Submitted URL: https://apiq-apiv1-c01.apiq.sfdc-yzvdd4.svc.sfdcfc.net/r?target=67290cfb45e78c180ad61d7c&t=V2_eyJwX2l2IjoiNnBLN0Zkb25UTzFodmtyQmR1N2Q4Z1x1MDAzZFx1MDAzZ...
Effective URL: https://growth.revolut.com/opt-out?email=annelaure.thebault@semer.fr
Submission: On November 05 via api from RU — Scanned from DE

Summary

This website contacted 21 IPs in 2 countries across 19 domains to perform 42 HTTP transactions. The main IP is 3.215.172.219, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is growth.revolut.com.
TLS certificate: Issued by R11 on October 8th 2024. Valid for: 3 months.
This is the only time growth.revolut.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.65.52.76 16509 (AMAZON-02)
2 5 3.215.172.219 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:235... 16509 (AMAZON-02)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
3 2620:1ec:21::14 8068 (MICROSOFT...)
1 142.250.186.100 15169 (GOOGLE)
1 18.245.60.69 16509 (AMAZON-02)
1 146.75.120.157 54113 (FASTLY)
2 157.240.253.1 32934 (FACEBOOK)
6 2620:1ec:33:2... 8075 (MICROSOFT...)
1 108.138.26.87 16509 (AMAZON-02)
4 18.66.112.116 16509 (AMAZON-02)
1 172.66.0.227 13335 (CLOUDFLAR...)
1 104.244.42.67 13414 (TWITTER)
1 2600:9000:205... 16509 (AMAZON-02)
2 2a03:2880:f17... 32934 (FACEBOOK)
2 18.173.205.60 16509 (AMAZON-02)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
3 2600:9000:249... 16509 (AMAZON-02)
2 34.237.219.119 14618 (AMAZON-AES)
42 21
Apex Domain
Subdomains
Transfer
6 bing.com
bat.bing.com — Cisco Umbrella Rank: 348
32 KB
5 appsflyer.com
websdk.appsflyer.com — Cisco Umbrella Rank: 5850
wa.appsflyer.com — Cisco Umbrella Rank: 7447
17 KB
5 revolut.com
growth.revolut.com
118 KB
4 branch.io
cdn.branch.io — Cisco Umbrella Rank: 958
api2.branch.io — Cisco Umbrella Rank: 1350
25 KB
4 pardot.com
storage.pardot.com — Cisco Umbrella Rank: 11507
pi.pardot.com — Cisco Umbrella Rank: 5653
26 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 321
2 KB
2 bing.net
bat.bing.net — Cisco Umbrella Rank: 20475
466 B
2 onelink.me
wa.onelink.me — Cisco Umbrella Rank: 11023
877 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
4 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
77 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
128 KB
1 app.link
app.link — Cisco Umbrella Rank: 2197
664 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 962
725 B
1 t.co
t.co — Cisco Umbrella Rank: 859
629 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 960
16 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 3
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 784
14 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
1 KB
1 sfdcfc.net
apiq-apiv1-c01.apiq.sfdc-yzvdd4.svc.sfdcfc.net — Cisco Umbrella Rank: 234315
194 B
42 19
Domain Requested by
6 bat.bing.com www.googletagmanager.com
bat.bing.com
5 growth.revolut.com 2 redirects growth.revolut.com
pi.pardot.com
4 wa.appsflyer.com websdk.appsflyer.com
3 api2.branch.io cdn.branch.io
3 px.ads.linkedin.com snap.licdn.com
growth.revolut.com
2 pi.pardot.com growth.revolut.com
pi.pardot.com
2 bat.bing.net bat.bing.com
growth.revolut.com
2 wa.onelink.me websdk.appsflyer.com
2 www.facebook.com growth.revolut.com
2 connect.facebook.net www.googletagmanager.com
connect.facebook.net
2 www.googletagmanager.com growth.revolut.com
www.googletagmanager.com
2 storage.pardot.com growth.revolut.com
1 app.link cdn.branch.io
1 analytics.twitter.com growth.revolut.com
1 t.co growth.revolut.com
1 cdn.branch.io growth.revolut.com
1 static.ads-twitter.com www.googletagmanager.com
1 websdk.appsflyer.com growth.revolut.com
1 www.google.com www.googletagmanager.com
1 snap.licdn.com growth.revolut.com
1 fonts.googleapis.com growth.revolut.com
1 apiq-apiv1-c01.apiq.sfdc-yzvdd4.svc.sfdcfc.net 1 redirects
42 22

This site contains links to these domains. Also see Links.

Domain
www.revolut.com
Subject Issuer Validity Valid
growth.revolut.com
R11
2024-10-08 -
2025-01-06
3 months crt.sh
upload.video.google.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2023-12-13 -
2024-12-12
a year crt.sh
*.google-analytics.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA
2024-10-14 -
2025-04-14
6 months crt.sh
*.google.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.appsflyer.com
Amazon RSA 2048 M03
2024-02-04 -
2025-03-03
a year crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-06-25 -
2025-06-24
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-08-14 -
2024-11-12
3 months crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 03
2024-09-16 -
2025-03-15
6 months crt.sh
*.branch.io
Amazon RSA 2048 M03
2024-08-11 -
2025-09-09
a year crt.sh
t.co
E5
2024-09-28 -
2024-12-27
3 months crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-09-30 -
2025-09-29
a year crt.sh
appipv4.link
Amazon RSA 2048 M03
2024-03-25 -
2025-04-22
a year crt.sh
*.onelink.me
Amazon RSA 2048 M02
2024-05-05 -
2025-06-02
a year crt.sh
bat.bing.net
Microsoft Azure RSA TLS Issuing CA 07
2024-10-27 -
2025-04-25
6 months crt.sh
pi.pardot.com
DigiCert TLS RSA SHA256 2020 CA1
2024-06-05 -
2025-06-04
a year crt.sh

This page contains 2 frames:

Primary Page: https://growth.revolut.com/opt-out?email=annelaure.thebault@semer.fr
Frame ID: CA1A8A6E50DE92BE7E7A8F8AE44A6C91
Requests: 41 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fgrowth.revolut.com
Frame ID: 9789D1953ED7B61026B0BB46CC457237
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Revolut Business Sales

Page URL History Show full URLs

  1. https://apiq-apiv1-c01.apiq.sfdc-yzvdd4.svc.sfdcfc.net/r?target=67290cfb45e78c180ad61d7c&t=V2_eyJwX2l2IjoiNnBLN0Zkb25UTzFodmtyQmR1N... HTTP 307
    https://growth.revolut.com/opt-out?email=annelaure.thebault@semer.fr Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

42
Requests

95 %
HTTPS

45 %
IPv6

19
Domains

22
Subdomains

21
IPs

2
Countries

462 kB
Transfer

1516 kB
Size

22
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://apiq-apiv1-c01.apiq.sfdc-yzvdd4.svc.sfdcfc.net/r?target=67290cfb45e78c180ad61d7c&t=V2_eyJwX2l2IjoiNnBLN0Zkb25UTzFodmtyQmR1N2Q4Z1x1MDAzZFx1MDAzZCIsInBfZW5jcnlwdGVkX2RhdGEiOiJmNk1pYmVxWm9ZZDFKYlZDenk3bm0vUVRvOTVMUkprdW8yTVdsS2puMVZZXHUwMDNkIiwicF9vcmQiOiIxIiwicF9pZCI6IjE2In18eyJwX2l2IjoiaEh0L25La29hQ3N0VkIwR01jR1VVUVx1MDAzZFx1MDAzZCIsInBfZW5jcnlwdGVkX2RhdGEiOiJHWjZ4WEQ5QjVaT01IYkg4ZnA5bWNXWlZ6MmdjYXZpY0oxOWJBaFZuejE4M09JTEUwT1VnN3o1RElYZTVGQ3dTcm1XekJhc3llbmdjWEt1NWkyMDlnUVx1MDAzZFx1MDAzZCIsInBfb3JkIjoiMSIsInBfaWQiOiIzNzYzMCJ9&url=https*3A*2F*2Fgrowth.revolut.com*2Fopt-out*3Femail*3Dannelaure.thebault*40semer.fr HTTP 307
    https://growth.revolut.com/opt-out?email=annelaure.thebault@semer.fr Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://growth.revolut.com/l/969163/2023-03-06/2b7wck/969163/1678087849YaMnKGp0/Revolut_Business_logo___stacked___White.png HTTP 302
  • https://storage.pardot.com/969163/1678087849YaMnKGp0/Revolut_Business_logo___stacked___White.png
Request Chain 34
  • https://growth.revolut.com/l/969163/2023-09-20/2bq1vt/969163/1695190770bpDvfAiB/favicon_32x32.png HTTP 302
  • https://storage.pardot.com/969163/1695190770bpDvfAiB/favicon_32x32.png

42 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request opt-out
growth.revolut.com/
Redirect Chain
  • https://apiq-apiv1-c01.apiq.sfdc-yzvdd4.svc.sfdcfc.net/r?target=67290cfb45e78c180ad61d7c&t=V2_eyJwX2l2IjoiNnBLN0Zkb25UTzFodmtyQmR1N2Q4Z1x1MDAzZFx1MDAzZCIsInBfZW5jcnlwdGVkX2RhdGEiOiJmNk1pYmVxWm9ZZDF...
  • https://growth.revolut.com/opt-out?email=annelaure.thebault@semer.fr
75 KB
16 KB
Document
General
Full URL
https://growth.revolut.com/opt-out?email=annelaure.thebault@semer.fr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.215.172.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-172-219.compute-1.amazonaws.com
Software
/
Resource Hash
3ad953166f77acb4288c602b074091565917a86b84329c0e7494cf8f54418001

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
15439
Content-Type
text/html; charset=utf-8
Date
Tue, 05 Nov 2024 16:00:38 GMT
X-Pardot-Route
e8229a0ff18ebffc83a98010d2521dd5
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
expires
Thu, 19 Nov 1981 08:52:00 GMT
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
pragma
no-cache
status
404 Not Found
vary
Accept-Encoding,User-Agent
x-pardot-rsp
0/0/1

Redirect headers

access-control-expose-headers
txnid
content-length
0
date
Tue, 05 Nov 2024 16:00:37 GMT
location
https://growth.revolut.com/opt-out?email=annelaure.thebault@semer.fr
timing-allow-origin
*
txnid
125l14onxzig1dd1dul50053s
x-build-time
{{BUILD_TIME}}
css2
fonts.googleapis.com/
2 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto&display=swap
Requested by
Host: growth.revolut.com
URL: https://growth.revolut.com/opt-out?email=annelaure.thebault@semer.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
23428c6301061ebb006b127c5841235122a23672f0041d08a9518520795a1bde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 05 Nov 2024 16:00:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 16:00:38 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 05 Nov 2024 15:24:50 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
piUtils.js
growth.revolut.com/js/
343 KB
100 KB
Script
General
Full URL
https://growth.revolut.com/js/piUtils.js?ver=2021-09-20
Requested by
Host: growth.revolut.com
URL: https://growth.revolut.com/opt-out?email=annelaure.thebault@semer.fr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.215.172.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-172-219.compute-1.amazonaws.com
Software
/
Resource Hash
87fbc6477d07c0b9eb56d8839da504fcaf1cdbb8bec3e7f6581cfe92f4abdfce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/opt-out?email=annelaure.thebault@semer.fr

Response headers

Transfer-Encoding
chunked
cache-control
max-age=63072000
content-encoding
gzip
etag
"55cc5-gzip"
Connection
keep-alive
X-Pardot-Route
e8229a0ff18ebffc83a98010d2521dd5
expires
Thu, 05 Nov 2026 16:00:38 GMT
accept-ranges
bytes
Date
Tue, 05 Nov 2024 16:00:38 GMT
Content-Type
application/javascript
last-modified
Tue, 05 Nov 2024 05:30:07 GMT
vary
Accept-Encoding,User-Agent
Revolut_Business_logo___stacked___White.png
storage.pardot.com/969163/1678087849YaMnKGp0/
Redirect Chain
  • https://growth.revolut.com/l/969163/2023-03-06/2b7wck/969163/1678087849YaMnKGp0/Revolut_Business_logo___stacked___White.png
  • https://storage.pardot.com/969163/1678087849YaMnKGp0/Revolut_Business_logo___stacked___White.png
19 KB
20 KB
Image
General
Full URL
https://storage.pardot.com/969163/1678087849YaMnKGp0/Revolut_Business_logo___stacked___White.png
Requested by
Host: growth.revolut.com
URL: https://growth.revolut.com/opt-out?email=annelaure.thebault@semer.fr
Protocol
H2
Server
2600:9000:2359:1c00:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1fc8df714dc9e8f2d64e099e6dd708775a8e6440b32e1621b41cfeb6202f5440

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

x-robots-tag
none
etag
"1dacc271ca708de9a76caa2faf1e429b"
x-amz-version-id
HRcApH65Z.17eXHtr78NuescrDtdF4h0
age
41450
x-cache
Hit from cloudfront
x-amz-cf-id
k1_xGIhzft9z4750q-hdU8lKOvT8XQQg81ET8K2IXOOIxUswUC7CeQ==
date
Tue, 05 Nov 2024 04:29:49 GMT
content-type
image/png; charset=binary
last-modified
Mon, 06 Mar 2023 07:30:50 GMT
x-amz-replication-status
COMPLETED
via
1.1 b8f260e966cae470dbec70a43fd5e0ca.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
19733
x-amz-cf-pop
FRA60-P10
server
AmazonS3
x-amz-server-side-encryption
AES256

Redirect headers

x-robots-tag
none
cache-control
max-age=600
location
https://storage.pardot.com/969163/1678087849YaMnKGp0/Revolut_Business_logo___stacked___White.png
content-encoding
gzip
Connection
keep-alive
X-Pardot-Route
e8229a0ff18ebffc83a98010d2521dd5
expires
Tue, 05 Nov 2024 16:10:38 GMT
Content-Length
163
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Date
Tue, 05 Nov 2024 16:00:38 GMT
Content-Type
text/html; charset=UTF-8
vary
Accept-Encoding,User-Agent
insight.min.js
snap.licdn.com/li.lms-analytics/
40 KB
14 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: growth.revolut.com
URL: https://growth.revolut.com/opt-out?email=annelaure.thebault@semer.fr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:10::210:a9a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

cache-control
max-age=37374
content-encoding
gzip
x-cdn
AKAM
x-content-type-options
nosniff
accept-ranges
bytes
content-length
14628
date
Tue, 05 Nov 2024 16:00:38 GMT
last-modified
Thu, 22 Aug 2024 10:43:55 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
gtm.js
www.googletagmanager.com/
429 KB
128 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MB5SHRL
Requested by
Host: growth.revolut.com
URL: https://growth.revolut.com/opt-out?email=annelaure.thebault@semer.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
98d15a152058ec15ed9adf8953f29f01b3e5f8fa9d8ef3447e5e238b971f4a24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Tue, 05 Nov 2024 16:00:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 16:00:38 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 05 Nov 2024 15:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
129978
x-xss-protection
0
server
Google Tag Manager
attribution_trigger
px.ads.linkedin.com/
2 B
815 B
XHR
General
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=&time=1730822438673&url=https%3A%2F%2Fgrowth.revolut.com%2Fopt-out%3Femail%3Dannelaure.thebault%40semer.fr
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
*
Referer
https://growth.revolut.com/

Response headers

x-li-pop
afd-prod-lva1-x
content-encoding
gzip
x-fs-uuid
0006262c80a196ca24ef9f05cf891228
x-msedge-ref
Ref A: 2C6483F7CC7E42F69BB363E202BECD88 Ref B: DUS30EDGE0412 Ref C: 2024-11-05T16:00:38Z
x-li-fabric
prod-lva1
x-restli-protocol-version
1.0.0
access-control-allow-methods
GET, OPTIONS
x-li-uuid
AAYmLIChlsok758Fz4kSKA==
x-li-proto
http/2
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Tue, 05 Nov 2024 16:00:38 GMT
content-type
application/json
access-control-allow-headers
*
collect
px.ads.linkedin.com/
0
668 B
Image
General
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=&time=1730822438673&url=https%3A%2F%2Fgrowth.revolut.com%2Fopt-out%3Femail%3Dannelaure.thebault%40semer.fr
Requested by
Host: growth.revolut.com
URL: https://growth.revolut.com/opt-out?email=annelaure.thebault@semer.fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

linkedin-action
1
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 27E78E50360742FF9F6D1CBFA9FE685F Ref B: DUS30EDGE0315 Ref C: 2024-11-05T16:00:38Z
x-li-fabric
prod-lor1
x-li-uuid
AAYmLICiFAozEDLpGBZytQ==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Tue, 05 Nov 2024 16:00:38 GMT
content-type
application/javascript
collect
www.google.com/ccm/
0
0
Ping
General
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fgrowth.revolut.com%2Fopt-out&scrsrc=www.googletagmanager.com&frm=0&rnd=1062638104.1730822439&auid=1666164167.1730822439&npa=1&gtm=45He4au0v78665836za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101878899~101878944~101925629&tft=1730822438783&tfd=1160&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MB5SHRL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

/
websdk.appsflyer.com/
51 KB
15 KB
Script
General
Full URL
https://websdk.appsflyer.com/?st=banners,pba&
Requested by
Host: growth.revolut.com
URL: https://growth.revolut.com/opt-out?email=annelaure.thebault@semer.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0ba6b163f965f258c24888cf11c6dfe0d044de0800284da2e78a3faf7bd12925

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

x-amz-cf-pop
FRA60-P5
content-encoding
br
etag
W/"7ee104753099f9f00003724eb0a4c433"
age
1925
via
1.1 14b30c40b56ef4c9699e1ca92d5cdc08.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
IS9ie9BFhK62HQd1Q37RjfSd8tOxe1uv8EtyG6PHCfpAK1sr0mq8tA==
date
Tue, 05 Nov 2024 15:56:17 GMT
content-type
application/javascript
vary
accept-encoding
server
AmazonS3
last-modified
Tue, 01 Oct 2024 07:07:49 GMT
x-amz-server-side-encryption
AES256
uwt.js
static.ads-twitter.com/
57 KB
16 KB
Script
General
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MB5SHRL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

vary
Accept-Encoding,Host
cache-control
no-cache
content-encoding
gzip
etag
"4328e910de583ad53b3a7a76455af005+gzip+gzip"
accept-ranges
bytes
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
15926
date
Tue, 05 Nov 2024 16:00:38 GMT
x-tw-cdn
FT
last-modified
Tue, 29 Oct 2024 00:10:26 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-iad-kiad7000084-IAD, cache-fra-etou8220069-FRA
x-amz-server-side-encryption
AES256
fbevents.js
connect.facebook.net/en_US/
239 KB
61 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MB5SHRL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-SOpWgABC' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 05 Nov 2024 16:00:38 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-SOpWgABC' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=7, rtx=0, c=23, mss=1232, tbw=4428, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
07Q1zTD0sNS15a3arIBFXLO4JeFGqBcTW+aWwdg0esnO4GsTpdtRwgJ9zDXnAajjp9Ix0mHuwEY2euGwCZcbhw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-fb-optimizer
1
document-policy
force-load-at-top
content-length
62086
x-xss-protection
0
origin-agent-cluster
?1
bat.js
bat.bing.com/
50 KB
15 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MB5SHRL
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:2::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
gzip
etag
"028e0691d20db1:0"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3836EFD987184A37A7C60986D7132F87 Ref B: LON212050704027 Ref C: 2024-11-05T16:00:38Z
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
14570
date
Tue, 05 Nov 2024 16:00:38 GMT
content-type
application/javascript
last-modified
Wed, 16 Oct 2024 22:47:44 GMT
vary
Accept-Encoding
branch-latest.min.js
cdn.branch.io/
75 KB
23 KB
Script
General
Full URL
https://cdn.branch.io/branch-latest.min.js
Requested by
Host: growth.revolut.com
URL: https://growth.revolut.com/opt-out?email=annelaure.thebault@semer.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-87.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8c436394846ea20127a8db032f848015d4d239789429b7e0202609089b5525a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

cache-control
max-age=300
content-encoding
gzip
x-amz-version-id
JdSJSDd4bnNFPjlwdZ2RC7ixUU_rrhPQ
etag
"f4ec9657a3dc111d088e2eca7b9796a4"
age
141
via
1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
23431
x-amz-cf-id
Jnnp4k6MDDQmyOQmmmeZL5hsy2CUZoJQ62j7lE0XiZ4gVh69DZMwMg==
date
Tue, 05 Nov 2024 15:58:17 GMT
content-type
text/javascript
last-modified
Wed, 10 Apr 2024 21:44:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame 9789
0
0
Document
General
Full URL
https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fgrowth.revolut.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MB5SHRL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
7168
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Nov 2024 14:01:10 GMT
expires
Wed, 05 Nov 2025 14:01:10 GMT
last-modified
Mon, 21 Oct 2024 16:58:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
px.ads.linkedin.com/wa/
0
623 B
XHR
General
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://growth.revolut.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
*
Content-Type
text/plain;charset=UTF-8

Response headers

linkedin-action
1
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 1B489188844F461DB2B3530DFBBFBF77 Ref B: DUS30EDGE0315 Ref C: 2024-11-05T16:00:38Z
x-li-fabric
prod-ltx1
access-control-allow-credentials
true
x-li-uuid
AAYmLICj4x3EoNCK2D02sg==
x-li-proto
http/2
access-control-allow-origin
https://growth.revolut.com
x-cache
CONFIG_NOCACHE
date
Tue, 05 Nov 2024 16:00:38 GMT
vary
Origin
1575509082963406
connect.facebook.net/signals/config/
89 KB
17 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1575509082963406?v=2.9.176&r=stable&domain=growth.revolut.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
3c38217e7eb68c5420579a2f01d89b2ff0d150861c3340ec8df22a5293e35c36
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-tXzOShfZ' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 05 Nov 2024 16:00:38 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-tXzOShfZ' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=7, rtx=0, c=72, mss=1232, tbw=70859, tp=67, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
9OUBv0IHGIQKDXEN2Ak6lskkZ381XPrcIwsC+V1ut7Q1U0SSsYOYYeoe8cN6scq5Wg/BxVXCXkyBesuWnT7wng==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
16966
x-xss-protection
0
origin-agent-cluster
?1
coverdomain
wa.appsflyer.com/
37 B
390 B
XHR
General
Full URL
https://wa.appsflyer.com/coverdomain?site-id=ec3e78e7-0876-43dc-805e-89037156f88a
Requested by
Host: websdk.appsflyer.com
URL: https://websdk.appsflyer.com/?st=banners,pba&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-116.fra56.r.cloudfront.net
Software
/
Resource Hash
37953c80e5bf9c117888ddb1ac384dc90bf707f6b2d749373db3605f3542e06d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
text/plain
Referer
https://growth.revolut.com/

Response headers

access-control-allow-credentials
true
via
1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
access-control-allow-origin
https://growth.revolut.com
x-cache
Miss from cloudfront
content-length
37
x-amz-cf-id
v35UmIA5-wFh2UmAhus2_tZ8-XVNJLOG4upTXBKpviwwLBf3Vl1JRQ==
date
Tue, 05 Nov 2024 16:00:38 GMT
content-type
application/json
x-amz-cf-pop
FRA56-P5
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
adsct
t.co/1/i/
43 B
629 B
Image
General
Full URL
https://t.co/1/i/adsct?bci=4&dv=Europe%2FBerlin%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2610%2624%261600%261200%260%26na&eci=3&event=%7B%7D&event_id=4a58dc1a-c322-4657-b939-07fee42477bc&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=7247991e-681e-44a8-99ad-3ec30f6992aa&tw_document_href=https%3A%2F%2Fgrowth.revolut.com%2Fopt-out%3Femail%3Dannelaure.thebault%40semer.fr&tw_iframe_status=0&txn_id=o2vpb&type=javascript&version=2.3.31
Requested by
Host: growth.revolut.com
URL: https://growth.revolut.com/opt-out?email=annelaure.thebault@semer.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.227 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

strict-transport-security
max-age=0
x-transaction-id
79246c5fe439897f
cache-control
no-cache, no-store, max-age=0
x-connection-hash
03c71bed7e4da8b0307b892671a7f95868357824eda895bbee469497b8e16ff1
cf-cache-status
DYNAMIC
cf-ray
8dde0ed34b67d2a6-FRA
x-response-time
187
content-length
43
date
Tue, 05 Nov 2024 16:00:39 GMT
content-type
image/gif;charset=utf-8
perf
7402827104
server
cloudflare tsa_o
adsct
analytics.twitter.com/1/i/
43 B
725 B
Image
General
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&dv=Europe%2FBerlin%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2610%2624%261600%261200%260%26na&eci=3&event=%7B%7D&event_id=4a58dc1a-c322-4657-b939-07fee42477bc&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=7247991e-681e-44a8-99ad-3ec30f6992aa&tw_document_href=https%3A%2F%2Fgrowth.revolut.com%2Fopt-out%3Femail%3Dannelaure.thebault%40semer.fr&tw_iframe_status=0&txn_id=o2vpb&type=javascript&version=2.3.31
Requested by
Host: growth.revolut.com
URL: https://growth.revolut.com/opt-out?email=annelaure.thebault@semer.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

strict-transport-security
max-age=631138519
x-transaction-id
678d3e99b3752f3e
cache-control
no-cache, no-store, max-age=0
x-connection-hash
b522df24b5d8ab2ebac018e6d3d12d3408174ac107e6e583feec50168084425a
x-response-time
181
content-length
43
date
Tue, 05 Nov 2024 16:00:38 GMT
perf
7402827104
content-type
image/gif;charset=utf-8
server
tsa_o
_r
app.link/
91 B
664 B
Script
General
Full URL
https://app.link/_r?sdk=web2.85.0&branch_key=key_live_ifLv9omd1Pq67JcYoRFAneajCFlggimJ&callback=branch_callback__0
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:f800:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
0b170f075db25163523683764b162cc7087c966f99e8a6dfd361e2c822d4fda2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Model
etag
W/"5b-OeML3FdqwNla3aQxvQ9V1XdZiqo"
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
via
1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
91
x-amz-cf-id
R3e9iu8weQ-b6rkWPIUj_Gc08nM7HJeQ78SvPQS_gfOzvjbj9bBErw==
date
Tue, 05 Nov 2024 16:00:39 GMT
content-type
text/javascript; charset=utf-8
x-amz-cf-pop
FRA6-C1
server
openresty
/
www.facebook.com/tr/
0
273 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1575509082963406&ev=PageView&dl=https%3A%2F%2Fgrowth.revolut.com%2Fopt-out%3Femail%3Dannelaure.thebault%40semer.fr&rl=&if=false&ts=1730822438908&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.1.1730822438904.488035918184224605&cs_est=true&ler=empty&cdl=API_unavailable&it=1730822438851&coo=false&tm=1&rqm=GET
Requested by
Host: growth.revolut.com
URL: https://growth.revolut.com/opt-out?email=annelaure.thebault@semer.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1297, tbw=2916, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 05 Nov 2024 16:00:38 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
4 KB
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1575509082963406&ev=PageView&dl=https%3A%2F%2Fgrowth.revolut.com%2Fopt-out%3Femail%3Dannelaure.thebault%40semer.fr&rl=&if=false&ts=1730822438908&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.1.1730822438904.488035918184224605&cs_est=true&ler=empty&cdl=API_unavailable&it=1730822438851&coo=false&tm=1&rqm=FGET
Requested by
Host: growth.revolut.com
URL: https://growth.revolut.com/opt-out?email=annelaure.thebault@semer.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7433825767154176927"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x2621f538eea2e519","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"3":["6274894839215722"]},"debug_reporting":true,"debug_key":"1739072545636295297"}
date
Tue, 05 Nov 2024 16:00:39 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
1lDHkU8+4w5YYwcCJc/IYXXkq3zMjGI73bHzX0lWJ4omQaBrZZmCC6eseAyJxlFVkj1T7kVEwEcPE8SXEpuUMA==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7433825767154176927", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1297, tbw=3233, tp=-1, tpl=-1, uplat=143, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
187049731.js
bat.bing.com/p/action/
2 KB
979 B
Script
General
Full URL
https://bat.bing.com/p/action/187049731.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:2::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e99d6230096a249ddbe00810cb1f35c8f12999f358901e203dc9bcb870ca5c57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=60
content-encoding
br
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 420A839A6C3C424093ED30ECD22794D8 Ref B: LON212050704027 Ref C: 2024-11-05T16:00:38Z
x-cache
CONFIG_NOCACHE
date
Tue, 05 Nov 2024 16:00:38 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
onelink
wa.onelink.me/v1/
13 B
366 B
XHR
General
Full URL
https://wa.onelink.me/v1/onelink
Requested by
Host: websdk.appsflyer.com
URL: https://websdk.appsflyer.com/?st=banners,pba&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-60.fra56.r.cloudfront.net
Software
/
Resource Hash
38bc0f256821a9c0a02a1c0cedf8ff70c211e637ef77ac199de2fe0cf36ba9ec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

access-control-allow-credentials
true
via
1.1 0140ca34c2d577c2578595f0c9e0050e.cloudfront.net (CloudFront)
access-control-allow-origin
https://growth.revolut.com
x-cache
Miss from cloudfront
content-length
13
x-amz-cf-id
kuxkL1QdDTYmQCYObNb4bEGtHpVNdXGZdcS6CJXqerp8Uv1Fuei3Jw==
date
Tue, 05 Nov 2024 16:00:38 GMT
content-type
application/json
x-amz-cf-pop
FRA56-P12
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
0
bat.bing.net/actionp/
0
346 B
Ping
General
Full URL
https://bat.bing.net/actionp/0?ti=187049731&tm=gtm002&Ver=2&mid=0debc819-b857-46d2-8e84-7919cc1a3de8&bo=1&evt=consent&src=enforced&cdb=AQAI&asc=D
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1AE3A70A3D1A41F386CFF9C878E6AA6F Ref B: FRA31EDGE0815 Ref C: 2024-11-05T16:00:39Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Tue, 05 Nov 2024 16:00:38 GMT
187049731
bat.bing.com/p/insights/t/
765 B
917 B
Script
General
Full URL
https://bat.bing.com/p/insights/t/187049731
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/187049731.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:2::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bbde63ac100b7e2bd5e7096961e0bf181c233e50ba37f4ac5789d9368d9c9a66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 468049B4967A416087CFAA85076FFC13 Ref B: LON212050704027 Ref C: 2024-11-05T16:00:38Z
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
637
date
Tue, 05 Nov 2024 16:00:38 GMT
content-type
application/x-javascript
vary
Accept-Encoding
x-azure-ref
20241105T160038Z-165476f87f5khtrwhC1DB16d8800000002c0000000001yvn
0
bat.bing.net/action/
0
120 B
Image
General
Full URL
https://bat.bing.net/action/0?ti=187049731&tm=gtm002&Ver=2&mid=0debc819-b857-46d2-8e84-7919cc1a3de8&bo=2&gtm_tag_source=1&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Revolut%20Business%20Sales&p=https%3A%2F%2Fgrowth.revolut.com%2Fopt-out%3Femail%3Dannelaure.thebault%40semer.fr&r=&lt=1047&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=183339
Requested by
Host: growth.revolut.com
URL: https://growth.revolut.com/opt-out?email=annelaure.thebault@semer.fr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D310D8C75AB04BA9BABFEAD00AE7314D Ref B: FRA31EDGE0815 Ref C: 2024-11-05T16:00:39Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Tue, 05 Nov 2024 16:00:38 GMT
events
wa.appsflyer.com/
75 B
532 B
XHR
General
Full URL
https://wa.appsflyer.com/events?site-id=ec3e78e7-0876-43dc-805e-89037156f88a
Requested by
Host: websdk.appsflyer.com
URL: https://websdk.appsflyer.com/?st=banners,pba&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-116.fra56.r.cloudfront.net
Software
/
Resource Hash
f10bcf383858e60f158bf30e6da356678eb2a8f990b4d1043fc220b2014c7b28

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
text/plain
Referer
https://growth.revolut.com/

Response headers

access-control-allow-credentials
true
via
1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
access-control-allow-origin
https://growth.revolut.com
x-cache
Miss from cloudfront
content-length
75
x-amz-cf-id
3WUwMIrcGavdSBm7uXYoE9JzLlXPTsCfyOUEDxd0oGL-ykHTIET7MA==
date
Tue, 05 Nov 2024 16:00:39 GMT
content-type
application/json
x-amz-cf-pop
FRA56-P5
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
onelink
wa.onelink.me/v1/
51 B
511 B
XHR
General
Full URL
https://wa.onelink.me/v1/onelink?af_id=e81c9d2f-988b-4e34-ba94-c7193fdfcf95-p
Requested by
Host: websdk.appsflyer.com
URL: https://websdk.appsflyer.com/?st=banners,pba&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-60.fra56.r.cloudfront.net
Software
/
Resource Hash
5fde99736fab184cbf89084c209a33dc2338868593dca711a265efa337702381

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

access-control-allow-credentials
true
via
1.1 0140ca34c2d577c2578595f0c9e0050e.cloudfront.net (CloudFront)
access-control-allow-origin
https://growth.revolut.com
x-cache
Miss from cloudfront
content-length
51
x-amz-cf-id
yntzGWbAmZyXWYUn0PiZ2MqOyLnWcHvFcndIKfyteTmXxUgVo2Bmug==
date
Tue, 05 Nov 2024 16:00:39 GMT
content-type
application/json
x-amz-cf-pop
FRA56-P12
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
events
wa.appsflyer.com/
75 B
530 B
XHR
General
Full URL
https://wa.appsflyer.com/events?site-id=ec3e78e7-0876-43dc-805e-89037156f88a
Requested by
Host: websdk.appsflyer.com
URL: https://websdk.appsflyer.com/?st=banners,pba&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-116.fra56.r.cloudfront.net
Software
/
Resource Hash
f10bcf383858e60f158bf30e6da356678eb2a8f990b4d1043fc220b2014c7b28

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
text/plain
Referer
https://growth.revolut.com/

Response headers

access-control-allow-credentials
true
via
1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
access-control-allow-origin
https://growth.revolut.com
x-cache
Miss from cloudfront
content-length
75
x-amz-cf-id
yFzjagdPBv0APbvXAL8JH7tinVx5oUceuCEdYADD1b4cknny6bnTiw==
date
Tue, 05 Nov 2024 16:00:39 GMT
content-type
application/json
x-amz-cf-pop
FRA56-P5
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
events
wa.appsflyer.com/
75 B
530 B
XHR
General
Full URL
https://wa.appsflyer.com/events?site-id=ec3e78e7-0876-43dc-805e-89037156f88a
Requested by
Host: websdk.appsflyer.com
URL: https://websdk.appsflyer.com/?st=banners,pba&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-116.fra56.r.cloudfront.net
Software
/
Resource Hash
f10bcf383858e60f158bf30e6da356678eb2a8f990b4d1043fc220b2014c7b28

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
text/plain
Referer
https://growth.revolut.com/

Response headers

access-control-allow-credentials
true
via
1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
access-control-allow-origin
https://growth.revolut.com
x-cache
Miss from cloudfront
content-length
75
x-amz-cf-id
0Jb0IeKrK4WH32LFOKT8H0COzCcMiM3syEz2mg6Dqco-wGkfox0vJg==
date
Tue, 05 Nov 2024 16:00:39 GMT
content-type
application/json
x-amz-cf-pop
FRA56-P5
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
open
api2.branch.io/v1/
317 B
710 B
XHR
General
Full URL
https://api2.branch.io/v1/open
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:5000:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Branch
Resource Hash
216b595f4b7f8da63523bcc939ec2efa6153596b2af546f8b6701ca33a9708d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://growth.revolut.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-id
TOoyXa30OhBm6ovaL6eySXANclCHQjnDyp1BBGjxP-c_YFhJ6eoD8w==
cache-control
no-cache
via
1.1 45144f4effc6db6c846de623ab8b639a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
317
x-branch-request-id
ddbcab74-d846-46e5-9be6-4407304c8e6e-2024110516
date
Tue, 05 Nov 2024 16:00:39 GMT
content-type
application/json; charset=utf-8
x-powered-by
Branch
x-amz-cf-pop
FRA56-P7
0.7.53
bat.bing.com/p/insights/s/
35 KB
15 KB
Script
General
Full URL
https://bat.bing.com/p/insights/s/0.7.53
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/insights/t/187049731
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:2::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1bddfa324af3c49ac2304109997b340f0d2114ab86fd75e9612c14623f7427b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

content-encoding
br
x-ms-version
2018-03-28
etag
W/"0x8DCFCED3761E9AF"
x-fd-int-roxy-purgeid
51562430
x-cache
CONFIG_NOCACHE
date
Tue, 05 Nov 2024 16:00:38 GMT
content-type
application/javascript;charset=utf-8
last-modified
Mon, 04 Nov 2024 16:24:54 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A6365DA792654C969CA45A9432DA475A Ref B: LON212050704027 Ref C: 2024-11-05T16:00:39Z
x-ms-request-id
a624ca21-101e-0028-5ad6-2e4f73000000
access-control-allow-origin
*
content-length
15274
x-azure-ref
20241105T160039Z-165476f87f5qgpbmhC1DB1t8ac00000002fg00000000bsn0
pd.js
pi.pardot.com/
5 KB
2 KB
Script
General
Full URL
https://pi.pardot.com/pd.js
Requested by
Host: growth.revolut.com
URL: https://growth.revolut.com/opt-out?email=annelaure.thebault@semer.fr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.237.219.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-219-119.compute-1.amazonaws.com
Software
/
Resource Hash
41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

cache-control
max-age=63072000
content-encoding
gzip
etag
"15f4-gzip"
Connection
keep-alive
X-Pardot-Route
16b0ab393667a33fe86adedc3141e88c
expires
Thu, 05 Nov 2026 16:00:39 GMT
accept-ranges
bytes
Content-Length
1988
Date
Tue, 05 Nov 2024 16:00:39 GMT
Content-Type
application/javascript
last-modified
Tue, 05 Nov 2024 05:30:07 GMT
vary
Accept-Encoding,User-Agent
favicon_32x32.png
storage.pardot.com/969163/1695190770bpDvfAiB/
Redirect Chain
  • https://growth.revolut.com/l/969163/2023-09-20/2bq1vt/969163/1695190770bpDvfAiB/favicon_32x32.png
  • https://storage.pardot.com/969163/1695190770bpDvfAiB/favicon_32x32.png
1 KB
2 KB
Other
General
Full URL
https://storage.pardot.com/969163/1695190770bpDvfAiB/favicon_32x32.png
Protocol
H2
Server
2600:9000:2359:1c00:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
59e67e6a9e384081ca4818c38fbb27e595fe7b074919cc427c49f2ef31228874

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

x-robots-tag
none
etag
"b0ff3fa516cde7451b9b47a4dc5d02c6"
x-amz-version-id
S5zHBDypchzSS4MrScp_oUbW3YKbQIMa
age
41423
x-cache
Hit from cloudfront
x-amz-cf-id
ZMXxH43JJ-NT0N-HdqMbZzccTrEX-dVrfHjP9l6KWQ50EqSOiXVwGw==
date
Tue, 05 Nov 2024 04:30:17 GMT
content-type
image/png; charset=binary
last-modified
Wed, 20 Sep 2023 06:19:31 GMT
x-amz-replication-status
COMPLETED
via
1.1 b8f260e966cae470dbec70a43fd5e0ca.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
1502
x-amz-cf-pop
FRA60-P10
server
AmazonS3
x-amz-server-side-encryption
AES256

Redirect headers

x-robots-tag
none
cache-control
max-age=600
location
https://storage.pardot.com/969163/1695190770bpDvfAiB/favicon_32x32.png
content-encoding
gzip
Connection
keep-alive
X-Pardot-Route
e8229a0ff18ebffc83a98010d2521dd5
expires
Tue, 05 Nov 2024 16:10:39 GMT
Content-Length
142
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Date
Tue, 05 Nov 2024 16:00:39 GMT
Content-Type
text/html; charset=UTF-8
vary
Accept-Encoding,User-Agent
o
bat.bing.com/p/insights/c/
0
213 B
XHR
General
Full URL
https://bat.bing.com/p/insights/c/o
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/insights/s/0.7.53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:2::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/x-webinsights-gzip
Referer
https://growth.revolut.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: CB9733A011DB4C14BBBAC7E91A33CA95 Ref B: LON212050704027 Ref C: 2024-11-05T16:00:39Z
access-control-allow-credentials
true
request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
access-control-allow-origin
https://growth.revolut.com
x-cache
CONFIG_NOCACHE
date
Tue, 05 Nov 2024 16:00:39 GMT
vary
Origin
pageview
api2.branch.io/v1/
29 B
351 B
XHR
General
Full URL
https://api2.branch.io/v1/pageview
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:5000:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Branch
Resource Hash
c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://growth.revolut.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 45144f4effc6db6c846de623ab8b639a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
29
x-amz-cf-id
aawIFKJmOAgsSTZiLqUaUaADBufQMU5jFTz4b9VT9EgboWyz82wGcA==
date
Tue, 05 Nov 2024 16:00:39 GMT
content-type
application/json; charset=utf-8
x-powered-by
Branch
x-amz-cf-pop
FRA56-P7
custom
api2.branch.io/v2/event/
39 B
413 B
XHR
General
Full URL
https://api2.branch.io/v2/event/custom
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:5000:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Branch
Resource Hash
0f7a833cfa46a2084a6249a678ed2c3ccf4e35c1c9d583e52c97934c8b3b8eba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://growth.revolut.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-id
XPLTOfB1_rnFp9wE6p3ecmbuPh5Gdv95vKMqJI9Rjx0qgHZ34SXlOw==
via
1.1 45144f4effc6db6c846de623ab8b639a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
39
x-branch-request-id
d58336f9-105f-4d56-bfe8-a18f5e6dcb8b-2024110516
date
Tue, 05 Nov 2024 16:00:39 GMT
content-type
application/json; charset=utf-8
x-powered-by
Branch
x-amz-cf-pop
FRA56-P7
analytics
pi.pardot.com/
1 KB
2 KB
Script
General
Full URL
https://pi.pardot.com/analytics?ver=3&visitor_id=380058628&visitor_id_sign=d6a69dce2fa3db6c50755cfcd86cc73aeec4a584ca61e56bcf8cbc0caa0e59e83326502bca9676dff1083ff282c34d3d316b1c89&pi_opt_in=&campaign_id=24576&account_id=970163&title=Revolut%20Business%20Sales&url=https%3A%2F%2Fgrowth.revolut.com%2Fopt-out%3Femail%3Dannelaure.thebault%40semer.fr&referrer=
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.237.219.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-219-119.compute-1.amazonaws.com
Software
/
Resource Hash
eb90a1345c32edae36daa4df34523153f79f875c82716a6a7161485484a2d064
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-pardot-rsp
0/0/1
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
pragma
no-cache
Connection
keep-alive
X-Pardot-Route
9b06e8e2308c32c7bf9ba8adfb7be2e1
expires
Thu, 19 Nov 1981 08:52:00 GMT
Content-Length
537
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Date
Tue, 05 Nov 2024 16:00:39 GMT
Content-Type
text/javascript; charset=utf-8
vary
Accept-Encoding,User-Agent
analytics
growth.revolut.com/
50 B
977 B
Script
General
Full URL
https://growth.revolut.com/analytics?conly=true&visitor_id=380058628&visitor_id_sign=d6a69dce2fa3db6c50755cfcd86cc73aeec4a584ca61e56bcf8cbc0caa0e59e83326502bca9676dff1083ff282c34d3d316b1c89&pi_opt_in=&campaign_id=24576&account_id=970163&title=Revolut%20Business%20Sales&url=https://growth.revolut.com/opt-out?email=annelaure.thebault@semer.fr&referrer=
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=380058628&visitor_id_sign=d6a69dce2fa3db6c50755cfcd86cc73aeec4a584ca61e56bcf8cbc0caa0e59e83326502bca9676dff1083ff282c34d3d316b1c89&pi_opt_in=&campaign_id=24576&account_id=970163&title=Revolut%20Business%20Sales&url=https%3A%2F%2Fgrowth.revolut.com%2Fopt-out%3Femail%3Dannelaure.thebault%40semer.fr&referrer=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.215.172.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-172-219.compute-1.amazonaws.com
Software
/
Resource Hash
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://growth.revolut.com/opt-out?email=annelaure.thebault@semer.fr

Response headers

x-pardot-rsp
0/0/1
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
Connection
keep-alive
X-Pardot-Route
9b06e8e2308c32c7bf9ba8adfb7be2e1
expires
Thu, 19 Nov 1981 08:52:00 GMT
Content-Length
50
p3p
CP="CAO DSP AND SO ON" policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Date
Tue, 05 Nov 2024 16:00:39 GMT
Content-Type
text/javascript; charset=utf-8
vary
User-Agent
o
bat.bing.com/p/insights/c/
0
122 B
XHR
General
Full URL
https://bat.bing.com/p/insights/c/o
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/insights/s/0.7.53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:2::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/x-webinsights-gzip
Referer
https://growth.revolut.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 86AAE1F85DE4424DBFE52A9D252C8FAF Ref B: LON212050704027 Ref C: 2024-11-05T16:00:40Z
access-control-allow-credentials
true
request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
access-control-allow-origin
https://growth.revolut.com
x-cache
CONFIG_NOCACHE
date
Tue, 05 Nov 2024 16:00:40 GMT
vary
Origin

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| _linkedin_partner_id function| lintrk object| pardot object| piAjax object| piUtils string| piAId string| piCId string| piHostname object| anchors object| anchor object| dataLayer object| all string| $oldReq string| $newReq boolean| _already_called_lintrk object| google_tag_manager object| google_tag_data string| devKey string| smartBannerKey string| AppsFlyerSdkObject function| AF string| _linkedin_data_partner_id function| twq function| fbq function| _fbq object| _fbq_gtm_ids function| uuidv4 object| branch object| ORIBILI object| AF_cleanupMethods object| AF_SDK object| regeneratorRuntime object| twttr function| UET function| UET_init function| UET_push object| ueto_e90292af07 object| uetq function| webinsights object| insightsuetq function| checkNamespace function| getPardotUrl function| piTracker function| piGetParameter function| piGetCookie function| piSetCookie string| piVersion number| piScriptNum object| piScriptObj object| pi number| c_start number| c_end string| property function| piResponse

22 Cookies

Domain/Path Name / Value
growth.revolut.com/ Name: visitor_id969163
Value: 380058628
growth.revolut.com/ Name: visitor_id969163-hash
Value: d6a69dce2fa3db6c50755cfcd86cc73aeec4a584ca61e56bcf8cbc0caa0e59e83326502bca9676dff1083ff282c34d3d316b1c89
.revolut.com/ Name: _gcl_au
Value: 1.1.1666164167.1730822439
.revolut.com/ Name: _fbp
Value: fb.1.1730822438904.488035918184224605
.revolut.com/ Name: AF_DEFAULT_MEASUREMENT_STATUS
Value: true
.linkedin.com/ Name: bcookie
Value: "v=2&070ca793-83df-43ad-8af9-f5db5e044853"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MzA4MjI0Mzg7MjswMjE9b/D+ww4YTfoDeZHLgl+EkHG6fgxNyWTR/hYNOjwi5g==
.linkedin.com/ Name: lidc
Value: "b=TGST00:s=T:r=T:a=T:p=T:g=3524:u=1:x=1:i=1730822438:t=1730908838:v=2:sig=AQFLo4XaGqgOmzicOT0Bf_0YaiNqFXyc"
.appsflyer.com/ Name: af_id
Value: e81c9d2f-988b-4e34-ba94-c7193fdfcf95-p
.revolut.com/ Name: afUserId
Value: e81c9d2f-988b-4e34-ba94-c7193fdfcf95-p
.onelink.me/ Name: af_id
Value: e81c9d2f-988b-4e34-ba94-c7193fdfcf95-p
.revolut.com/ Name: AF_SYNC
Value: 1730822439083
.app.link/ Name: _s
Value: izCmJ2yRYq%2FXsB705k8UY%2F1r2HHVwonA0aQ4vLoCrAgB3MT9UWpwqc5xt4gK1TMG
.twitter.com/ Name: guest_id_marketing
Value: v1%3A173082243897993100
.twitter.com/ Name: guest_id_ads
Value: v1%3A173082243897993100
.twitter.com/ Name: personalization_id
Value: "v1_FhMOG5DIAYt+OW8yzOf1SA=="
.twitter.com/ Name: guest_id
Value: v1%3A173082243897993100
.t.co/ Name: muc_ads
Value: f9bfe7ce-65e9-4244-a6e5-92adb2d55ddc
.t.co/ Name: __cf_bm
Value: HVVR7e8kjs5n_kfUQTHDSm.vR4XGMVB8iYEV5A1.Kqs-1730822439-1.0.1.1-9r8GownwNGMwVzwRjHfmu73ZkPwMeTXtWopTcsCxAgtd7lDHBfRDk7nlel4SclGNNNm71S_PBaEiBi2v4H0Rcw
.pardot.com/ Name: visitor_id969163
Value: 380058628
.pardot.com/ Name: visitor_id969163-hash
Value: d6a69dce2fa3db6c50755cfcd86cc73aeec4a584ca61e56bcf8cbc0caa0e59e83326502bca9676dff1083ff282c34d3d316b1c89
pi.pardot.com/ Name: lpv969163
Value: aHR0cHM6Ly9ncm93dGgucmV2b2x1dC5jb20vb3B0LW91dD9lbWFpbD1hbm5lbGF1cmUudGhlYmF1bHRAc2VtZXIuZnI%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
api2.branch.io
apiq-apiv1-c01.apiq.sfdc-yzvdd4.svc.sfdcfc.net
app.link
bat.bing.com
bat.bing.net
cdn.branch.io
connect.facebook.net
fonts.googleapis.com
growth.revolut.com
pi.pardot.com
px.ads.linkedin.com
snap.licdn.com
static.ads-twitter.com
storage.pardot.com
t.co
wa.appsflyer.com
wa.onelink.me
websdk.appsflyer.com
www.facebook.com
www.google.com
www.googletagmanager.com
104.244.42.67
108.138.26.87
142.250.186.100
146.75.120.157
157.240.253.1
172.66.0.227
18.173.205.60
18.245.60.69
18.66.112.116
2600:9000:2057:f800:19:9934:6a80:93a1
2600:9000:2359:1c00:d:7e9b:1200:93a1
2600:9000:2491:5000:11:f728:3040:93a1
2620:1ec:21::14
2620:1ec:33:2::10
2620:1ec:c11::237
2a00:1450:4001:803::200a
2a00:1450:4001:82b::2008
2a02:26f0:3500:10::210:a9a
2a03:2880:f176:181:face:b00c:0:25de
3.215.172.219
3.65.52.76
34.237.219.119
0b170f075db25163523683764b162cc7087c966f99e8a6dfd361e2c822d4fda2
0ba6b163f965f258c24888cf11c6dfe0d044de0800284da2e78a3faf7bd12925
0f7a833cfa46a2084a6249a678ed2c3ccf4e35c1c9d583e52c97934c8b3b8eba
1bddfa324af3c49ac2304109997b340f0d2114ab86fd75e9612c14623f7427b2
1fc8df714dc9e8f2d64e099e6dd708775a8e6440b32e1621b41cfeb6202f5440
216b595f4b7f8da63523bcc939ec2efa6153596b2af546f8b6701ca33a9708d5
23428c6301061ebb006b127c5841235122a23672f0041d08a9518520795a1bde
37953c80e5bf9c117888ddb1ac384dc90bf707f6b2d749373db3605f3542e06d
38bc0f256821a9c0a02a1c0cedf8ff70c211e637ef77ac199de2fe0cf36ba9ec
3ad953166f77acb4288c602b074091565917a86b84329c0e7494cf8f54418001
3c38217e7eb68c5420579a2f01d89b2ff0d150861c3340ec8df22a5293e35c36
41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
59e67e6a9e384081ca4818c38fbb27e595fe7b074919cc427c49f2ef31228874
5fde99736fab184cbf89084c209a33dc2338868593dca711a265efa337702381
87fbc6477d07c0b9eb56d8839da504fcaf1cdbb8bec3e7f6581cfe92f4abdfce
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc
98d15a152058ec15ed9adf8953f29f01b3e5f8fa9d8ef3447e5e238b971f4a24
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
bbde63ac100b7e2bd5e7096961e0bf181c233e50ba37f4ac5789d9368d9c9a66
c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa
d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60
d8c436394846ea20127a8db032f848015d4d239789429b7e0202609089b5525a
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e99d6230096a249ddbe00810cb1f35c8f12999f358901e203dc9bcb870ca5c57
eb90a1345c32edae36daa4df34523153f79f875c82716a6a7161485484a2d064
f10bcf383858e60f158bf30e6da356678eb2a8f990b4d1043fc220b2014c7b28