login.truelayer.com Open in urlscan Pro
52.215.105.247 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://auth.truelayer.com/xs2a/callback?state=auth-z5cj5Q3BnjEhaGtZjHDSfOS-ZcvvcaYTWhFwGONeccU
Effective URL:
https://login.truelayer.com/error?errorId=CfDJ8Li_MVJ71etFh5OTO3Eq5vhqNPOB_uzRuONSARYkVUPdxrpbixHQMkI6x0bxkGQ6wR0MdUeftQFhbS...
Submission: On October 06 via api (October 6th 2020, 12:59:00 pm UTC) from IT

Summary HTTP 26 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 3 domains to perform 26 HTTP transactions. The main IP is 52.215.105.247, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is login.truelayer.com.
TLS certificate: Issued by Amazon on June 17th 2020. Valid for: a year.

This is the only time login.truelayer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	34.252.209.207 34.252.209.207	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42::729 2a04:4e42::729	54113 (FASTLY) (FASTLY)
2	52.213.159.252 52.213.159.252	16509 (AMAZON-02) (AMAZON-02)
16	52.215.105.247 52.215.105.247	16509 (AMAZON-02) (AMAZON-02)
1	52.218.36.137 52.218.36.137	16509 (AMAZON-02) (AMAZON-02)
26	6

5 34.252.209.207 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-209-207.eu-west-1.compute.amazonaws.com

auth.truelayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::729 (Ascension Island)

ASN54113 (FASTLY, US)

browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.213.159.252 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-159-252.eu-west-1.compute.amazonaws.com

auth-analytics.truelayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 52.215.105.247 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-105-247.eu-west-1.compute.amazonaws.com

login.truelayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.36.137 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-3-w.amazonaws.com

truelayer-public-assets.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	truelayer.com auth.truelayer.com auth-analytics.truelayer.com login.truelayer.com	605 KB
1	amazonaws.com truelayer-public-assets.s3.amazonaws.com Failed	2 KB
1	sentry-cdn.com browser.sentry-cdn.com	18 KB
26	3

	Domain	Requested by
16	login.truelayer.com	auth.truelayer.com login.truelayer.com
5	auth.truelayer.com	auth.truelayer.com browser.sentry-cdn.com login.truelayer.com
2	auth-analytics.truelayer.com	browser.sentry-cdn.com
1	truelayer-public-assets.s3.amazonaws.com	login.truelayer.com
1	browser.sentry-cdn.com	auth.truelayer.com
26	5

This site contains no links.

Subject Issuer	Validity	Valid
auth.truelayer.com Amazon	`2020-01-02` - `2021-02-02`	a year	crt.sh
v2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-09-29` - `2021-04-22`	7 months	crt.sh
*.truelayer.com Amazon	`2020-05-07` - `2021-06-07`	a year	crt.sh
login.truelayer.com Amazon	`2020-06-17` - `2021-07-17`	a year	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2021-03-12`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://login.truelayer.com/error?errorId=CfDJ8Li_MVJ71etFh5OTO3Eq5vhqNPOB_uzRuONSARYkVUPdxrpbixHQMkI6x0bxkGQ6wR0MdUeftQFhbSG2AVDiwsubVAAgWhiZh6aEriFXaCMv97ICs7EK27pdlCXkSpdGoLJxtZfsu5gfVADvefVdoVPYVHZJnoqSdFsf69zOTUJ3XeZxkNOqYmvKcqC9dCEOSsSgx_1rMCxMJ27QKWPJ2DqUw2kX5YUrDJVR6V4kG3aC&requestId=f6f2399f-c3cd-443b-9144-d2adfd61d44a
Frame ID: ABB68C67D2D2880169634389E6EFCA9C
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://auth.truelayer.com/xs2a/callback?state=auth-z5cj5Q3BnjEhaGtZjHDSfOS-ZcvvcaYTWhFwGONeccU Page URL
https://login.truelayer.com/error?errorId=CfDJ8Li_MVJ71etFh5OTO3Eq5vhqNPOB_uzRuONSARYkVUPdxrpbixHQMkI6x0... Page URL

Detected technologies

Envoy (Reverse Proxy) Expand

Overall confidence: 100%
Detected patterns

headers server /^envoy$/i

Page Statistics

26
Requests

96 %
HTTPS

20 %
IPv6

3
Domains

5
Subdomains

6
IPs

2
Countries

624 kB
Transfer

1872 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://auth.truelayer.com/xs2a/callback?state=auth-z5cj5Q3BnjEhaGtZjHDSfOS-ZcvvcaYTWhFwGONeccU Page URL
https://login.truelayer.com/error?errorId=CfDJ8Li_MVJ71etFh5OTO3Eq5vhqNPOB_uzRuONSARYkVUPdxrpbixHQMkI6x0bxkGQ6wR0MdUeftQFhbSG2AVDiwsubVAAgWhiZh6aEriFXaCMv97ICs7EK27pdlCXkSpdGoLJxtZfsu5gfVADvefVdoVPYVHZJnoqSdFsf69zOTUJ3XeZxkNOqYmvKcqC9dCEOSsSgx_1rMCxMJ27QKWPJ2DqUw2kX5YUrDJVR6V4kG3aC&requestId=f6f2399f-c3cd-443b-9144-d2adfd61d44a Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK callback Show response
auth.truelayer.com/xs2a/ 18 KB
9 KB 159ms
43ms Document
text/html 34.252.209.207
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.truelayer.com/xs2a/callback?state=auth-z5cj5Q3BnjEhaGtZjHDSfOS-ZcvvcaYTWhFwGONeccU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.252.209.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-252-209-207.eu-west-1.compute.amazonaws.com

Software

envoy /

Resource Hash

bb506192d91b7f2a00a757087770c6da61688144b00942202d111eefaac2d202

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline';object-src 'none';img-src 'self';script-src browser.sentry-cdn.com 'self' 'unsafe-inline';connect-src https://auth-analytics.truelayer.com o405187.ingest.sentry.io 'self';frame-ancestors 'none';frame-src 'none'; report-uri https://o405187.ingest.sentry.io/api/5270399/security/?sentry_key=447b2da781e64a34bcb0d7e6e3857e08
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: auth.truelayer.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: no-store,no-cache,no-store
Content-Encoding: gzip
Content-Security-Policy: default-src 'self' 'unsafe-inline';object-src 'none';img-src 'self';script-src browser.sentry-cdn.com 'self' 'unsafe-inline';connect-src https://auth-analytics.truelayer.com o405187.ingest.sentry.io 'self';frame-ancestors 'none';frame-src 'none'; report-uri https://o405187.ingest.sentry.io/api/5270399/security/?sentry_key=447b2da781e64a34bcb0d7e6e3857e08
Content-Type: text/html; charset=utf-8
Date: Tue, 06 Oct 2020 12:58:43 GMT
Pragma: no-cache
Referrer-Policy: no-referrer
Server: envoy
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Envoy-Upstream-Service-Time: 7
X-Fe-Correlation-Id: id-4eff675cedff440eab9bd322a8a355e5
X-Request-Id: 3702e835-aa74-4c5d-90de-b296b82c5e66
X-Tl-Correlation-Id: 3702e835-aa74-4c5d-90de-b296b82c5e66
X-Xss-Protection: 1; mode=block
Content-Length: 7851
Connection: keep-alive

GET
H/1.1 200
OK hybrid-callback.css
auth.truelayer.com/ 933 B
2 KB 42ms
42ms Stylesheet
text/css 34.252.209.207
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.truelayer.com/hybrid-callback.css?v=7-538BHOPL6nJG2Kdey8s8LJ3QSpVHzRy2MVAaSRIp8

Requested by

Host: auth.truelayer.com
URL: https://auth.truelayer.com/xs2a/callback?state=auth-z5cj5Q3BnjEhaGtZjHDSfOS-ZcvvcaYTWhFwGONeccU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.252.209.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-252-209-207.eu-west-1.compute.amazonaws.com

Software

envoy /

Resource Hash

efee77f011ce3cbea7246d8a75ecbcb3c2c9dd04a9547cd1cb631501a491229f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline';object-src 'none';img-src 'self';script-src browser.sentry-cdn.com 'self' 'unsafe-inline';connect-src https://auth-analytics.truelayer.com o405187.ingest.sentry.io 'self';frame-ancestors 'none';frame-src 'none'; report-uri https://o405187.ingest.sentry.io/api/5270399/security/?sentry_key=447b2da781e64a34bcb0d7e6e3857e08
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' 'unsafe-inline';object-src 'none';img-src 'self';script-src browser.sentry-cdn.com 'self' 'unsafe-inline';connect-src https://auth-analytics.truelayer.com o405187.ingest.sentry.io 'self';frame-ancestors 'none';frame-src 'none'; report-uri https://o405187.ingest.sentry.io/api/5270399/security/?sentry_key=447b2da781e64a34bcb0d7e6e3857e08
Referrer-Policy: no-referrer
Server: envoy
Cache-Control: no-store
Date: Tue, 06 Oct 2020 12:58:44 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: text/css
X-Tl-Correlation-Id: cdb721fc-0389-44f8-94d2-c06471c6e67e
X-Envoy-Upstream-Service-Time: 5
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 933
X-Xss-Protection: 1; mode=block
X-Request-Id: cdb721fc-0389-44f8-94d2-c06471c6e67e

GET
H2 200 bundle.min.js Show response
browser.sentry-cdn.com/5.23.0/ 57 KB
18 KB 20ms
6ms Script
application/javascript 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/5.23.0/bundle.min.js

Requested by

Host: auth.truelayer.com
URL: https://auth.truelayer.com/xs2a/callback?state=auth-z5cj5Q3BnjEhaGtZjHDSfOS-ZcvvcaYTWhFwGONeccU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::729 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

41c0fde2fef254d29f51fcf43ef3df0b286ce110207d9b0327bc05ca79f56c02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://auth.truelayer.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 12:58:44 GMT
content-encoding: gzip
last-modified: Wed, 09 Sep 2020 15:43:22 GMT
server: Fastly
age: 2319824
etag: "842f33f7786d6dd6a526af093b0c3d1c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
access-control-allow-origin: *
content-length: 17775
expires: Thu, 09 Sep 2021 16:35:00 GMT

OPTIONS
H/1.1 204
No Content event
auth-analytics.truelayer.com/v1/ 0
0 138ms
36ms Other 52.213.159.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-analytics.truelayer.com/v1/event

Protocol

HTTP/1.1

Server

52.213.159.252 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-159-252.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-client-correlation-id
Origin: https://auth.truelayer.com
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type,x-client-correlation-id
Access-Control-Allow-Methods: POST,OPTIONS,GET
Access-Control-Allow-Origin: https://auth.truelayer.com
Cache-Control: no-store
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'
Date: Tue, 06 Oct 2020 12:58:44 GMT
Referrer-Policy: no-referrer
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Vary: Origin
X-Content-Type-Options: nosniff
x-tl-correlation-id: 2d6687dd-ce93-4864-8db5-19fad14a07c8
X-XSS-Protection: 1; mode=block
Connection: keep-alive

POST
H/1.1 200
OK event
auth-analytics.truelayer.com/v1/ 0
0 157ms
157ms Fetch 52.213.159.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-analytics.truelayer.com/v1/event

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.23.0/bundle.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.159.252 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-159-252.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
x-client-correlation-id: id-4eff675cedff440eab9bd322a8a355e5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Content-Security-Policy: default-src 'none'; frame-ancestors 'none'
Referrer-Policy: no-referrer
Server: nginx
Date: Tue, 06 Oct 2020 12:58:44 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Access-Control-Allow-Origin: https://auth.truelayer.com
Cache-Control: no-store
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Origin
Content-Length: 0
X-XSS-Protection: 1; mode=block
x-tl-correlation-id: 716eb41c-92b5-4a4a-bf0e-1545a1d8aa83

POST
H/1.1 200
OK callback
auth.truelayer.com/provider/ 348 B
1 KB 46ms
45ms Fetch
application/json 34.252.209.207
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.truelayer.com/provider/callback

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.23.0/bundle.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.252.209.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-252-209-207.eu-west-1.compute.amazonaws.com

Software

envoy /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline';object-src 'none';img-src 'self';script-src browser.sentry-cdn.com 'self' 'unsafe-inline';connect-src https://auth-analytics.truelayer.com o405187.ingest.sentry.io 'self';frame-ancestors 'none';frame-src 'none'; report-uri https://o405187.ingest.sentry.io/api/5270399/security/?sentry_key=447b2da781e64a34bcb0d7e6e3857e08
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer
x-client-correlation-id: id-4eff675cedff440eab9bd322a8a355e5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary2g81ExB2PaSA273b

Response headers

Content-Security-Policy: default-src 'self' 'unsafe-inline';object-src 'none';img-src 'self';script-src browser.sentry-cdn.com 'self' 'unsafe-inline';connect-src https://auth-analytics.truelayer.com o405187.ingest.sentry.io 'self';frame-ancestors 'none';frame-src 'none'; report-uri https://o405187.ingest.sentry.io/api/5270399/security/?sentry_key=447b2da781e64a34bcb0d7e6e3857e08
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Envoy-Upstream-Service-Time: 10
Connection: keep-alive
Content-Length: 324
X-Xss-Protection: 1; mode=block
X-Request-Id: f6f2399f-c3cd-443b-9144-d2adfd61d44a
Referrer-Policy: no-referrer
Server: envoy
Date: Tue, 06 Oct 2020 12:58:44 GMT
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: application/json
Cache-Control: no-store
X-Tl-Correlation-Id: f6f2399f-c3cd-443b-9144-d2adfd61d44a

GET
H/1.1 200
OK Primary Request error Show response
login.truelayer.com/ 3 KB
3 KB 147ms
33ms Document
text/html 52.215.105.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.truelayer.com/error?errorId=CfDJ8Li_MVJ71etFh5OTO3Eq5vhqNPOB_uzRuONSARYkVUPdxrpbixHQMkI6x0bxkGQ6wR0MdUeftQFhbSG2AVDiwsubVAAgWhiZh6aEriFXaCMv97ICs7EK27pdlCXkSpdGoLJxtZfsu5gfVADvefVdoVPYVHZJnoqSdFsf69zOTUJ3XeZxkNOqYmvKcqC9dCEOSsSgx_1rMCxMJ27QKWPJ2DqUw2kX5YUrDJVR6V4kG3aC&requestId=f6f2399f-c3cd-443b-9144-d2adfd61d44a

Requested by

Host: auth.truelayer.com
URL: https://auth.truelayer.com/xs2a/callback?state=auth-z5cj5Q3BnjEhaGtZjHDSfOS-ZcvvcaYTWhFwGONeccU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.215.105.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-105-247.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

2c010befeb4426473d339002a6ae1e0167d2e6587a94f6443cc2fc5fbec0b341

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://analytics2.t7r.co https://auth-analytics.truelayer.com https://auth-analytics.t7r.co https://auth-analytics.truelayer-sandbox.com https://auth.truelayer.com https://auth.t7r.co https://auth.truelayer-sandbox.com https://login-api.t7r.co https://login-api.truelayer-sandbox.com https://login-api.truelayer.com https://restcountries.eu https://o405187.ingest.sentry.io; img-src 'self' https://truelayer.com https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://restcountries.eu data:;; frame-ancestors https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'none'; object-src 'none'; report-uri https://o405187.ingest.sentry.io/api/5285290/security/?sentry_key=a3b1c5cebf524d7990f58607d84a9f76
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;
X-Xss-Protection	1; mode=block

Request headers

Host: login.truelayer.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: private, max-age=0
Content-Encoding: gzip
Content-Security-Policy: default-src 'self' https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://analytics2.t7r.co https://auth-analytics.truelayer.com https://auth-analytics.t7r.co https://auth-analytics.truelayer-sandbox.com https://auth.truelayer.com https://auth.t7r.co https://auth.truelayer-sandbox.com https://login-api.t7r.co https://login-api.truelayer-sandbox.com https://login-api.truelayer.com https://restcountries.eu https://o405187.ingest.sentry.io; img-src 'self' https://truelayer.com https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://restcountries.eu data:;; frame-ancestors https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'none'; object-src 'none'; report-uri https://o405187.ingest.sentry.io/api/5285290/security/?sentry_key=a3b1c5cebf524d7990f58607d84a9f76
Content-Type: text/html
Date: Tue, 06 Oct 2020 12:58:44 GMT
ETag: W/"5f75a2d6-a1c"
Last-Modified: Thu, 01 Oct 2020 09:35:18 GMT
Referrer-Policy: no-referrer
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: allow-from https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;
X-XSS-Protection: 1; mode=block
Content-Length: 1270
Connection: keep-alive

GET
H/1.1 200
OK env-config.js Show response
login.truelayer.com/ 340 B
2 KB 96ms
33ms Script
application/javascript 52.215.105.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.truelayer.com/env-config.js

Requested by

Host: login.truelayer.com
URL: https://login.truelayer.com/error?errorId=CfDJ8Li_MVJ71etFh5OTO3Eq5vhqNPOB_uzRuONSARYkVUPdxrpbixHQMkI6x0bxkGQ6wR0MdUeftQFhbSG2AVDiwsubVAAgWhiZh6aEriFXaCMv97ICs7EK27pdlCXkSpdGoLJxtZfsu5gfVADvefVdoVPYVHZJnoqSdFsf69zOTUJ3XeZxkNOqYmvKcqC9dCEOSsSgx_1rMCxMJ27QKWPJ2DqUw2kX5YUrDJVR6V4kG3aC&requestId=f6f2399f-c3cd-443b-9144-d2adfd61d44a

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.215.105.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-105-247.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

90d188d786764bcdca71d07d73d402a1c97a9efd5bed586c5a132d3b6a0ce9ec

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://analytics2.t7r.co https://auth-analytics.truelayer.com https://auth-analytics.t7r.co https://auth-analytics.truelayer-sandbox.com https://auth.truelayer.com https://auth.t7r.co https://auth.truelayer-sandbox.com https://login-api.t7r.co https://login-api.truelayer-sandbox.com https://login-api.truelayer.com https://restcountries.eu https://o405187.ingest.sentry.io; img-src 'self' https://truelayer.com https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://restcountries.eu data:;; frame-ancestors https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'none'; object-src 'none'; report-uri https://o405187.ingest.sentry.io/api/5285290/security/?sentry_key=a3b1c5cebf524d7990f58607d84a9f76
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://analytics2.t7r.co https://auth-analytics.truelayer.com https://auth-analytics.t7r.co https://auth-analytics.truelayer-sandbox.com https://auth.truelayer.com https://auth.t7r.co https://auth.truelayer-sandbox.com https://login-api.t7r.co https://login-api.truelayer-sandbox.com https://login-api.truelayer.com https://restcountries.eu https://o405187.ingest.sentry.io; img-src 'self' https://truelayer.com https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://restcountries.eu data:;; frame-ancestors https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'none'; object-src 'none'; report-uri https://o405187.ingest.sentry.io/api/5285290/security/?sentry_key=a3b1c5cebf524d7990f58607d84a9f76
Content-Encoding: gzip
Referrer-Policy: no-referrer
Last-Modified: Fri, 02 Oct 2020 14:17:11 GMT
Server: nginx
ETag: W/"5f773667-154"
X-Frame-Options: allow-from https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;
Connection: keep-alive
Content-Type: application/javascript
Cache-Control: private, max-age=0
Date: Tue, 06 Oct 2020 12:58:44 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 179
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 2.b5f6a386.chunk.css
login.truelayer.com/static/css/ 818 B
2 KB 35ms
34ms Stylesheet
text/css 52.215.105.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.truelayer.com/static/css/2.b5f6a386.chunk.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.215.105.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-105-247.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

6ba4f885cd0c9e17f731bf22afcb704e9d5c563819a7c31ef0781cacdf6fc9b7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://analytics2.t7r.co https://auth-analytics.truelayer.com https://auth-analytics.t7r.co https://auth-analytics.truelayer-sandbox.com https://auth.truelayer.com https://auth.t7r.co https://auth.truelayer-sandbox.com https://login-api.t7r.co https://login-api.truelayer-sandbox.com https://login-api.truelayer.com https://restcountries.eu https://o405187.ingest.sentry.io; img-src 'self' https://truelayer.com https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://restcountries.eu data:;; frame-ancestors https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'none'; object-src 'none'; report-uri https://o405187.ingest.sentry.io/api/5285290/security/?sentry_key=a3b1c5cebf524d7990f58607d84a9f76
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://analytics2.t7r.co https://auth-analytics.truelayer.com https://auth-analytics.t7r.co https://auth-analytics.truelayer-sandbox.com https://auth.truelayer.com https://auth.t7r.co https://auth.truelayer-sandbox.com https://login-api.t7r.co https://login-api.truelayer-sandbox.com https://login-api.truelayer.com https://restcountries.eu https://o405187.ingest.sentry.io; img-src 'self' https://truelayer.com https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://restcountries.eu data:;; frame-ancestors https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'none'; object-src 'none'; report-uri https://o405187.ingest.sentry.io/api/5285290/security/?sentry_key=a3b1c5cebf524d7990f58607d84a9f76
Content-Encoding: gzip
Referrer-Policy: no-referrer
Last-Modified: Thu, 01 Oct 2020 09:35:18 GMT
Server: nginx
ETag: W/"5f75a2d6-332"
X-Frame-Options: allow-from https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;
Connection: keep-alive
Content-Type: text/css
Cache-Control: private, max-age=0
Date: Tue, 06 Oct 2020 12:58:44 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 289
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK main.5562514b.chunk.css
login.truelayer.com/static/css/ 172 KB
39 KB 68ms
33ms Stylesheet
text/css 52.215.105.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.truelayer.com/static/css/main.5562514b.chunk.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.215.105.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-105-247.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

740944951c2a1e6835cf4b6a33e78cca82e154f29ef91d61b45c4ed8ff1253b4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://analytics2.t7r.co https://auth-analytics.truelayer.com https://auth-analytics.t7r.co https://auth-analytics.truelayer-sandbox.com https://auth.truelayer.com https://auth.t7r.co https://auth.truelayer-sandbox.com https://login-api.t7r.co https://login-api.truelayer-sandbox.com https://login-api.truelayer.com https://restcountries.eu https://o405187.ingest.sentry.io; img-src 'self' https://truelayer.com https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://restcountries.eu data:;; frame-ancestors https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'none'; object-src 'none'; report-uri https://o405187.ingest.sentry.io/api/5285290/security/?sentry_key=a3b1c5cebf524d7990f58607d84a9f76
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://analytics2.t7r.co https://auth-analytics.truelayer.com https://auth-analytics.t7r.co https://auth-analytics.truelayer-sandbox.com https://auth.truelayer.com https://auth.t7r.co https://auth.truelayer-sandbox.com https://login-api.t7r.co https://login-api.truelayer-sandbox.com https://login-api.truelayer.com https://restcountries.eu https://o405187.ingest.sentry.io; img-src 'self' https://truelayer.com https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://restcountries.eu data:;; frame-ancestors https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'none'; object-src 'none'; report-uri https://o405187.ingest.sentry.io/api/5285290/security/?sentry_key=a3b1c5cebf524d7990f58607d84a9f76
Content-Encoding: gzip
Referrer-Policy: no-referrer
Last-Modified: Thu, 01 Oct 2020 09:35:18 GMT
Server: nginx
ETag: W/"5f75a2d6-2b16e"
X-Frame-Options: allow-from https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;
Connection: keep-alive
Content-Type: text/css
Cache-Control: private, max-age=0
Date: Tue, 06 Oct 2020 12:58:44 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
transfer-encoding: chunked
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 2.513834b7.chunk.js Show response
login.truelayer.com/static/js/ 1 MB
345 KB 98ms
34ms Script
application/javascript 52.215.105.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.truelayer.com/static/js/2.513834b7.chunk.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.215.105.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-105-247.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

19f5e9720153bf5aa4fa1fd64d44f387bec72de70978e61702168ec854a5b1d3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://analytics2.t7r.co https://auth-analytics.truelayer.com https://auth-analytics.t7r.co https://auth-analytics.truelayer-sandbox.com https://auth.truelayer.com https://auth.t7r.co https://auth.truelayer-sandbox.com https://login-api.t7r.co https://login-api.truelayer-sandbox.com https://login-api.truelayer.com https://restcountries.eu https://o405187.ingest.sentry.io; img-src 'self' https://truelayer.com https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://restcountries.eu data:;; frame-ancestors https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'none'; object-src 'none'; report-uri https://o405187.ingest.sentry.io/api/5285290/security/?sentry_key=a3b1c5cebf524d7990f58607d84a9f76
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://analytics2.t7r.co https://auth-analytics.truelayer.com https://auth-analytics.t7r.co https://auth-analytics.truelayer-sandbox.com https://auth.truelayer.com https://auth.t7r.co https://auth.truelayer-sandbox.com https://login-api.t7r.co https://login-api.truelayer-sandbox.com https://login-api.truelayer.com https://restcountries.eu https://o405187.ingest.sentry.io; img-src 'self' https://truelayer.com https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://restcountries.eu data:;; frame-ancestors https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'none'; object-src 'none'; report-uri https://o405187.ingest.sentry.io/api/5285290/security/?sentry_key=a3b1c5cebf524d7990f58607d84a9f76
Content-Encoding: gzip
Referrer-Policy: no-referrer
Last-Modified: Thu, 01 Oct 2020 09:35:18 GMT
Server: nginx
ETag: W/"5f75a2d6-104118"
X-Frame-Options: allow-from https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;
Connection: keep-alive
Content-Type: application/javascript
Cache-Control: private, max-age=0
Date: Tue, 06 Oct 2020 12:58:44 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
transfer-encoding: chunked
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK main.5f69623a.chunk.js Show response
login.truelayer.com/static/js/ 536 KB
147 KB 120ms
55ms Script
application/javascript 52.215.105.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.truelayer.com/static/js/main.5f69623a.chunk.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.215.105.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-105-247.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

5152842534fe7b2a399ef7b9318e5cd63b37d238645aa0970588e53ca8585d37

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://analytics2.t7r.co https://auth-analytics.truelayer.com https://auth-analytics.t7r.co https://auth-analytics.truelayer-sandbox.com https://auth.truelayer.com https://auth.t7r.co https://auth.truelayer-sandbox.com https://login-api.t7r.co https://login-api.truelayer-sandbox.com https://login-api.truelayer.com https://restcountries.eu https://o405187.ingest.sentry.io; img-src 'self' https://truelayer.com https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://restcountries.eu data:;; frame-ancestors https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'none'; object-src 'none'; report-uri https://o405187.ingest.sentry.io/api/5285290/security/?sentry_key=a3b1c5cebf524d7990f58607d84a9f76
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://analytics2.t7r.co https://auth-analytics.truelayer.com https://auth-analytics.t7r.co https://auth-analytics.truelayer-sandbox.com https://auth.truelayer.com https://auth.t7r.co https://auth.truelayer-sandbox.com https://login-api.t7r.co https://login-api.truelayer-sandbox.com https://login-api.truelayer.com https://restcountries.eu https://o405187.ingest.sentry.io; img-src 'self' https://truelayer.com https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://restcountries.eu data:;; frame-ancestors https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'none'; object-src 'none'; report-uri https://o405187.ingest.sentry.io/api/5285290/security/?sentry_key=a3b1c5cebf524d7990f58607d84a9f76
Content-Encoding: gzip
Referrer-Policy: no-referrer
Last-Modified: Thu, 01 Oct 2020 09:35:18 GMT
Server: nginx
ETag: W/"5f75a2d6-86142"
X-Frame-Options: allow-from https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;
Connection: keep-alive
Content-Type: application/javascript
Cache-Control: private, max-age=0
Date: Tue, 06 Oct 2020 12:58:44 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
transfer-encoding: chunked
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK loading.c5590569.svg
login.truelayer.com/static/media/ 2 KB
4 KB 34ms
34ms Image
image/svg+xml 52.215.105.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.truelayer.com/static/media/loading.c5590569.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.215.105.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-105-247.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

14a2ca44b4a9265b3e8cf3152cde9d7941d3c6e9ad44a658c3e029bf99f3d30c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://analytics2.t7r.co https://auth-analytics.truelayer.com https://auth-analytics.t7r.co https://auth-analytics.truelayer-sandbox.com https://auth.truelayer.com https://auth.t7r.co https://auth.truelayer-sandbox.com https://login-api.t7r.co https://login-api.truelayer-sandbox.com https://login-api.truelayer.com https://restcountries.eu https://o405187.ingest.sentry.io; img-src 'self' https://truelayer.com https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://restcountries.eu data:;; frame-ancestors https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'none'; object-src 'none'; report-uri https://o405187.ingest.sentry.io/api/5285290/security/?sentry_key=a3b1c5cebf524d7990f58607d84a9f76
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://analytics2.t7r.co https://auth-analytics.truelayer.com https://auth-analytics.t7r.co https://auth-analytics.truelayer-sandbox.com https://auth.truelayer.com https://auth.t7r.co https://auth.truelayer-sandbox.com https://login-api.t7r.co https://login-api.truelayer-sandbox.com https://login-api.truelayer.com https://restcountries.eu https://o405187.ingest.sentry.io; img-src 'self' https://truelayer.com https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://restcountries.eu data:;; frame-ancestors https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'none'; object-src 'none'; report-uri https://o405187.ingest.sentry.io/api/5285290/security/?sentry_key=a3b1c5cebf524d7990f58607d84a9f76
Referrer-Policy: no-referrer
Last-Modified: Thu, 01 Oct 2020 09:35:18 GMT
Server: nginx
ETag: "5f75a2d6-8e2"
X-Frame-Options: allow-from https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;
Connection: keep-alive
Content-Type: image/svg+xml
Cache-Control: private, max-age=0
Date: Tue, 06 Oct 2020 12:58:45 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
Content-Length: 2274
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK translation.json Show response
login.truelayer.com/locales/en/ 3 KB
3 KB 35ms
34ms Fetch
text/html 52.215.105.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.truelayer.com/locales/en/translation.json

Requested by

Host: login.truelayer.com
URL: https://login.truelayer.com/static/js/2.513834b7.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.215.105.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-105-247.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

2c010befeb4426473d339002a6ae1e0167d2e6587a94f6443cc2fc5fbec0b341

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://analytics2.t7r.co https://auth-analytics.truelayer.com https://auth-analytics.t7r.co https://auth-analytics.truelayer-sandbox.com https://auth.truelayer.com https://auth.t7r.co https://auth.truelayer-sandbox.com https://login-api.t7r.co https://login-api.truelayer-sandbox.com https://login-api.truelayer.com https://restcountries.eu https://o405187.ingest.sentry.io; img-src 'self' https://truelayer.com https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://restcountries.eu data:;; frame-ancestors https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'none'; object-src 'none'; report-uri https://o405187.ingest.sentry.io/api/5285290/security/?sentry_key=a3b1c5cebf524d7990f58607d84a9f76
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://analytics2.t7r.co https://auth-analytics.truelayer.com https://auth-analytics.t7r.co https://auth-analytics.truelayer-sandbox.com https://auth.truelayer.com https://auth.t7r.co https://auth.truelayer-sandbox.com https://login-api.t7r.co https://login-api.truelayer-sandbox.com https://login-api.truelayer.com https://restcountries.eu https://o405187.ingest.sentry.io; img-src 'self' https://truelayer.com https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://restcountries.eu data:;; frame-ancestors https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'none'; object-src 'none'; report-uri https://o405187.ingest.sentry.io/api/5285290/security/?sentry_key=a3b1c5cebf524d7990f58607d84a9f76
Content-Encoding: gzip
Referrer-Policy: no-referrer
Last-Modified: Thu, 01 Oct 2020 09:35:18 GMT
Server: nginx
ETag: W/"5f75a2d6-a1c"
X-Frame-Options: allow-from https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;
Connection: keep-alive
Content-Type: text/html
Cache-Control: private, max-age=0
Date: Tue, 06 Oct 2020 12:58:45 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 1270
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK errors.json Show response
login.truelayer.com/locales/en/ 368 B
2 KB 33ms
32ms Fetch
application/json 52.215.105.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.truelayer.com/locales/en/errors.json

Requested by

Host: login.truelayer.com
URL: https://login.truelayer.com/static/js/2.513834b7.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.215.105.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-105-247.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

36a61d4948754bf984a5016b9f5693792b4430664cea708ac02925c93ae4b782

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://analytics2.t7r.co https://auth-analytics.truelayer.com https://auth-analytics.t7r.co https://auth-analytics.truelayer-sandbox.com https://auth.truelayer.com https://auth.t7r.co https://auth.truelayer-sandbox.com https://login-api.t7r.co https://login-api.truelayer-sandbox.com https://login-api.truelayer.com https://restcountries.eu https://o405187.ingest.sentry.io; img-src 'self' https://truelayer.com https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://restcountries.eu data:;; frame-ancestors https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'none'; object-src 'none'; report-uri https://o405187.ingest.sentry.io/api/5285290/security/?sentry_key=a3b1c5cebf524d7990f58607d84a9f76
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://analytics2.t7r.co https://auth-analytics.truelayer.com https://auth-analytics.t7r.co https://auth-analytics.truelayer-sandbox.com https://auth.truelayer.com https://auth.t7r.co https://auth.truelayer-sandbox.com https://login-api.t7r.co https://login-api.truelayer-sandbox.com https://login-api.truelayer.com https://restcountries.eu https://o405187.ingest.sentry.io; img-src 'self' https://truelayer.com https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://restcountries.eu data:;; frame-ancestors https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'none'; object-src 'none'; report-uri https://o405187.ingest.sentry.io/api/5285290/security/?sentry_key=a3b1c5cebf524d7990f58607d84a9f76
Referrer-Policy: no-referrer
Last-Modified: Thu, 01 Oct 2020 09:32:13 GMT
Server: nginx
ETag: "5f75a21d-170"
X-Frame-Options: allow-from https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;
Connection: keep-alive
Content-Type: application/json
Cache-Control: private, max-age=0
Date: Tue, 06 Oct 2020 12:58:45 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
Content-Length: 368
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK translation.json Show response
login.truelayer.com/locales/en-US/ 3 KB
3 KB 34ms
33ms Fetch
text/html 52.215.105.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.truelayer.com/locales/en-US/translation.json

Requested by

Host: login.truelayer.com
URL: https://login.truelayer.com/static/js/2.513834b7.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.215.105.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-105-247.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

2c010befeb4426473d339002a6ae1e0167d2e6587a94f6443cc2fc5fbec0b341

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://analytics2.t7r.co https://auth-analytics.truelayer.com https://auth-analytics.t7r.co https://auth-analytics.truelayer-sandbox.com https://auth.truelayer.com https://auth.t7r.co https://auth.truelayer-sandbox.com https://login-api.t7r.co https://login-api.truelayer-sandbox.com https://login-api.truelayer.com https://restcountries.eu https://o405187.ingest.sentry.io; img-src 'self' https://truelayer.com https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://restcountries.eu data:;; frame-ancestors https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'none'; object-src 'none'; report-uri https://o405187.ingest.sentry.io/api/5285290/security/?sentry_key=a3b1c5cebf524d7990f58607d84a9f76
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://analytics2.t7r.co https://auth-analytics.truelayer.com https://auth-analytics.t7r.co https://auth-analytics.truelayer-sandbox.com https://auth.truelayer.com https://auth.t7r.co https://auth.truelayer-sandbox.com https://login-api.t7r.co https://login-api.truelayer-sandbox.com https://login-api.truelayer.com https://restcountries.eu https://o405187.ingest.sentry.io; img-src 'self' https://truelayer.com https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://restcountries.eu data:;; frame-ancestors https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'none'; object-src 'none'; report-uri https://o405187.ingest.sentry.io/api/5285290/security/?sentry_key=a3b1c5cebf524d7990f58607d84a9f76
Content-Encoding: gzip
Referrer-Policy: no-referrer
Last-Modified: Thu, 01 Oct 2020 09:35:18 GMT
Server: nginx
ETag: W/"5f75a2d6-a1c"
X-Frame-Options: allow-from https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;
Connection: keep-alive
Content-Type: text/html
Cache-Control: private, max-age=0
Date: Tue, 06 Oct 2020 12:58:45 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 1270
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK errors.json Show response
login.truelayer.com/locales/en-US/ 3 KB
3 KB 34ms
34ms Fetch
text/html 52.215.105.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.truelayer.com/locales/en-US/errors.json

Requested by

Host: login.truelayer.com
URL: https://login.truelayer.com/static/js/2.513834b7.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.215.105.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-105-247.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

2c010befeb4426473d339002a6ae1e0167d2e6587a94f6443cc2fc5fbec0b341

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://analytics2.t7r.co https://auth-analytics.truelayer.com https://auth-analytics.t7r.co https://auth-analytics.truelayer-sandbox.com https://auth.truelayer.com https://auth.t7r.co https://auth.truelayer-sandbox.com https://login-api.t7r.co https://login-api.truelayer-sandbox.com https://login-api.truelayer.com https://restcountries.eu https://o405187.ingest.sentry.io; img-src 'self' https://truelayer.com https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://restcountries.eu data:;; frame-ancestors https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'none'; object-src 'none'; report-uri https://o405187.ingest.sentry.io/api/5285290/security/?sentry_key=a3b1c5cebf524d7990f58607d84a9f76
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://analytics2.t7r.co https://auth-analytics.truelayer.com https://auth-analytics.t7r.co https://auth-analytics.truelayer-sandbox.com https://auth.truelayer.com https://auth.t7r.co https://auth.truelayer-sandbox.com https://login-api.t7r.co https://login-api.truelayer-sandbox.com https://login-api.truelayer.com https://restcountries.eu https://o405187.ingest.sentry.io; img-src 'self' https://truelayer.com https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://restcountries.eu data:;; frame-ancestors https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'none'; object-src 'none'; report-uri https://o405187.ingest.sentry.io/api/5285290/security/?sentry_key=a3b1c5cebf524d7990f58607d84a9f76
Content-Encoding: gzip
Referrer-Policy: no-referrer
Last-Modified: Thu, 01 Oct 2020 09:35:18 GMT
Server: nginx
ETag: W/"5f75a2d6-a1c"
X-Frame-Options: allow-from https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;
Connection: keep-alive
Content-Type: text/html
Cache-Control: private, max-age=0
Date: Tue, 06 Oct 2020 12:58:45 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 1270
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK misc.json Show response
login.truelayer.com/locales/en-US/ 3 KB
3 KB 36ms
35ms Fetch
text/html 52.215.105.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.truelayer.com/locales/en-US/misc.json

Requested by

Host: login.truelayer.com
URL: https://login.truelayer.com/static/js/2.513834b7.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.215.105.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-105-247.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

2c010befeb4426473d339002a6ae1e0167d2e6587a94f6443cc2fc5fbec0b341

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://analytics2.t7r.co https://auth-analytics.truelayer.com https://auth-analytics.t7r.co https://auth-analytics.truelayer-sandbox.com https://auth.truelayer.com https://auth.t7r.co https://auth.truelayer-sandbox.com https://login-api.t7r.co https://login-api.truelayer-sandbox.com https://login-api.truelayer.com https://restcountries.eu https://o405187.ingest.sentry.io; img-src 'self' https://truelayer.com https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://restcountries.eu data:;; frame-ancestors https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'none'; object-src 'none'; report-uri https://o405187.ingest.sentry.io/api/5285290/security/?sentry_key=a3b1c5cebf524d7990f58607d84a9f76
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://analytics2.t7r.co https://auth-analytics.truelayer.com https://auth-analytics.t7r.co https://auth-analytics.truelayer-sandbox.com https://auth.truelayer.com https://auth.t7r.co https://auth.truelayer-sandbox.com https://login-api.t7r.co https://login-api.truelayer-sandbox.com https://login-api.truelayer.com https://restcountries.eu https://o405187.ingest.sentry.io; img-src 'self' https://truelayer.com https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://restcountries.eu data:;; frame-ancestors https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'none'; object-src 'none'; report-uri https://o405187.ingest.sentry.io/api/5285290/security/?sentry_key=a3b1c5cebf524d7990f58607d84a9f76
Content-Encoding: gzip
Referrer-Policy: no-referrer
Last-Modified: Thu, 01 Oct 2020 09:35:18 GMT
Server: nginx
ETag: W/"5f75a2d6-a1c"
X-Frame-Options: allow-from https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;
Connection: keep-alive
Content-Type: text/html
Cache-Control: private, max-age=0
Date: Tue, 06 Oct 2020 12:58:45 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 1270
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK misc.json Show response
login.truelayer.com/locales/en/ 187 B
2 KB 35ms
34ms Fetch
application/json 52.215.105.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.truelayer.com/locales/en/misc.json

Requested by

Host: login.truelayer.com
URL: https://login.truelayer.com/static/js/2.513834b7.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.215.105.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-105-247.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

b0067a2c0fc02bbb8c407b6e19df6e9643f15367393826ab6c6310af1aa4b9ec

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://analytics2.t7r.co https://auth-analytics.truelayer.com https://auth-analytics.t7r.co https://auth-analytics.truelayer-sandbox.com https://auth.truelayer.com https://auth.t7r.co https://auth.truelayer-sandbox.com https://login-api.t7r.co https://login-api.truelayer-sandbox.com https://login-api.truelayer.com https://restcountries.eu https://o405187.ingest.sentry.io; img-src 'self' https://truelayer.com https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://restcountries.eu data:;; frame-ancestors https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'none'; object-src 'none'; report-uri https://o405187.ingest.sentry.io/api/5285290/security/?sentry_key=a3b1c5cebf524d7990f58607d84a9f76
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://analytics2.t7r.co https://auth-analytics.truelayer.com https://auth-analytics.t7r.co https://auth-analytics.truelayer-sandbox.com https://auth.truelayer.com https://auth.t7r.co https://auth.truelayer-sandbox.com https://login-api.t7r.co https://login-api.truelayer-sandbox.com https://login-api.truelayer.com https://restcountries.eu https://o405187.ingest.sentry.io; img-src 'self' https://truelayer.com https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://restcountries.eu data:;; frame-ancestors https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'none'; object-src 'none'; report-uri https://o405187.ingest.sentry.io/api/5285290/security/?sentry_key=a3b1c5cebf524d7990f58607d84a9f76
Referrer-Policy: no-referrer
Last-Modified: Thu, 01 Oct 2020 09:32:13 GMT
Server: nginx
ETag: "5f75a21d-bb"
X-Frame-Options: allow-from https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;
Connection: keep-alive
Content-Type: application/json
Cache-Control: private, max-age=0
Date: Tue, 06 Oct 2020 12:58:45 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
Content-Length: 187
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK scaffold.json Show response
login.truelayer.com/locales/en-US/ 3 KB
3 KB 35ms
35ms Fetch
text/html 52.215.105.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.truelayer.com/locales/en-US/scaffold.json

Requested by

Host: login.truelayer.com
URL: https://login.truelayer.com/static/js/2.513834b7.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.215.105.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-105-247.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

2c010befeb4426473d339002a6ae1e0167d2e6587a94f6443cc2fc5fbec0b341

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://analytics2.t7r.co https://auth-analytics.truelayer.com https://auth-analytics.t7r.co https://auth-analytics.truelayer-sandbox.com https://auth.truelayer.com https://auth.t7r.co https://auth.truelayer-sandbox.com https://login-api.t7r.co https://login-api.truelayer-sandbox.com https://login-api.truelayer.com https://restcountries.eu https://o405187.ingest.sentry.io; img-src 'self' https://truelayer.com https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://restcountries.eu data:;; frame-ancestors https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'none'; object-src 'none'; report-uri https://o405187.ingest.sentry.io/api/5285290/security/?sentry_key=a3b1c5cebf524d7990f58607d84a9f76
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://analytics2.t7r.co https://auth-analytics.truelayer.com https://auth-analytics.t7r.co https://auth-analytics.truelayer-sandbox.com https://auth.truelayer.com https://auth.t7r.co https://auth.truelayer-sandbox.com https://login-api.t7r.co https://login-api.truelayer-sandbox.com https://login-api.truelayer.com https://restcountries.eu https://o405187.ingest.sentry.io; img-src 'self' https://truelayer.com https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://restcountries.eu data:;; frame-ancestors https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'none'; object-src 'none'; report-uri https://o405187.ingest.sentry.io/api/5285290/security/?sentry_key=a3b1c5cebf524d7990f58607d84a9f76
Content-Encoding: gzip
Referrer-Policy: no-referrer
Last-Modified: Thu, 01 Oct 2020 09:35:18 GMT
Server: nginx
ETag: W/"5f75a2d6-a1c"
X-Frame-Options: allow-from https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;
Connection: keep-alive
Content-Type: text/html
Cache-Control: private, max-age=0
Date: Tue, 06 Oct 2020 12:58:45 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 1270
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK scaffold.json Show response
login.truelayer.com/locales/en/ 312 B
2 KB 34ms
33ms Fetch
application/json 52.215.105.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.truelayer.com/locales/en/scaffold.json

Requested by

Host: login.truelayer.com
URL: https://login.truelayer.com/static/js/2.513834b7.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.215.105.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-105-247.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

8cdf990d07cc5e7a9d56100553d27705011b57aa90d53676cfcedcd3f9ac7bfc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://analytics2.t7r.co https://auth-analytics.truelayer.com https://auth-analytics.t7r.co https://auth-analytics.truelayer-sandbox.com https://auth.truelayer.com https://auth.t7r.co https://auth.truelayer-sandbox.com https://login-api.t7r.co https://login-api.truelayer-sandbox.com https://login-api.truelayer.com https://restcountries.eu https://o405187.ingest.sentry.io; img-src 'self' https://truelayer.com https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://restcountries.eu data:;; frame-ancestors https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'none'; object-src 'none'; report-uri https://o405187.ingest.sentry.io/api/5285290/security/?sentry_key=a3b1c5cebf524d7990f58607d84a9f76
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://analytics2.t7r.co https://auth-analytics.truelayer.com https://auth-analytics.t7r.co https://auth-analytics.truelayer-sandbox.com https://auth.truelayer.com https://auth.t7r.co https://auth.truelayer-sandbox.com https://login-api.t7r.co https://login-api.truelayer-sandbox.com https://login-api.truelayer.com https://restcountries.eu https://o405187.ingest.sentry.io; img-src 'self' https://truelayer.com https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://restcountries.eu data:;; frame-ancestors https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'none'; object-src 'none'; report-uri https://o405187.ingest.sentry.io/api/5285290/security/?sentry_key=a3b1c5cebf524d7990f58607d84a9f76
Referrer-Policy: no-referrer
Last-Modified: Thu, 01 Oct 2020 09:32:13 GMT
Server: nginx
ETag: "5f75a21d-138"
X-Frame-Options: allow-from https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;
Connection: keep-alive
Content-Type: application/json
Cache-Control: private, max-age=0
Date: Tue, 06 Oct 2020 12:58:45 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
Content-Length: 312
X-XSS-Protection: 1; mode=block

OPTIONS
H/1.1 204
No Content error
auth.truelayer.com/api/dialog/ 0
0 131ms
34ms Other 34.252.209.207
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.truelayer.com/api/dialog/error?errorId=CfDJ8Li_MVJ71etFh5OTO3Eq5vhqNPOB_uzRuONSARYkVUPdxrpbixHQMkI6x0bxkGQ6wR0MdUeftQFhbSG2AVDiwsubVAAgWhiZh6aEriFXaCMv97ICs7EK27pdlCXkSpdGoLJxtZfsu5gfVADvefVdoVPYVHZJnoqSdFsf69zOTUJ3XeZxkNOqYmvKcqC9dCEOSsSgx_1rMCxMJ27QKWPJ2DqUw2kX5YUrDJVR6V4kG3aC

Protocol

HTTP/1.1

Server

34.252.209.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-252-209-207.eu-west-1.compute.amazonaws.com

Software

envoy /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline';object-src 'none';img-src 'self';script-src browser.sentry-cdn.com 'self' 'unsafe-inline';connect-src https://auth-analytics.truelayer.com o405187.ingest.sentry.io 'self';frame-ancestors 'none';frame-src 'none'; report-uri https://o405187.ingest.sentry.io/api/5270399/security/?sentry_key=447b2da781e64a34bcb0d7e6e3857e08
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: access-control-allow-credentials,x-client-correlation-id
Origin: https://login.truelayer.com
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: access-control-allow-credentials,x-client-correlation-id
Access-Control-Allow-Methods: POST,OPTIONS,GET
Access-Control-Allow-Origin: https://login.truelayer.com
Cache-Control: no-store
Content-Security-Policy: default-src 'self' 'unsafe-inline';object-src 'none';img-src 'self';script-src browser.sentry-cdn.com 'self' 'unsafe-inline';connect-src https://auth-analytics.truelayer.com o405187.ingest.sentry.io 'self';frame-ancestors 'none';frame-src 'none'; report-uri https://o405187.ingest.sentry.io/api/5270399/security/?sentry_key=447b2da781e64a34bcb0d7e6e3857e08
Date: Tue, 06 Oct 2020 12:58:45 GMT
Referrer-Policy: no-referrer
Server: envoy
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
X-Content-Type-Options: nosniff
X-Envoy-Upstream-Service-Time: 0
X-Request-Id: 5d66a125-2af9-4867-bdc6-782ed86deefc
X-Tl-Correlation-Id: 5d66a125-2af9-4867-bdc6-782ed86deefc
X-Xss-Protection: 1; mode=block
Connection: keep-alive

GET
H/1.1 200
OK error Show response
auth.truelayer.com/api/dialog/ 53 B
1 KB 36ms
36ms XHR
application/json 34.252.209.207
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: login.truelayer.com
URL: https://login.truelayer.com/static/js/2.513834b7.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.252.209.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-252-209-207.eu-west-1.compute.amazonaws.com

Software

envoy /

Resource Hash

b08b746b544050504fad2bf03fa20bbdc2981eb51ef6dccde2df58525ae3e950

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline';object-src 'none';img-src 'self';script-src browser.sentry-cdn.com 'self' 'unsafe-inline';connect-src https://auth-analytics.truelayer.com o405187.ingest.sentry.io 'self';frame-ancestors 'none';frame-src 'none'; report-uri https://o405187.ingest.sentry.io/api/5270399/security/?sentry_key=447b2da781e64a34bcb0d7e6e3857e08
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer
Access-Control-Allow-Credentials: true
x-client-correlation-id
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' 'unsafe-inline';object-src 'none';img-src 'self';script-src browser.sentry-cdn.com 'self' 'unsafe-inline';connect-src https://auth-analytics.truelayer.com o405187.ingest.sentry.io 'self';frame-ancestors 'none';frame-src 'none'; report-uri https://o405187.ingest.sentry.io/api/5270399/security/?sentry_key=447b2da781e64a34bcb0d7e6e3857e08
X-Content-Type-Options: nosniff
X-Envoy-Upstream-Service-Time: 1
Connection: keep-alive
Content-Length: 53
X-Xss-Protection: 1; mode=block
X-Request-Id: 11a9d4a1-ff43-4fa4-b6b1-9b2c97d763db
Referrer-Policy: no-referrer
Server: envoy
Date: Tue, 06 Oct 2020 12:58:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://login.truelayer.com
Cache-Control: no-store
Access-Control-Allow-Credentials: true
X-Tl-Correlation-Id: 11a9d4a1-ff43-4fa4-b6b1-9b2c97d763db

GET tl-white.svg
truelayer-public-assets.s3.amazonaws.com/logo/mark/ 0
0

GET
H/1.1 200
OK montserrat-regular-webfont.18c12a85.woff2
login.truelayer.com/static/media/ 26 KB
28 KB 34ms
34ms Font
application/octet-stream 52.215.105.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.truelayer.com/static/media/montserrat-regular-webfont.18c12a85.woff2

Requested by

Host: login.truelayer.com
URL: https://login.truelayer.com/static/css/main.5562514b.chunk.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.215.105.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-105-247.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

afb29732e6f78231080ba552586d4e9056844264417f7eea3b28dca829b31f7d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://analytics2.t7r.co https://auth-analytics.truelayer.com https://auth-analytics.t7r.co https://auth-analytics.truelayer-sandbox.com https://auth.truelayer.com https://auth.t7r.co https://auth.truelayer-sandbox.com https://login-api.t7r.co https://login-api.truelayer-sandbox.com https://login-api.truelayer.com https://restcountries.eu https://o405187.ingest.sentry.io; img-src 'self' https://truelayer.com https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://restcountries.eu data:;; frame-ancestors https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'none'; object-src 'none'; report-uri https://o405187.ingest.sentry.io/api/5285290/security/?sentry_key=a3b1c5cebf524d7990f58607d84a9f76
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;
X-Xss-Protection	1; mode=block

Request headers

Origin: https://login.truelayer.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://analytics2.t7r.co https://auth-analytics.truelayer.com https://auth-analytics.t7r.co https://auth-analytics.truelayer-sandbox.com https://auth.truelayer.com https://auth.t7r.co https://auth.truelayer-sandbox.com https://login-api.t7r.co https://login-api.truelayer-sandbox.com https://login-api.truelayer.com https://restcountries.eu https://o405187.ingest.sentry.io; img-src 'self' https://truelayer.com https://truelayer-client-logos.s3-eu-west-1.amazonaws.com https://truelayer-client-logos.s3.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com https://truelayer-provider-assets.s3.amazonaws.com https://restcountries.eu data:;; frame-ancestors https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'none'; object-src 'none'; report-uri https://o405187.ingest.sentry.io/api/5285290/security/?sentry_key=a3b1c5cebf524d7990f58607d84a9f76
Referrer-Policy: no-referrer
Last-Modified: Thu, 01 Oct 2020 09:35:18 GMT
Server: nginx
ETag: "5f75a2d6-6974"
X-Frame-Options: allow-from https://console.t7r.co https://console.truelayer-sandbox.com https://console.truelayer.com https://*.amazon.com;
Connection: keep-alive
Content-Type: application/octet-stream
Cache-Control: private, max-age=0
Date: Tue, 06 Oct 2020 12:58:45 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
Content-Length: 26996
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK tl-white.svg
truelayer-public-assets.s3.amazonaws.com/logo/mark/ 1 KB
2 KB 137ms
39ms Image
image/svg+xml 52.218.36.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://truelayer-public-assets.s3.amazonaws.com/logo/mark/tl-white.svg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.36.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-3-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: fd775713eb046b473b2bd97c3104a6f55c4d7b10929655edf1a3015e4750f16e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 06 Oct 2020 12:58:46 GMT
Last-Modified: Thu, 13 Feb 2020 17:27:51 GMT
Server: AmazonS3
x-amz-request-id: 1AC45BCC136E9A68
ETag: "b7b3ee899d5d671caf30b00318e85eb6"
Content-Type: image/svg+xml
x-amz-version-id: iK1Xx8y1IvQO7J.oLI.3xcYc30nPsTLI
Accept-Ranges: bytes
Content-Length: 1286
x-amz-id-2: MpSB4F2Wey/1KyHDpG/66co8qwW3jGmGFZmyATkifFGf5lTxGzLJrolMUp+A2WBdix2tvJYeM6w=

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: truelayer-public-assets.s3.amazonaws.com
URL: https://truelayer-public-assets.s3.amazonaws.com/logo/mark/tl-white.svg

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://browser.sentry-cdn.com/5.23.0/bundle.min.js(Line 2) Message: current location: https://auth.truelayer.com/xs2a/callback?state=auth-z5cj5Q3BnjEhaGtZjHDSfOS-ZcvvcaYTWhFwGONeccU, Id: id-4eff675cedff440eab9bd322a8a355e5
console-api	info	URL: https://browser.sentry-cdn.com/5.23.0/bundle.min.js(Line 2) Message: sending POST request
console-api	info	URL: https://browser.sentry-cdn.com/5.23.0/bundle.min.js(Line 2) Message: response received
console-api	info	URL: https://browser.sentry-cdn.com/5.23.0/bundle.min.js(Line 2) Message: response type: basic
console-api	info	URL: https://browser.sentry-cdn.com/5.23.0/bundle.min.js(Line 2) Message: response is: {"redirect_uri":"https://login.truelayer.com/error?errorId=CfDJ8Li_MVJ71etFh5OTO3Eq5vhqNPOB_uzRuONSARYkVUPdxrpbixHQMkI6x0bxkGQ6wR0MdUeftQFhbSG2AVDiwsubVAAgWhiZh6aEriFXaCMv97ICs7EK27pdlCXkSpdGoLJxtZfsu5gfVADvefVdoVPYVHZJnoqSdFsf69zOTUJ3XeZxkNOqYmvKcqC9dCEOSsSgx_1rMCxMJ27QKWPJ2DqUw2kX5YUrDJVR6V4kG3aC&requestId=f6f2399f-c3cd-443b-9144-d2adfd61d44a"}
console-api	warning	URL: https://browser.sentry-cdn.com/5.23.0/bundle.min.js(Line 2) Message: Redirecting to: https://login.truelayer.com/error?errorId=CfDJ8Li_MVJ71etFh5OTO3Eq5vhqNPOB_uzRuONSARYkVUPdxrpbixHQMkI6x0bxkGQ6wR0MdUeftQFhbSG2AVDiwsubVAAgWhiZh6aEriFXaCMv97ICs7EK27pdlCXkSpdGoLJxtZfsu5gfVADvefVdoVPYVHZJnoqSdFsf69zOTUJ3XeZxkNOqYmvKcqC9dCEOSsSgx_1rMCxMJ27QKWPJ2DqUw2kX5YUrDJVR6V4kG3aC&requestId=f6f2399f-c3cd-443b-9144-d2adfd61d44a
console-api	log	URL: https://login.truelayer.com/static/js/2.513834b7.chunk.js(Line 2) Message: xClientCorrelationId =

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline';object-src 'none';img-src 'self';script-src browser.sentry-cdn.com 'self' 'unsafe-inline';connect-src https://auth-analytics.truelayer.com o405187.ingest.sentry.io 'self';frame-ancestors 'none';frame-src 'none'; report-uri https://o405187.ingest.sentry.io/api/5270399/security/?sentry_key=447b2da781e64a34bcb0d7e6e3857e08
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth-analytics.truelayer.com
auth.truelayer.com
browser.sentry-cdn.com
login.truelayer.com
truelayer-public-assets.s3.amazonaws.com
truelayer-public-assets.s3.amazonaws.com
2a04:4e42::729
34.252.209.207
52.213.159.252
52.215.105.247
52.218.36.137
14a2ca44b4a9265b3e8cf3152cde9d7941d3c6e9ad44a658c3e029bf99f3d30c
19f5e9720153bf5aa4fa1fd64d44f387bec72de70978e61702168ec854a5b1d3
2c010befeb4426473d339002a6ae1e0167d2e6587a94f6443cc2fc5fbec0b341
36a61d4948754bf984a5016b9f5693792b4430664cea708ac02925c93ae4b782
41c0fde2fef254d29f51fcf43ef3df0b286ce110207d9b0327bc05ca79f56c02
5152842534fe7b2a399ef7b9318e5cd63b37d238645aa0970588e53ca8585d37
6ba4f885cd0c9e17f731bf22afcb704e9d5c563819a7c31ef0781cacdf6fc9b7
740944951c2a1e6835cf4b6a33e78cca82e154f29ef91d61b45c4ed8ff1253b4
8cdf990d07cc5e7a9d56100553d27705011b57aa90d53676cfcedcd3f9ac7bfc
90d188d786764bcdca71d07d73d402a1c97a9efd5bed586c5a132d3b6a0ce9ec
afb29732e6f78231080ba552586d4e9056844264417f7eea3b28dca829b31f7d
b0067a2c0fc02bbb8c407b6e19df6e9643f15367393826ab6c6310af1aa4b9ec
b08b746b544050504fad2bf03fa20bbdc2981eb51ef6dccde2df58525ae3e950
bb506192d91b7f2a00a757087770c6da61688144b00942202d111eefaac2d202
efee77f011ce3cbea7246d8a75ecbcb3c2c9dd04a9547cd1cb631501a491229f
fd775713eb046b473b2bd97c3104a6f55c4d7b10929655edf1a3015e4750f16e

login.truelayer.com Open in urlscan Pro 52.215.105.247 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

26 Requests

96 %HTTPS

20 %IPv6

3 Domains

5 Subdomains

6 IPs

2 Countries

624 kBTransfer

1872 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

0 Cookies

7 Console Messages

Security Headers

Indicators

login.truelayer.com Open in urlscan Pro
52.215.105.247 Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

96 %
HTTPS

20 %
IPv6

3
Domains

5
Subdomains

6
IPs

2
Countries

624 kB
Transfer

1872 kB
Size

0
Cookies

26 HTTP transactions
0 data transactions