urlscan.io logo urlscan.io
SecurityTrails logo

id.revolut.codes Open in urlscan Pro
130.211.33.237  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://skywalker.revolut.codes/
Effective URL: https://id.revolut.codes/signin?redirect_uri=https%3A%2F%2Fvader.revolut.codes%2F&response_type=token+id_token&client_id=...
Submission: On November 30 via api from GB — Scanned from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 21 HTTP transactions. The main IP is 130.211.33.237, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is id.revolut.codes.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on April 10th 2023. Valid for: a year.
This is the only time id.revolut.codes was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 34.89.23.240 396982 (GOOGLE-CL...)
4 34.149.134.146 396982 (GOOGLE-CL...)
4 130.211.33.237 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 34.120.195.249 396982 (GOOGLE-CL...)
4 34.95.97.3 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
21 10
2    34.89.23.240 (London, United Kingdom)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.23.89.34.bc.googleusercontent.com
skywalker.revolut.codes
4    34.149.134.146 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 146.134.149.34.bc.googleusercontent.com
vader.revolut.codes
4    130.211.33.237 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 237.33.211.130.bc.googleusercontent.com
id.revolut.codes
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:827::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
1    34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o104379.ingest.sentry.io
4    34.95.97.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.97.95.34.bc.googleusercontent.com
assets.revolut.com
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:830::2011 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
csp.withgoogle.com
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
10 revolut.codes
skywalker.revolut.codes
vader.revolut.codes
id.revolut.codes
1 MB
4 revolut.com
assets.revolut.com — Cisco Umbrella Rank: 30265
330 KB
3 google.com
accounts.google.com — Cisco Umbrella Rank: 23
121 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2189
255 B
1 gstatic.com
fonts.gstatic.com
27 KB
1 withgoogle.com
csp.withgoogle.com — Cisco Umbrella Rank: 415
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
90 KB
1 sentry.io
o104379.ingest.sentry.io — Cisco Umbrella Rank: 188523
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
21 9
Domain Requested by
4 assets.revolut.com
4 id.revolut.codes vader.revolut.codes
id.revolut.codes
4 vader.revolut.codes vader.revolut.codes
3 accounts.google.com id.revolut.codes
accounts.google.com
2 skywalker.revolut.codes 2 redirects
1 region1.google-analytics.com www.googletagmanager.com
1 fonts.gstatic.com
1 csp.withgoogle.com vader.revolut.codes
1 www.googletagmanager.com id.revolut.codes
1 o104379.ingest.sentry.io vader.revolut.codes
1 fonts.googleapis.com id.revolut.codes
21 11

This site contains no links.

Subject Issuer Validity Valid
*.revolut.codes
Go Daddy Secure Certificate Authority - G2		 2023-04-10 -
2024-05-11		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-02 -
2024-12-02		 a year crt.sh
*.revolut.com
Go Daddy Secure Certificate Authority - G2		 2023-04-04 -
2024-05-05		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.appspot.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://id.revolut.codes/signin?redirect_uri=https%3A%2F%2Fvader.revolut.codes%2F&response_type=token+id_token&client_id=eea66802-b31a-434f-ac64-395f456278f6&auth_type=reauthenticate
Frame ID: CDA179A7CBBC5ECBB3215B490E2BAA97
Requests: 18 HTTP requests in this frame

Frame: https://accounts.google.com/gsi/button?type=standard&logo_alignment=center&shape=pill&size=large&text=continue_with&theme=outline&width=375&client_id=641524086291-kl7036pv9d90qa40lgs61ng1uq75qcdt.apps.googleusercontent.com&iframe_id=gsi_88162_326826&as=DZn65UttDw7PrpOa6WXdFA
Frame ID: F0A1CC3FCDF791CE8C46043A515C8397
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Revolut IDave

Page URL History Show full URLs

  1. http://skywalker.revolut.codes/ HTTP 308
    https://skywalker.revolut.codes/ HTTP 301
    https://vader.revolut.codes/ Page URL
  2. https://id.revolut.codes/signin?redirect_uri=https%3A%2F%2Fvader.revolut.codes%2F&response_type=token... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

21
Requests

100 %
HTTPS

55 %
IPv6

9
Domains

11
Subdomains

10
IPs

3
Countries

1654 kB
Transfer

4226 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://skywalker.revolut.codes/ HTTP 308
    https://skywalker.revolut.codes/ HTTP 301
    https://vader.revolut.codes/ Page URL
  2. https://id.revolut.codes/signin?redirect_uri=https%3A%2F%2Fvader.revolut.codes%2F&response_type=token+id_token&client_id=eea66802-b31a-434f-ac64-395f456278f6&auth_type=reauthenticate Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://skywalker.revolut.codes/ HTTP 308
  • https://skywalker.revolut.codes/ HTTP 301
  • https://vader.revolut.codes/

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
vader.revolut.codes/
Redirect Chain
  • http://skywalker.revolut.codes/
  • https://skywalker.revolut.codes/
  • https://vader.revolut.codes/
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vader.revolut.codes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.134.146 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
146.134.149.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cc4851b4f128eae8ca33058345d9d035b62e62786741643a525f3ca316b0f18a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://js-agent.newrelic.com https://translate.googleapis.com/ https://translate.google.com/ https://www.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com; report-uri https://o104379.ingest.sentry.io/api/6621921/security/?sentry_key=0f5e92759ae747a69650a96586181904; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.revolut.com; img-src 'self' data: blob: https://assets.revolut.com https://assets.revolut.codes https://avatars.slack-edge.com https://secure.gravatar.com https://www.googletagmanager.com; media-src 'self' data: https://assets.revolut.com; font-src 'self' data: https://assets.revolut.com https://fonts.gstatic.com; connect-src 'self' https://assets.revolut.com https://translate.googleapis.com https://o104379.ingest.sentry.io https://www.googletagmanager.com https://*.google-analytics.com; child-src 'self'; frame-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
es-ES,es;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache
content-encoding
gzip
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://js-agent.newrelic.com https://translate.googleapis.com/ https://translate.google.com/ https://www.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com; report-uri https://o104379.ingest.sentry.io/api/6621921/security/?sentry_key=0f5e92759ae747a69650a96586181904; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.revolut.com; img-src 'self' data: blob: https://assets.revolut.com https://assets.revolut.codes https://avatars.slack-edge.com https://secure.gravatar.com https://www.googletagmanager.com; media-src 'self' data: https://assets.revolut.com; font-src 'self' data: https://assets.revolut.com https://fonts.gstatic.com; connect-src 'self' https://assets.revolut.com https://translate.googleapis.com https://o104379.ingest.sentry.io https://www.googletagmanager.com https://*.google-analytics.com; child-src 'self'; frame-src 'self';
content-type
text/html
date
Thu, 30 Nov 2023 10:44:47 GMT
etag
W/"6565b0c3-58d"
expires
Thu, 30 Nov 2023 10:44:46 GMT
last-modified
Tue, 28 Nov 2023 09:20:03 GMT
referrer-policy
same-origin
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block

Redirect headers

content-length
162
content-type
text/html
date
Thu, 30 Nov 2023 10:44:46 GMT
location
https://vader.revolut.codes
referrer-policy
no-referrer
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
index-OQjMlxuF.js
vader.revolut.codes/assets/ 		1 MB
425 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vader.revolut.codes/assets/index-OQjMlxuF.js
Requested by
Host: vader.revolut.codes
URL: https://vader.revolut.codes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.134.146 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
146.134.149.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
429c2df3b3fc370c3f719769a5c32b164a7607141d84875e3625132fc7464370
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://js-agent.newrelic.com https://translate.googleapis.com/ https://translate.google.com/ https://www.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com; report-uri https://o104379.ingest.sentry.io/api/6621921/security/?sentry_key=0f5e92759ae747a69650a96586181904; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.revolut.com; img-src 'self' data: blob: https://assets.revolut.com https://assets.revolut.codes https://avatars.slack-edge.com https://secure.gravatar.com https://www.googletagmanager.com; media-src 'self' data: https://assets.revolut.com; font-src 'self' data: https://assets.revolut.com https://fonts.gstatic.com; connect-src 'self' https://assets.revolut.com https://translate.googleapis.com https://o104379.ingest.sentry.io https://www.googletagmanager.com https://*.google-analytics.com; child-src 'self'; frame-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vader.revolut.codes/
Origin
https://vader.revolut.codes
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 30 Nov 2023 10:44:47 GMT
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://js-agent.newrelic.com https://translate.googleapis.com/ https://translate.google.com/ https://www.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com; report-uri https://o104379.ingest.sentry.io/api/6621921/security/?sentry_key=0f5e92759ae747a69650a96586181904; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.revolut.com; img-src 'self' data: blob: https://assets.revolut.com https://assets.revolut.codes https://avatars.slack-edge.com https://secure.gravatar.com https://www.googletagmanager.com; media-src 'self' data: https://assets.revolut.com; font-src 'self' data: https://assets.revolut.com https://fonts.gstatic.com; connect-src 'self' https://assets.revolut.com https://translate.googleapis.com https://o104379.ingest.sentry.io https://www.googletagmanager.com https://*.google-analytics.com; child-src 'self'; frame-src 'self';
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Tue, 28 Nov 2023 09:20:03 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
etag
W/"6565b0c3-13e1c9"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
index-O1SSxJ1k.css
vader.revolut.codes/assets/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vader.revolut.codes/assets/index-O1SSxJ1k.css
Requested by
Host: vader.revolut.codes
URL: https://vader.revolut.codes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.134.146 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
146.134.149.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
ba4eeabd5080f51767961799addd0bc4fad856f5d543492656213f92b45b29ec
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://js-agent.newrelic.com https://translate.googleapis.com/ https://translate.google.com/ https://www.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com; report-uri https://o104379.ingest.sentry.io/api/6621921/security/?sentry_key=0f5e92759ae747a69650a96586181904; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.revolut.com; img-src 'self' data: blob: https://assets.revolut.com https://assets.revolut.codes https://avatars.slack-edge.com https://secure.gravatar.com https://www.googletagmanager.com; media-src 'self' data: https://assets.revolut.com; font-src 'self' data: https://assets.revolut.com https://fonts.gstatic.com; connect-src 'self' https://assets.revolut.com https://translate.googleapis.com https://o104379.ingest.sentry.io https://www.googletagmanager.com https://*.google-analytics.com; child-src 'self'; frame-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vader.revolut.codes/
Origin
https://vader.revolut.codes
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 30 Nov 2023 10:44:47 GMT
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://js-agent.newrelic.com https://translate.googleapis.com/ https://translate.google.com/ https://www.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com; report-uri https://o104379.ingest.sentry.io/api/6621921/security/?sentry_key=0f5e92759ae747a69650a96586181904; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.revolut.com; img-src 'self' data: blob: https://assets.revolut.com https://assets.revolut.codes https://avatars.slack-edge.com https://secure.gravatar.com https://www.googletagmanager.com; media-src 'self' data: https://assets.revolut.com; font-src 'self' data: https://assets.revolut.com https://fonts.gstatic.com; connect-src 'self' https://assets.revolut.com https://translate.googleapis.com https://o104379.ingest.sentry.io https://www.googletagmanager.com https://*.google-analytics.com; child-src 'self'; frame-src 'self';
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Tue, 28 Nov 2023 09:20:03 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
etag
W/"6565b0c3-5cf8"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
applications
vader.revolut.codes/vader-api/ 		34 B
49 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vader.revolut.codes/vader-api/applications
Requested by
Host: vader.revolut.codes
URL: https://vader.revolut.codes/assets/index-OQjMlxuF.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.134.146 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
146.134.149.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept
application/json
Referer
https://vader.revolut.codes/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 30 Nov 2023 10:44:47 GMT
via
1.1 google
x-content-type-options
nosniff
server
nginx
content-type
application/json
request-id
10IL01O47LJAB
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
Primary Request signin
id.revolut.codes/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://id.revolut.codes/signin?redirect_uri=https%3A%2F%2Fvader.revolut.codes%2F&response_type=token+id_token&client_id=eea66802-b31a-434f-ac64-395f456278f6&auth_type=reauthenticate
Requested by
Host: vader.revolut.codes
URL: https://vader.revolut.codes/assets/index-OQjMlxuF.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.33.237 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
237.33.211.130.bc.googleusercontent.com
Software
nginx /
Resource Hash
8721c33c038cbdf66a010ab11a9ba6c2592c1c12abf7b293bae204768c8ed794
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'nonce-b017a3228da431e52a9601b10e93dede' https://www.googletagmanager.com https://accounts.google.com/gsi/client; report-uri https://o104379.ingest.sentry.io/api/5668765/security/?sentry_key=b3e9fa55547e4b00b17d6b9c8f95410f; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.revolut.com https://accounts.google.com; img-src 'self' data: blob: https://assets.revolut.com https://assets.revolut.codes https://avatars.slack-edge.com https://secure.gravatar.com https://www.googletagmanager.com; media-src 'self' data: https://assets.revolut.com; font-src 'self' data: https://assets.revolut.com https://fonts.gstatic.com; connect-src 'self' https://assets.revolut.com https://translate.googleapis.com https://o104379.ingest.sentry.io https://www.googletagmanager.com https://*.google-analytics.com; child-src 'self'; frame-src 'self' https://accounts.google.com; frame-ancestors 'self' https://*.revolut.codes; manifest-src 'self' https://accounts.google.com https://assets.revolut.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
es-ES,es;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache
content-encoding
gzip
content-security-policy
default-src 'self'; script-src 'self' 'nonce-b017a3228da431e52a9601b10e93dede' https://www.googletagmanager.com https://accounts.google.com/gsi/client; report-uri https://o104379.ingest.sentry.io/api/5668765/security/?sentry_key=b3e9fa55547e4b00b17d6b9c8f95410f; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.revolut.com https://accounts.google.com; img-src 'self' data: blob: https://assets.revolut.com https://assets.revolut.codes https://avatars.slack-edge.com https://secure.gravatar.com https://www.googletagmanager.com; media-src 'self' data: https://assets.revolut.com; font-src 'self' data: https://assets.revolut.com https://fonts.gstatic.com; connect-src 'self' https://assets.revolut.com https://translate.googleapis.com https://o104379.ingest.sentry.io https://www.googletagmanager.com https://*.google-analytics.com; child-src 'self'; frame-src 'self' https://accounts.google.com; frame-ancestors 'self' https://*.revolut.codes; manifest-src 'self' https://accounts.google.com https://assets.revolut.com;
content-type
text/html
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 30 Nov 2023 10:44:47 GMT
etag
W/"6564d680-60c"
expires
Thu, 30 Nov 2023 10:44:46 GMT
last-modified
Mon, 27 Nov 2023 17:48:48 GMT
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
referrer-policy
no-referrer, strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-frame-options
sameorigin
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500
Requested by
Host: id.revolut.codes
URL: https://id.revolut.codes/signin?redirect_uri=https%3A%2F%2Fvader.revolut.codes%2F&response_type=token+id_token&client_id=eea66802-b31a-434f-ac64-395f456278f6&auth_type=reauthenticate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c96d78e994736f78449cabb5f36989a38a6f1f5fd98473488ca6a22bf4e1e89e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://id.revolut.codes/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

strict-transport-security
max-age=31536000
date
Thu, 30 Nov 2023 10:44:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 10:24:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 30 Nov 2023 10:44:47 GMT
main.fc8ce979.js
id.revolut.codes/static/js/ 		2 MB
651 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://id.revolut.codes/static/js/main.fc8ce979.js
Requested by
Host: id.revolut.codes
URL: https://id.revolut.codes/signin?redirect_uri=https%3A%2F%2Fvader.revolut.codes%2F&response_type=token+id_token&client_id=eea66802-b31a-434f-ac64-395f456278f6&auth_type=reauthenticate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.33.237 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
237.33.211.130.bc.googleusercontent.com
Software
nginx /
Resource Hash
3eedea441d834c9ceb8add6faeb798aee59c89b96ae08c431c01e9f0de37f492
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'nonce-b017a3228da431e52a9601b10e93dede' https://www.googletagmanager.com https://accounts.google.com/gsi/client; report-uri https://o104379.ingest.sentry.io/api/5668765/security/?sentry_key=b3e9fa55547e4b00b17d6b9c8f95410f; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.revolut.com https://accounts.google.com; img-src 'self' data: blob: https://assets.revolut.com https://assets.revolut.codes https://avatars.slack-edge.com https://secure.gravatar.com https://www.googletagmanager.com; media-src 'self' data: https://assets.revolut.com; font-src 'self' data: https://assets.revolut.com https://fonts.gstatic.com; connect-src 'self' https://assets.revolut.com https://translate.googleapis.com https://o104379.ingest.sentry.io https://www.googletagmanager.com https://*.google-analytics.com; child-src 'self'; frame-src 'self' https://accounts.google.com; frame-ancestors 'self' https://*.revolut.codes; manifest-src 'self' https://accounts.google.com https://assets.revolut.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://id.revolut.codes/signin?redirect_uri=https%3A%2F%2Fvader.revolut.codes%2F&response_type=token+id_token&client_id=eea66802-b31a-434f-ac64-395f456278f6&auth_type=reauthenticate
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 30 Nov 2023 10:44:47 GMT
content-security-policy
default-src 'self'; script-src 'self' 'nonce-b017a3228da431e52a9601b10e93dede' https://www.googletagmanager.com https://accounts.google.com/gsi/client; report-uri https://o104379.ingest.sentry.io/api/5668765/security/?sentry_key=b3e9fa55547e4b00b17d6b9c8f95410f; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.revolut.com https://accounts.google.com; img-src 'self' data: blob: https://assets.revolut.com https://assets.revolut.codes https://avatars.slack-edge.com https://secure.gravatar.com https://www.googletagmanager.com; media-src 'self' data: https://assets.revolut.com; font-src 'self' data: https://assets.revolut.com https://fonts.gstatic.com; connect-src 'self' https://assets.revolut.com https://translate.googleapis.com https://o104379.ingest.sentry.io https://www.googletagmanager.com https://*.google-analytics.com; child-src 'self'; frame-src 'self' https://accounts.google.com; frame-ancestors 'self' https://*.revolut.codes; manifest-src 'self' https://accounts.google.com https://assets.revolut.com;
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Mon, 27 Nov 2023 17:48:48 GMT
server
nginx
cross-origin-opener-policy
same-origin-allow-popups
etag
W/"6564d680-1e9754"
vary
Accept-Encoding
x-frame-options
sameorigin
content-type
application/javascript
cache-control
max-age=315360000
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.58462fbc.css
id.revolut.codes/static/css/ 		2 KB
933 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://id.revolut.codes/static/css/main.58462fbc.css
Requested by
Host: id.revolut.codes
URL: https://id.revolut.codes/signin?redirect_uri=https%3A%2F%2Fvader.revolut.codes%2F&response_type=token+id_token&client_id=eea66802-b31a-434f-ac64-395f456278f6&auth_type=reauthenticate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.33.237 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
237.33.211.130.bc.googleusercontent.com
Software
nginx /
Resource Hash
d6948c48aa3a6b6fdc3e63f76ef082c166766631eccbc15c473733ee2d0e03cc
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'nonce-b017a3228da431e52a9601b10e93dede' https://www.googletagmanager.com https://accounts.google.com/gsi/client; report-uri https://o104379.ingest.sentry.io/api/5668765/security/?sentry_key=b3e9fa55547e4b00b17d6b9c8f95410f; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.revolut.com https://accounts.google.com; img-src 'self' data: blob: https://assets.revolut.com https://assets.revolut.codes https://avatars.slack-edge.com https://secure.gravatar.com https://www.googletagmanager.com; media-src 'self' data: https://assets.revolut.com; font-src 'self' data: https://assets.revolut.com https://fonts.gstatic.com; connect-src 'self' https://assets.revolut.com https://translate.googleapis.com https://o104379.ingest.sentry.io https://www.googletagmanager.com https://*.google-analytics.com; child-src 'self'; frame-src 'self' https://accounts.google.com; frame-ancestors 'self' https://*.revolut.codes; manifest-src 'self' https://accounts.google.com https://assets.revolut.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://id.revolut.codes/signin?redirect_uri=https%3A%2F%2Fvader.revolut.codes%2F&response_type=token+id_token&client_id=eea66802-b31a-434f-ac64-395f456278f6&auth_type=reauthenticate
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 30 Nov 2023 10:44:47 GMT
content-security-policy
default-src 'self'; script-src 'self' 'nonce-b017a3228da431e52a9601b10e93dede' https://www.googletagmanager.com https://accounts.google.com/gsi/client; report-uri https://o104379.ingest.sentry.io/api/5668765/security/?sentry_key=b3e9fa55547e4b00b17d6b9c8f95410f; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.revolut.com https://accounts.google.com; img-src 'self' data: blob: https://assets.revolut.com https://assets.revolut.codes https://avatars.slack-edge.com https://secure.gravatar.com https://www.googletagmanager.com; media-src 'self' data: https://assets.revolut.com; font-src 'self' data: https://assets.revolut.com https://fonts.gstatic.com; connect-src 'self' https://assets.revolut.com https://translate.googleapis.com https://o104379.ingest.sentry.io https://www.googletagmanager.com https://*.google-analytics.com; child-src 'self'; frame-src 'self' https://accounts.google.com; frame-ancestors 'self' https://*.revolut.codes; manifest-src 'self' https://accounts.google.com https://assets.revolut.com;
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Mon, 27 Nov 2023 17:48:48 GMT
server
nginx
cross-origin-opener-policy
same-origin-allow-popups
etag
W/"6564d680-756"
vary
Accept-Encoding
x-frame-options
sameorigin
content-type
text/css
cache-control
max-age=315360000
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
expires
Thu, 31 Dec 2037 23:55:55 GMT
client
accounts.google.com/gsi/ 		199 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: id.revolut.codes
URL: https://id.revolut.codes/signin?redirect_uri=https%3A%2F%2Fvader.revolut.codes%2F&response_type=token+id_token&client_id=eea66802-b31a-434f-ac64-395f456278f6&auth_type=reauthenticate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2a40e572b92805fe4151668861e2b1ebc2922806ce52bf859a6864d685faf5d0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kbaZs-43UDlCPpVfNU7C5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://id.revolut.codes/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 30 Nov 2023 10:44:47 GMT
content-security-policy
script-src 'report-sample' 'nonce-kbaZs-43UDlCPpVfNU7C5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Thu, 30 Nov 2023 10:44:47 GMT
/
o104379.ingest.sentry.io/api/5668765/security/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://o104379.ingest.sentry.io/api/5668765/security/?sentry_key=b3e9fa55547e4b00b17d6b9c8f95410f
Requested by
Host: vader.revolut.codes
URL: https://vader.revolut.codes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://id.revolut.codes/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type
application/csp-report

Response headers
BasierCircle-Medium.woff2
assets.revolut.com/media/fonts/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.revolut.com/media/fonts/BasierCircle-Medium.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.97.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
3.97.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a858e829b2f1ef3a0346efb973efa7c021905c23483292d5319d29ae316e4ce9

Request headers

Referer
https://id.revolut.codes/
Origin
https://id.revolut.codes
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 17 Nov 2023 20:50:26 GMT
age
1086862
x-guploader-uploadid
ABPtcPpv4jlVhXoerdEYxzGTwsfJe3TsiDj3G9WCNqHzOJF1Jz9F40B8YPK-hpJS2rC2M_lnhn-z5enZM4s7Ktkao-Ra8g
x-goog-storage-class
MULTI_REGIONAL
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
4
x-goog-stored-content-encoding
identity
x-goog-meta-access-control-allow-origin
*
content-length
15748
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified
Wed, 06 May 2020 08:57:31 GMT
server
UploadServer
etag
"ecb8f6aea34bb31c9f19e0c34108d582"
x-goog-generation
1588755451985849
x-goog-hash
crc32c=69AP/Q==, md5=7Lj2rqNLsxyfGeDDQQjVgg==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000
x-goog-stored-content-length
15748
accept-ranges
bytes
content-type
application/octet-stream
expires
Sat, 16 Nov 2024 20:50:26 GMT
session
id.revolut.codes/api/auth/ 		61 B
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.revolut.codes/api/auth/session
Requested by
Host: id.revolut.codes
URL: https://id.revolut.codes/static/js/main.fc8ce979.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
130.211.33.237 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
237.33.211.130.bc.googleusercontent.com
Software
nginx /
Resource Hash
047a48c3afabd472278e19b5743f543734bb457fa63e6358e4c5b7793dddbbee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://id.revolut.codes/signin?redirect_uri=https%3A%2F%2Fvader.revolut.codes%2F&response_type=token+id_token&client_id=eea66802-b31a-434f-ac64-395f456278f6&auth_type=reauthenticate
accept-language
es-ES,es;q=0.9
baggage
sentry-public_key=b3e9fa55547e4b00b17d6b9c8f95410f,sentry-trace_id=119917609ef1468bacd5d4eb0b0343b7,sentry-sample_rate=0.2
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
sentry-trace
119917609ef1468bacd5d4eb0b0343b7-acb8810ff382c30b-0

Response headers

date
Thu, 30 Nov 2023 10:44:48 GMT
via
1.1 google
x-content-type-options
nosniff
server
nginx
content-type
application/json;charset=utf-8
access-control-allow-credentials
true
allowedheaders
Content-Type,X-Requested-With,Content-Length,Accept,Origin,X-Api-Version
request-id
GBIVW0UG4CDU
access-control-allow-headers
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		267 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-59GCFJLNG4
Requested by
Host: id.revolut.codes
URL: https://id.revolut.codes/static/js/main.fc8ce979.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dbc8ab4e0da2bba023b4b1dd08ee9bbc495d4c4b52c02fe51a7a21cb79a7c141
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://id.revolut.codes/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 30 Nov 2023 10:44:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91376
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 30 Nov 2023 10:44:48 GMT
Inter-Medium.woff2
assets.revolut.com/media/fonts/ 		109 KB
109 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.revolut.com/media/fonts/Inter-Medium.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.97.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
3.97.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
aaa02aa09b0bc5bc5c57095aaa6e15bea07480136e9aab705f69886daa213325

Request headers

Referer
https://id.revolut.codes/
Origin
https://id.revolut.codes
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 30 Nov 2023 10:26:44 GMT
age
1084
x-guploader-uploadid
ABPtcPoPpUBA06uwqwnWHPq6hoQKpcY5GVMPHFVMWN6v-uc5qvZGqRwXvksXIDIucsjTslUNdf5mhcG7DuO-Dib9lefyIA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111192
last-modified
Tue, 27 Jun 2023 07:58:20 GMT
server
UploadServer
etag
"823f35a845a9dfbf9800c8a37b635269"
x-goog-generation
1687852700339966
x-goog-hash
crc32c=RwAztA==, md5=gj81qEWp37+YAMije2NSaQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
111192
accept-ranges
bytes
content-type
application/octet-stream
expires
Thu, 30 Nov 2023 11:26:44 GMT
Inter-Bold.woff2
assets.revolut.com/media/fonts/ 		104 KB
104 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.revolut.com/media/fonts/Inter-Bold.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.97.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
3.97.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c63158babcb7902203ed73476ccf901db34825ea524d4a36a52b5e5f97e1abf7

Request headers

Referer
https://id.revolut.codes/
Origin
https://id.revolut.codes
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 30 Nov 2023 10:44:48 GMT
age
0
x-guploader-uploadid
ABPtcPr9OQbLKnO9MLOH13V4I_jXWWRNFXmZABdEDaZCZsAm-suJwRxkf9nVtIhEkDmuFfSv-guLNXh1UVz87qfDNN594w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106140
last-modified
Fri, 08 Sep 2023 11:31:53 GMT
server
UploadServer
etag
"444a7284663a3bc886683eb81450b294"
x-goog-generation
1694172713821134
x-goog-hash
crc32c=JPKy5A==, md5=REpyhGY6O8iGaD64FFCylA==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
106140
accept-ranges
bytes
content-type
application/octet-stream
expires
Thu, 30 Nov 2023 11:44:48 GMT
style
accounts.google.com/gsi/ 		533 B
610 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nRuxP7w6tyk41N_q47nvQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://id.revolut.codes/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 30 Nov 2023 10:44:48 GMT
content-security-policy
script-src 'report-sample' 'nonce-nRuxP7w6tyk41N_q47nvQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Thu, 30 Nov 2023 10:44:48 GMT
button
accounts.google.com/gsi/ Frame F0A1 		113 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/button?type=standard&logo_alignment=center&shape=pill&size=large&text=continue_with&theme=outline&width=375&client_id=641524086291-kl7036pv9d90qa40lgs61ng1uq75qcdt.apps.googleusercontent.com&iframe_id=gsi_88162_326826&as=DZn65UttDw7PrpOa6WXdFA
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
90b482ef070fbcbeba55f4f1f11deab2d07940371645af209ec6200dd9180f76
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TVKcfoCAijpUF0INTkcsVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://id.revolut.codes/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
es-ES,es;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-TVKcfoCAijpUF0INTkcsVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
cross-origin-resource-policy
same-site
date
Thu, 30 Nov 2023 10:44:48 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-xss-protection
0
Inter-Regular.woff2
assets.revolut.com/media/fonts/ 		101 KB
101 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.revolut.com/media/fonts/Inter-Regular.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.97.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
3.97.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f536bae011685cdeb84a3ec10450fd024d62536949d870582f4651cd47404067

Request headers

Referer
https://id.revolut.codes/
Origin
https://id.revolut.codes
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 30 Nov 2023 10:01:15 GMT
age
2613
x-guploader-uploadid
ABPtcPoUXvb0PCnTx721SdJMRG4VujqHEyMdBtPU44VfpevK-H5l7uCILC01e3hvx-NdWhZl0ZEmi92cgA_X47fWwuqPKA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
103152
last-modified
Tue, 27 Jun 2023 07:58:20 GMT
server
UploadServer
etag
"5891e05821cbf2402b6dd3f4a84cfe12"
x-goog-generation
1687852700775012
x-goog-hash
crc32c=xvZT+w==, md5=WJHgWCHL8kArbdP0qEz+Eg==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
103152
accept-ranges
bytes
content-type
application/octet-stream
expires
Thu, 30 Nov 2023 11:01:15 GMT
identity-sign-in-google-http
csp.withgoogle.com/csp/ Frame F0A1 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/identity-sign-in-google-http
Requested by
Host: vader.revolut.codes
URL: https://vader.revolut.codes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type
application/csp-report

Response headers
4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf
fonts.gstatic.com/s/googlesans/v14/ Frame F0A1 		51 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebeace42646aa327b1fa6225f70120658993d4796cc9103484a6f068d3a58a6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/
Origin
https://accounts.google.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Wed, 29 Nov 2023 20:36:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50888
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27431
x-xss-protection
0
last-modified
Mon, 22 Apr 2019 23:43:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Nov 2024 20:36:40 GMT
collect
region1.google-analytics.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-59GCFJLNG4&gtm=45je3b60v9100639172&_p=1701341087880&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=2137747964.1701341088&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=1&sid=1701341088&sct=1&seg=0&dl=https%3A%2F%2Fid.revolut.codes%2Fsignin%3Fredirect_uri%3Dhttps%253A%252F%252Fvader.revolut.codes%252F%26response_type%3Dtoken%2Bid_token%26client_id%3Deea66802-b31a-434f-ac64-395f456278f6%26auth_type%3Dreauthenticate&dt=Revolut%20IDave&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=90&tfd=926
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-59GCFJLNG4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://id.revolut.codes/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 10:44:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://id.revolut.codes
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| dataLayer function| gtag object| default_gsi object| _F_toggles object| google object| __SENTRY__ function| _ object| regeneratorRuntime object| closure_lm_484650 object| __G_ID_CLIENT__ object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

2 Cookies

Domain/Path Name / Value
.revolut.codes/ Name: _ga_59GCFJLNG4
Value: GS1.1.1701341088.1.0.1701341088.0.0.0
.revolut.codes/ Name: _ga
Value: GA1.1.2137747964.1701341088

4 Console Messages

Source Level URL
Text
network error URL: https://vader.revolut.codes/vader-api/applications
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://o104379.ingest.sentry.io/api/5668765/security/?sentry_key=b3e9fa55547e4b00b17d6b9c8f95410f
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://id.revolut.codes/api/auth/session
Message:
Failed to load resource: the server responded with a status of 401 ()
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://js-agent.newrelic.com https://translate.googleapis.com/ https://translate.google.com/ https://www.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com; report-uri https://o104379.ingest.sentry.io/api/6621921/security/?sentry_key=0f5e92759ae747a69650a96586181904; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.revolut.com; img-src 'self' data: blob: https://assets.revolut.com https://assets.revolut.codes https://avatars.slack-edge.com https://secure.gravatar.com https://www.googletagmanager.com; media-src 'self' data: https://assets.revolut.com; font-src 'self' data: https://assets.revolut.com https://fonts.gstatic.com; connect-src 'self' https://assets.revolut.com https://translate.googleapis.com https://o104379.ingest.sentry.io https://www.googletagmanager.com https://*.google-analytics.com; child-src 'self'; frame-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
assets.revolut.com
csp.withgoogle.com
fonts.googleapis.com
fonts.gstatic.com
id.revolut.codes
o104379.ingest.sentry.io
region1.google-analytics.com
skywalker.revolut.codes
vader.revolut.codes
www.googletagmanager.com
130.211.33.237
2001:4860:4802:32::36
2a00:1450:4001:813::2003
2a00:1450:4001:827::200d
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2011
2a00:1450:4001:831::200a
34.120.195.249
34.149.134.146
34.89.23.240
34.95.97.3
047a48c3afabd472278e19b5743f543734bb457fa63e6358e4c5b7793dddbbee
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
2a40e572b92805fe4151668861e2b1ebc2922806ce52bf859a6864d685faf5d0
3eedea441d834c9ceb8add6faeb798aee59c89b96ae08c431c01e9f0de37f492
429c2df3b3fc370c3f719769a5c32b164a7607141d84875e3625132fc7464370
8721c33c038cbdf66a010ab11a9ba6c2592c1c12abf7b293bae204768c8ed794
90b482ef070fbcbeba55f4f1f11deab2d07940371645af209ec6200dd9180f76
a858e829b2f1ef3a0346efb973efa7c021905c23483292d5319d29ae316e4ce9
aaa02aa09b0bc5bc5c57095aaa6e15bea07480136e9aab705f69886daa213325
ba4eeabd5080f51767961799addd0bc4fad856f5d543492656213f92b45b29ec
c63158babcb7902203ed73476ccf901db34825ea524d4a36a52b5e5f97e1abf7
c96d78e994736f78449cabb5f36989a38a6f1f5fd98473488ca6a22bf4e1e89e
cc4851b4f128eae8ca33058345d9d035b62e62786741643a525f3ca316b0f18a
d6948c48aa3a6b6fdc3e63f76ef082c166766631eccbc15c473733ee2d0e03cc
dbc8ab4e0da2bba023b4b1dd08ee9bbc495d4c4b52c02fe51a7a21cb79a7c141
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebeace42646aa327b1fa6225f70120658993d4796cc9103484a6f068d3a58a6d
f536bae011685cdeb84a3ec10450fd024d62536949d870582f4651cd47404067