Submitted URL: https://apiq-apiv1-c01.apiq.sfdc-yzvdd4.svc.sfdcfc.net/r?target=67212771a9b98e1523c15100&t=V2_eyJwX2l2Ijoiak1Ec1VFTDMyRU5Xc2tGa0hnYjVlQVx1MDAzZFx1MDAzZ...
Effective URL: https://growth.revolut.com/opt-out?email=annelaure.thebault@semer.fr
Submission: On November 05 via api from RU — Scanned from DE

Summary

This website contacted 21 IPs in 2 countries across 19 domains to perform 42 HTTP transactions. The main IP is 34.237.219.119, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is growth.revolut.com.
TLS certificate: Issued by R11 on October 8th 2024. Valid for: 3 months.
This is the only time growth.revolut.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.65.52.76 16509 (AMAZON-02)
2 5 34.237.219.119 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:235... 16509 (AMAZON-02)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
3 2620:1ec:21::14 8068 (MICROSOFT...)
1 142.250.186.100 15169 (GOOGLE)
1 18.239.94.22 16509 (AMAZON-02)
1 146.75.120.157 54113 (FASTLY)
2 157.240.253.1 32934 (FACEBOOK)
6 2620:1ec:33::10 8075 (MICROSOFT...)
1 108.138.26.79 16509 (AMAZON-02)
1 172.66.0.227 13335 (CLOUDFLAR...)
1 104.244.42.131 13414 (TWITTER)
1 2600:9000:205... 16509 (AMAZON-02)
4 18.66.112.46 16509 (AMAZON-02)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a03:2880:f17... 32934 (FACEBOOK)
2 18.173.205.115 16509 (AMAZON-02)
3 2600:9000:249... 16509 (AMAZON-02)
2 3.215.172.219 14618 (AMAZON-AES)
42 21
Apex Domain
Subdomains
Transfer
6 bing.com
bat.bing.com — Cisco Umbrella Rank: 348
32 KB
5 appsflyer.com
websdk.appsflyer.com — Cisco Umbrella Rank: 5850
wa.appsflyer.com — Cisco Umbrella Rank: 7447
17 KB
5 revolut.com
growth.revolut.com
118 KB
4 branch.io
cdn.branch.io — Cisco Umbrella Rank: 958
api2.branch.io — Cisco Umbrella Rank: 1350
25 KB
4 pardot.com
storage.pardot.com — Cisco Umbrella Rank: 11507
pi.pardot.com — Cisco Umbrella Rank: 5653
26 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 321
2 KB
2 onelink.me
wa.onelink.me — Cisco Umbrella Rank: 11023
876 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
4 KB
2 bing.net
bat.bing.net — Cisco Umbrella Rank: 20475
463 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
77 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
128 KB
1 app.link
app.link — Cisco Umbrella Rank: 2197
665 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 962
725 B
1 t.co
t.co — Cisco Umbrella Rank: 859
628 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 960
16 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 3
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 784
14 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
1 KB
1 sfdcfc.net
apiq-apiv1-c01.apiq.sfdc-yzvdd4.svc.sfdcfc.net — Cisco Umbrella Rank: 234315
194 B
42 19
Domain Requested by
6 bat.bing.com www.googletagmanager.com
bat.bing.com
5 growth.revolut.com 2 redirects growth.revolut.com
pi.pardot.com
4 wa.appsflyer.com websdk.appsflyer.com
3 api2.branch.io cdn.branch.io
3 px.ads.linkedin.com snap.licdn.com
growth.revolut.com
2 pi.pardot.com growth.revolut.com
pi.pardot.com
2 wa.onelink.me websdk.appsflyer.com
2 www.facebook.com growth.revolut.com
2 bat.bing.net bat.bing.com
growth.revolut.com
2 connect.facebook.net www.googletagmanager.com
connect.facebook.net
2 www.googletagmanager.com growth.revolut.com
www.googletagmanager.com
2 storage.pardot.com growth.revolut.com
1 app.link cdn.branch.io
1 analytics.twitter.com growth.revolut.com
1 t.co growth.revolut.com
1 cdn.branch.io growth.revolut.com
1 static.ads-twitter.com www.googletagmanager.com
1 websdk.appsflyer.com growth.revolut.com
1 www.google.com www.googletagmanager.com
1 snap.licdn.com growth.revolut.com
1 fonts.googleapis.com growth.revolut.com
1 apiq-apiv1-c01.apiq.sfdc-yzvdd4.svc.sfdcfc.net 1 redirects
42 22

This site contains links to these domains. Also see Links.

Domain
www.revolut.com
Subject Issuer Validity Valid
growth.revolut.com
R11
2024-10-08 -
2025-01-06
3 months crt.sh
upload.video.google.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2023-12-13 -
2024-12-12
a year crt.sh
*.google-analytics.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA
2024-10-14 -
2025-04-14
6 months crt.sh
*.google.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.appsflyer.com
Amazon RSA 2048 M03
2024-02-04 -
2025-03-03
a year crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-06-25 -
2025-06-24
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-08-14 -
2024-11-12
3 months crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 03
2024-09-16 -
2025-03-15
6 months crt.sh
*.branch.io
Amazon RSA 2048 M03
2024-08-11 -
2025-09-09
a year crt.sh
t.co
E5
2024-09-28 -
2024-12-27
3 months crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-09-30 -
2025-09-29
a year crt.sh
appipv4.link
Amazon RSA 2048 M03
2024-03-25 -
2025-04-22
a year crt.sh
bat.bing.net
Microsoft Azure RSA TLS Issuing CA 07
2024-10-27 -
2025-04-25
6 months crt.sh
*.onelink.me
Amazon RSA 2048 M02
2024-05-05 -
2025-06-02
a year crt.sh
pi.pardot.com
DigiCert TLS RSA SHA256 2020 CA1
2024-06-05 -
2025-06-04
a year crt.sh

This page contains 2 frames:

Primary Page: https://growth.revolut.com/opt-out?email=annelaure.thebault@semer.fr
Frame ID: 16705DA196FBACA90AACA5F78D0BD5D7
Requests: 41 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fgrowth.revolut.com
Frame ID: 8AB06247AEBA8104DDA031A3F70DDC6B
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Revolut Business Sales

Page URL History Show full URLs

  1. https://apiq-apiv1-c01.apiq.sfdc-yzvdd4.svc.sfdcfc.net/r?target=67212771a9b98e1523c15100&t=V2_eyJwX2l2Ijoiak1Ec1VFTDMyRU5Xc2tGa0hnY... HTTP 307
    https://growth.revolut.com/opt-out?email=annelaure.thebault@semer.fr Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

42
Requests

95 %
HTTPS

45 %
IPv6

19
Domains

22
Subdomains

21
IPs

2
Countries

462 kB
Transfer

1516 kB
Size

22
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://apiq-apiv1-c01.apiq.sfdc-yzvdd4.svc.sfdcfc.net/r?target=67212771a9b98e1523c15100&t=V2_eyJwX2l2Ijoiak1Ec1VFTDMyRU5Xc2tGa0hnYjVlQVx1MDAzZFx1MDAzZCIsInBfZW5jcnlwdGVkX2RhdGEiOiJ3MnRDTGcramw5Z0M3T2ZTeG4rM09ZMEw2bWtDenVvNFAxTVRxQXdVWDh3XHUwMDNkIiwicF9vcmQiOiIxIiwicF9pZCI6IjE2In18eyJwX2l2IjoiQWN3a09paXVnVEtJSjlIU213U3NNQVx1MDAzZFx1MDAzZCIsInBfZW5jcnlwdGVkX2RhdGEiOiJTMm1KMlptTWprS1RaZnRrYWtMOVVwUHZHLzJ0NFZUL0w0YzhlRUpnak9GWENHdmRGN2N1dkZCS05wNUdQSkZyS3EzUnBZYVJUYkwrTFBCSm5XaGtsd1x1MDAzZFx1MDAzZCIsInBfb3JkIjoiMSIsInBfaWQiOiIzNzYzMCJ9&url=https HTTP 307
    https://growth.revolut.com/opt-out?email=annelaure.thebault@semer.fr Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://growth.revolut.com/l/969163/2023-03-06/2b7wck/969163/1678087849YaMnKGp0/Revolut_Business_logo___stacked___White.png HTTP 302
  • https://storage.pardot.com/969163/1678087849YaMnKGp0/Revolut_Business_logo___stacked___White.png
Request Chain 32
  • https://growth.revolut.com/l/969163/2023-09-20/2bq1vt/969163/1695190770bpDvfAiB/favicon_32x32.png HTTP 302
  • https://storage.pardot.com/969163/1695190770bpDvfAiB/favicon_32x32.png

42 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request opt-out
growth.revolut.com/
Redirect Chain
  • https://apiq-apiv1-c01.apiq.sfdc-yzvdd4.svc.sfdcfc.net/r?target=67212771a9b98e1523c15100&t=V2_eyJwX2l2Ijoiak1Ec1VFTDMyRU5Xc2tGa0hnYjVlQVx1MDAzZFx1MDAzZCIsInBfZW5jcnlwdGVkX2RhdGEiOiJ3MnRDTGcramw5Z0M...
  • https://growth.revolut.com/opt-out?email=annelaure.thebault@semer.fr
75 KB
16 KB
Document
General
Full URL
https://growth.revolut.com/opt-out?email=annelaure.thebault@semer.fr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.237.219.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-219-119.compute-1.amazonaws.com
Software
/
Resource Hash
3ad953166f77acb4288c602b074091565917a86b84329c0e7494cf8f54418001

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
15439
Content-Type
text/html; charset=utf-8
Date
Tue, 05 Nov 2024 16:00:26 GMT
X-Pardot-Route
e8229a0ff18ebffc83a98010d2521dd5
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
expires
Thu, 19 Nov 1981 08:52:00 GMT
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
pragma
no-cache
status
404 Not Found
vary
Accept-Encoding,User-Agent
x-pardot-rsp
0/0/1

Redirect headers

access-control-expose-headers
txnid
content-length
0
date
Tue, 05 Nov 2024 16:00:25 GMT
location
https://growth.revolut.com/opt-out?email=annelaure.thebault@semer.fr
timing-allow-origin
*
txnid
125l14mndgk19c20sptk4n4kr
x-build-time
{{BUILD_TIME}}
css2
fonts.googleapis.com/
2 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto&display=swap
Requested by
Host: growth.revolut.com
URL: https://growth.revolut.com/opt-out?email=annelaure.thebault@semer.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
23428c6301061ebb006b127c5841235122a23672f0041d08a9518520795a1bde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 05 Nov 2024 16:00:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 16:00:26 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 05 Nov 2024 14:09:13 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
piUtils.js
growth.revolut.com/js/
343 KB
100 KB
Script
General
Full URL
https://growth.revolut.com/js/piUtils.js?ver=2021-09-20
Requested by
Host: growth.revolut.com
URL: https://growth.revolut.com/opt-out?email=annelaure.thebault@semer.fr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.237.219.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-219-119.compute-1.amazonaws.com
Software
/
Resource Hash
87fbc6477d07c0b9eb56d8839da504fcaf1cdbb8bec3e7f6581cfe92f4abdfce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/opt-out?email=annelaure.thebault@semer.fr

Response headers

Transfer-Encoding
chunked
cache-control
max-age=63072000
content-encoding
gzip
etag
"55cc5-gzip"
Connection
keep-alive
X-Pardot-Route
e8229a0ff18ebffc83a98010d2521dd5
expires
Thu, 05 Nov 2026 16:00:26 GMT
accept-ranges
bytes
Date
Tue, 05 Nov 2024 16:00:26 GMT
Content-Type
application/javascript
last-modified
Tue, 05 Nov 2024 05:30:07 GMT
vary
Accept-Encoding,User-Agent
Revolut_Business_logo___stacked___White.png
storage.pardot.com/969163/1678087849YaMnKGp0/
Redirect Chain
  • https://growth.revolut.com/l/969163/2023-03-06/2b7wck/969163/1678087849YaMnKGp0/Revolut_Business_logo___stacked___White.png
  • https://storage.pardot.com/969163/1678087849YaMnKGp0/Revolut_Business_logo___stacked___White.png
19 KB
20 KB
Image
General
Full URL
https://storage.pardot.com/969163/1678087849YaMnKGp0/Revolut_Business_logo___stacked___White.png
Requested by
Host: growth.revolut.com
URL: https://growth.revolut.com/opt-out?email=annelaure.thebault@semer.fr
Protocol
H2
Server
2600:9000:2359:3400:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1fc8df714dc9e8f2d64e099e6dd708775a8e6440b32e1621b41cfeb6202f5440

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

x-robots-tag
none
etag
"1dacc271ca708de9a76caa2faf1e429b"
x-amz-version-id
HRcApH65Z.17eXHtr78NuescrDtdF4h0
age
41439
x-cache
Hit from cloudfront
x-amz-cf-id
AH2w0slUmby6ofVBHQQ4uuxbDKqDmwbli-unGw4kNIDqIOCHXCHviw==
date
Tue, 05 Nov 2024 04:29:49 GMT
content-type
image/png; charset=binary
last-modified
Mon, 06 Mar 2023 07:30:50 GMT
x-amz-replication-status
COMPLETED
via
1.1 3c07e6ef6fe5c74a2c43590885d64f70.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
19733
x-amz-cf-pop
FRA60-P10
server
AmazonS3
x-amz-server-side-encryption
AES256

Redirect headers

x-robots-tag
none
cache-control
max-age=600
location
https://storage.pardot.com/969163/1678087849YaMnKGp0/Revolut_Business_logo___stacked___White.png
content-encoding
gzip
Connection
keep-alive
X-Pardot-Route
e8229a0ff18ebffc83a98010d2521dd5
expires
Tue, 05 Nov 2024 16:10:27 GMT
Content-Length
163
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Date
Tue, 05 Nov 2024 16:00:27 GMT
Content-Type
text/html; charset=UTF-8
vary
Accept-Encoding,User-Agent
insight.min.js
snap.licdn.com/li.lms-analytics/
40 KB
14 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: growth.revolut.com
URL: https://growth.revolut.com/opt-out?email=annelaure.thebault@semer.fr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:10::210:a99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

cache-control
max-age=37342
content-encoding
gzip
x-cdn
AKAM
x-content-type-options
nosniff
accept-ranges
bytes
content-length
14628
date
Tue, 05 Nov 2024 16:00:27 GMT
last-modified
Thu, 22 Aug 2024 10:43:55 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
gtm.js
www.googletagmanager.com/
429 KB
128 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MB5SHRL
Requested by
Host: growth.revolut.com
URL: https://growth.revolut.com/opt-out?email=annelaure.thebault@semer.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fb7695626f51012e649c92570dbb2e36752a5ea656bea278d9154e02bebb5387
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Tue, 05 Nov 2024 16:00:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 16:00:27 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 05 Nov 2024 15:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
129976
x-xss-protection
0
server
Google Tag Manager
attribution_trigger
px.ads.linkedin.com/
2 B
813 B
XHR
General
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=&time=1730822427155&url=https%3A%2F%2Fgrowth.revolut.com%2Fopt-out%3Femail%3Dannelaure.thebault%40semer.fr
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
*
Referer
https://growth.revolut.com/

Response headers

x-li-pop
afd-prod-lor1-x
content-encoding
gzip
x-fs-uuid
0006262c7ff3cd44987dbafb4b256b8d
x-msedge-ref
Ref A: C0F7683B69374BEE8C3D6D20B8EAA57D Ref B: FRAEDGE1209 Ref C: 2024-11-05T16:00:27Z
x-li-fabric
prod-lor1
x-restli-protocol-version
1.0.0
access-control-allow-methods
GET, OPTIONS
x-li-uuid
AAYmLH/zzUSYfbr7SyVrjQ==
x-li-proto
http/2
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Tue, 05 Nov 2024 16:00:26 GMT
content-type
application/json
access-control-allow-headers
*
collect
px.ads.linkedin.com/
0
884 B
Image
General
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=&time=1730822427155&url=https%3A%2F%2Fgrowth.revolut.com%2Fopt-out%3Femail%3Dannelaure.thebault%40semer.fr
Requested by
Host: growth.revolut.com
URL: https://growth.revolut.com/opt-out?email=annelaure.thebault@semer.fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

linkedin-action
1
x-li-pop
afd-prod-lva1-x
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-msedge-ref
Ref A: 63739A64238449FC91F8EED85D5084C1 Ref B: FRAEDGE1614 Ref C: 2024-11-05T16:00:27Z
x-li-fabric
prod-lva1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-uuid
AAYmLH/zQMStUaJJYTyWcg==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Tue, 05 Nov 2024 16:00:27 GMT
content-type
application/javascript
collect
www.google.com/ccm/
0
0
Ping
General
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fgrowth.revolut.com%2Fopt-out&scrsrc=www.googletagmanager.com&frm=0&rnd=463531169.1730822427&auid=1813462760.1730822427&npa=1&gtm=45He4au0v78665836za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101878899~101878944~101925629&tft=1730822427298&tfd=1937&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MB5SHRL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

/
websdk.appsflyer.com/
51 KB
15 KB
Script
General
Full URL
https://websdk.appsflyer.com/?st=banners,pba&
Requested by
Host: growth.revolut.com
URL: https://growth.revolut.com/opt-out?email=annelaure.thebault@semer.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-94-22.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0ba6b163f965f258c24888cf11c6dfe0d044de0800284da2e78a3faf7bd12925

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

x-amz-cf-pop
AMS1-P3
content-encoding
gzip
etag
W/"7ee104753099f9f00003724eb0a4c433"
age
1914
via
1.1 7cf1868252578a35a0e0b87d3129c07c.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
7EAYr1hE8hrM2q6jrdCDYWa-QkhGqAdYfy0Sz9VOxN2QOj47hCtf3g==
date
Tue, 05 Nov 2024 15:28:34 GMT
content-type
application/javascript
vary
accept-encoding
server
AmazonS3
last-modified
Tue, 01 Oct 2024 07:07:49 GMT
x-amz-server-side-encryption
AES256
uwt.js
static.ads-twitter.com/
57 KB
16 KB
Script
General
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MB5SHRL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

vary
Accept-Encoding,Host
cache-control
no-cache
content-encoding
gzip
etag
"4328e910de583ad53b3a7a76455af005+gzip+gzip"
accept-ranges
bytes
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
15926
date
Tue, 05 Nov 2024 16:00:27 GMT
x-tw-cdn
FT
last-modified
Tue, 29 Oct 2024 00:10:26 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-iad-kiad7000084-IAD, cache-fra-etou8220140-FRA
x-amz-server-side-encryption
AES256
fbevents.js
connect.facebook.net/en_US/
239 KB
61 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MB5SHRL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-5xnMgHlp' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 05 Nov 2024 16:00:27 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-5xnMgHlp' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=23, mss=1232, tbw=4427, tp=9, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
vo+io8LdquUAVxYQijjQGR30oCQMaIqUXq8NXWoxZ6cL3RRGHte+DSY4LD7mOm+b8A3pfTAF4/1eHX++hyD84g==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62086
x-xss-protection
0
origin-agent-cluster
?1
bat.js
bat.bing.com/
50 KB
15 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MB5SHRL
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
gzip
etag
"028e0691d20db1:0"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: CA8AE6BEA0C147D1AFA877496052AC22 Ref B: FRA31EDGE0114 Ref C: 2024-11-05T16:00:27Z
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
14570
date
Tue, 05 Nov 2024 16:00:26 GMT
content-type
application/javascript
last-modified
Wed, 16 Oct 2024 22:47:44 GMT
vary
Accept-Encoding
branch-latest.min.js
cdn.branch.io/
75 KB
23 KB
Script
General
Full URL
https://cdn.branch.io/branch-latest.min.js
Requested by
Host: growth.revolut.com
URL: https://growth.revolut.com/opt-out?email=annelaure.thebault@semer.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-79.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8c436394846ea20127a8db032f848015d4d239789429b7e0202609089b5525a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

cache-control
max-age=300
content-encoding
gzip
x-amz-version-id
JdSJSDd4bnNFPjlwdZ2RC7ixUU_rrhPQ
etag
"f4ec9657a3dc111d088e2eca7b9796a4"
age
130
via
1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
23431
x-amz-cf-id
62khdSFAQhqd_EwPzJAt1TPSuMLHys2KkhGNWBYtTW_53kFrc2B5yQ==
date
Tue, 05 Nov 2024 15:58:18 GMT
content-type
text/javascript
last-modified
Wed, 10 Apr 2024 21:44:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame 8AB0
0
0
Document
General
Full URL
https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fgrowth.revolut.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MB5SHRL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
7157
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Nov 2024 14:01:10 GMT
expires
Wed, 05 Nov 2025 14:01:10 GMT
last-modified
Mon, 21 Oct 2024 16:58:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
px.ads.linkedin.com/wa/
0
619 B
XHR
General
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://growth.revolut.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
*
Content-Type
text/plain;charset=UTF-8

Response headers

linkedin-action
1
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: D7E5795719354A92BEC441B73182FB21 Ref B: FRAEDGE1614 Ref C: 2024-11-05T16:00:27Z
x-li-fabric
prod-lor1
access-control-allow-credentials
true
x-li-uuid
AAYmLH/6NJhwbzH55L/V9w==
x-li-proto
http/2
access-control-allow-origin
https://growth.revolut.com
x-cache
CONFIG_NOCACHE
date
Tue, 05 Nov 2024 16:00:27 GMT
vary
Origin
1575509082963406
connect.facebook.net/signals/config/
89 KB
17 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1575509082963406?v=2.9.176&r=stable&domain=growth.revolut.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
3c38217e7eb68c5420579a2f01d89b2ff0d150861c3340ec8df22a5293e35c36
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-tXzOShfZ' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 05 Nov 2024 16:00:27 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-tXzOShfZ' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=77, mss=1232, tbw=70826, tp=67, tpl=0, uplat=145, ullat=1
pragma
public
x-fb-debug
9OUBv0IHGIQKDXEN2Ak6lskkZ381XPrcIwsC+V1ut7Q1U0SSsYOYYeoe8cN6scq5Wg/BxVXCXkyBesuWnT7wng==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
adsct
t.co/1/i/
43 B
628 B
Image
General
Full URL
https://t.co/1/i/adsct?bci=4&dv=Europe%2FBerlin%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2612%2624%261600%261200%260%26na&eci=3&event=%7B%7D&event_id=912e106b-becb-465e-b93d-5b65b5e5c6e2&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=a27ea779-2707-4109-9ba6-a7db1d518165&tw_document_href=https%3A%2F%2Fgrowth.revolut.com%2Fopt-out%3Femail%3Dannelaure.thebault%40semer.fr&tw_iframe_status=0&txn_id=o2vpb&type=javascript&version=2.3.31
Requested by
Host: growth.revolut.com
URL: https://growth.revolut.com/opt-out?email=annelaure.thebault@semer.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.227 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

strict-transport-security
max-age=0
x-transaction-id
b1a047e5897d4929
cache-control
no-cache, no-store, max-age=0
x-connection-hash
ae4eed950d968eaac1017d1ff5a53127812473f2824ba55529afe4ffa8fcc232
cf-cache-status
DYNAMIC
cf-ray
8dde0e8e19416a75-TXL
x-response-time
115
content-length
43
date
Tue, 05 Nov 2024 16:00:28 GMT
content-type
image/gif;charset=utf-8
perf
7402827104
server
cloudflare tsa_o
adsct
analytics.twitter.com/1/i/
43 B
725 B
Image
General
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&dv=Europe%2FBerlin%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2612%2624%261600%261200%260%26na&eci=3&event=%7B%7D&event_id=912e106b-becb-465e-b93d-5b65b5e5c6e2&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=a27ea779-2707-4109-9ba6-a7db1d518165&tw_document_href=https%3A%2F%2Fgrowth.revolut.com%2Fopt-out%3Femail%3Dannelaure.thebault%40semer.fr&tw_iframe_status=0&txn_id=o2vpb&type=javascript&version=2.3.31
Requested by
Host: growth.revolut.com
URL: https://growth.revolut.com/opt-out?email=annelaure.thebault@semer.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

strict-transport-security
max-age=631138519
x-transaction-id
77187f9d26e02ca7
cache-control
no-cache, no-store, max-age=0
x-connection-hash
9e7c3bcca4d5bc9b67c82296996a49a246aaa04012976812e11eb7b6f535dc50
x-response-time
177
content-length
43
date
Tue, 05 Nov 2024 16:00:27 GMT
perf
7402827104
content-type
image/gif;charset=utf-8
server
tsa_o
_r
app.link/
91 B
665 B
Script
General
Full URL
https://app.link/_r?sdk=web2.85.0&branch_key=key_live_ifLv9omd1Pq67JcYoRFAneajCFlggimJ&callback=branch_callback__0
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:b200:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
e7387aa27b50552b0909bcffbae2e5b5a48bfff4950bafa7935db02250f9d5d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Model
etag
W/"5b-EmiJSVZyXN80n066aBZ+E/FJ3wQ"
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
via
1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
91
x-amz-cf-id
ypo47_0djpn7pOPJX5fUucEwqqYkx_2OSGyi27Cyq0hYJbmayVi1Eg==
date
Tue, 05 Nov 2024 16:00:27 GMT
content-type
text/javascript; charset=utf-8
x-amz-cf-pop
FRA6-C1
server
openresty
coverdomain
wa.appsflyer.com/
37 B
389 B
XHR
General
Full URL
https://wa.appsflyer.com/coverdomain?site-id=ec3e78e7-0876-43dc-805e-89037156f88a
Requested by
Host: websdk.appsflyer.com
URL: https://websdk.appsflyer.com/?st=banners,pba&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-46.fra56.r.cloudfront.net
Software
/
Resource Hash
37953c80e5bf9c117888ddb1ac384dc90bf707f6b2d749373db3605f3542e06d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
text/plain
Referer
https://growth.revolut.com/

Response headers

access-control-allow-credentials
true
via
1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
access-control-allow-origin
https://growth.revolut.com
x-cache
Miss from cloudfront
content-length
37
x-amz-cf-id
Bht0CGHt1Ghvt7ZXemPlp6t2nqhCzB6-rM6fI1mFnfkbz8RsJUkhnw==
date
Tue, 05 Nov 2024 16:00:27 GMT
content-type
application/json
x-amz-cf-pop
FRA56-P5
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
187049731.js
bat.bing.com/p/action/
2 KB
978 B
Script
General
Full URL
https://bat.bing.com/p/action/187049731.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e99d6230096a249ddbe00810cb1f35c8f12999f358901e203dc9bcb870ca5c57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=60
content-encoding
br
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 19077D14EAEA484B821F7E155D90C46E Ref B: FRA31EDGE0114 Ref C: 2024-11-05T16:00:27Z
x-cache
CONFIG_NOCACHE
date
Tue, 05 Nov 2024 16:00:26 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
0
bat.bing.net/actionp/
0
119 B
Ping
General
Full URL
https://bat.bing.net/actionp/0?ti=187049731&tm=gtm002&Ver=2&mid=08065f73-5433-4d75-97ed-de0260cdb590&bo=1&evt=consent&src=enforced&cdb=AQAI&asc=D
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B605A9B48ECB4CD29902A3B8F754820A Ref B: FRA31EDGE0520 Ref C: 2024-11-05T16:00:27Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Tue, 05 Nov 2024 16:00:27 GMT
187049731
bat.bing.com/p/insights/t/
765 B
919 B
Script
General
Full URL
https://bat.bing.com/p/insights/t/187049731
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/187049731.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f9f603090c832a3ba4bf14669ca6b72624acfcabfc395d34b3efa4d1ff037661
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: EC62C772E4D44271BA553EF22942A8D6 Ref B: FRA31EDGE0114 Ref C: 2024-11-05T16:00:27Z
request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
638
date
Tue, 05 Nov 2024 16:00:26 GMT
content-type
application/x-javascript
vary
Accept-Encoding
x-azure-ref
20241105T160027Z-165476f87f5lff7zhC1DB1wrpg00000002kg000000008heh
0
bat.bing.net/action/
0
344 B
Image
General
Full URL
https://bat.bing.net/action/0?ti=187049731&tm=gtm002&Ver=2&mid=08065f73-5433-4d75-97ed-de0260cdb590&bo=2&gtm_tag_source=1&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Revolut%20Business%20Sales&p=https%3A%2F%2Fgrowth.revolut.com%2Fopt-out%3Femail%3Dannelaure.thebault%40semer.fr&r=&lt=1695&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=296986
Requested by
Host: growth.revolut.com
URL: https://growth.revolut.com/opt-out?email=annelaure.thebault@semer.fr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7B51D8A578D646A1921A01D13CA26549 Ref B: FRA31EDGE0520 Ref C: 2024-11-05T16:00:27Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Tue, 05 Nov 2024 16:00:27 GMT
/
www.facebook.com/tr/
0
274 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1575509082963406&ev=PageView&dl=https%3A%2F%2Fgrowth.revolut.com%2Fopt-out%3Femail%3Dannelaure.thebault%40semer.fr&rl=&if=false&ts=1730822427676&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.1.1730822427673.739559979211914393&cs_est=true&ler=empty&cdl=API_unavailable&it=1730822427472&coo=false&tm=1&rqm=GET
Requested by
Host: growth.revolut.com
URL: https://growth.revolut.com/opt-out?email=annelaure.thebault@semer.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=2916, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 05 Nov 2024 16:00:27 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
4 KB
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1575509082963406&ev=PageView&dl=https%3A%2F%2Fgrowth.revolut.com%2Fopt-out%3Femail%3Dannelaure.thebault%40semer.fr&rl=&if=false&ts=1730822427676&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.1.1730822427673.739559979211914393&cs_est=true&ler=empty&cdl=API_unavailable&it=1730822427472&coo=false&tm=1&rqm=FGET
Requested by
Host: growth.revolut.com
URL: https://growth.revolut.com/opt-out?email=annelaure.thebault@semer.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7433825721138609581"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x2621f538eea2e519","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"3":["6274894839215722"]},"debug_reporting":true,"debug_key":"4141175620878070893"}
date
Tue, 05 Nov 2024 16:00:28 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
3t2SeVUbXpc+VwPx2PKFsShvTThqiFcsL3hXrk1PITeMuW7QjXf40hvv4hOnzzwCos4keeNn2aH7Cwz0eN9Mnw==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7433825721138609581", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=37, rtx=0, c=10, mss=1297, tbw=3234, tp=-1, tpl=-1, uplat=185, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
0.7.53
bat.bing.com/p/insights/s/
35 KB
15 KB
Script
General
Full URL
https://bat.bing.com/p/insights/s/0.7.53
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/insights/t/187049731
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1bddfa324af3c49ac2304109997b340f0d2114ab86fd75e9612c14623f7427b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

content-encoding
br
x-ms-version
2018-03-28
etag
W/"0x8DCFCED3761E9AF"
x-fd-int-roxy-purgeid
51562430
x-cache
CONFIG_NOCACHE
date
Tue, 05 Nov 2024 16:00:27 GMT
content-type
application/javascript;charset=utf-8
last-modified
Mon, 04 Nov 2024 16:24:54 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 583CA5F1D6F048DC8D740FF17E934C0D Ref B: FRA31EDGE0114 Ref C: 2024-11-05T16:00:27Z
x-ms-request-id
a624ca21-101e-0028-5ad6-2e4f73000000
access-control-allow-origin
*
content-length
15274
x-azure-ref
20241105T160027Z-165476f87f56j6qnhC1DB1xcqc000000029g00000000hz7y
onelink
wa.onelink.me/v1/
13 B
365 B
XHR
General
Full URL
https://wa.onelink.me/v1/onelink
Requested by
Host: websdk.appsflyer.com
URL: https://websdk.appsflyer.com/?st=banners,pba&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-115.fra56.r.cloudfront.net
Software
/
Resource Hash
38bc0f256821a9c0a02a1c0cedf8ff70c211e637ef77ac199de2fe0cf36ba9ec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

access-control-allow-credentials
true
via
1.1 3f257ae011e1a2ab12346ea11fad9a18.cloudfront.net (CloudFront)
access-control-allow-origin
https://growth.revolut.com
x-cache
Miss from cloudfront
content-length
13
x-amz-cf-id
4UhBxNvKGmqnQepINO1hH57qpH2jQv93iN0OkRav9vOuYZoWisP1Qw==
date
Tue, 05 Nov 2024 16:00:28 GMT
content-type
application/json
x-amz-cf-pop
FRA56-P12
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
x
bat.bing.com/p/insights/c/
0
212 B
XHR
General
Full URL
https://bat.bing.com/p/insights/c/x
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/insights/s/0.7.53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/x-webinsights-gzip
Referer
https://growth.revolut.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8072C8C48B574035A88443E800237AF6 Ref B: FRA31EDGE0114 Ref C: 2024-11-05T16:00:28Z
access-control-allow-credentials
true
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
access-control-allow-origin
https://growth.revolut.com
x-cache
CONFIG_NOCACHE
date
Tue, 05 Nov 2024 16:00:27 GMT
vary
Origin
open
api2.branch.io/v1/
317 B
709 B
XHR
General
Full URL
https://api2.branch.io/v1/open
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:ec00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Branch
Resource Hash
e515e7eaba1222feea7895e3c6cc3ab2b45b88c8b17732d422cfb4daea79e76f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://growth.revolut.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-id
T92fFD0X0G6ksIPthgju2A0IUhiJLiSSUzWOeRHIiKiujT-XrTK0PQ==
cache-control
no-cache
via
1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
317
x-branch-request-id
b1670b04-692c-4ea5-adce-d0de4e3329b1-2024110516
date
Tue, 05 Nov 2024 16:00:28 GMT
content-type
application/json; charset=utf-8
x-powered-by
Branch
x-amz-cf-pop
FRA56-P7
pd.js
pi.pardot.com/
5 KB
2 KB
Script
General
Full URL
https://pi.pardot.com/pd.js
Requested by
Host: growth.revolut.com
URL: https://growth.revolut.com/opt-out?email=annelaure.thebault@semer.fr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.215.172.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-172-219.compute-1.amazonaws.com
Software
/
Resource Hash
41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

cache-control
max-age=63072000
content-encoding
gzip
etag
"15f4-gzip"
Connection
keep-alive
X-Pardot-Route
16b0ab393667a33fe86adedc3141e88c
expires
Thu, 05 Nov 2026 16:00:28 GMT
accept-ranges
bytes
Content-Length
1988
Date
Tue, 05 Nov 2024 16:00:28 GMT
Content-Type
application/javascript
last-modified
Tue, 05 Nov 2024 05:30:07 GMT
vary
Accept-Encoding,User-Agent
events
wa.appsflyer.com/
75 B
531 B
XHR
General
Full URL
https://wa.appsflyer.com/events?site-id=ec3e78e7-0876-43dc-805e-89037156f88a
Requested by
Host: websdk.appsflyer.com
URL: https://websdk.appsflyer.com/?st=banners,pba&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-46.fra56.r.cloudfront.net
Software
/
Resource Hash
ca66471d40fc7991a2895087a20c4d7a70321db27280fbdcee18f2666bee2f76

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
text/plain
Referer
https://growth.revolut.com/

Response headers

access-control-allow-credentials
true
via
1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
access-control-allow-origin
https://growth.revolut.com
x-cache
Miss from cloudfront
content-length
75
x-amz-cf-id
k8Dt4MGBqZuKDEUpNx8rMUM0ubrWnfITbbKKdiCHHAxuS2ymo_Aa0Q==
date
Tue, 05 Nov 2024 16:00:28 GMT
content-type
application/json
x-amz-cf-pop
FRA56-P5
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
favicon_32x32.png
storage.pardot.com/969163/1695190770bpDvfAiB/
Redirect Chain
  • https://growth.revolut.com/l/969163/2023-09-20/2bq1vt/969163/1695190770bpDvfAiB/favicon_32x32.png
  • https://storage.pardot.com/969163/1695190770bpDvfAiB/favicon_32x32.png
1 KB
2 KB
Other
General
Full URL
https://storage.pardot.com/969163/1695190770bpDvfAiB/favicon_32x32.png
Protocol
H2
Server
2600:9000:2359:3400:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
59e67e6a9e384081ca4818c38fbb27e595fe7b074919cc427c49f2ef31228874

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

x-robots-tag
none
etag
"b0ff3fa516cde7451b9b47a4dc5d02c6"
x-amz-version-id
S5zHBDypchzSS4MrScp_oUbW3YKbQIMa
age
41412
x-cache
Hit from cloudfront
x-amz-cf-id
QyeQvYcwAW9KOTKRPPTNu_GsA_XGmw_MrycwNqkZGzrrjxQl9Ahecg==
date
Tue, 05 Nov 2024 04:30:17 GMT
content-type
image/png; charset=binary
last-modified
Wed, 20 Sep 2023 06:19:31 GMT
x-amz-replication-status
COMPLETED
via
1.1 3c07e6ef6fe5c74a2c43590885d64f70.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
1502
x-amz-cf-pop
FRA60-P10
server
AmazonS3
x-amz-server-side-encryption
AES256

Redirect headers

x-robots-tag
none
cache-control
max-age=600
location
https://storage.pardot.com/969163/1695190770bpDvfAiB/favicon_32x32.png
content-encoding
gzip
Connection
keep-alive
X-Pardot-Route
e8229a0ff18ebffc83a98010d2521dd5
expires
Tue, 05 Nov 2024 16:10:28 GMT
Content-Length
142
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Date
Tue, 05 Nov 2024 16:00:28 GMT
Content-Type
text/html; charset=UTF-8
vary
Accept-Encoding,User-Agent
onelink
wa.onelink.me/v1/
51 B
511 B
XHR
General
Full URL
https://wa.onelink.me/v1/onelink?af_id=a96ce134-776f-4a99-aa0f-0363fa129cfb-p
Requested by
Host: websdk.appsflyer.com
URL: https://websdk.appsflyer.com/?st=banners,pba&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-115.fra56.r.cloudfront.net
Software
/
Resource Hash
8666ec1d1445fa7e5d506936a513ea2997ea68438bce4fb8a36ba346675326d4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

access-control-allow-credentials
true
via
1.1 3f257ae011e1a2ab12346ea11fad9a18.cloudfront.net (CloudFront)
access-control-allow-origin
https://growth.revolut.com
x-cache
Miss from cloudfront
content-length
51
x-amz-cf-id
l3peurDqLl3qO97Kgl4KGjMvvZUGWUkvp_U7q5Iakt3XlQrDBFcqDg==
date
Tue, 05 Nov 2024 16:00:28 GMT
content-type
application/json
x-amz-cf-pop
FRA56-P12
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
events
wa.appsflyer.com/
75 B
532 B
XHR
General
Full URL
https://wa.appsflyer.com/events?site-id=ec3e78e7-0876-43dc-805e-89037156f88a
Requested by
Host: websdk.appsflyer.com
URL: https://websdk.appsflyer.com/?st=banners,pba&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-46.fra56.r.cloudfront.net
Software
/
Resource Hash
ca66471d40fc7991a2895087a20c4d7a70321db27280fbdcee18f2666bee2f76

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
text/plain
Referer
https://growth.revolut.com/

Response headers

access-control-allow-credentials
true
via
1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
access-control-allow-origin
https://growth.revolut.com
x-cache
Miss from cloudfront
content-length
75
x-amz-cf-id
AGwpyRyBIeUiGnhxOudW2ay2QOYMWF7Kqx69THwgws6_1KLT_HEWmA==
date
Tue, 05 Nov 2024 16:00:28 GMT
content-type
application/json
x-amz-cf-pop
FRA56-P5
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
events
wa.appsflyer.com/
75 B
532 B
XHR
General
Full URL
https://wa.appsflyer.com/events?site-id=ec3e78e7-0876-43dc-805e-89037156f88a
Requested by
Host: websdk.appsflyer.com
URL: https://websdk.appsflyer.com/?st=banners,pba&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-46.fra56.r.cloudfront.net
Software
/
Resource Hash
ca66471d40fc7991a2895087a20c4d7a70321db27280fbdcee18f2666bee2f76

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
text/plain
Referer
https://growth.revolut.com/

Response headers

access-control-allow-credentials
true
via
1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
access-control-allow-origin
https://growth.revolut.com
x-cache
Miss from cloudfront
content-length
75
x-amz-cf-id
VwZsWScaXrkvXNpImzN_DW4orJs_-QExT-l8snWjCNEjjjgAbQeXeg==
date
Tue, 05 Nov 2024 16:00:28 GMT
content-type
application/json
x-amz-cf-pop
FRA56-P5
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
analytics
pi.pardot.com/
1 KB
2 KB
Script
General
Full URL
https://pi.pardot.com/analytics?ver=3&visitor_id=380058040&visitor_id_sign=d085236f2e870b9d717fbcf80ea18923a1a44f3c95b1742daa3e9822d7110c4d66d2353ed276ffae56567a2ad3f6e7aa16f8f121&pi_opt_in=&campaign_id=24576&account_id=970163&title=Revolut%20Business%20Sales&url=https%3A%2F%2Fgrowth.revolut.com%2Fopt-out%3Femail%3Dannelaure.thebault%40semer.fr&referrer=
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.215.172.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-172-219.compute-1.amazonaws.com
Software
/
Resource Hash
9cffb6794f90157296f4bfedcf9048ca140fb297ee2113eb5499c59620de5b50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-pardot-rsp
0/0/1
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
pragma
no-cache
Connection
keep-alive
X-Pardot-Route
9b06e8e2308c32c7bf9ba8adfb7be2e1
expires
Thu, 19 Nov 1981 08:52:00 GMT
Content-Length
539
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Date
Tue, 05 Nov 2024 16:00:28 GMT
Content-Type
text/javascript; charset=utf-8
vary
Accept-Encoding,User-Agent
pageview
api2.branch.io/v1/
29 B
352 B
XHR
General
Full URL
https://api2.branch.io/v1/pageview
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:ec00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Branch
Resource Hash
c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://growth.revolut.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
29
x-amz-cf-id
F_f2FFrgwpc2dXxz5WGIQP6VUp8DErLpxuJxwokoVjIqSwQqkAEzrQ==
date
Tue, 05 Nov 2024 16:00:28 GMT
content-type
application/json; charset=utf-8
x-powered-by
Branch
x-amz-cf-pop
FRA56-P7
custom
api2.branch.io/v2/event/
39 B
411 B
XHR
General
Full URL
https://api2.branch.io/v2/event/custom
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:ec00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Branch
Resource Hash
0f7a833cfa46a2084a6249a678ed2c3ccf4e35c1c9d583e52c97934c8b3b8eba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://growth.revolut.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-id
xhLUPOtOMOCT8ePgmtqx0DBbBhEctaB3rY9QPJv-eV9sAr5pb__Drw==
via
1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
39
x-branch-request-id
c2f0d1b0-c62f-4486-a04b-a5bbf2b223e1-2024110516
date
Tue, 05 Nov 2024 16:00:28 GMT
content-type
application/json; charset=utf-8
x-powered-by
Branch
x-amz-cf-pop
FRA56-P7
analytics
growth.revolut.com/
50 B
977 B
Script
General
Full URL
https://growth.revolut.com/analytics?conly=true&visitor_id=380058040&visitor_id_sign=d085236f2e870b9d717fbcf80ea18923a1a44f3c95b1742daa3e9822d7110c4d66d2353ed276ffae56567a2ad3f6e7aa16f8f121&pi_opt_in=&campaign_id=24576&account_id=970163&title=Revolut%20Business%20Sales&url=https://growth.revolut.com/opt-out?email=annelaure.thebault@semer.fr&referrer=
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=380058040&visitor_id_sign=d085236f2e870b9d717fbcf80ea18923a1a44f3c95b1742daa3e9822d7110c4d66d2353ed276ffae56567a2ad3f6e7aa16f8f121&pi_opt_in=&campaign_id=24576&account_id=970163&title=Revolut%20Business%20Sales&url=https%3A%2F%2Fgrowth.revolut.com%2Fopt-out%3Femail%3Dannelaure.thebault%40semer.fr&referrer=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.237.219.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-219-119.compute-1.amazonaws.com
Software
/
Resource Hash
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/opt-out?email=annelaure.thebault@semer.fr

Response headers

x-pardot-rsp
0/0/1
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
Connection
keep-alive
X-Pardot-Route
9b06e8e2308c32c7bf9ba8adfb7be2e1
expires
Thu, 19 Nov 1981 08:52:00 GMT
Content-Length
50
p3p
CP="CAO DSP AND SO ON" policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Date
Tue, 05 Nov 2024 16:00:28 GMT
Content-Type
text/javascript; charset=utf-8
vary
User-Agent
x
bat.bing.com/p/insights/c/
0
121 B
XHR
General
Full URL
https://bat.bing.com/p/insights/c/x
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/insights/s/0.7.53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/x-webinsights-gzip
Referer
https://growth.revolut.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 857175BE4964487695FD79D0544AE520 Ref B: FRA31EDGE0114 Ref C: 2024-11-05T16:00:29Z
access-control-allow-credentials
true
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
access-control-allow-origin
https://growth.revolut.com
x-cache
CONFIG_NOCACHE
date
Tue, 05 Nov 2024 16:00:28 GMT
vary
Origin

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| _linkedin_partner_id function| lintrk object| pardot object| piAjax object| piUtils string| piAId string| piCId string| piHostname object| anchors object| anchor object| dataLayer object| all string| $oldReq string| $newReq boolean| _already_called_lintrk object| google_tag_manager object| google_tag_data string| devKey string| smartBannerKey string| AppsFlyerSdkObject function| AF string| _linkedin_data_partner_id function| twq function| fbq function| _fbq object| _fbq_gtm_ids function| uuidv4 object| branch object| ORIBILI object| regeneratorRuntime object| twttr object| AF_cleanupMethods object| AF_SDK function| UET function| UET_init function| UET_push object| ueto_81e1318955 object| uetq function| webinsights object| insightsuetq function| checkNamespace function| getPardotUrl function| piTracker function| piGetParameter function| piGetCookie function| piSetCookie string| piVersion number| piScriptNum object| piScriptObj object| pi number| c_start number| c_end string| property function| piResponse

22 Cookies

Domain/Path Name / Value
growth.revolut.com/ Name: visitor_id969163
Value: 380058040
growth.revolut.com/ Name: visitor_id969163-hash
Value: d085236f2e870b9d717fbcf80ea18923a1a44f3c95b1742daa3e9822d7110c4d66d2353ed276ffae56567a2ad3f6e7aa16f8f121
.revolut.com/ Name: _gcl_au
Value: 1.1.1813462760.1730822427
.revolut.com/ Name: _fbp
Value: fb.1.1730822427673.739559979211914393
.linkedin.com/ Name: bcookie
Value: "v=2&0ac49b19-766c-402f-81d1-ccb1ea1aaca6"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MzA4MjI0Mjc7MjswMjG2EQKmZwaI7HeDgMXhfx1XiW8aIJvfxaG/8EVTgAOioA==
.linkedin.com/ Name: lidc
Value: "b=OGST01:s=O:r=O:a=O:p=O:g=3436:u=1:x=1:i=1730822427:t=1730908827:v=2:sig=AQHbCpFIjCr_8P9M8qW6Q6Lwey2TSoWk"
.revolut.com/ Name: AF_DEFAULT_MEASUREMENT_STATUS
Value: true
.t.co/ Name: muc_ads
Value: be7dc293-6184-4ecb-9bd2-9e5b5e4446b9
.t.co/ Name: __cf_bm
Value: dOqPZbRvJ5cGc9aR6eMNybPWMyK6_QhIFzAsdN_jCOY-1730822428-1.0.1.1-_WWdSzSG3cHIFw0u4099UurzubmthNRQWrbq9CXrQqqjmKxSVC1TIap_OqQrruSBm9yyk3xlzscg0rVk44gHDQ
.app.link/ Name: _s
Value: EyfOx9l7g%2BxU0cLVdoLBnifbVrtp37gJFBuoyyfADDGzQPnBmsWO91ekERMSJI4c
.twitter.com/ Name: guest_id_marketing
Value: v1%3A173082242794608905
.twitter.com/ Name: guest_id_ads
Value: v1%3A173082242794608905
.twitter.com/ Name: personalization_id
Value: "v1_RIAJ6m8WIoxfiikwS95GrA=="
.twitter.com/ Name: guest_id
Value: v1%3A173082242794608905
.appsflyer.com/ Name: af_id
Value: a96ce134-776f-4a99-aa0f-0363fa129cfb-p
.revolut.com/ Name: afUserId
Value: a96ce134-776f-4a99-aa0f-0363fa129cfb-p
.onelink.me/ Name: af_id
Value: a96ce134-776f-4a99-aa0f-0363fa129cfb-p
.revolut.com/ Name: AF_SYNC
Value: 1730822428277
.pardot.com/ Name: visitor_id969163
Value: 380058040
.pardot.com/ Name: visitor_id969163-hash
Value: d085236f2e870b9d717fbcf80ea18923a1a44f3c95b1742daa3e9822d7110c4d66d2353ed276ffae56567a2ad3f6e7aa16f8f121
pi.pardot.com/ Name: lpv969163
Value: aHR0cHM6Ly9ncm93dGgucmV2b2x1dC5jb20vb3B0LW91dD9lbWFpbD1hbm5lbGF1cmUudGhlYmF1bHRAc2VtZXIuZnI%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
api2.branch.io
apiq-apiv1-c01.apiq.sfdc-yzvdd4.svc.sfdcfc.net
app.link
bat.bing.com
bat.bing.net
cdn.branch.io
connect.facebook.net
fonts.googleapis.com
growth.revolut.com
pi.pardot.com
px.ads.linkedin.com
snap.licdn.com
static.ads-twitter.com
storage.pardot.com
t.co
wa.appsflyer.com
wa.onelink.me
websdk.appsflyer.com
www.facebook.com
www.google.com
www.googletagmanager.com
104.244.42.131
108.138.26.79
142.250.186.100
146.75.120.157
157.240.253.1
172.66.0.227
18.173.205.115
18.239.94.22
18.66.112.46
2600:9000:2057:b200:19:9934:6a80:93a1
2600:9000:2359:3400:d:7e9b:1200:93a1
2600:9000:2491:ec00:11:f728:3040:93a1
2620:1ec:21::14
2620:1ec:33::10
2620:1ec:c11::237
2a00:1450:4001:802::200a
2a00:1450:4001:830::2008
2a02:26f0:3500:10::210:a99
2a03:2880:f176:181:face:b00c:0:25de
3.215.172.219
3.65.52.76
34.237.219.119
0ba6b163f965f258c24888cf11c6dfe0d044de0800284da2e78a3faf7bd12925
0f7a833cfa46a2084a6249a678ed2c3ccf4e35c1c9d583e52c97934c8b3b8eba
1bddfa324af3c49ac2304109997b340f0d2114ab86fd75e9612c14623f7427b2
1fc8df714dc9e8f2d64e099e6dd708775a8e6440b32e1621b41cfeb6202f5440
23428c6301061ebb006b127c5841235122a23672f0041d08a9518520795a1bde
37953c80e5bf9c117888ddb1ac384dc90bf707f6b2d749373db3605f3542e06d
38bc0f256821a9c0a02a1c0cedf8ff70c211e637ef77ac199de2fe0cf36ba9ec
3ad953166f77acb4288c602b074091565917a86b84329c0e7494cf8f54418001
3c38217e7eb68c5420579a2f01d89b2ff0d150861c3340ec8df22a5293e35c36
41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
59e67e6a9e384081ca4818c38fbb27e595fe7b074919cc427c49f2ef31228874
8666ec1d1445fa7e5d506936a513ea2997ea68438bce4fb8a36ba346675326d4
87fbc6477d07c0b9eb56d8839da504fcaf1cdbb8bec3e7f6581cfe92f4abdfce
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc
9cffb6794f90157296f4bfedcf9048ca140fb297ee2113eb5499c59620de5b50
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa
ca66471d40fc7991a2895087a20c4d7a70321db27280fbdcee18f2666bee2f76
d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60
d8c436394846ea20127a8db032f848015d4d239789429b7e0202609089b5525a
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e515e7eaba1222feea7895e3c6cc3ab2b45b88c8b17732d422cfb4daea79e76f
e7387aa27b50552b0909bcffbae2e5b5a48bfff4950bafa7935db02250f9d5d2
e99d6230096a249ddbe00810cb1f35c8f12999f358901e203dc9bcb870ca5c57
f9f603090c832a3ba4bf14669ca6b72624acfcabfc395d34b3efa4d1ff037661
fb7695626f51012e649c92570dbb2e36752a5ea656bea278d9154e02bebb5387