Submitted URL: http://app.lumusbank.com.br/
Effective URL: https://app.lumusbank.com.br/
Submission: On September 25 via manual from US — Scanned from US

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 22 HTTP transactions. The main IP is 3.130.87.185, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is app.lumusbank.com.br.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 18th 2023. Valid for: a year.
This is the only time app.lumusbank.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 19 3.130.87.185 16509 (AMAZON-02)
1 104.18.23.52 13335 (CLOUDFLAR...)
3 172.64.130.9 13335 (CLOUDFLAR...)
22 3
Apex Domain
Subdomains
Transfer
16 lumusbank.com.br
app.lumusbank.com.br
4 MB
4 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 3436
ka-f.fontawesome.com — Cisco Umbrella Rank: 7091
23 KB
3 sistematize.me
app.sistematize.me
739 KB
22 3
Domain Requested by
16 app.lumusbank.com.br 1 redirects app.lumusbank.com.br
3 app.sistematize.me app.lumusbank.com.br
3 ka-f.fontawesome.com kit.fontawesome.com
1 kit.fontawesome.com app.lumusbank.com.br
22 4

This site contains no links.

Subject Issuer Validity Valid
app.lumusbank.com.br
Sectigo RSA Domain Validation Secure Server CA
2023-09-18 -
2024-09-18
a year crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1
2022-11-22 -
2023-12-23
a year crt.sh
ka-f.fontawesome.com
GTS CA 1P5
2023-09-10 -
2023-12-09
3 months crt.sh
*.sistematize.me
AlphaSSL CA - SHA256 - G4
2023-03-08 -
2024-04-08
a year crt.sh

This page contains 1 frames:

Primary Page: https://app.lumusbank.com.br/
Frame ID: 5F596E66ACDB356D63CB5FEF021E2D81
Requests: 22 HTTP requests in this frame

Screenshot

Page Title

Lumus Bank

Page URL History Show full URLs

  1. http://app.lumusbank.com.br/ HTTP 301
    https://app.lumusbank.com.br/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js

Page Statistics

22
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

3
IPs

1
Countries

5287 kB
Transfer

5157 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://app.lumusbank.com.br/ HTTP 301
    https://app.lumusbank.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
app.lumusbank.com.br/
Redirect Chain
  • http://app.lumusbank.com.br/
  • https://app.lumusbank.com.br/
1 KB
2 KB
Document
General
Full URL
https://app.lumusbank.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.130.87.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-87-185.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
c958eaf27866356471cadfb31e0474c276542f5c05141dd239c8bc85e2f36017
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
public, max-age=0
Connection
keep-alive
Content-Length
1102
Content-Type
text/html; charset=UTF-8
Date
Mon, 25 Sep 2023 13:11:38 GMT
ETag
W/"44e-18ab30378a5"
Keep-Alive
timeout=5
Last-Modified
Wed, 20 Sep 2023 14:34:23 GMT
Referrer-Policy
no-referrer
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
0

Redirect headers

Connection
keep-alive
Date
Mon, 25 Sep 2023 13:11:38 GMT
Keep-Alive
timeout=5
Location
https://app.lumusbank.com.br/
Transfer-Encoding
chunked
adb9307f73.js
kit.fontawesome.com/
11 KB
5 KB
Script
General
Full URL
https://kit.fontawesome.com/adb9307f73.js
Requested by
Host: app.lumusbank.com.br
URL: https://app.lumusbank.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a58f38f661f8e6062ee0efe87244666d43e8a319c6f67f326bafe09be287c031

Request headers

Referer
Origin
https://app.lumusbank.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 13:11:39 GMT
content-encoding
gzip
cf-cache-status
MISS
server
cloudflare
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
content-type
text/javascript
cache-control
max-age=60, public, stale-while-revalidate=30
cf-ray
80c383a49b828c4d-EWR
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F4gmapoc2NfM29UWTZvB
app.58ff63de.css
app.lumusbank.com.br/css/
37 KB
37 KB
Stylesheet
General
Full URL
https://app.lumusbank.com.br/css/app.58ff63de.css
Requested by
Host: app.lumusbank.com.br
URL: https://app.lumusbank.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.130.87.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-87-185.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
49c9d6125bd6057d2640506117cfc6f5ef8dfe236a34f0d75180c612fe354843
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
Date
Mon, 25 Sep 2023 13:11:38 GMT
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Last-Modified
Wed, 20 Sep 2023 14:34:23 GMT
ETag
W/"9241-18ab3037805"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
37441
X-XSS-Protection
0
chunk-vendors.06326e04.css
app.lumusbank.com.br/css/
975 KB
976 KB
Stylesheet
General
Full URL
https://app.lumusbank.com.br/css/chunk-vendors.06326e04.css
Requested by
Host: app.lumusbank.com.br
URL: https://app.lumusbank.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.130.87.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-87-185.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
12bb71a0103b0d6180afd0ff06caa3a834a6d7cb9655860e322756c01c1eb591
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
Date
Mon, 25 Sep 2023 13:11:38 GMT
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Last-Modified
Wed, 20 Sep 2023 14:34:23 GMT
ETag
W/"f3d03-18ab3037869"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
998659
X-XSS-Protection
0
app.9c739b73.js
app.lumusbank.com.br/js/
603 KB
604 KB
Script
General
Full URL
https://app.lumusbank.com.br/js/app.9c739b73.js
Requested by
Host: app.lumusbank.com.br
URL: https://app.lumusbank.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.130.87.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-87-185.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
a30cafb7b43ab5f0b6d227c25c3fb159e48ab747185b38b54fb0326d0f41e718
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
Date
Mon, 25 Sep 2023 13:11:38 GMT
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Last-Modified
Wed, 20 Sep 2023 14:34:23 GMT
ETag
W/"96cd2-18ab3037805"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
617682
X-XSS-Protection
0
chunk-vendors.8f4a2e40.js
app.lumusbank.com.br/js/
2 MB
2 MB
Script
General
Full URL
https://app.lumusbank.com.br/js/chunk-vendors.8f4a2e40.js
Requested by
Host: app.lumusbank.com.br
URL: https://app.lumusbank.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.130.87.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-87-185.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
3dd136200e34a0305afed4e084fb429575f702fcd8c70372fd1b1fc68e1b4e97
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
Date
Mon, 25 Sep 2023 13:11:38 GMT
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Last-Modified
Wed, 20 Sep 2023 14:34:23 GMT
ETag
W/"24a0ee-18ab3037869"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
2400494
X-XSS-Protection
0
free.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/
59 KB
13 KB
Fetch
General
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=adb9307f73
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/adb9307f73.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.130.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 13:11:39 GMT
via
1.1 c456cd1dcda544d97e59ee05afbea4a2.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK50-P8
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=upsh7KWlr82u1MCRgRwXXw%2Fad931sLRTeciWRpAnkF0QtrPRYPCcFXAcrjERyzp4jHYE1pXPNg7XrYaN8K3efhR0vU2jHiX8PLZt8Z11CbrO0PJRFNeSCaFSJNO%2By8XcThrlQUav8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
80c383a72daf17e9-EWR
access-control-allow-headers
fa-kit-token
x-amz-cf-id
nvws8gW14MBJvHofuY3LxCFmQBovmE-TM1WTic7mrV80_09cBtKY9w==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/
26 KB
4 KB
Fetch
General
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=adb9307f73
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/adb9307f73.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.130.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 13:11:39 GMT
via
1.1 d9904d2a7eb0a13ec208dbdb43366b78.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK50-P8
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jvv4gXcMS9364K7PqMPk2%2BCQY8epbm7jj3lP0nhvjeaCfCbIOVT%2BqekaWGnWptpCk35aYV9IoOsMAN5j5XyYUHwx%2BCuHgT%2BK826vPTytu8ZbLxK8KhfAQG7aJ%2F7xgH%2FP7K3tomoAJg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
80c383a72db017e9-EWR
access-control-allow-headers
fa-kit-token
x-amz-cf-id
M_W9PtuoduGflwbxGwiEnm5I7kbOt5QDhVD0HIrkKKrQ66oRaresYA==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/
3 KB
1 KB
Fetch
General
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=adb9307f73
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/adb9307f73.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.130.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 13:11:39 GMT
via
1.1 bb230469f03d4df9d78eb6119c0e0ccc.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK50-P8
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iadkjWM59NTI3gueLWtnHbX17Na93EeDxkQ0J3WHR4nquY%2F6rQeFdbb5nowjyniZHJy%2BysbsOvgpiVOIT8%2B%2FEeknbLz8p%2FkS2JUhC8gnxfFBRPySIJ5WDP8EftGMvj6hL5ksRMiWYw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
80c383a72db117e9-EWR
access-control-allow-headers
fa-kit-token
x-amz-cf-id
Xw3OQFQ3_FYO5M2D_QSdguXq3zneoai7ReEiS0iwkQU1ZPQ7PSMsVw==
lazy-chunk.88ea4c15.css
app.lumusbank.com.br/css/
0
943 B
Other
General
Full URL
https://app.lumusbank.com.br/css/lazy-chunk.88ea4c15.css
Requested by
Host: app.lumusbank.com.br
URL: https://app.lumusbank.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.130.87.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-87-185.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
Date
Mon, 25 Sep 2023 13:11:39 GMT
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Last-Modified
Wed, 20 Sep 2023 14:34:23 GMT
ETag
W/"1be-18ab3037869"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
446
X-XSS-Protection
0
chunk-2d0d7e47.78563446.js
app.lumusbank.com.br/js/
0
194 KB
Other
General
Full URL
https://app.lumusbank.com.br/js/chunk-2d0d7e47.78563446.js
Requested by
Host: app.lumusbank.com.br
URL: https://app.lumusbank.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.130.87.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-87-185.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
Date
Mon, 25 Sep 2023 13:11:39 GMT
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Last-Modified
Wed, 20 Sep 2023 14:34:23 GMT
ETag
W/"307d3-18ab3037869"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
198611
X-XSS-Protection
0
lazy-chunk.12737c2c.js
app.lumusbank.com.br/js/
0
4 KB
Other
General
Full URL
https://app.lumusbank.com.br/js/lazy-chunk.12737c2c.js
Requested by
Host: app.lumusbank.com.br
URL: https://app.lumusbank.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.130.87.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-87-185.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
Date
Mon, 25 Sep 2023 13:11:39 GMT
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Last-Modified
Wed, 20 Sep 2023 14:34:23 GMT
ETag
W/"d86-18ab3037869"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
3462
X-XSS-Protection
0
lazy-chunk.88ea4c15.css
app.lumusbank.com.br/css/
446 B
943 B
Stylesheet
General
Full URL
https://app.lumusbank.com.br/css/lazy-chunk.88ea4c15.css
Requested by
Host: app.lumusbank.com.br
URL: https://app.lumusbank.com.br/js/app.9c739b73.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.130.87.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-87-185.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
893ac55280021f0d4c818e7898aa4a59205838c56be1878cb04d547a232e8470
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
Date
Mon, 25 Sep 2023 13:11:39 GMT
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Last-Modified
Wed, 20 Sep 2023 14:34:23 GMT
ETag
W/"1be-18ab3037869"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
446
X-XSS-Protection
0
lazy-chunk.12737c2c.js
app.lumusbank.com.br/js/
3 KB
4 KB
Script
General
Full URL
https://app.lumusbank.com.br/js/lazy-chunk.12737c2c.js
Requested by
Host: app.lumusbank.com.br
URL: https://app.lumusbank.com.br/js/app.9c739b73.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.130.87.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-87-185.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e931c37ba9e84faa17f287f9276a788437c75b2fb07c5832ce233618c413cb61
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
Date
Mon, 25 Sep 2023 13:11:39 GMT
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Last-Modified
Wed, 20 Sep 2023 14:34:23 GMT
ETag
W/"d86-18ab3037869"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
3462
X-XSS-Protection
0
loading.a6178f44.gif
app.lumusbank.com.br/img/
9 KB
10 KB
Image
General
Full URL
https://app.lumusbank.com.br/img/loading.a6178f44.gif
Requested by
Host: app.lumusbank.com.br
URL: https://app.lumusbank.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.130.87.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-87-185.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
7983d92d94ac1327a01aae67c2713fef1f541d59ce98cb3b7535b3a69beeb86f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
Date
Mon, 25 Sep 2023 13:11:39 GMT
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Last-Modified
Wed, 20 Sep 2023 14:34:23 GMT
ETag
W/"2557-18ab3037869"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
9559
X-XSS-Protection
0
materialdesignicons-webfont.c61b9c12.woff2
app.lumusbank.com.br/fonts/
219 KB
220 KB
Font
General
Full URL
https://app.lumusbank.com.br/fonts/materialdesignicons-webfont.c61b9c12.woff2
Requested by
Host: app.lumusbank.com.br
URL: https://app.lumusbank.com.br/css/chunk-vendors.06326e04.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.130.87.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-87-185.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
950f6fe06869da2cad3bdd64bc88bc9ed6746335ceaf0c0f6d4e7f5b85f01731
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
Origin
https://app.lumusbank.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
Date
Mon, 25 Sep 2023 13:11:39 GMT
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Last-Modified
Wed, 20 Sep 2023 14:34:23 GMT
ETag
W/"36c5c-18ab30377c9"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
font/woff2
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
224348
X-XSS-Protection
0
Roboto-Medium.90d16760.woff2
app.lumusbank.com.br/fonts/
64 KB
64 KB
Font
General
Full URL
https://app.lumusbank.com.br/fonts/Roboto-Medium.90d16760.woff2
Requested by
Host: app.lumusbank.com.br
URL: https://app.lumusbank.com.br/css/chunk-vendors.06326e04.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.130.87.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-87-185.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
96025fe9db6578d8bc7f4b8be739750b1490e07221c2b1f16acde2ea7669cedf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
Origin
https://app.lumusbank.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
Date
Mon, 25 Sep 2023 13:11:39 GMT
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Last-Modified
Wed, 20 Sep 2023 14:34:23 GMT
ETag
W/"ffcc-18ab30377f1"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
font/woff2
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
65484
X-XSS-Protection
0
Roboto-Regular.73f0a88b.woff2
app.lumusbank.com.br/fonts/
63 KB
64 KB
Font
General
Full URL
https://app.lumusbank.com.br/fonts/Roboto-Regular.73f0a88b.woff2
Requested by
Host: app.lumusbank.com.br
URL: https://app.lumusbank.com.br/css/chunk-vendors.06326e04.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.130.87.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-87-185.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
47107401d0adb375ab9aa167f9d62489a849d510e740a307b5a4db60e5db3562
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
Origin
https://app.lumusbank.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
Date
Mon, 25 Sep 2023 13:11:39 GMT
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Last-Modified
Wed, 20 Sep 2023 14:34:23 GMT
ETag
W/"fc78-18ab30377f1"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
font/woff2
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
64632
X-XSS-Protection
0
app.lumusbank.com.br
app.sistematize.me/api/v1/public/marketplace/
755 B
1 KB
XHR
General
Full URL
https://app.sistematize.me:8443/api/v1/public/marketplace/app.lumusbank.com.br
Requested by
Host: app.lumusbank.com.br
URL: https://app.lumusbank.com.br/js/chunk-vendors.8f4a2e40.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.130.87.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-87-185.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
9904498aabfb533e46da7b0ef7f950d3098aee1269ed0400687ea6a276ab71b1
Security Headers
Name Value
Content-Security-Policy default-src https:
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 13:11:39 GMT
content-security-policy
default-src https:
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
755
undefined
app.lumusbank.com.br/
1 KB
1 KB
Image
General
Full URL
https://app.lumusbank.com.br/undefined
Requested by
Host: app.lumusbank.com.br
URL: https://app.lumusbank.com.br/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.130.87.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-87-185.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.lumusbank.com.br/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
Date
Mon, 25 Sep 2023 13:11:39 GMT
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Last-Modified
Wed, 20 Sep 2023 14:34:23 GMT
ETag
W/"44e-18ab30378a5"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
1102
X-XSS-Protection
0
logo.jpeg
app.sistematize.me/api/v1/public/marketplace/6374a456-32d1-4e8a-8a4f-7dfb4b05b9d2/imagem/
28 KB
29 KB
Image
General
Full URL
https://app.sistematize.me:8443/api/v1/public/marketplace/6374a456-32d1-4e8a-8a4f-7dfb4b05b9d2/imagem/logo.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.130.87.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-87-185.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
dc2ed08c017349e36ab6a0471aee56dff9842cb2abbf6ae9c2388957f0f116c9
Security Headers
Name Value
Content-Security-Policy default-src https:
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 13:11:39 GMT
content-security-policy
default-src https:
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
*
background.jpeg
app.sistematize.me/api/v1/public/marketplace/6374a456-32d1-4e8a-8a4f-7dfb4b05b9d2/imagem/
708 KB
709 KB
Image
General
Full URL
https://app.sistematize.me:8443/api/v1/public/marketplace/6374a456-32d1-4e8a-8a4f-7dfb4b05b9d2/imagem/background.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.130.87.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-87-185.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
407822d3e32b7e4cdee8814a8644e52be363f2420adeaef3e141f24523eb6771
Security Headers
Name Value
Content-Security-Policy default-src https:
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.lumusbank.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 13:11:39 GMT
content-security-policy
default-src https:
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
*

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| FontAwesomeKitConfig object| webpackJsonp object| regeneratorRuntime function| JsBarcode function| ChoiceField function| ListBox function| ComboBox function| EditBox function| Button function| PushButton function| RadioButton function| CheckBox function| TextField function| PasswordField object| AcroForm function| _jzlib_Deflater function| Deflater function| RGBColor function| PNG function| _

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.lumusbank.com.br
app.sistematize.me
ka-f.fontawesome.com
kit.fontawesome.com
104.18.23.52
172.64.130.9
3.130.87.185
12bb71a0103b0d6180afd0ff06caa3a834a6d7cb9655860e322756c01c1eb591
3dd136200e34a0305afed4e084fb429575f702fcd8c70372fd1b1fc68e1b4e97
407822d3e32b7e4cdee8814a8644e52be363f2420adeaef3e141f24523eb6771
47107401d0adb375ab9aa167f9d62489a849d510e740a307b5a4db60e5db3562
49c9d6125bd6057d2640506117cfc6f5ef8dfe236a34f0d75180c612fe354843
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
7983d92d94ac1327a01aae67c2713fef1f541d59ce98cb3b7535b3a69beeb86f
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
893ac55280021f0d4c818e7898aa4a59205838c56be1878cb04d547a232e8470
950f6fe06869da2cad3bdd64bc88bc9ed6746335ceaf0c0f6d4e7f5b85f01731
96025fe9db6578d8bc7f4b8be739750b1490e07221c2b1f16acde2ea7669cedf
9904498aabfb533e46da7b0ef7f950d3098aee1269ed0400687ea6a276ab71b1
a30cafb7b43ab5f0b6d227c25c3fb159e48ab747185b38b54fb0326d0f41e718
a58f38f661f8e6062ee0efe87244666d43e8a319c6f67f326bafe09be287c031
c958eaf27866356471cadfb31e0474c276542f5c05141dd239c8bc85e2f36017
dc2ed08c017349e36ab6a0471aee56dff9842cb2abbf6ae9c2388957f0f116c9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e931c37ba9e84faa17f287f9276a788437c75b2fb07c5832ce233618c413cb61
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda