYC9D3xEVADuyeUewi5LxGu1bhnXkz6cjk%2FS2Z68oTxl4Nsfs70rpy1s%2FGRdR2UyCA%2BugN6CP%2BPNajg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cb3b3638ea006dc-AMS
access-control-allow-origin
*
content-length
0
x-zendesk-zorg
yes
date
Mon, 30 Sep 2024 10:58:57 GMT
vary
Origin
server
cloudflare
config
frotabank.zendesk.com/embeddable/ Frame 2992 		853 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://frotabank.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-611804a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.198.54.1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff8842d870c120244479b77cbfcb7a17925c0640f97371361ac223b9257b192d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
7200
x-request-id
8cb3b3619c3106dc-CDG
access-control-expose-headers
x-zendesk-origin-server
embeddable-app-server-697d8d478b-xqm59
cf-cache-status
EXPIRED
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o97j7XqmTlBTvgr6wJ11Mit%2B1ShmShOReM8kAm6gDYP7FOb8YBpzOzjE%2Bgk7SXV9S4qwhNIoGHYQRqQwsa2wNuq%2BSJx%2B2gyMppw3k4WfKmGsIFaXVM1QXwrHTTNMrQP1ljpC3sRv0g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
date
Mon, 30 Sep 2024 10:58:57 GMT
content-type
application/json; charset=utf-8
vary
Origin, Accept-Encoding
x-runtime
0.002624
last-modified
Mon, 30 Sep 2024 10:58:57 GMT
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray
8cb3b3619c3106dc-AMS
access-control-allow-origin
*
x-zendesk-zorg
yes
x-cached
MISS
server
cloudflare
pv
frotabank.zendesk.com/frontendevents/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://frotabank.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.198.54.1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://portal.frotabank.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-origin
*
access-control-max-age
600
cache-control
max-age=600
cf-cache-status
DYNAMIC
cf-ray
8cb3b3619c3506dc-AMS
date
Mon, 30 Sep 2024 10:58:57 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BCa4wiMUhQN%2BUdjymGxbA53AuDAThGz%2FEHL4qeefkA99H9HUHxq6wIsCBdq3%2BmkGXCu%2FukK3VH%2BjOnULXCS8yHkvbyfM37XMbiDoxJduGwuf30Vux8yPiyYy5IAGpBYT5QLuSCoB4A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
x-request-id
8cb3b3619c3506dc-AMS
x-zendesk-zorg
yes

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| gtag object| dataLayer object| zEWebpackACJsonp function| zE function| zEmbed object| webpackJsonpfrotabank object| google_tag_manager object| google_tag_data object| gaGlobal boolean| zEACLoaded object| regeneratorRuntime object| __localeData__

2 Cookies

Domain/Path Name / Value
.frotabank.com.br/ Name: _ga_B6QBWJE6XT
Value: GS1.1.1727693936.1.0.1727693936.0.0.0
.frotabank.com.br/ Name: _ga
Value: GA1.1.552462504.1727693936

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://portal.frotabank.com.br/login
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
frotabank.zendesk.com
portal.frotabank.com.br
region1.google-analytics.com
static.zdassets.com
www.googletagmanager.com
104.18.70.113
104.18.72.113
142.250.185.99
20.101.2.157
2001:4860:4802:34::36
216.198.54.1
2a00:1450:4001:800::200a
2a00:1450:4001:80e::2008
172825dc1b0c65b17b4b9ea902fba091e8dfa426e5780410fdccde55b474f1ec
2b6ba0e6eed66ab5345210b7d09665ad5ab7e8b737b6f6cb0ae65d267372cc44
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3fed093e43b2d9e8191e65922748fd93ec5cd19b2cb186082a5720b88ce034fb
4c9f5aa5c5fa6b091b723ddbb2c641f30e8be0d81aeaf3fe091bd9d2f2bd620b
5465e6568a570ca46ceb1fd39c8066e2c2972b5f4ff41cda1b650b2e4c995a17
555cbe98f1d4588eeb461c86d6fd7067d36b3b17314d8910000d3e67bc0825de
55987572cc2fa6db5986ad20ca634189f28a301982bab3f9f413227398406f89
5fcee1591305b0dca21fb5f518f22e697a85be389bf62f69b7ee37166f37a848
6588f268662368eead3ba5713070f42036b039b062fab58b0b4405b3aea24fbd
6ca843c8152080da9858beb844feafe1264162fa3285d61286251ef9be1537e6
71c7dd5714389d74ca42b943f30e1b71d4606305db1ff1a170fa07c864dfc98b
769f7d14d6777f01136ad9c4887267c0528f70703be4995dc9ab4ae71dc906eb
7e5d4e5569feff363e80489ac7dc93837d923599c67110d3d612c7463235057a
7eda8499d79df9d7e9cd761bb828b22108dac2a84ebf73749da8b6f18f107c97
9e9cbfade3bfd0c3895358ee3edec4bc4d65384e3f23ebbb01611d2306763bc8
a08870c938ba9903229dbfee619685035e62e7600fbbe6b5a7d8524d60035a2a
acfd5e54433a89a3d91c691a56556cf183a0892135e31b2df106fac64e9704fa
b40379f3b965c9fb28f86740024744a8f4b4c54696e1c3549aba2201a56ea9b3
c8a036ba59d91165e391c63a29d0ce41079c1e4b99ddec9c9caded89d920765c
d29ab545fa809eb1e110057fe3fda8de08aaeaebe4789befa355aeca485f954a
d5e73ae42ed4f068014f2ac26f036966e4997aa1fd32c2182859e3163dd1f71a
d6b6e98b85f8c643cc8a1c28e197b81329465e9da317fc62c90f233ceaaddf7e
e2924f0b8b998aa0591bb5dfb90bd7c9ec9916d46671f96757af2365e7a9d402
e98878f36dea7c2acc0bd4de52b6b36a32dbac287ce23662347ed88262e06c92
fc977146014b47a01cb9def3ab036dd5191ced5af00b553b834ed687eef8ec0e
fe6c1085e92d630942261a7becd019760d9c6787517cdef17bca44e36ba0a032
ff8842d870c120244479b77cbfcb7a17925c0640f97371361ac223b9257b192d