app.nolobank.com Open in urlscan Pro
76.76.21.123  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response app.nolobank.com/	2 KB 1 KB	144ms 32ms	Document text/html	76.76.21.123 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.nolobank.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Vercel / Resource Hash bbdd3bf94184ea72b6a878e6e60ee8a4b84e72e5045af79e60566541250e857a Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers access-control-allow-origin * age 590377 cache-control public, max-age=0, must-revalidate content-disposition inline; filename="index.html" content-encoding br content-type text/html; charset=utf-8 date Sat, 10 Aug 2024 10:34:27 GMT etag W/"bbdd3bf94184ea72b6a878e6e60ee8a4b84e72e5045af79e60566541250e857a" server Vercel strict-transport-security max-age=63072000 x-vercel-cache HIT x-vercel-id fra1::9dzkv-1723286067483-92577a6205e6
GET H2	200	css fonts.googleapis.com/	3 KB 552 B	67ms 20ms	Stylesheet text/css	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Muli:400,600,700&display=swap Requested by Host: app.nolobank.com URL: https://app.nolobank.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2bf7e42a349117e57a187fbbedfbffe23947d59f1840b15597312e5a914d3654 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://app.nolobank.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 10 Aug 2024 10:34:27 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 10 Aug 2024 10:34:27 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 10 Aug 2024 10:34:27 GMT
GET H2	200	icon fonts.googleapis.com/	569 B 775 B	63ms 17ms	Stylesheet text/css	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/icon?family=Material+Icons Requested by Host: app.nolobank.com URL: https://app.nolobank.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://app.nolobank.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 10 Aug 2024 10:34:27 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 10 Aug 2024 10:34:27 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 10 Aug 2024 10:34:27 GMT
GET H2	200	main.49306f1b.chunk.css app.nolobank.com/static/css/	748 B 958 B	333ms 331ms	Stylesheet text/css	76.76.21.123 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.nolobank.com/static/css/main.49306f1b.chunk.css Requested by Host: app.nolobank.com URL: https://app.nolobank.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Vercel / Resource Hash 79fb54517bdd9c3366264d76048c3ce76f818aebe07c44fbdf499f5bca4e8be4 Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers Referer https://app.nolobank.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 10 Aug 2024 10:34:27 GMT strict-transport-security max-age=63072000 server Vercel x-vercel-id fra1::9dzkv-1723286067537-77a212f199fe age 0 etag W/"79fb54517bdd9c3366264d76048c3ce76f818aebe07c44fbdf499f5bca4e8be4" x-vercel-cache MISS content-type text/css; charset=utf-8 access-control-allow-origin * cache-control s-maxage=31536000, immutable content-disposition inline; filename="main.49306f1b.chunk.css" accept-ranges bytes content-length 748
GET H2	200	2.5a2e55ae.chunk.js Show response app.nolobank.com/static/js/	3 MB 1018 KB	1336ms 1334ms	Script application/javascript	76.76.21.123 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.nolobank.com/static/js/2.5a2e55ae.chunk.js Requested by Host: app.nolobank.com URL: https://app.nolobank.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Vercel / Resource Hash 392774bd5ed3627f5141b111393719d852eb1f030c9cb4c6582f4aef9b23f8b7 Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers Referer https://app.nolobank.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 10 Aug 2024 10:34:28 GMT content-encoding br strict-transport-security max-age=63072000 server Vercel x-vercel-id fra1::2j2ft-1723286067538-58dda6acb91b age 0 etag W/"392774bd5ed3627f5141b111393719d852eb1f030c9cb4c6582f4aef9b23f8b7" x-vercel-cache MISS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control s-maxage=31536000, immutable content-disposition inline; filename="2.5a2e55ae.chunk.js"
GET H2	200	main.c0eea7c8.chunk.js Show response app.nolobank.com/static/js/	1 MB 591 KB	1126ms 1124ms	Script application/javascript	76.76.21.123 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.nolobank.com/static/js/main.c0eea7c8.chunk.js Requested by Host: app.nolobank.com URL: https://app.nolobank.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Vercel / Resource Hash ee93fba38acf706a303fd3bacae2d1b2a41fad23d24101f49794bab3fb95f48a Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers Referer https://app.nolobank.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 10 Aug 2024 10:34:28 GMT content-encoding br strict-transport-security max-age=63072000 server Vercel x-vercel-id fra1::f9cn7-1723286067537-66e9e889643e age 0 etag W/"ee93fba38acf706a303fd3bacae2d1b2a41fad23d24101f49794bab3fb95f48a" x-vercel-cache MISS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control s-maxage=31536000, immutable content-disposition inline; filename="main.c0eea7c8.chunk.js"
GET H/1.1	200 OK	a.js Show response d2r1yp2w7bby2u.cloudfront.net/js/	45 KB 16 KB	229ms 9ms	Script application/javascript	13.225.78.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2r1yp2w7bby2u.cloudfront.net/js/a.js Requested by Host: app.nolobank.com URL: https://app.nolobank.com/static/js/2.5a2e55ae.chunk.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.225.78.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-88.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 576d83db82f0a9f69d6c26499750f6fb1b992d0bbf17b6f418b8a5ddcb499a3e Request headers Referer https://app.nolobank.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Sat, 10 Aug 2024 10:30:23 GMT Content-Encoding gzip Via 1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA2-C2 Age 246 x-amz-server-side-encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Last-Modified Thu, 27 Jun 2024 12:06:10 GMT Server AmazonS3 ETag W/"a65c1296ae61e285964d37221722a736" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=1800, private X-Amz-Cf-Id xtllQm7kYlaa0eKmdnkvYdgJ0klGdCEyIf6OJoMm1DsBgc9Fl_VPVw==
GET H2	200	login-background.79e74f0d.png app.nolobank.com/static/media/	61 KB 61 KB	476ms 433ms	Image image/png	76.76.21.123 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://app.nolobank.com/static/media/login-background.79e74f0d.png Requested by Host: app.nolobank.com URL: https://app.nolobank.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Vercel / Resource Hash 1a8b7f29928de6eec8b2279ad62ee6f4b73630863d9b7e40c0aac447400ce2c8 Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers Referer https://app.nolobank.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 10 Aug 2024 10:34:30 GMT strict-transport-security max-age=63072000 server Vercel x-vercel-id fra1::qc965-1723286069800-b6df762aa77e age 0 etag W/"1a8b7f29928de6eec8b2279ad62ee6f4b73630863d9b7e40c0aac447400ce2c8" x-vercel-cache MISS content-type image/png access-control-allow-origin * cache-control s-maxage=31536000, immutable content-disposition inline; filename="login-background.79e74f0d.png" accept-ranges bytes content-length 61981
GET H2	200	7Auwp_0qiz-afTLGLQ.woff2 fonts.gstatic.com/s/muli/v29/	32 KB 33 KB	232ms 27ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Muli:400,600,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://app.nolobank.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 07 Aug 2024 06:30:29 GMT x-content-type-options nosniff age 273841 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 32796 x-xss-protection 0 last-modified Wed, 13 Sep 2023 22:41:22 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 07 Aug 2025 06:30:29 GMT
GET H2	200	logo.0f527bd3.png app.nolobank.com/static/media/	66 KB 66 KB	737ms 675ms	Image image/png	76.76.21.123 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://app.nolobank.com/static/media/logo.0f527bd3.png Requested by Host: app.nolobank.com URL: https://app.nolobank.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Vercel / Resource Hash 57f16edb55de2b9e45c08b445405a495af78a62290ff1957ad37feeab6ecbd3b Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers Referer https://app.nolobank.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 10 Aug 2024 10:34:30 GMT strict-transport-security max-age=63072000 server Vercel x-vercel-id fra1::6xhqj-1723286069861-c75e96c28093 age 0 etag W/"57f16edb55de2b9e45c08b445405a495af78a62290ff1957ad37feeab6ecbd3b" x-vercel-cache MISS content-type image/png access-control-allow-origin * cache-control s-maxage=31536000, immutable content-disposition inline; filename="logo.0f527bd3.png" accept-ranges bytes content-length 67544
GET H/1.1	200 OK	a Show response wzrkt.com/	0 660 B	375ms 40ms	Script text/javascript	2600:9000:2644:be00:1e:3056:9b00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://wzrkt.com/a?t=96&type=page&d=N4IglgJiBcIOoA4BaBaOSBKLkDYkgBoQAHAcxgEYiBjMmEACwBcniBnaAek4ENjiAdADsA9gBsRAIx5CA1gOoiAtp0LxMAaQD6AYQCCAWQAKMUAHclxGAAYiTMdRgBtALoBfN0AA&rn=1&i=1723286069&sn=0&useIP=false&r=1723286069979 Requested by Host: d2r1yp2w7bby2u.cloudfront.net URL: https://d2r1yp2w7bby2u.cloudfront.net/js/a.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2644:be00:1e:3056:9b00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubDomains;preload X-Frame-Options SAMEORIGIN Request headers Referer https://app.nolobank.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Sat, 10 Aug 2024 10:34:30 GMT Strict-Transport-Security max-age=31536000;includeSubDomains;preload Content-Encoding gzip Via 1.1 cae5c5323232533718f592c973f01432.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA60-P6 Transfer-Encoding chunked X-Cache Miss from cloudfront Connection keep-alive Pragma no-cache Server CloudFront X-Frame-Options SAMEORIGIN Vary Accept-Encoding, User-Agent Content-Type text/javascript;charset=utf-8 Cache-Control no-cache, no-store, no-cache, no-store X-Amz-Cf-Id dBeRedvwCEQBpZ6IX4QULOIPcsc5lH2XJohyjYnvanM0asl70VszCA== Expires 0
GET H2	200	logo-icon.png app.nolobank.com/	13 KB 13 KB	204ms 204ms	Other image/png	76.76.21.123 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.nolobank.com/logo-icon.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Vercel / Resource Hash 6094fb210598489234577ee226f4b529946f699507324413f8dbd57c963c5d16 Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers Referer https://app.nolobank.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 10 Aug 2024 10:34:30 GMT strict-transport-security max-age=63072000 server Vercel x-vercel-id fra1::9fxsv-1723286070693-72ff343b05de age 293192 etag W/"6094fb210598489234577ee226f4b529946f699507324413f8dbd57c963c5d16" x-vercel-cache HIT content-type image/png access-control-allow-origin * cache-control public, max-age=0, must-revalidate content-disposition inline; filename="logo-icon.png" accept-ranges bytes content-length 13459

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackJsonpnolo-website function| _ number| 2f1acc6c3a606b082e5eef5e54414ffb function| setImmediate function| clearImmediate object| regeneratorRuntime function| Color function| Chart object| _a object| __core-js_shared__ object| clevertap object| wizrocket object| $WZRK_WR object| $CLTP_WR

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.nolobank.com/	1970-01-20 22:41:27	Name: WZRK_S_W8Z-WZR-8Z6Z Value: %7B%22p%22%3A1%7D

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://app.nolobank.com/static/js/2.5a2e55ae.chunk.js(Line 1) Message: Invalid asm.js: Unexpected token
recommendation	verbose	URL: https://app.nolobank.com/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.nolobank.com
d2r1yp2w7bby2u.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
wzrkt.com
13.225.78.88
2600:9000:2644:be00:1e:3056:9b00:93a1
2a00:1450:4001:80e::2003
2a00:1450:4001:831::200a
76.76.21.123
1a8b7f29928de6eec8b2279ad62ee6f4b73630863d9b7e40c0aac447400ce2c8
2bf7e42a349117e57a187fbbedfbffe23947d59f1840b15597312e5a914d3654
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
392774bd5ed3627f5141b111393719d852eb1f030c9cb4c6582f4aef9b23f8b7
576d83db82f0a9f69d6c26499750f6fb1b992d0bbf17b6f418b8a5ddcb499a3e
57f16edb55de2b9e45c08b445405a495af78a62290ff1957ad37feeab6ecbd3b
6094fb210598489234577ee226f4b529946f699507324413f8dbd57c963c5d16
79fb54517bdd9c3366264d76048c3ce76f818aebe07c44fbdf499f5bca4e8be4
bbdd3bf94184ea72b6a878e6e60ee8a4b84e72e5045af79e60566541250e857a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee93fba38acf706a303fd3bacae2d1b2a41fad23d24101f49794bab3fb95f48a
f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929