Submitted URL: https://app.revueats.com/
Effective URL: https://app.revueats.com/login
Submission: On November 30 via api from US — Scanned from US

Summary

This website contacted 11 IPs in 3 countries across 10 domains to perform 18 HTTP transactions. The main IP is 49.13.0.216, located in Berlin, Germany and belongs to HETZNER-AS Hetzner Online GmbH, DE. The main domain is app.revueats.com.
TLS certificate: Issued by R10 on October 31st 2024. Valid for: 3 months.
This is the only time app.revueats.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 6 49.13.0.216 24940 (HETZNER-A...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a04:4e42:400... 54113 (FASTLY)
1 76.76.21.142 16509 (AMAZON-02)
1 2 104.18.94.41 13335 (CLOUDFLAR...)
2 2620:1ec:bdf::40 8075 (MICROSOFT...)
1 172.67.197.50 13335 (CLOUDFLAR...)
2 172.67.171.116 13335 (CLOUDFLAR...)
1 2 20.110.205.119 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 20.114.189.70 8075 (MICROSOFT...)
18 11
Apex Domain
Subdomains
Transfer
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 625
c.clarity.ms — Cisco Umbrella Rank: 1269
t.clarity.ms — Cisco Umbrella Rank: 8178
30 KB
5 revueats.com
app.revueats.com
79 KB
2 umami.dev
api-gateway.umami.dev — Cisco Umbrella Rank: 55535
739 B
2 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 3147
16 KB
2 revw.me
cdn2.revw.me
327 KB
2 rsms.me
rsms.me — Cisco Umbrella Rank: 8761
347 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 205
773 B
1 digitalsmyle.com
app.digitalsmyle.com
4 KB
1 umami.is
analytics.umami.is — Cisco Umbrella Rank: 112535
2 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 318
1 KB
18 10
Domain Requested by
5 app.revueats.com 2 redirects app.revueats.com
2 t.clarity.ms www.clarity.ms
2 c.clarity.ms 1 redirects
2 api-gateway.umami.dev analytics.umami.is
2 www.clarity.ms app.revueats.com
www.clarity.ms
2 challenges.cloudflare.com 1 redirects app.revueats.com
2 cdn2.revw.me app.revueats.com
2 rsms.me app.revueats.com
rsms.me
1 c.bing.com 1 redirects
1 app.digitalsmyle.com app.revueats.com
1 analytics.umami.is app.revueats.com
1 cdn.jsdelivr.net app.revueats.com
18 12

This site contains no links.

Subject Issuer Validity Valid
app.revueats.com
R10
2024-10-31 -
2025-01-29
3 months crt.sh
rsms.me
WE1
2024-10-19 -
2025-01-17
3 months crt.sh
cdn2.revw.me
WE1
2024-10-28 -
2025-01-26
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3
2024-07-30 -
2025-08-31
a year crt.sh
analytics.umami.is
R11
2024-10-31 -
2025-01-29
3 months crt.sh
app.digitalsmyle.com
R10
2024-11-16 -
2025-02-14
3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2024-09-04 -
2025-09-04
a year crt.sh
umami.dev
WE1
2024-10-21 -
2025-01-19
3 months crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08
2024-06-23 -
2025-06-18
a year crt.sh

This page contains 1 frames:

Primary Page: https://app.revueats.com/login
Frame ID: 9A1CA7D291849E14584327647C52DC4C
Requests: 17 HTTP requests in this frame

Screenshot

Page Title

Review Eats

Page URL History Show full URLs

  1. https://app.revueats.com/ HTTP 302
    https://app.revueats.com/dashboard HTTP 302
    https://app.revueats.com/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • livewire(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

18
Requests

89 %
HTTPS

42 %
IPv6

10
Domains

12
Subdomains

11
IPs

3
Countries

805 kB
Transfer

2012 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://app.revueats.com/ HTTP 302
    https://app.revueats.com/dashboard HTTP 302
    https://app.revueats.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://challenges.cloudflare.com/turnstile/v0/api.js HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/b/a6e12e96a2d5/api.js
Request Chain 13
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=464FC61BE149453394136F4285624538&RedC=c.clarity.ms&MXFR=27FB105A06F7648E1A21051D02F76A8E HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=464FC61BE149453394136F4285624538&MUID=2E35D2BC435465D01396C7FB42EA6469

18 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request login
app.revueats.com/
Redirect Chain
  • https://app.revueats.com/
  • https://app.revueats.com/dashboard
  • https://app.revueats.com/login
38 KB
11 KB
Document
General
Full URL
https://app.revueats.com/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
49.13.0.216 Berlin, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.216.0.13.49.clients.your-server.de
Software
nginx /
Resource Hash
df3861ba76d6bde74232d8676fa50da2cc597edf6d3abc2092f32992a62d25dc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, must-revalidate, no-cache, no-store, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 30 Nov 2024 14:58:18 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, private
content-type
text/html; charset=utf-8
date
Sat, 30 Nov 2024 14:58:18 GMT
location
https://app.revueats.com/login
server
nginx
inter.css
rsms.me/inter/
11 KB
2 KB
Stylesheet
General
Full URL
https://rsms.me/inter/inter.css
Requested by
Host: app.revueats.com
URL: https://app.revueats.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:c532 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46d01c7807f64a24c1b2853b756ef15f3a2facdf4a9f066eaf5d39c0c9935441

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app.revueats.com/

Response headers

x-fastly-request-id
aace5db480245953e97d969225d668dd66cdaf6c
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6737eec5-2ce9"
age
600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l00R5GU68NIbOU0dQtIrCoqnrVro8%2BC3jX1QTZRqjbFpmb0rCepfQbwxUHAkZ9nzhQduv5i7lA%2B5dw5i5DzqlmQ8goUbgk0ytgAbW7z5nP1XcTA2A02LYeiUe3Cczuzg%2B%2F7MHmkq"}],"group":"cf-nel","max_age":604800}
x-github-request-id
D743:5F671:193185D:1B2057F:6737F00E
expires
Sat, 16 Nov 2024 01:16:23 GMT
x-proxy-cache
MISS
alt-svc
h3=":443"; ma=86400
x-cache
HIT
server-timing
cfL4;desc="?proto=TCP&rtt=30491&min_rtt=30417&rtt_var=6535&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3944&recv_bytes=2243&delivery_rate=126722&cwnd=252&unsent_bytes=0&cid=8992ce0c0f6c415f&ts=50&x=0"
date
Sat, 30 Nov 2024 14:58:18 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-mia-kmia1760029-MIA
x-cache-hits
1
last-modified
Sat, 16 Nov 2024 01:00:53 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer
S1731719429.274495,VS0,VE1
via
1.1 varnish
cf-ray
8eabb1e24c87e9f1-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1305
x-origin-cache
HIT
server
cloudflare
app.css
cdn2.revw.me/css/
147 KB
27 KB
Stylesheet
General
Full URL
https://cdn2.revw.me/css/app.css?id=e6a708d1efca1e05d7ce6ef224522bdf
Requested by
Host: app.revueats.com
URL: https://app.revueats.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ad5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6008f91e3638bc65a98db0db00b0a89d0e5c203d260f9a9eb7ecf831dc6a4b51

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app.revueats.com/

Response headers

cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
etag
W/"e6a708d1efca1e05d7ce6ef224522bdf"
age
88835
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1rc9gqwaXA7LBDaP1lbrUAn%2BaarPYk7q1Bp98FVClY%2FfxMCr7d%2FNj0N%2Bw1WNc4SE%2BqSDx6XhxyvJsM%2FpHTXf%2FizfABDffcEfSJg5PxIQvypW%2Fu9ad5Pd51qwUY308NsgXjlkqENGUlRnmx4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8eabb1e26eeaa57c-MIA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=31058&min_rtt=30940&rtt_var=6707&sent=6&recv=10&lost=0&retrans=0&sent_bytes=3935&recv_bytes=2185&delivery_rate=124213&cwnd=252&unsent_bytes=0&cid=a422ff6c3992d563&ts=82&x=0"
date
Sat, 30 Nov 2024 14:58:18 GMT
content-type
text/css
last-modified
Fri, 29 Nov 2024 11:56:42 GMT
vary
Accept-Encoding
server
cloudflare
cdn.min.js
cdn.jsdelivr.net/npm/@alpinejs/collapse@3.x.x/dist/
1 KB
1 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/@alpinejs/collapse@3.x.x/dist/cdn.min.js
Requested by
Host: app.revueats.com
URL: https://app.revueats.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c7661d4e2cf0465e3cd693190debb5f592ac72dcc4cfe650581273767558b27b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app.revueats.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"5a8-0KJ/LfCsWfUBHkqP1xORNDxl53I"
age
35089
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Sat, 30 Nov 2024 14:58:18 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230156-FRA, cache-mia-kmia1760053-MIA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
607
x-jsd-version
3.14.1
app.js
cdn2.revw.me/js/
1014 KB
300 KB
Script
General
Full URL
https://cdn2.revw.me/js/app.js?id=f31af158a6d641cf0c068c14aba38765
Requested by
Host: app.revueats.com
URL: https://app.revueats.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ad5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
252b8df6a65a96733f4d6d3f5e6f4eb737026b723ad68f192e77d16cc4e30dd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app.revueats.com/

Response headers

cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
etag
W/"f31af158a6d641cf0c068c14aba38765"
age
359961
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YNtpXVZqfpv1D2CrG9opge6WH6PyzH4vcUFnKYL9rnO3spRY%2FFjLke0Fcnxqd3OQVoiFRMjGIwQuV5VL%2Bxiy9AEsm86yKViNDFmBRPSfx0ODnJ7WdMgNIrCZbBGOZRTZIntN14RjXq7ot%2FQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8eabb1e2ffc0a57c-MIA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=32413&min_rtt=30940&rtt_var=498&sent=35&recv=26&lost=0&retrans=0&sent_bytes=32508&recv_bytes=2309&delivery_rate=503124&cwnd=257&unsent_bytes=0&cid=a422ff6c3992d563&ts=151&x=0"
date
Sat, 30 Nov 2024 14:58:18 GMT
content-type
application/javascript
last-modified
Mon, 25 Nov 2024 17:32:14 GMT
vary
Accept-Encoding
server
cloudflare
script.js
analytics.umami.is/
3 KB
2 KB
Script
General
Full URL
https://analytics.umami.is/script.js
Requested by
Host: app.revueats.com
URL: https://app.revueats.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
5cc4ff8feb8bc0f007503fe52a6d191fa13ad292f483480f12594ddbed30e179
Security Headers
Name Value
Content-Security-Policy default-src 'self';img-src * data:;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self' *
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app.revueats.com/

Response headers

content-encoding
br
etag
W/"a18ab5bfadeba2e97b938df406aae840"
age
736777
x-matched-path
/script.js
date
Sat, 30 Nov 2024 14:58:18 GMT
content-disposition
inline; filename="script.js"
content-type
application/javascript; charset=utf-8
last-modified
Thu, 21 Nov 2024 23:43:12 GMT
strict-transport-security
max-age=63072000
content-security-policy
default-src 'self';img-src * data:;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self' *
cache-control
public, max-age=86400, must-revalidate
x-dns-prefetch-control
on
x-vercel-cache
HIT
access-control-allow-origin
*
server
Vercel
x-vercel-id
iad1::dlj8d-1732978698857-d9a065f88d81
api.js
challenges.cloudflare.com/turnstile/v0/b/a6e12e96a2d5/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js
  • https://challenges.cloudflare.com/turnstile/v0/b/a6e12e96a2d5/api.js
47 KB
16 KB
Script
General
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/a6e12e96a2d5/api.js
Requested by
Host: app.revueats.com
URL: https://app.revueats.com/login
Protocol
H3
Server
104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c61e2e1347b9aca3d8f0c9725490470651a1f6c02841ff71f90305ea391ca6d2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app.revueats.com/

Response headers

cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding
br
cross-origin-resource-policy
cross-origin
cf-ray
8eabb1e38b888d96-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sat, 30 Nov 2024 14:58:18 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Thu, 21 Nov 2024 17:58:42 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
location
/turnstile/v0/b/a6e12e96a2d5/api.js
cross-origin-resource-policy
cross-origin
cf-ray
8eabb1e34b498d96-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sat, 30 Nov 2024 14:58:18 GMT
vary
Accept-Encoding
server
cloudflare
logo.png
app.digitalsmyle.com/storage/5f0db785-1271-4d70-9e23-2c67e9d30263/
4 KB
4 KB
Image
General
Full URL
https://app.digitalsmyle.com/storage/5f0db785-1271-4d70-9e23-2c67e9d30263/logo.png
Requested by
Host: app.revueats.com
URL: https://app.revueats.com/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
49.13.0.216 Berlin, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.216.0.13.49.clients.your-server.de
Software
nginx /
Resource Hash
49edb9622bc498ccfe3a23a6d451f5022e9a2d48af2403e507ec60f6dc808306

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app.revueats.com/

Response headers

accept-ranges
bytes
content-length
3810
date
Sat, 30 Nov 2024 14:58:19 GMT
etag
"6745cbd3-ee2"
content-type
image/png
last-modified
Tue, 26 Nov 2024 13:23:31 GMT
server
nginx
livewire.js
app.revueats.com/livewire/
171 KB
45 KB
Script
General
Full URL
https://app.revueats.com/livewire/livewire.js?id=90730a3b0e7144480175
Requested by
Host: app.revueats.com
URL: https://app.revueats.com/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
49.13.0.216 Berlin, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.216.0.13.49.clients.your-server.de
Software
nginx /
Resource Hash
38a4dc885f9d1267bbfaf361e24fbf51994bd7f6743784ec3e4a267bbe74a0be

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app.revueats.com/login

Response headers

cache-control
max-age=31536000, public
content-encoding
gzip
expires
Sun, 30 Nov 2025 14:58:18 GMT
date
Sat, 30 Nov 2024 14:58:18 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
server
nginx
last-modified
Sat, 13 Jul 2024 19:58:46 GMT
gr5x52mlnd
www.clarity.ms/tag/
707 B
1 KB
Script
General
Full URL
https://www.clarity.ms/tag/gr5x52mlnd
Requested by
Host: app.revueats.com
URL: https://app.revueats.com/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f4120515c3c5459f2bcadf2499aa96575db411341ac306867e7ea64cf1a5d7cb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app.revueats.com/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
707
date
Sat, 30 Nov 2024 14:58:18 GMT
content-type
application/x-javascript
x-azure-ref
20241130T145818Z-17958fbc6d4w8bfthC1MIAqr0n0000000ep0000000009wam
InterVariable.woff2
rsms.me/inter/font-files/
344 KB
345 KB
Font
General
Full URL
https://rsms.me/inter/font-files/InterVariable.woff2?v=4.1
Requested by
Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
693b77d4f32ee9b8bfc995589b5fad5e99adf2832738661f5402f9978429a8e3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.revueats.com
Referer
https://rsms.me/inter/inter.css

Response headers

x-fastly-request-id
6de61c47a8152246b75d47dc80780f63e0b254dd
cf-cache-status
MISS
etag
"6737eec5-55ff0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LuEbfuK5hnmdaxSBN8qj7JRnplPyDtO4vONv1MDF84HyUBoV2Tgh0f56LGgWWbkIIgqfmi9Kks6Xt%2Bic78os42db9BqkxmEy9jg4zUyHLlwm4XukHsX%2ByoyJ"}],"group":"cf-nel","max_age":604800}
x-github-request-id
BE58:10E347:1947AFB:1B36969:6737EFF7
expires
Sat, 16 Nov 2024 01:16:01 GMT
x-proxy-cache
MISS
alt-svc
h3=":443"; ma=86400
x-cache
HIT
server-timing
cfL4;desc="?proto=QUIC&rtt=31363&min_rtt=31336&rtt_var=11770&sent=9&recv=7&lost=0&retrans=0&sent_bytes=4108&recv_bytes=4296&delivery_rate=102649&cwnd=12000&unsent_bytes=0&cid=c7849d2669af3104&ts=65&x=1", cfHdrFlush;dur=0
date
Sat, 30 Nov 2024 14:58:18 GMT
content-type
font/woff2
x-served-by
cache-mia-kmia1760051-MIA
x-cache-hits
5
last-modified
Sat, 16 Nov 2024 01:00:53 GMT
vary
Accept-Encoding
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer
S1732978699.790550,VS0,VE1
via
1.1 varnish
cf-ray
8eabb1e34f258db2-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
352240
x-origin-cache
HIT
server
cloudflare
send
api-gateway.umami.dev/api/
0
0
Preflight
General
Full URL
https://api-gateway.umami.dev/api/send
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.171.116 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://app.revueats.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-placement
remote-SJC
cf-ray
8eabb1e4ca597479-MIA
content-length
0
date
Sat, 30 Nov 2024 14:58:19 GMT
expect-ct
max-age=86400, enforce
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wk2O5SNPKkfGnqYIvfzBlZ6cPgEeRi5w6gyHJzi7ZZrh%2FA%2Ffzpnu4pk%2B04BrZ4YVx%2ByTzc8HVbaaiQB9hyKUXrJytwj%2B%2FyQMT%2F6R1f6jyN6Vpicjt09EFexDFuGkrLuAD9yoRmqoKL0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=31600&min_rtt=31517&rtt_var=5027&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4170&recv_bytes=4425&delivery_rate=494&cwnd=12000&unsent_bytes=0&cid=2b79cf60949e7216&ts=145&x=1" cfHdrFlush;dur=0
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
send
api-gateway.umami.dev/api/
43 B
739 B
Fetch
General
Full URL
https://api-gateway.umami.dev/api/send
Requested by
Host: analytics.umami.is
URL: https://analytics.umami.is/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.171.116 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ac49ab5d4b0ee339b4cd1f74c08e49058371d097462c2b364ab4f20e1043848
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://app.revueats.com/

Response headers

access-control-max-age
86400
expect-ct
max-age=86400, enforce
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rb7bCM1wMTQ1WIiMQi0XGVFkvdbQzuluSLeATznw%2BkNIZ2nGPk2EnP6YSRPbUv7Yu8lE4%2BOgqQb3Dspk7VE%2Btou%2FnV15GchixRBNZExD8vuSUPHAvkrdQbs859wre6MXXwJr%2Ffr1010%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31604&min_rtt=31517&rtt_var=3779&sent=14&recv=12&lost=0&retrans=0&sent_bytes=4936&recv_bytes=4980&delivery_rate=22226&cwnd=12000&unsent_bytes=0&cid=2b79cf60949e7216&ts=467&x=1", cfHdrFlush;dur=0
date
Sat, 30 Nov 2024 14:58:19 GMT
content-type
application/json
cf-placement
remote-SJC
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
access-control-allow-headers
*
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
cf-ray
8eabb1e59b797479-MIA
access-control-allow-origin
*
content-length
43
x-xss-protection
1; mode=block
server
cloudflare
clarity.js
www.clarity.ms/s/0.7.56/
66 KB
28 KB
Script
General
Full URL
https://www.clarity.ms/s/0.7.56/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/gr5x52mlnd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dc1da692990307185621fd661b7305e29d3a0a5ba0f0d998e5a1463a17c57044

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app.revueats.com/

Response headers

x-azure-ref
20241130T145819Z-17958fbc6d4w8bfthC1MIAqr0n0000000ep0000000009wbc
cache-control
public, max-age=86400
x-ms-version
2018-03-28
content-encoding
br
etag
W/"0x8DD0EDC462F0477"
x-fd-int-roxy-purgeid
79034942
x-ms-request-id
b932d0db-c01e-0014-0c4e-4166b4000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Sat, 30 Nov 2024 14:58:19 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
last-modified
Wed, 27 Nov 2024 12:08:58 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=464FC61BE149453394136F4285624538&RedC=c.clarity.ms&MXFR=27FB105A06F7648E1A21051D02F76A8E
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=464FC61BE149453394136F4285624538&MUID=2E35D2BC435465D01396C7FB42EA6469
42 B
443 B
Image
General
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=464FC61BE149453394136F4285624538&MUID=2E35D2BC435465D01396C7FB42EA6469
Protocol
H2
Server
20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app.revueats.com/

Response headers

cache-control
private, no-cache, proxy-revalidate, no-store
pragma
no-cache
etag
"8d3dafd6e71fdb1:0"
accept-ranges
bytes
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
42
date
Sat, 30 Nov 2024 14:58:19 GMT
content-type
image/gif
last-modified
Wed, 16 Oct 2024 16:24:13 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET

Redirect headers

cache-control
private, no-cache, proxy-revalidate, no-store
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=464FC61BE149453394136F4285624538&MUID=2E35D2BC435465D01396C7FB42EA6469
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 555E51208796414B94016BDC2D00467B Ref B: MIA301000104051 Ref C: 2024-11-30T14:58:19Z
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
0
date
Sat, 30 Nov 2024 14:58:19 GMT
x-powered-by
ASP.NET
favicon.ico
app.revueats.com/storage/5f0db785-1271-4d70-9e23-2c67e9d30263/
166 KB
21 KB
Other
General
Full URL
https://app.revueats.com/storage/5f0db785-1271-4d70-9e23-2c67e9d30263/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
49.13.0.216 Berlin, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.216.0.13.49.clients.your-server.de
Software
nginx /
Resource Hash
e8e954cab6aea5d6b8df9ab1fa2940f66a5444fc9066c279b593c4e2aa53a848

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app.revueats.com/login

Response headers

content-encoding
gzip
date
Sat, 30 Nov 2024 14:58:19 GMT
etag
W/"6745cbd3-2972e"
content-type
image/x-icon
last-modified
Tue, 26 Nov 2024 13:23:31 GMT
server
nginx
vary
Accept-Encoding
collect
t.clarity.ms/
0
280 B
XHR
General
Full URL
https://t.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://app.revueats.com/

Response headers

Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
Access-Control-Allow-Origin
https://app.revueats.com
Date
Sat, 30 Nov 2024 14:58:19 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
collect
t.clarity.ms/
0
280 B
XHR
General
Full URL
https://t.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://app.revueats.com/

Response headers

Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
Access-Control-Allow-Origin
https://app.revueats.com
Date
Sat, 30 Nov 2024 14:58:20 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| clarity object| turnstile object| Livewire object| umami object| livewire string| livewire_token function| deferLoadingAlpine object| webpackChunkjetstream function| flatpickr object| TreemapSquared function| SVG object| Apex object| intlTelInputGlobals function| _ function| axios object| Alpine object| hljs function| Popper function| Pickr object| noUiSlider function| wNumb function| ApexCharts function| livewireChartsColumnChart function| livewireChartsPieChart function| intlTelInput function| Cropper function| tippy function| debounce function| throttle

13 Cookies

Domain/Path Name / Value
app.revueats.com/ Name: XSRF-TOKEN
Value: eyJpdiI6ImsrMnNIV0oyeldkditsTXZ1VnpZZFE9PSIsInZhbHVlIjoiMkljeGI0MG1DTmxQak9lQit6bnEvVExxYldHRTlMVDFzb1BkVEQ0QStRTDdqVkF3TURTeUpCOWFobkd6NXFCUFRMMjcwY1BNVHNlaDdFUnQ2cFc2RjNNT096dDYrendJWnFDd3E3c1FJZFg3MElnNG5MT0h4RmF2cmRlTVhoUVIiLCJtYWMiOiI3ZGYzNjA2ZGE1NGY4MGNhZDBlNTNjYmJiNWU3M2VmODQzOTlmNDliYzc5MjdiMDhiYzY3MTg2NDkwZjZiZGY1IiwidGFnIjoiIn0%3D
app.revueats.com/ Name: embedmyreviews_session
Value: eyJpdiI6IlFzOWdzWUJRaHN3UHIxSjZhNyszcFE9PSIsInZhbHVlIjoibnFUYno5L1BmbytnUkxkSlNOaVl0ZFYrRmorMVgxVTlTRnQ2VDZGRi9GVmt2RWJYeC9DSzlNWVRkK1JEbVhwOTJhTHBDd1dZbzJ2Yk5EVm5xbWJNOEM0QXR2Qm5XSUxzY3dzNnYyVW1idmxkT1Q1cVZuQ2c3MWlRa3pZYWxVWXciLCJtYWMiOiIwOGExYjQ0ZTBjM2RiZThhNTJmOWJjZDgwMjMzYjA0MzExMDg3NzEwMDUwZjkxOGI0MjNiZGMyYjRhYmE2ODYwIiwidGFnIjoiIn0%3D
app.revueats.com/ Name: lang
Value: eyJpdiI6IkxYUkN6UzNLZTBnbGpHS0lrZ1NrYUE9PSIsInZhbHVlIjoiZ3gwVkl5YnN5RWhwQ0ljbU5JZFo4Y3pmVG1iN1VqNjdQSDNPaHVSS296cCthSkpBT0lIakc4OTZqMXdDS3VMKyIsIm1hYyI6ImEwOGE5NjM0NDk0YzFlOWFjZTEzMzBhNjBlMjdmM2EwNDFiNjNhMDk3ZjJmYjM0YTRlY2VkODI5NjY0N2JhMTUiLCJ0YWciOiIifQ%3D%3D
www.clarity.ms/ Name: CLID
Value: 64f00bb7f8344624a9d4f82a5c422794.20241130.20251130
.revueats.com/ Name: _clck
Value: xnkit4%7C2%7Cfrb%7C0%7C1795
.bing.com/ Name: MUID
Value: 2E35D2BC435465D01396C7FB42EA6469
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 2E35D2BC435465D01396C7FB42EA6469
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 2E35D2BC435465D01396C7FB42EA6469
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.revueats.com/ Name: _clsk
Value: quo1kn%7C1732978699623%7C1%7C1%7Ct.clarity.ms%2Fcollect

1 Console Messages

Source Level URL
Text
network error URL: https://api-gateway.umami.dev/api/send
Message:
Failed to load resource: the server responded with a status of 429 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.umami.is
api-gateway.umami.dev
app.digitalsmyle.com
app.revueats.com
c.bing.com
c.clarity.ms
cdn.jsdelivr.net
cdn2.revw.me
challenges.cloudflare.com
rsms.me
t.clarity.ms
www.clarity.ms
104.18.94.41
172.67.171.116
172.67.197.50
20.110.205.119
20.114.189.70
2606:4700:3032::ac43:ad5b
2606:4700:3035::ac43:c532
2620:1ec:bdf::40
2620:1ec:c11::237
2a04:4e42:400::485
49.13.0.216
76.76.21.142
252b8df6a65a96733f4d6d3f5e6f4eb737026b723ad68f192e77d16cc4e30dd7
38a4dc885f9d1267bbfaf361e24fbf51994bd7f6743784ec3e4a267bbe74a0be
46d01c7807f64a24c1b2853b756ef15f3a2facdf4a9f066eaf5d39c0c9935441
49edb9622bc498ccfe3a23a6d451f5022e9a2d48af2403e507ec60f6dc808306
5ac49ab5d4b0ee339b4cd1f74c08e49058371d097462c2b364ab4f20e1043848
5cc4ff8feb8bc0f007503fe52a6d191fa13ad292f483480f12594ddbed30e179
6008f91e3638bc65a98db0db00b0a89d0e5c203d260f9a9eb7ecf831dc6a4b51
693b77d4f32ee9b8bfc995589b5fad5e99adf2832738661f5402f9978429a8e3
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
c61e2e1347b9aca3d8f0c9725490470651a1f6c02841ff71f90305ea391ca6d2
c7661d4e2cf0465e3cd693190debb5f592ac72dcc4cfe650581273767558b27b
dc1da692990307185621fd661b7305e29d3a0a5ba0f0d998e5a1463a17c57044
df3861ba76d6bde74232d8676fa50da2cc597edf6d3abc2092f32992a62d25dc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8e954cab6aea5d6b8df9ab1fa2940f66a5444fc9066c279b593c4e2aa53a848
f4120515c3c5459f2bcadf2499aa96575db411341ac306867e7ea64cf1a5d7cb