urlscan.io logo urlscan.io
SecurityTrails logo

app.revolut.com Open in urlscan Pro
34.120.43.109  Public Scan

Go To Rescan Add Verdict Report
URL: https://app.revolut.com/start
Submission: On April 11 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 17 HTTP transactions. The main IP is 34.120.43.109, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is app.revolut.com. The Cisco Umbrella rank of the primary domain is 365748.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 1st 2020. Valid for: 2 years.
This is the only time app.revolut.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 34.120.43.109 15169 (GOOGLE)
1 34.120.195.249 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 34.95.97.3 15169 (GOOGLE)
17 4
Apex Domain
Subdomains		 Transfer
15 revolut.com
app.revolut.com — Cisco Umbrella Rank: 365748
assets.revolut.com — Cisco Umbrella Rank: 37848
3 MB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
20 KB
1 sentry.io
o104379.ingest.sentry.io — Cisco Umbrella Rank: 297944
245 B
17 3
Domain Requested by
12 app.revolut.com app.revolut.com
3 assets.revolut.com app.revolut.com
1 www.google-analytics.com app.revolut.com
1 o104379.ingest.sentry.io app.revolut.com
17 4

This site contains links to these domains. Also see Links.

Domain
www.revolut.com
Subject Issuer Validity Valid
*.revolut.com
Go Daddy Secure Certificate Authority - G2		 2020-06-01 -
2022-06-01		 2 years crt.sh
*.ingest.sentry.io
R3		 2022-02-21 -
2022-05-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://app.revolut.com/start
Frame ID: 0C724506B751953C92929F95D34B5A1E
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

A better way to handle your money | Revolut

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

17
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

3360 kB
Transfer

11881 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request start
app.revolut.com/ 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.revolut.com/start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.43.109 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
109.43.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
5d7d9c2701da73b8aabde804b7b649e46c3e5ca1e03dea392b5c71fd2c3fa2f4
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'report-sample' https://bam.nr-data.net https://js-agent.newrelic.com https://payments.worldpay.com https://www.googletagmanager.com https://www.google-analytics.com https://pay.google.com https://maps.googleapis.com; frame-src *; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https://assets.revolut.com https://www.googletagmanager.com https://www.google-analytics.com https://storage.googleapis.com https://www.gstatic.com https://i.travelapi.com https://maps.gstatic.com https://maps.googleapis.com https://khmdb0.google.com https://khmdb0.googleapis.com https://khmdb1.google.com https://khmdb1.googleapis.com https://khm.google.com https://khm.googleapis.com https://khm0.google.com https://khm0.googleapis.com https://khm1.google.com https://khm1.googleapis.com https://khms0.google.com https://khms0.googleapis.com https://khms1.google.com https://khms1.googleapis.com https://khms2.google.com https://khms2.googleapis.com https://khms3.google.com https://khms3.googleapis.com https://revolut-chat-prod.s3.us-east-2.amazonaws.com https://revolut-chat-prod.s3.us-east-1.amazonaws.com https://revolut-chat-prod.s3.us-west-1.amazonaws.com https://revolut-chat-prod.s3.us-west-2.amazonaws.com https://revolut-chat-prod.s3.af-south-1.amazonaws.com https://revolut-chat-prod.s3.ap-east-1.amazonaws.com https://revolut-chat-prod.s3.ap-south-1.amazonaws.com https://revolut-chat-prod.s3.ap-northeast-3.amazonaws.com https://revolut-chat-prod.s3.ap-northeast-2.amazonaws.com https://revolut-chat-prod.s3.ap-southeast-1.amazonaws.com https://revolut-chat-prod.s3.ap-southeast-2.amazonaws.com https://revolut-chat-prod.s3.ap-northeast-1.amazonaws.com https://revolut-chat-prod.s3.ca-central-1.amazonaws.com https://revolut-chat-prod.s3.cn-north-1.amazonaws.com https://revolut-chat-prod.s3.cn-northwest-1.amazonaws.com https://revolut-chat-prod.s3.eu-central-1.amazonaws.com https://revolut-chat-prod.s3.eu-west-1.amazonaws.com https://revolut-chat-prod.s3.eu-west-2.amazonaws.com https://revolut-chat-prod.s3.eu-south-1.amazonaws.com https://revolut-chat-prod.s3.eu-west-3.amazonaws.com https://revolut-chat-prod.s3.eu-north-1.amazonaws.com https://revolut-chat-prod.s3.me-south-1.amazonaws.com https://revolut-chat-prod.s3.sa-east-1.amazonaws.com; media-src 'self' data: https://assets.revolut.com; font-src 'self' data: https://assets.revolut.com https://fonts.gstatic.com; connect-src 'self' https://assets.revolut.com https://bam.nr-data.net https://api.checkout.com https://www.google-analytics.com https://o104379.ingest.sentry.io https://chat.revolut.com wss://chat.revolut.com https://www.revolut.com data-help-centre.prod.revolutlabs.com;
Strict-Transport-Security max-age=63072000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
clear
cache-control
no-cache
content-encoding
gzip
content-security-policy
default-src 'self'; script-src 'self' 'report-sample' https://bam.nr-data.net https://js-agent.newrelic.com https://payments.worldpay.com https://www.googletagmanager.com https://www.google-analytics.com https://pay.google.com https://maps.googleapis.com; frame-src *; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https://assets.revolut.com https://www.googletagmanager.com https://www.google-analytics.com https://storage.googleapis.com https://www.gstatic.com https://i.travelapi.com https://maps.gstatic.com https://maps.googleapis.com https://khmdb0.google.com https://khmdb0.googleapis.com https://khmdb1.google.com https://khmdb1.googleapis.com https://khm.google.com https://khm.googleapis.com https://khm0.google.com https://khm0.googleapis.com https://khm1.google.com https://khm1.googleapis.com https://khms0.google.com https://khms0.googleapis.com https://khms1.google.com https://khms1.googleapis.com https://khms2.google.com https://khms2.googleapis.com https://khms3.google.com https://khms3.googleapis.com https://revolut-chat-prod.s3.us-east-2.amazonaws.com https://revolut-chat-prod.s3.us-east-1.amazonaws.com https://revolut-chat-prod.s3.us-west-1.amazonaws.com https://revolut-chat-prod.s3.us-west-2.amazonaws.com https://revolut-chat-prod.s3.af-south-1.amazonaws.com https://revolut-chat-prod.s3.ap-east-1.amazonaws.com https://revolut-chat-prod.s3.ap-south-1.amazonaws.com https://revolut-chat-prod.s3.ap-northeast-3.amazonaws.com https://revolut-chat-prod.s3.ap-northeast-2.amazonaws.com https://revolut-chat-prod.s3.ap-southeast-1.amazonaws.com https://revolut-chat-prod.s3.ap-southeast-2.amazonaws.com https://revolut-chat-prod.s3.ap-northeast-1.amazonaws.com https://revolut-chat-prod.s3.ca-central-1.amazonaws.com https://revolut-chat-prod.s3.cn-north-1.amazonaws.com https://revolut-chat-prod.s3.cn-northwest-1.amazonaws.com https://revolut-chat-prod.s3.eu-central-1.amazonaws.com https://revolut-chat-prod.s3.eu-west-1.amazonaws.com https://revolut-chat-prod.s3.eu-west-2.amazonaws.com https://revolut-chat-prod.s3.eu-south-1.amazonaws.com https://revolut-chat-prod.s3.eu-west-3.amazonaws.com https://revolut-chat-prod.s3.eu-north-1.amazonaws.com https://revolut-chat-prod.s3.me-south-1.amazonaws.com https://revolut-chat-prod.s3.sa-east-1.amazonaws.com; media-src 'self' data: https://assets.revolut.com; font-src 'self' data: https://assets.revolut.com https://fonts.gstatic.com; connect-src 'self' https://assets.revolut.com https://bam.nr-data.net https://api.checkout.com https://www.google-analytics.com https://o104379.ingest.sentry.io https://chat.revolut.com wss://chat.revolut.com https://www.revolut.com data-help-centre.prod.revolutlabs.com;
content-type
text/html
date
Mon, 11 Apr 2022 15:16:12 GMT
etag
W/"624dc4a6-bdd"
expires
Mon, 11 Apr 2022 15:16:11 GMT
last-modified
Wed, 06 Apr 2022 16:49:42 GMT
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains;
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
BasierCircle-Regular.woff2
app.revolut.com/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.revolut.com/fonts/BasierCircle-Regular.woff2
Requested by
Host: app.revolut.com
URL: https://app.revolut.com/start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.43.109 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
109.43.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
c23b48bb63c57ddc9662f01e2d439ca9bab78ea9fb611b92a3b44cc0fb3981d6

Request headers

Referer
https://app.revolut.com/start
Origin
https://app.revolut.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 15:16:12 GMT
via
1.1 google
last-modified
Wed, 06 Apr 2022 16:42:59 GMT
server
nginx
etag
"624dc313-3b68"
content-type
font/woff2
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
alt-svc
clear
content-length
15208
BasierCircle-Medium.woff2
app.revolut.com/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.revolut.com/fonts/BasierCircle-Medium.woff2
Requested by
Host: app.revolut.com
URL: https://app.revolut.com/start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.43.109 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
109.43.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
a858e829b2f1ef3a0346efb973efa7c021905c23483292d5319d29ae316e4ce9

Request headers

Referer
https://app.revolut.com/start
Origin
https://app.revolut.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 15:16:12 GMT
via
1.1 google
last-modified
Wed, 06 Apr 2022 16:42:59 GMT
server
nginx
etag
"624dc313-3d84"
content-type
font/woff2
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
alt-svc
clear
content-length
15748
BasierCircle-SemiBold.woff2
app.revolut.com/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.revolut.com/fonts/BasierCircle-SemiBold.woff2
Requested by
Host: app.revolut.com
URL: https://app.revolut.com/start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.43.109 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
109.43.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7162676d3741eea3ba1c42e87a80c8f9be8f893f580b7862b12a3fa75eacd828

Request headers

Referer
https://app.revolut.com/start
Origin
https://app.revolut.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 15:16:12 GMT
via
1.1 google
last-modified
Wed, 06 Apr 2022 16:42:59 GMT
server
nginx
etag
"624dc313-3d44"
content-type
font/woff2
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
alt-svc
clear
content-length
15684
2401.a9ed3eac.js
app.revolut.com/static/js/ 		10 MB
3 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.revolut.com/static/js/2401.a9ed3eac.js
Requested by
Host: app.revolut.com
URL: https://app.revolut.com/start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.43.109 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
109.43.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
8bc86351c149b20660f5ac11e0d8157daecbcd5a6b0dbe121da4c211141c406f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.revolut.com/start
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 15:16:12 GMT
content-encoding
gzip
last-modified
Wed, 06 Apr 2022 16:49:58 GMT
server
nginx
etag
W/"624dc4b6-9b906f"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 google
cache-control
public, max-age=31536000, immutable
alt-svc
clear
main.28117aba.js
app.revolut.com/static/js/ 		1000 KB
324 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.revolut.com/static/js/main.28117aba.js
Requested by
Host: app.revolut.com
URL: https://app.revolut.com/start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.43.109 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
109.43.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
fe582a08edb1fcab6d8eabbcfb7e6ce563bccd513fa2f35500e4e407abe4a634

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.revolut.com/start
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 15:16:12 GMT
content-encoding
gzip
last-modified
Wed, 06 Apr 2022 16:49:58 GMT
server
nginx
etag
W/"624dc4b6-fa10e"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 google
cache-control
public, max-age=31536000, immutable
alt-svc
clear
main.d33dd536.css
app.revolut.com/static/css/ 		2 KB
914 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.revolut.com/static/css/main.d33dd536.css
Requested by
Host: app.revolut.com
URL: https://app.revolut.com/start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.43.109 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
109.43.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
b7d9251d74ef155113c8a144abe7e20f0acde46d8930357689d910fe2acca900

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.revolut.com/start
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 15:16:12 GMT
content-encoding
gzip
last-modified
Wed, 06 Apr 2022 16:49:57 GMT
server
nginx
etag
W/"624dc4b5-734"
vary
Accept-Encoding
content-type
text/css
via
1.1 google
cache-control
public, max-age=31536000, immutable
alt-svc
clear
/
o104379.ingest.sentry.io/api/5268114/envelope/ 		2 B
245 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o104379.ingest.sentry.io/api/5268114/envelope/?sentry_key=99852aa6d4384772b017317194049963&sentry_version=7
Requested by
Host: app.revolut.com
URL: https://app.revolut.com/static/js/2401.a9ed3eac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://app.revolut.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 11 Apr 2022 15:16:13 GMT
via
1.1 google
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://app.revolut.com
access-control-expose-headers
x-sentry-error, retry-after, x-sentry-rate-limits
x-envoy-upstream-service-time
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
clear
content-length
2
locale-en_AU-json.29bb42ed.chunk.js
app.revolut.com/static/js/ 		212 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.revolut.com/static/js/locale-en_AU-json.29bb42ed.chunk.js
Requested by
Host: app.revolut.com
URL: https://app.revolut.com/static/js/main.28117aba.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.43.109 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
109.43.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
5c3d8e50f619141852e5d95c6c21c3fc4884d099f645d1c49a88b5e32256c598

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.revolut.com/start
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 15:16:13 GMT
content-encoding
gzip
last-modified
Wed, 06 Apr 2022 16:49:58 GMT
server
nginx
etag
W/"624dc4b6-350ea"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 google
cache-control
public, max-age=31536000, immutable
alt-svc
clear
locale-en_US-json.4db80949.chunk.js
app.revolut.com/static/js/ 		212 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.revolut.com/static/js/locale-en_US-json.4db80949.chunk.js
Requested by
Host: app.revolut.com
URL: https://app.revolut.com/static/js/main.28117aba.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.43.109 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
109.43.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2ef2c5d6e38f6f4d2c7249aefedf0d3bef679853670fc59c0612502955f30905

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.revolut.com/start
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 15:16:13 GMT
content-encoding
gzip
last-modified
Wed, 06 Apr 2022 16:49:58 GMT
server
nginx
etag
W/"624dc4b6-350e7"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 google
cache-control
public, max-age=31536000, immutable
alt-svc
clear
locale-zh_CN-json.a93c3852.chunk.js
app.revolut.com/static/js/ 		258 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.revolut.com/static/js/locale-zh_CN-json.a93c3852.chunk.js
Requested by
Host: app.revolut.com
URL: https://app.revolut.com/static/js/main.28117aba.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.43.109 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
109.43.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
8cc91f1c2fcc90dfe7bf9c67c2d0752cd23b1bd2243f80eb0c416ea3bcc94f65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.revolut.com/start
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 15:16:13 GMT
content-encoding
gzip
last-modified
Wed, 06 Apr 2022 16:49:58 GMT
server
nginx
etag
W/"624dc4b6-4063e"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 google
cache-control
public, max-age=31536000, immutable
alt-svc
clear
common
app.revolut.com/api/retail/config/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.revolut.com/api/retail/config/common
Requested by
Host: app.revolut.com
URL: https://app.revolut.com/static/js/2401.a9ed3eac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.43.109 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
109.43.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
f5fa1098c3b729e35744039a10e69239ddd7725632b0ad529a24d8311ddaf51c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'report-sample' https://bam.nr-data.net https://js-agent.newrelic.com https://payments.worldpay.com https://www.googletagmanager.com https://www.google-analytics.com https://pay.google.com https://maps.googleapis.com; frame-src *; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https://assets.revolut.com https://www.googletagmanager.com https://www.google-analytics.com https://storage.googleapis.com https://www.gstatic.com https://i.travelapi.com https://maps.gstatic.com https://maps.googleapis.com https://khmdb0.google.com https://khmdb0.googleapis.com https://khmdb1.google.com https://khmdb1.googleapis.com https://khm.google.com https://khm.googleapis.com https://khm0.google.com https://khm0.googleapis.com https://khm1.google.com https://khm1.googleapis.com https://khms0.google.com https://khms0.googleapis.com https://khms1.google.com https://khms1.googleapis.com https://khms2.google.com https://khms2.googleapis.com https://khms3.google.com https://khms3.googleapis.com https://revolut-chat-prod.s3.us-east-2.amazonaws.com https://revolut-chat-prod.s3.us-east-1.amazonaws.com https://revolut-chat-prod.s3.us-west-1.amazonaws.com https://revolut-chat-prod.s3.us-west-2.amazonaws.com https://revolut-chat-prod.s3.af-south-1.amazonaws.com https://revolut-chat-prod.s3.ap-east-1.amazonaws.com https://revolut-chat-prod.s3.ap-south-1.amazonaws.com https://revolut-chat-prod.s3.ap-northeast-3.amazonaws.com https://revolut-chat-prod.s3.ap-northeast-2.amazonaws.com https://revolut-chat-prod.s3.ap-southeast-1.amazonaws.com https://revolut-chat-prod.s3.ap-southeast-2.amazonaws.com https://revolut-chat-prod.s3.ap-northeast-1.amazonaws.com https://revolut-chat-prod.s3.ca-central-1.amazonaws.com https://revolut-chat-prod.s3.cn-north-1.amazonaws.com https://revolut-chat-prod.s3.cn-northwest-1.amazonaws.com https://revolut-chat-prod.s3.eu-central-1.amazonaws.com https://revolut-chat-prod.s3.eu-west-1.amazonaws.com https://revolut-chat-prod.s3.eu-west-2.amazonaws.com https://revolut-chat-prod.s3.eu-south-1.amazonaws.com https://revolut-chat-prod.s3.eu-west-3.amazonaws.com https://revolut-chat-prod.s3.eu-north-1.amazonaws.com https://revolut-chat-prod.s3.me-south-1.amazonaws.com https://revolut-chat-prod.s3.sa-east-1.amazonaws.com; media-src 'self' data: https://assets.revolut.com; font-src 'self' data: https://assets.revolut.com https://fonts.gstatic.com; connect-src 'self' https://assets.revolut.com https://bam.nr-data.net https://api.checkout.com https://www.google-analytics.com https://o104379.ingest.sentry.io https://chat.revolut.com wss://chat.revolut.com https://www.revolut.com data-help-centre.prod.revolutlabs.com;
Strict-Transport-Security max-age=63072000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
x-client-geo-location
50.10490,8.62950
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
x-client-version
100.0
Accept
application/json, text/plain, */*
Referer
https://app.revolut.com/start
x-device-id
1a75ea6a-d4e3-4d44-8a36-9b2ee1479afb
x-browser-application
WEB_CLIENT

Response headers

date
Mon, 11 Apr 2022 15:16:13 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
alt-svc
clear, clear
server
nginx
x-frame-options
DENY
content-type
text/html;charset=utf-8
via
1.1 google, 1.1 google
x-xss-protection
1; mode=block
content-security-policy
default-src 'self'; script-src 'self' 'report-sample' https://bam.nr-data.net https://js-agent.newrelic.com https://payments.worldpay.com https://www.googletagmanager.com https://www.google-analytics.com https://pay.google.com https://maps.googleapis.com; frame-src *; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https://assets.revolut.com https://www.googletagmanager.com https://www.google-analytics.com https://storage.googleapis.com https://www.gstatic.com https://i.travelapi.com https://maps.gstatic.com https://maps.googleapis.com https://khmdb0.google.com https://khmdb0.googleapis.com https://khmdb1.google.com https://khmdb1.googleapis.com https://khm.google.com https://khm.googleapis.com https://khm0.google.com https://khm0.googleapis.com https://khm1.google.com https://khm1.googleapis.com https://khms0.google.com https://khms0.googleapis.com https://khms1.google.com https://khms1.googleapis.com https://khms2.google.com https://khms2.googleapis.com https://khms3.google.com https://khms3.googleapis.com https://revolut-chat-prod.s3.us-east-2.amazonaws.com https://revolut-chat-prod.s3.us-east-1.amazonaws.com https://revolut-chat-prod.s3.us-west-1.amazonaws.com https://revolut-chat-prod.s3.us-west-2.amazonaws.com https://revolut-chat-prod.s3.af-south-1.amazonaws.com https://revolut-chat-prod.s3.ap-east-1.amazonaws.com https://revolut-chat-prod.s3.ap-south-1.amazonaws.com https://revolut-chat-prod.s3.ap-northeast-3.amazonaws.com https://revolut-chat-prod.s3.ap-northeast-2.amazonaws.com https://revolut-chat-prod.s3.ap-southeast-1.amazonaws.com https://revolut-chat-prod.s3.ap-southeast-2.amazonaws.com https://revolut-chat-prod.s3.ap-northeast-1.amazonaws.com https://revolut-chat-prod.s3.ca-central-1.amazonaws.com https://revolut-chat-prod.s3.cn-north-1.amazonaws.com https://revolut-chat-prod.s3.cn-northwest-1.amazonaws.com https://revolut-chat-prod.s3.eu-central-1.amazonaws.com https://revolut-chat-prod.s3.eu-west-1.amazonaws.com https://revolut-chat-prod.s3.eu-west-2.amazonaws.com https://revolut-chat-prod.s3.eu-south-1.amazonaws.com https://revolut-chat-prod.s3.eu-west-3.amazonaws.com https://revolut-chat-prod.s3.eu-north-1.amazonaws.com https://revolut-chat-prod.s3.me-south-1.amazonaws.com https://revolut-chat-prod.s3.sa-east-1.amazonaws.com; media-src 'self' data: https://assets.revolut.com; font-src 'self' data: https://assets.revolut.com https://fonts.gstatic.com; connect-src 'self' https://assets.revolut.com https://bam.nr-data.net https://api.checkout.com https://www.google-analytics.com https://o104379.ingest.sentry.io https://chat.revolut.com wss://chat.revolut.com https://www.revolut.com data-help-centre.prod.revolutlabs.com;
strict-transport-security
max-age=63072000; includeSubDomains;
request-id
JZ8JQ7ITIO4J
vary
Accept-Encoding
x-content-type-options
nosniff
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: app.revolut.com
URL: https://app.revolut.com/static/js/2401.a9ed3eac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.revolut.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3542
date
Mon, 11 Apr 2022 14:17:11 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 11 Apr 2022 16:17:11 GMT
current
app.revolut.com/api/retail/user/ 		47 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.revolut.com/api/retail/user/current
Requested by
Host: app.revolut.com
URL: https://app.revolut.com/static/js/2401.a9ed3eac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.43.109 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
109.43.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
c0c9d0654aecef7278d8e0a60f28497c0ec2b2f390fc25d47da6581f0dbde654
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
x-client-geo-location
50.10490,8.62950
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
x-client-version
100.0
Accept
application/json, text/plain, */*
Referer
https://app.revolut.com/start
x-device-id
1a75ea6a-d4e3-4d44-8a36-9b2ee1479afb
x-browser-application
WEB_CLIENT

Response headers

date
Mon, 11 Apr 2022 15:16:13 GMT
via
1.1 google, 1.1 google
x-content-type-options
nosniff
server
nginx
content-type
application/json
request-id
187P8KUC5XDH
alt-svc
clear, clear
x-xss-protection
1; mode=block
offline.json
assets.revolut.com/animations/status/ 		7 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.revolut.com/animations/status/offline.json
Requested by
Host: app.revolut.com
URL: https://app.revolut.com/static/js/2401.a9ed3eac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.97.3 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
3.97.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
4eb6b4296bed2583f2d0ad5070d0a780767c94e17e1270e5c8e03d41e909bd40

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.revolut.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 14:26:22 GMT
age
2991
x-guploader-uploadid
ADPycdt7MkoE_QcCAYMqXXPosxL5-apVsVYLhEguHVOP75yq-sYX98zdU_HNGQUt0gccAKWJuBaVTKsJPyaoXVEOaaEOYlPQhAOg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7304
last-modified
Tue, 01 Dec 2020 14:50:06 GMT
server
UploadServer
etag
"92183d96c19e12719724ba40465f936e"
x-goog-hash
crc32c=i+rYjg==, md5=khg9lsGeEnGXJLpARl+Tbg==
x-goog-generation
1606834206685238
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
7304
accept-ranges
bytes
content-type
application/json
expires
Mon, 11 Apr 2022 15:26:22 GMT
get-started.png
assets.revolut.com/retail-web-account/illustrations/v2/ 		124 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.revolut.com/retail-web-account/illustrations/v2/get-started.png
Requested by
Host: app.revolut.com
URL: https://app.revolut.com/start
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.97.3 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
3.97.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
eb8c67ef4f7efd43d9ebbdcafdcbda5be9e2c5cebcd28c65b96d4abe1e33d7d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.revolut.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 14:57:52 GMT
age
1101
x-guploader-uploadid
ADPycdsX_vaOvkJ6_qu7JYuEmIgXoP7B7kPvwrN9RMs6RAWnpEr-XwhkI1rGrPPNpkdhy_r8bHNFB5b0FfYD5CziW99kDMj4Pwhj
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127282
last-modified
Wed, 14 Oct 2020 10:21:08 GMT
server
UploadServer
etag
"826cc42c829f09bd19021985ac784578"
x-goog-hash
crc32c=PpznBA==, md5=gmzELIKfCb0ZAhmFrHhFeA==
x-goog-generation
1602670868331171
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
127282
accept-ranges
bytes
content-type
image/png
expires
Mon, 11 Apr 2022 15:57:52 GMT
US.svg
assets.revolut.com/business/flags/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.revolut.com/business/flags/US.svg
Requested by
Host: app.revolut.com
URL: https://app.revolut.com/start
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.97.3 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
3.97.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c70ba1cb67cc649da2b1f5dc4a26891437d8bba2cc098c88461e6bfc23949d9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.revolut.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 14:51:31 GMT
age
1482
x-guploader-uploadid
ADPycdsw_qa_-UJ0bv6I_--W518EnXXUsjfusHCPYV8dHsZJD6x_dvXFdAFw7zedUI1GxCrhZwtJ3_1HiWJ84CwXFZEg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4461
last-modified
Tue, 10 Mar 2020 13:55:44 GMT
server
UploadServer
etag
"ae65659236a7e348402799477237e6fa"
x-goog-hash
crc32c=dcLT8A==, md5=rmVlkjan40hAJ5lHcjfm+g==
x-goog-generation
1583848544857780
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
4461
accept-ranges
bytes
content-type
image/svg+xml
expires
Mon, 11 Apr 2022 15:51:31 GMT

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| webpackChunk_revolut_rwa_core_app object| regeneratorRuntime object| __SENTRY__ object| proto function| Infinite string| GoogleAnalyticsObject function| ga object| __sentry_instrumentation_handlers__ object| google_tag_data object| gaplugins object| gaGlobal object| gaData

6 Cookies

Domain/Path Name / Value
app.revolut.com/ Name: rwa_geoCountry
Value: {"payload":"DE"}
app.revolut.com/ Name: rwa_geoRegionId
Value: {"payload":"2905330"}
app.revolut.com/ Name: rwa_geoLatitude
Value: {"payload":"50.10490"}
app.revolut.com/ Name: rwa_geoLongitude
Value: {"payload":"8.62950"}
.revolut.com/ Name: _ga
Value: GA1.2.976183043.1649690174
.revolut.com/ Name: _gid
Value: GA1.2.1034133713.1649690174

1 Console Messages

Source Level URL
Text
network error URL: https://app.revolut.com/api/retail/user/current
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; script-src 'self' 'report-sample' https://bam.nr-data.net https://js-agent.newrelic.com https://payments.worldpay.com https://www.googletagmanager.com https://www.google-analytics.com https://pay.google.com https://maps.googleapis.com; frame-src *; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https://assets.revolut.com https://www.googletagmanager.com https://www.google-analytics.com https://storage.googleapis.com https://www.gstatic.com https://i.travelapi.com https://maps.gstatic.com https://maps.googleapis.com https://khmdb0.google.com https://khmdb0.googleapis.com https://khmdb1.google.com https://khmdb1.googleapis.com https://khm.google.com https://khm.googleapis.com https://khm0.google.com https://khm0.googleapis.com https://khm1.google.com https://khm1.googleapis.com https://khms0.google.com https://khms0.googleapis.com https://khms1.google.com https://khms1.googleapis.com https://khms2.google.com https://khms2.googleapis.com https://khms3.google.com https://khms3.googleapis.com https://revolut-chat-prod.s3.us-east-2.amazonaws.com https://revolut-chat-prod.s3.us-east-1.amazonaws.com https://revolut-chat-prod.s3.us-west-1.amazonaws.com https://revolut-chat-prod.s3.us-west-2.amazonaws.com https://revolut-chat-prod.s3.af-south-1.amazonaws.com https://revolut-chat-prod.s3.ap-east-1.amazonaws.com https://revolut-chat-prod.s3.ap-south-1.amazonaws.com https://revolut-chat-prod.s3.ap-northeast-3.amazonaws.com https://revolut-chat-prod.s3.ap-northeast-2.amazonaws.com https://revolut-chat-prod.s3.ap-southeast-1.amazonaws.com https://revolut-chat-prod.s3.ap-southeast-2.amazonaws.com https://revolut-chat-prod.s3.ap-northeast-1.amazonaws.com https://revolut-chat-prod.s3.ca-central-1.amazonaws.com https://revolut-chat-prod.s3.cn-north-1.amazonaws.com https://revolut-chat-prod.s3.cn-northwest-1.amazonaws.com https://revolut-chat-prod.s3.eu-central-1.amazonaws.com https://revolut-chat-prod.s3.eu-west-1.amazonaws.com https://revolut-chat-prod.s3.eu-west-2.amazonaws.com https://revolut-chat-prod.s3.eu-south-1.amazonaws.com https://revolut-chat-prod.s3.eu-west-3.amazonaws.com https://revolut-chat-prod.s3.eu-north-1.amazonaws.com https://revolut-chat-prod.s3.me-south-1.amazonaws.com https://revolut-chat-prod.s3.sa-east-1.amazonaws.com; media-src 'self' data: https://assets.revolut.com; font-src 'self' data: https://assets.revolut.com https://fonts.gstatic.com; connect-src 'self' https://assets.revolut.com https://bam.nr-data.net https://api.checkout.com https://www.google-analytics.com https://o104379.ingest.sentry.io https://chat.revolut.com wss://chat.revolut.com https://www.revolut.com data-help-centre.prod.revolutlabs.com;
Strict-Transport-Security max-age=63072000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block