app.carlettobank.com.br Open in urlscan Pro
2606:4700:3035::6815:56ba  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response app.carlettobank.com.br/	1 KB 1 KB	128ms 95ms	Document text/html	2606:4700:3035::6815:56ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.carlettobank.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:56ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 90fb51bdd9bd2cd7a0d9c55172177bb740486f017641fc0dfbb64390926cfd20 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cache-control public, max-age=0, must-revalidate cf-cache-status DYNAMIC cf-ray 879884587dae4d5c-FRA content-encoding br content-type text/html; charset=utf-8 date Wed, 24 Apr 2024 19:32:02 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy strict-origin-when-cross-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=36wxeY%2FUdYuh8QHIBxHBd3mNn9xBy2oQesorDk%2BG%2B7GKTXh3dcOGQ1xLb6gMjjfS8vRFbCvjtQcWE%2Bjk8D5GBT64fS5aJTJr3lnf5wiplFEkQhRp7HsvxoT5QTvYtpH4Bp%2BkpmVsNusUMcMovZbQbpnCEC3C9Q%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-content-type-options nosniff
GET H2	200	entry-ab96fbc9e42854e6cb967bc5202b9918.js Show response app.carlettobank.com.br/_expo/static/js/web/	3 MB 797 KB	609ms 608ms	Script application/javascript	2606:4700:3035::6815:56ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.carlettobank.com.br/_expo/static/js/web/entry-ab96fbc9e42854e6cb967bc5202b9918.js Requested by Host: app.carlettobank.com.br URL: https://app.carlettobank.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:56ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c840c426d15956ddab82fd34357c4ce1d58a9ea75024605070f6736c8c304a7e Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://app.carlettobank.com.br/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 24 Apr 2024 19:32:02 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-cache-status MISS etag W/"0ff8d69ada0fb594f2668f2b7b7cb821" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FpMmaIXHZttAIJZonjCc0NlWQYWK4CSTTAaV3UfaZF0EIVFJ4Z2dr7b5wJPrRQVyl7N4aca8GNn7T3P%2FdcbiytihevTh7SeLc76fRYo6WrQOZpiHw%2F0hoimn7PgUEhJrieOdS7Ei%2BfHR%2FUy46cvWQAIhtEb5aw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=14400, must-revalidate cf-ray 879884591ec24d5c-FRA alt-svc h3=":443"; ma=86400
GET H3	200	favicon.ico app.carlettobank.com.br/	14 KB 5 KB	139ms 139ms	Other image/vnd.microsoft.icon	172.67.223.185 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.carlettobank.com.br/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.185 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e2a626eb3709691ccf5880e3142bcfa739aaf61feed1309349b53dfddcf68d1d Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://app.carlettobank.com.br/login Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 24 Apr 2024 19:32:03 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-cache-status MISS etag W/"2e0c597b6c7b9b11af43cdec751eec7d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cFSX%2FnKUSEbTeMc7Mi4gEl8%2FKxABaM0WjFg8qdbfZD2CR0jRrsfNYTrOUcmIgjct9kuKn6ikDMZeTgvrFVlzhbE%2FMKPPjnqkeXAmXj16sUtRKN7n%2Fc9ptqPzLTSejWjsVCkGrPTqw2uVuQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/vnd.microsoft.icon access-control-allow-origin * cache-control public, max-age=14400, must-revalidate cf-ray 87988460bd418ed4-FRA alt-svc h3=":443"; ma=86400
GET H3	200	carletto_login_bg.2afa56816f759b78697b980526dd3259.webp app.carlettobank.com.br/assets/assets/img/	108 KB 109 KB	141ms 139ms	Image image/webp	172.67.223.185 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://app.carlettobank.com.br/assets/assets/img/carletto_login_bg.2afa56816f759b78697b980526dd3259.webp?platform=web&hash=2afa56816f759b78697b980526dd3259 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.185 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 89510ad7e94371e72d1c29cf5af566820c980675cefa49d86a099570e441affd Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://app.carlettobank.com.br/login Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 24 Apr 2024 19:32:03 GMT x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 110948 referrer-policy strict-origin-when-cross-origin server cloudflare etag "8d4471021c94b83a5cfc8644263d27e1" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IQ%2BrjvcwVCeXCs84cOjnHz2VSpERqjm%2FWh%2FpQ7bnQIwgCjneMNRMdjS8p3fo%2FVVVNE5EPvt265dktT2zGSomaG69NCKS7pyNO3DD6dsmJ4TOmBW5OSGpu671XW0O9IfnAB%2Bb84wq2eiBNA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * cache-control public, max-age=14400, must-revalidate accept-ranges bytes cf-ray 87988460cd528ed4-FRA
GET H3	200	logo_carletto.476d5ef504be0221caea404bfd68d918.png app.carlettobank.com.br/assets/assets/img/	6 KB 7 KB	388ms 386ms	Image image/png	172.67.223.185 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://app.carlettobank.com.br/assets/assets/img/logo_carletto.476d5ef504be0221caea404bfd68d918.png?platform=web&hash=476d5ef504be0221caea404bfd68d918 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.185 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ca27f91d66ee3afcbc96fcf825e334e4863d932ae797da68b4556db6493b5f4f Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://app.carlettobank.com.br/login Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 24 Apr 2024 19:32:03 GMT x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 6581 referrer-policy strict-origin-when-cross-origin server cloudflare etag "21093431bff9d74f5814eae402084c53" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fWLg%2BUyU2AcKvLKdkYAPZvhJG76M9hSzm%2FHZoODUguKzz%2B9Q71Px%2FP4E4wjtqL2hVvw5k8sjI7XFpQ27S2hFV8Qb4zV8RoB81qTkNF9JLjDtc5X0qgW6ZuoIDrLfhUcQE8tbPOJH5LOI0w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control public, max-age=14400, must-revalidate accept-ranges bytes cf-ray 87988460cd548ed4-FRA
GET H3	200	circle-info-solid.f43962fdb34b23dccb3e2c09c45f8dd6.svg app.carlettobank.com.br/assets/assets/vector/	496 B 793 B	173ms 171ms	Image image/svg+xml	172.67.223.185 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://app.carlettobank.com.br/assets/assets/vector/circle-info-solid.f43962fdb34b23dccb3e2c09c45f8dd6.svg?platform=web&hash=f43962fdb34b23dccb3e2c09c45f8dd6 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.185 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e14e005c57c0fa3439e9b17292ddaa6ad72eeb59d045b6c813ceaafbd655dc5d Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://app.carlettobank.com.br/login Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 24 Apr 2024 19:32:03 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-cache-status MISS etag W/"c8107de32efcb1bb84962557aaa78f0a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qkGFaLrSpEVbkWrOJG0dqwG1f1hJEEsLS7%2BIZSnxFvy1kgyphcEkYSI%2FTgKr1cafc3t1mkUP7xuLK7Uf5SjEdFGwdlC69NQPeiPtKAPIu02kTw87FAaWPZU3MnOoe%2BkqFh9hHPIIR8cYBA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=14400, must-revalidate cf-ray 87988460cd578ed4-FRA alt-svc h3=":443"; ma=86400
GET H3	200	user-regular.a18f41cf54b5dd87def791ee3ca9d963.svg app.carlettobank.com.br/assets/assets/vector/	543 B 873 B	351ms 350ms	Image image/svg+xml	172.67.223.185 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://app.carlettobank.com.br/assets/assets/vector/user-regular.a18f41cf54b5dd87def791ee3ca9d963.svg?platform=web&hash=a18f41cf54b5dd87def791ee3ca9d963 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.185 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b6c50a667de098c67327bc675ce160d5a3dfd4e393113601ffa4063236c623dc Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://app.carlettobank.com.br/login Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 24 Apr 2024 19:32:03 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-cache-status MISS etag W/"bb25dbd7004a7065686f08aa5aac95dc" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ou7SKpHHw9iiXibajGwtpALomvoKAgxC6QU2moYP280ekMAutRb6MMpn6j9bhBCLlSIMAy3uNMhgboXzafF7e9av8FsUIMCn4MDY5XtxO9U%2B5iuiSolXDkXMckQ2FJW6%2FKxzGIqfHH%2BA6g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=14400, must-revalidate cf-ray 87988460cd598ed4-FRA alt-svc h3=":443"; ma=86400
GET H3	200	favicon.ico app.carlettobank.com.br/	14 KB 0	132ms 132ms	Other image/vnd.microsoft.icon	172.67.223.185 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.carlettobank.com.br/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.185 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e2a626eb3709691ccf5880e3142bcfa739aaf61feed1309349b53dfddcf68d1d Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://app.carlettobank.com.br/login Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 24 Apr 2024 19:32:03 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-cache-status MISS etag W/"2e0c597b6c7b9b11af43cdec751eec7d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cFSX%2FnKUSEbTeMc7Mi4gEl8%2FKxABaM0WjFg8qdbfZD2CR0jRrsfNYTrOUcmIgjct9kuKn6ikDMZeTgvrFVlzhbE%2FMKPPjnqkeXAmXj16sUtRKN7n%2Fc9ptqPzLTSejWjsVCkGrPTqw2uVuQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/vnd.microsoft.icon access-control-allow-origin * cache-control public, max-age=14400, must-revalidate cf-ray 87988460bd418ed4-FRA alt-svc h3=":443"; ma=86400

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| __BUNDLE_START_TIME__ boolean| __DEV__ object| process string| __METRO_GLOBAL_PREFIX__ function| __r function| __d function| __c function| __registerSegment function| $$require_external function| __loadBundleAsync object| REACT_NAVIGATION_DEVTOOLS object| __react_navigation__elements_contexts object| __UNISTYLES__ boolean| __reactResponderSystemActive

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.carlettobank.com.br
172.67.223.185
2606:4700:3035::6815:56ba
89510ad7e94371e72d1c29cf5af566820c980675cefa49d86a099570e441affd
90fb51bdd9bd2cd7a0d9c55172177bb740486f017641fc0dfbb64390926cfd20
b6c50a667de098c67327bc675ce160d5a3dfd4e393113601ffa4063236c623dc
c840c426d15956ddab82fd34357c4ce1d58a9ea75024605070f6736c8c304a7e
ca27f91d66ee3afcbc96fcf825e334e4863d932ae797da68b4556db6493b5f4f
e14e005c57c0fa3439e9b17292ddaa6ad72eeb59d045b6c813ceaafbd655dc5d
e2a626eb3709691ccf5880e3142bcfa739aaf61feed1309349b53dfddcf68d1d