urlscan.io logo urlscan.io
SecurityTrails logo

signin.truelayer.com Open in urlscan Pro
2606:4700::6813:9913  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://console.truelayer.com/
Effective URL: https://signin.truelayer.com/u/login/identifier?state=hKFo2SB4RHUwUVE2MnBCV2dtdVk0R2s2NzluMzg1N01xZjNhV6Fur3VuaXZlcnNhbC1sb2d...
Submission: On April 02 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 10 domains to perform 50 HTTP transactions. The main IP is 2606:4700::6813:9913, located in United States and belongs to CLOUDFLARENET, US. The main domain is signin.truelayer.com.
TLS certificate: Issued by E1 on February 19th 2024. Valid for: 3 months.
This is the only time signin.truelayer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 34.120.195.249 396982 (GOOGLE-CL...)
3 104.18.70.113 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
9 2606:4700:440... 13335 (CLOUDFLAR...)
1 4 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 104.17.25.14 13335 (CLOUDFLAR...)
1 2600:9000:235... 16509 (AMAZON-02)
2 52.218.0.128 16509 (AMAZON-02)
1 104.19.153.19 13335 (CLOUDFLAR...)
50 14
6    2606:4700::6812:180c (United States)

ASN13335 (CLOUDFLARENET, US)
console.truelayer.com
truelayer-assets.truelayer.com
2    2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
p.typekit.net
2    2606:4700::6812:1b02 (United States)

ASN13335 (CLOUDFLARENET, US)
i.tl-al.com
3    34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o268643.ingest.sentry.io
3    104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
ekr.zdassets.com
1    2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
9    2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-ukwest.onetrust.com
geolocation.onetrust.com
4    2606:4700::6813:9913 (United States)

ASN13335 (CLOUDFLARENET, US)
signin.truelayer.com
3    2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)
cloudflareinsights.com
2    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2600:9000:2359:2600:10:474e:104a:2961 (United States)

ASN16509 (AMAZON-02, US)
cdn.auth0.com
2    52.218.0.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1-r-w.amazonaws.com
truelayer-public-assets.s3-eu-west-1.amazonaws.com
1    104.19.153.19 (None, )

ASN13335 (CLOUDFLARENET, US)
signin.truelayer.com
Apex Domain
Subdomains		 Transfer
11 truelayer.com
console.truelayer.com
signin.truelayer.com
truelayer-assets.truelayer.com
3 MB
9 onetrust.com
cdn-ukwest.onetrust.com — Cisco Umbrella Rank: 5708
geolocation.onetrust.com — Cisco Umbrella Rank: 564
129 KB
4 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 813
cloudflareinsights.com — Cisco Umbrella Rank: 793
7 KB
3 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 2168
ekr.zdassets.com — Cisco Umbrella Rank: 2557
146 KB
3 sentry.io
o268643.ingest.sentry.io — Cisco Umbrella Rank: 903862
453 B
2 amazonaws.com
truelayer-public-assets.s3-eu-west-1.amazonaws.com
4 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 234
85 KB
2 tl-al.com
i.tl-al.com
165 KB
2 typekit.net
use.typekit.net — Cisco Umbrella Rank: 468
p.typekit.net — Cisco Umbrella Rank: 568
1 KB
1 auth0.com
cdn.auth0.com — Cisco Umbrella Rank: 6637
63 KB
50 10
Domain Requested by
8 cdn-ukwest.onetrust.com console.truelayer.com
cdn-ukwest.onetrust.com
5 signin.truelayer.com 1 redirects console.truelayer.com
5 console.truelayer.com console.truelayer.com
3 cloudflareinsights.com console.truelayer.com
static.cloudflareinsights.com
3 o268643.ingest.sentry.io console.truelayer.com
2 truelayer-public-assets.s3-eu-west-1.amazonaws.com signin.truelayer.com
2 cdnjs.cloudflare.com signin.truelayer.com
cdnjs.cloudflare.com
2 static.zdassets.com console.truelayer.com
static.zdassets.com
2 i.tl-al.com console.truelayer.com
1 cdn.auth0.com signin.truelayer.com
1 truelayer-assets.truelayer.com signin.truelayer.com
1 geolocation.onetrust.com console.truelayer.com
1 ekr.zdassets.com console.truelayer.com
1 static.cloudflareinsights.com console.truelayer.com
1 p.typekit.net use.typekit.net
1 use.typekit.net console.truelayer.com
use.typekit.net
50 16

This site contains links to these domains. Also see Links.

Domain
truelayer.com
Subject Issuer Validity Valid
truelayer.com
GTS CA 1P5		 2024-03-11 -
2024-06-09		 3 months crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-01 -
2025-03-03		 a year crt.sh
tl-al.com
GTS CA 1P5		 2024-02-23 -
2024-05-23		 3 months crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-02 -
2024-12-02		 a year crt.sh
zdassets.com
E1		 2024-03-03 -
2024-06-01		 3 months crt.sh
cloudflareinsights.com
GTS CA 1P5		 2024-03-10 -
2024-06-08		 3 months crt.sh
onetrust.com
GTS CA 1P5		 2024-03-01 -
2024-05-30		 3 months crt.sh
signin.truelayer.com
E1		 2024-02-19 -
2024-05-19		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
truelayer-assets.truelayer.com
E1		 2024-03-16 -
2024-06-14		 3 months crt.sh
*.auth0.com
Amazon RSA 2048 M03		 2024-01-25 -
2025-02-22		 a year crt.sh
*.s3-eu-west-1.amazonaws.com
Amazon RSA 2048 M01		 2024-01-31 -
2025-01-15		 a year crt.sh

This page contains 4 frames:

Primary Page: https://signin.truelayer.com/u/login/identifier?state=hKFo2SB4RHUwUVE2MnBCV2dtdVk0R2s2NzluMzg1N01xZjNhV6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIE1pbC15MUZhai0xQ1V3ZGY5SnhYNzA1TURSbUdaaGJNo2NpZNkgMlVOMjd2YjJPRzhqekFEWEVoRmR4TlVHY3Y3V2tMelE
Frame ID: A72B0F43635A1D881FE7FA2BEAEBE7BA
Requests: 41 HTTP requests in this frame

Frame: https://signin.truelayer.com/authorize?client_id=2UN27vb2OG8jzADXEhFdxNUGcv7WkLzQ&scope=openid+profile+email&redirect_uri=https%3A%2F%2Fconsole.truelayer.com&audience=https%3A%2F%2Fsignin.truelayer.com%2Fapi%2Fv2%2F&prompt=none&response_type=code&response_mode=web_message&state=bWRONDVqRDZTaEhKc1VsVjdPcm4zOFcxTFJVa0xLMGRNSm1qNzVEMExQfg%3D%3D&nonce=RnQtSFlXa2EuMzF1bTFyNi5HRDk4Rm1zZ1oyYmFQdDZhYzNpbVpxSy10aw%3D%3D&code_challenge=UYyHk16JdwrPMncyRnkWEZrB-5j4X8Ij7v5dDfQduBQ&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjEifQ%3D%3D
Frame ID: 6729F2B11732DA8FB20771930E3C03C4
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4f08213.js
Frame ID: E219124D7FDC70D44D3245D4AB34D4C3
Requests: 7 HTTP requests in this frame

Frame: https://signin.truelayer.com/authorize?client_id=2UN27vb2OG8jzADXEhFdxNUGcv7WkLzQ&scope=openid+profile+email&redirect_uri=https%3A%2F%2Fconsole.truelayer.com&audience=https%3A%2F%2Fsignin.truelayer.com%2Fapi%2Fv2%2F&prompt=none&response_type=code&response_mode=web_message&state=T0UzQXZDMUozWS5VWTNFUkFpMzNmbHIxVFo1WEpqMWFOT1MzRWNWYVYxMQ%3D%3D&nonce=VW15STVxN2JIaThYYnM5aDdvSkZfNjlEVTBQczA0S0MyWjRhNjVyNi5ERA%3D%3D&code_challenge=96B905qNSpWRSgQN0EpmDa82QpyGu_JRd3y_BLU3Sls&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjEifQ%3D%3D
Frame ID: 930AF5D2807490BCD374C9C3C00A430E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Log in | Console

Page URL History Show full URLs

  1. http://console.truelayer.com/ HTTP 307
    https://console.truelayer.com/ Page URL
  2. https://signin.truelayer.com/authorize?client_id=2UN27vb2OG8jzADXEhFdxNUGcv7WkLzQ&scope=openid+profile+em... HTTP 302
    https://signin.truelayer.com/u/login/identifier?state=hKFo2SB4RHUwUVE2MnBCV2dtdVk0R2s2NzluMzg1N01xZjNhV6F... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • otSDKStub\.js

Page Statistics

50
Requests

76 %
HTTPS

62 %
IPv6

10
Domains

16
Subdomains

14
IPs

4
Countries

4035 kB
Transfer

9415 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://console.truelayer.com/ HTTP 307
    https://console.truelayer.com/ Page URL
  2. https://signin.truelayer.com/authorize?client_id=2UN27vb2OG8jzADXEhFdxNUGcv7WkLzQ&scope=openid+profile+email&redirect_uri=https%3A%2F%2Fconsole.truelayer.com&audience=https%3A%2F%2Fsignin.truelayer.com%2Fapi%2Fv2%2F&response_type=code&response_mode=query&state=MFhham44UlFQb0xFQkQ0aTZrTTNiM25POEJqYUVzQ3IyUVNORHAwMTBBQg%3D%3D&nonce=dWRFTkpveERyUkphYTNUbEpxeTR3SGU0dHFHbUZLLm1YS2pFdUFLTG8zYw%3D%3D&code_challenge=XArqDeSOh7yfoGkpXjWxJWSkdsWxbOZ5bis3i5lgUQI&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjEifQ%3D%3D HTTP 302
    https://signin.truelayer.com/u/login/identifier?state=hKFo2SB4RHUwUVE2MnBCV2dtdVk0R2s2NzluMzg1N01xZjNhV6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIE1pbC15MUZhai0xQ1V3ZGY5SnhYNzA1TURSbUdaaGJNo2NpZNkgMlVOMjd2YjJPRzhqekFEWEVoRmR4TlVHY3Y3V2tMelE Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://console.truelayer.com/ HTTP 307
  • https://console.truelayer.com/

50 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
console.truelayer.com/
Redirect Chain
  • http://console.truelayer.com/
  • https://console.truelayer.com/
1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://console.truelayer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:180c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b7360f10a5170b43752a5956999cff204596f2b1176ede74884da6c1fcc85a9
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.onetrust.com/ https://i.tl-al.com https://*.ingest.sentry.io https://console-backend.truelayer.com https://otel-api.truelayer.com https://console-backend.truelayer-sandbox.com https://auth.truelayer.com https://clients-api.truelayer.com https://users-api.truelayer.com https://signin.truelayer.com https://truelayer.eu.auth0.com https://*.zendesk.com https://*.zopim.com https://api.smooch.io wss://api.smooch.io https://t7r-comptroller-sandbox.s3.eu-west-1.amazonaws.com https://t7r-comptroller-production.s3.eu-west-1.amazonaws.com https://i.tl-al.com https://i.t7r-al.dev https://console-backend.t7r.co https://signin.truelayer.com https://signin.t7r.co https://signin.t7r.dev https://widget.intercom.io https://cdn.eu.auth0.com https://support.truelayer.com https://ekr.zdassets.com/ wss://widget-mediator.zopim.com https://static.zdassets.com https://api-eu.mixpanel.com https://decide.mixpanel.com https://cdn.mxpnl.com https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://nexus-long-poller-a.intercom.io https://nexus-long-poller-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://share.intercom.io https://intercom-sheets.com https://www.intercom-reporting.com https://fast.wistia.net https://share.intercom.io https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://cloudflareinsights.com; script-src 'self' blob: https://*.onetrust.com/ https://i.tl-al.com https://i.t7r-al.dev https://cdn.eu.auth0.com https://static.zdassets.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://api.smooch.io https://collection.passfort.com https://static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' https://use.typekit.net https://p.typekit.net https://fonts.googleapis.com/; font-src 'self' data https://truelayer-assets.truelayer.com https://use.typekit.net https://js.intercomcdn.com https://fonts.googleapis.com; frame-src https://login.truelayer.com/ https://payment.truelayer-sandbox.com/ https://pay.truelayer.com/ https://signin.truelayer.com/ https://truelayer.eu.auth0.com/ https://intercom-sheets.com https://signin.truelayer.com https://signin.t7r.co https://signin.t7r.dev https://collection.passfort.com; img-src * data: blob: https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://truelayer-public-assets.s3-eu-west-1.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com; object-src 'none'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=0
cf-cache-status
DYNAMIC
cf-ray
86dea139ccf01c6d-FRA
content-encoding
gzip
content-security-policy
default-src 'self' https://*.onetrust.com/ https://i.tl-al.com https://*.ingest.sentry.io https://console-backend.truelayer.com https://otel-api.truelayer.com https://console-backend.truelayer-sandbox.com https://auth.truelayer.com https://clients-api.truelayer.com https://users-api.truelayer.com https://signin.truelayer.com https://truelayer.eu.auth0.com https://*.zendesk.com https://*.zopim.com https://api.smooch.io wss://api.smooch.io https://t7r-comptroller-sandbox.s3.eu-west-1.amazonaws.com https://t7r-comptroller-production.s3.eu-west-1.amazonaws.com https://i.tl-al.com https://i.t7r-al.dev https://console-backend.t7r.co https://signin.truelayer.com https://signin.t7r.co https://signin.t7r.dev https://widget.intercom.io https://cdn.eu.auth0.com https://support.truelayer.com https://ekr.zdassets.com/ wss://widget-mediator.zopim.com https://static.zdassets.com https://api-eu.mixpanel.com https://decide.mixpanel.com https://cdn.mxpnl.com https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://nexus-long-poller-a.intercom.io https://nexus-long-poller-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://share.intercom.io https://intercom-sheets.com https://www.intercom-reporting.com https://fast.wistia.net https://share.intercom.io https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://cloudflareinsights.com; script-src 'self' blob: https://*.onetrust.com/ https://i.tl-al.com https://i.t7r-al.dev https://cdn.eu.auth0.com https://static.zdassets.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://api.smooch.io https://collection.passfort.com https://static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' https://use.typekit.net https://p.typekit.net https://fonts.googleapis.com/; font-src 'self' data https://truelayer-assets.truelayer.com https://use.typekit.net https://js.intercomcdn.com https://fonts.googleapis.com; frame-src https://login.truelayer.com/ https://payment.truelayer-sandbox.com/ https://pay.truelayer.com/ https://signin.truelayer.com/ https://truelayer.eu.auth0.com/ https://intercom-sheets.com https://signin.truelayer.com https://signin.t7r.co https://signin.t7r.dev https://collection.passfort.com; img-src * data: blob: https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://truelayer-public-assets.s3-eu-west-1.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com; object-src 'none'; frame-ancestors 'self';
content-type
text/html
date
Tue, 02 Apr 2024 06:05:53 GMT
last-modified
Tue, 26 Mar 2024 16:49:04 GMT
referrer-policy
no-referrer
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

Location
https://console.truelayer.com/
Non-Authoritative-Reason
HttpsUpgrades
vab5wxr.css
use.typekit.net/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/vab5wxr.css
Requested by
Host: console.truelayer.com
URL: https://console.truelayer.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
5aeb26a967da9872968235cb5f922a38dc91e42f843dd5dd015ea1874402753b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Tue, 02 Apr 2024 06:05:53 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
813
219.9fb1e714f8c2cb93587c.js
console.truelayer.com/ 		3 MB
1017 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://console.truelayer.com/219.9fb1e714f8c2cb93587c.js?286e590d085daabcbac5
Requested by
Host: console.truelayer.com
URL: https://console.truelayer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:180c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e27d98db4514439a8e782f770821f19becdfe8e2826375312e5c6bb3f5c6662
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.onetrust.com/ https://i.tl-al.com https://*.ingest.sentry.io https://console-backend.truelayer.com https://otel-api.truelayer.com https://console-backend.truelayer-sandbox.com https://auth.truelayer.com https://clients-api.truelayer.com https://users-api.truelayer.com https://signin.truelayer.com https://truelayer.eu.auth0.com https://*.zendesk.com https://*.zopim.com https://api.smooch.io wss://api.smooch.io https://t7r-comptroller-sandbox.s3.eu-west-1.amazonaws.com https://t7r-comptroller-production.s3.eu-west-1.amazonaws.com https://i.tl-al.com https://i.t7r-al.dev https://console-backend.t7r.co https://signin.truelayer.com https://signin.t7r.co https://signin.t7r.dev https://widget.intercom.io https://cdn.eu.auth0.com https://support.truelayer.com https://ekr.zdassets.com/ wss://widget-mediator.zopim.com https://static.zdassets.com https://api-eu.mixpanel.com https://decide.mixpanel.com https://cdn.mxpnl.com https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://nexus-long-poller-a.intercom.io https://nexus-long-poller-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://share.intercom.io https://intercom-sheets.com https://www.intercom-reporting.com https://fast.wistia.net https://share.intercom.io https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://cloudflareinsights.com; script-src 'self' blob: https://*.onetrust.com/ https://i.tl-al.com https://i.t7r-al.dev https://cdn.eu.auth0.com https://static.zdassets.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://api.smooch.io https://collection.passfort.com https://static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' https://use.typekit.net https://p.typekit.net https://fonts.googleapis.com/; font-src 'self' data https://truelayer-assets.truelayer.com https://use.typekit.net https://js.intercomcdn.com https://fonts.googleapis.com; frame-src https://login.truelayer.com/ https://payment.truelayer-sandbox.com/ https://pay.truelayer.com/ https://signin.truelayer.com/ https://truelayer.eu.auth0.com/ https://intercom-sheets.com https://signin.truelayer.com https://signin.t7r.co https://signin.t7r.dev https://collection.passfort.com; img-src * data: blob: https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://truelayer-public-assets.s3-eu-west-1.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com; object-src 'none'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 06:05:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' https://*.onetrust.com/ https://i.tl-al.com https://*.ingest.sentry.io https://console-backend.truelayer.com https://otel-api.truelayer.com https://console-backend.truelayer-sandbox.com https://auth.truelayer.com https://clients-api.truelayer.com https://users-api.truelayer.com https://signin.truelayer.com https://truelayer.eu.auth0.com https://*.zendesk.com https://*.zopim.com https://api.smooch.io wss://api.smooch.io https://t7r-comptroller-sandbox.s3.eu-west-1.amazonaws.com https://t7r-comptroller-production.s3.eu-west-1.amazonaws.com https://i.tl-al.com https://i.t7r-al.dev https://console-backend.t7r.co https://signin.truelayer.com https://signin.t7r.co https://signin.t7r.dev https://widget.intercom.io https://cdn.eu.auth0.com https://support.truelayer.com https://ekr.zdassets.com/ wss://widget-mediator.zopim.com https://static.zdassets.com https://api-eu.mixpanel.com https://decide.mixpanel.com https://cdn.mxpnl.com https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://nexus-long-poller-a.intercom.io https://nexus-long-poller-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://share.intercom.io https://intercom-sheets.com https://www.intercom-reporting.com https://fast.wistia.net https://share.intercom.io https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://cloudflareinsights.com; script-src 'self' blob: https://*.onetrust.com/ https://i.tl-al.com https://i.t7r-al.dev https://cdn.eu.auth0.com https://static.zdassets.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://api.smooch.io https://collection.passfort.com https://static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' https://use.typekit.net https://p.typekit.net https://fonts.googleapis.com/; font-src 'self' data https://truelayer-assets.truelayer.com https://use.typekit.net https://js.intercomcdn.com https://fonts.googleapis.com; frame-src https://login.truelayer.com/ https://payment.truelayer-sandbox.com/ https://pay.truelayer.com/ https://signin.truelayer.com/ https://truelayer.eu.auth0.com/ https://intercom-sheets.com https://signin.truelayer.com https://signin.t7r.co https://signin.t7r.dev https://collection.passfort.com; img-src * data: blob: https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://truelayer-public-assets.s3-eu-west-1.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com; object-src 'none'; frame-ancestors 'self';
cf-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Tue, 26 Mar 2024 16:49:04 GMT
server
cloudflare
etag
W/"6602fc80-3561c5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
86dea13ace0a1c6d-FRA
expires
Tue, 02 Apr 2024 10:05:53 GMT
main.659599511d23dc977160.js
console.truelayer.com/ 		1 MB
341 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://console.truelayer.com/main.659599511d23dc977160.js?286e590d085daabcbac5
Requested by
Host: console.truelayer.com
URL: https://console.truelayer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:180c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eb926994ac2fecf7f3bc9ac0cf617f562f49839899124ff3e7812fb7ad3d52c
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.onetrust.com/ https://i.tl-al.com https://*.ingest.sentry.io https://console-backend.truelayer.com https://otel-api.truelayer.com https://console-backend.truelayer-sandbox.com https://auth.truelayer.com https://clients-api.truelayer.com https://users-api.truelayer.com https://signin.truelayer.com https://truelayer.eu.auth0.com https://*.zendesk.com https://*.zopim.com https://api.smooch.io wss://api.smooch.io https://t7r-comptroller-sandbox.s3.eu-west-1.amazonaws.com https://t7r-comptroller-production.s3.eu-west-1.amazonaws.com https://i.tl-al.com https://i.t7r-al.dev https://console-backend.t7r.co https://signin.truelayer.com https://signin.t7r.co https://signin.t7r.dev https://widget.intercom.io https://cdn.eu.auth0.com https://support.truelayer.com https://ekr.zdassets.com/ wss://widget-mediator.zopim.com https://static.zdassets.com https://api-eu.mixpanel.com https://decide.mixpanel.com https://cdn.mxpnl.com https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://nexus-long-poller-a.intercom.io https://nexus-long-poller-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://share.intercom.io https://intercom-sheets.com https://www.intercom-reporting.com https://fast.wistia.net https://share.intercom.io https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://cloudflareinsights.com; script-src 'self' blob: https://*.onetrust.com/ https://i.tl-al.com https://i.t7r-al.dev https://cdn.eu.auth0.com https://static.zdassets.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://api.smooch.io https://collection.passfort.com https://static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' https://use.typekit.net https://p.typekit.net https://fonts.googleapis.com/; font-src 'self' data https://truelayer-assets.truelayer.com https://use.typekit.net https://js.intercomcdn.com https://fonts.googleapis.com; frame-src https://login.truelayer.com/ https://payment.truelayer-sandbox.com/ https://pay.truelayer.com/ https://signin.truelayer.com/ https://truelayer.eu.auth0.com/ https://intercom-sheets.com https://signin.truelayer.com https://signin.t7r.co https://signin.t7r.dev https://collection.passfort.com; img-src * data: blob: https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://truelayer-public-assets.s3-eu-west-1.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com; object-src 'none'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 06:05:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' https://*.onetrust.com/ https://i.tl-al.com https://*.ingest.sentry.io https://console-backend.truelayer.com https://otel-api.truelayer.com https://console-backend.truelayer-sandbox.com https://auth.truelayer.com https://clients-api.truelayer.com https://users-api.truelayer.com https://signin.truelayer.com https://truelayer.eu.auth0.com https://*.zendesk.com https://*.zopim.com https://api.smooch.io wss://api.smooch.io https://t7r-comptroller-sandbox.s3.eu-west-1.amazonaws.com https://t7r-comptroller-production.s3.eu-west-1.amazonaws.com https://i.tl-al.com https://i.t7r-al.dev https://console-backend.t7r.co https://signin.truelayer.com https://signin.t7r.co https://signin.t7r.dev https://widget.intercom.io https://cdn.eu.auth0.com https://support.truelayer.com https://ekr.zdassets.com/ wss://widget-mediator.zopim.com https://static.zdassets.com https://api-eu.mixpanel.com https://decide.mixpanel.com https://cdn.mxpnl.com https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://nexus-long-poller-a.intercom.io https://nexus-long-poller-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://share.intercom.io https://intercom-sheets.com https://www.intercom-reporting.com https://fast.wistia.net https://share.intercom.io https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://cloudflareinsights.com; script-src 'self' blob: https://*.onetrust.com/ https://i.tl-al.com https://i.t7r-al.dev https://cdn.eu.auth0.com https://static.zdassets.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://api.smooch.io https://collection.passfort.com https://static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' https://use.typekit.net https://p.typekit.net https://fonts.googleapis.com/; font-src 'self' data https://truelayer-assets.truelayer.com https://use.typekit.net https://js.intercomcdn.com https://fonts.googleapis.com; frame-src https://login.truelayer.com/ https://payment.truelayer-sandbox.com/ https://pay.truelayer.com/ https://signin.truelayer.com/ https://truelayer.eu.auth0.com/ https://intercom-sheets.com https://signin.truelayer.com https://signin.t7r.co https://signin.t7r.dev https://collection.passfort.com; img-src * data: blob: https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://truelayer-public-assets.s3-eu-west-1.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com; object-src 'none'; frame-ancestors 'self';
cf-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Tue, 26 Mar 2024 16:49:04 GMT
server
cloudflare
etag
W/"6602fc80-11924b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
86dea13ade161c6d-FRA
expires
Tue, 02 Apr 2024 10:05:53 GMT
main.87fd80213586ccd02fd5.css
console.truelayer.com/ 		22 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://console.truelayer.com/main.87fd80213586ccd02fd5.css?286e590d085daabcbac5
Requested by
Host: console.truelayer.com
URL: https://console.truelayer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:180c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
666191e6f1242bd11bbefa7eefff49445fa6c931ac5e212e6bce442c6a7bf46c
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.onetrust.com/ https://i.tl-al.com https://*.ingest.sentry.io https://console-backend.truelayer.com https://otel-api.truelayer.com https://console-backend.truelayer-sandbox.com https://auth.truelayer.com https://clients-api.truelayer.com https://users-api.truelayer.com https://signin.truelayer.com https://truelayer.eu.auth0.com https://*.zendesk.com https://*.zopim.com https://api.smooch.io wss://api.smooch.io https://t7r-comptroller-sandbox.s3.eu-west-1.amazonaws.com https://t7r-comptroller-production.s3.eu-west-1.amazonaws.com https://i.tl-al.com https://i.t7r-al.dev https://console-backend.t7r.co https://signin.truelayer.com https://signin.t7r.co https://signin.t7r.dev https://widget.intercom.io https://cdn.eu.auth0.com https://support.truelayer.com https://ekr.zdassets.com/ wss://widget-mediator.zopim.com https://static.zdassets.com https://api-eu.mixpanel.com https://decide.mixpanel.com https://cdn.mxpnl.com https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://nexus-long-poller-a.intercom.io https://nexus-long-poller-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://share.intercom.io https://intercom-sheets.com https://www.intercom-reporting.com https://fast.wistia.net https://share.intercom.io https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://cloudflareinsights.com; script-src 'self' blob: https://*.onetrust.com/ https://i.tl-al.com https://i.t7r-al.dev https://cdn.eu.auth0.com https://static.zdassets.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://api.smooch.io https://collection.passfort.com https://static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' https://use.typekit.net https://p.typekit.net https://fonts.googleapis.com/; font-src 'self' data https://truelayer-assets.truelayer.com https://use.typekit.net https://js.intercomcdn.com https://fonts.googleapis.com; frame-src https://login.truelayer.com/ https://payment.truelayer-sandbox.com/ https://pay.truelayer.com/ https://signin.truelayer.com/ https://truelayer.eu.auth0.com/ https://intercom-sheets.com https://signin.truelayer.com https://signin.t7r.co https://signin.t7r.dev https://collection.passfort.com; img-src * data: blob: https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://truelayer-public-assets.s3-eu-west-1.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com; object-src 'none'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 06:05:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' https://*.onetrust.com/ https://i.tl-al.com https://*.ingest.sentry.io https://console-backend.truelayer.com https://otel-api.truelayer.com https://console-backend.truelayer-sandbox.com https://auth.truelayer.com https://clients-api.truelayer.com https://users-api.truelayer.com https://signin.truelayer.com https://truelayer.eu.auth0.com https://*.zendesk.com https://*.zopim.com https://api.smooch.io wss://api.smooch.io https://t7r-comptroller-sandbox.s3.eu-west-1.amazonaws.com https://t7r-comptroller-production.s3.eu-west-1.amazonaws.com https://i.tl-al.com https://i.t7r-al.dev https://console-backend.t7r.co https://signin.truelayer.com https://signin.t7r.co https://signin.t7r.dev https://widget.intercom.io https://cdn.eu.auth0.com https://support.truelayer.com https://ekr.zdassets.com/ wss://widget-mediator.zopim.com https://static.zdassets.com https://api-eu.mixpanel.com https://decide.mixpanel.com https://cdn.mxpnl.com https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://nexus-long-poller-a.intercom.io https://nexus-long-poller-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://share.intercom.io https://intercom-sheets.com https://www.intercom-reporting.com https://fast.wistia.net https://share.intercom.io https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://cloudflareinsights.com; script-src 'self' blob: https://*.onetrust.com/ https://i.tl-al.com https://i.t7r-al.dev https://cdn.eu.auth0.com https://static.zdassets.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://api.smooch.io https://collection.passfort.com https://static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' https://use.typekit.net https://p.typekit.net https://fonts.googleapis.com/; font-src 'self' data https://truelayer-assets.truelayer.com https://use.typekit.net https://js.intercomcdn.com https://fonts.googleapis.com; frame-src https://login.truelayer.com/ https://payment.truelayer-sandbox.com/ https://pay.truelayer.com/ https://signin.truelayer.com/ https://truelayer.eu.auth0.com/ https://intercom-sheets.com https://signin.truelayer.com https://signin.t7r.co https://signin.t7r.dev https://collection.passfort.com; img-src * data: blob: https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://truelayer-public-assets.s3-eu-west-1.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com; object-src 'none'; frame-ancestors 'self';
cf-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Tue, 26 Mar 2024 16:49:04 GMT
server
cloudflare
etag
W/"6602fc80-57c9"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
cf-ray
86dea13abe071c6d-FRA
expires
Tue, 02 Apr 2024 10:05:53 GMT
env-config.js
console.truelayer.com/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://console.truelayer.com/env-config.js
Requested by
Host: console.truelayer.com
URL: https://console.truelayer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:180c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b380f0853d4323dd4a02325691d06c7464fbbeee9ba69a23eeac7d436862ea4
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.onetrust.com/ https://i.tl-al.com https://*.ingest.sentry.io https://console-backend.truelayer.com https://otel-api.truelayer.com https://console-backend.truelayer-sandbox.com https://auth.truelayer.com https://clients-api.truelayer.com https://users-api.truelayer.com https://signin.truelayer.com https://truelayer.eu.auth0.com https://*.zendesk.com https://*.zopim.com https://api.smooch.io wss://api.smooch.io https://t7r-comptroller-sandbox.s3.eu-west-1.amazonaws.com https://t7r-comptroller-production.s3.eu-west-1.amazonaws.com https://i.tl-al.com https://i.t7r-al.dev https://console-backend.t7r.co https://signin.truelayer.com https://signin.t7r.co https://signin.t7r.dev https://widget.intercom.io https://cdn.eu.auth0.com https://support.truelayer.com https://ekr.zdassets.com/ wss://widget-mediator.zopim.com https://static.zdassets.com https://api-eu.mixpanel.com https://decide.mixpanel.com https://cdn.mxpnl.com https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://nexus-long-poller-a.intercom.io https://nexus-long-poller-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://share.intercom.io https://intercom-sheets.com https://www.intercom-reporting.com https://fast.wistia.net https://share.intercom.io https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://cloudflareinsights.com; script-src 'self' blob: https://*.onetrust.com/ https://i.tl-al.com https://i.t7r-al.dev https://cdn.eu.auth0.com https://static.zdassets.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://api.smooch.io https://collection.passfort.com https://static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' https://use.typekit.net https://p.typekit.net https://fonts.googleapis.com/; font-src 'self' data https://truelayer-assets.truelayer.com https://use.typekit.net https://js.intercomcdn.com https://fonts.googleapis.com; frame-src https://login.truelayer.com/ https://payment.truelayer-sandbox.com/ https://pay.truelayer.com/ https://signin.truelayer.com/ https://truelayer.eu.auth0.com/ https://intercom-sheets.com https://signin.truelayer.com https://signin.t7r.co https://signin.t7r.dev https://collection.passfort.com; img-src * data: blob: https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://truelayer-public-assets.s3-eu-west-1.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com; object-src 'none'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 06:05:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' https://*.onetrust.com/ https://i.tl-al.com https://*.ingest.sentry.io https://console-backend.truelayer.com https://otel-api.truelayer.com https://console-backend.truelayer-sandbox.com https://auth.truelayer.com https://clients-api.truelayer.com https://users-api.truelayer.com https://signin.truelayer.com https://truelayer.eu.auth0.com https://*.zendesk.com https://*.zopim.com https://api.smooch.io wss://api.smooch.io https://t7r-comptroller-sandbox.s3.eu-west-1.amazonaws.com https://t7r-comptroller-production.s3.eu-west-1.amazonaws.com https://i.tl-al.com https://i.t7r-al.dev https://console-backend.t7r.co https://signin.truelayer.com https://signin.t7r.co https://signin.t7r.dev https://widget.intercom.io https://cdn.eu.auth0.com https://support.truelayer.com https://ekr.zdassets.com/ wss://widget-mediator.zopim.com https://static.zdassets.com https://api-eu.mixpanel.com https://decide.mixpanel.com https://cdn.mxpnl.com https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://nexus-long-poller-a.intercom.io https://nexus-long-poller-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://share.intercom.io https://intercom-sheets.com https://www.intercom-reporting.com https://fast.wistia.net https://share.intercom.io https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://cloudflareinsights.com; script-src 'self' blob: https://*.onetrust.com/ https://i.tl-al.com https://i.t7r-al.dev https://cdn.eu.auth0.com https://static.zdassets.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://api.smooch.io https://collection.passfort.com https://static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' https://use.typekit.net https://p.typekit.net https://fonts.googleapis.com/; font-src 'self' data https://truelayer-assets.truelayer.com https://use.typekit.net https://js.intercomcdn.com https://fonts.googleapis.com; frame-src https://login.truelayer.com/ https://payment.truelayer-sandbox.com/ https://pay.truelayer.com/ https://signin.truelayer.com/ https://truelayer.eu.auth0.com/ https://intercom-sheets.com https://signin.truelayer.com https://signin.t7r.co https://signin.t7r.dev https://collection.passfort.com; img-src * data: blob: https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://truelayer-public-assets.s3-eu-west-1.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com; object-src 'none'; frame-ancestors 'self';
cf-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Mon, 01 Apr 2024 20:40:08 GMT
server
cloudflare
etag
W/"660b1ba8-97a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
86dea13abe081c6d-FRA
expires
Tue, 02 Apr 2024 10:05:53 GMT
p.css
p.typekit.net/ 		5 B
172 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=vab5wxr&ht=tk&f=139.140.171.172.175.176&a=6413548&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/vab5wxr.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 06:05:53 GMT
last-modified
Fri, 23 Jun 2023 17:09:47 GMT
server
nginx
etag
"6495d1db-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
logger-1.min.js
i.tl-al.com/lr/ 		833 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.tl-al.com/lr/logger-1.min.js
Requested by
Host: console.truelayer.com
URL: https://console.truelayer.com/219.9fb1e714f8c2cb93587c.js?286e590d085daabcbac5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1b02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
1
date
Tue, 02 Apr 2024 06:05:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3645
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
x-served-by
cache-dub4357-DUB
last-modified
Mon, 01 Apr 2024 21:30:28 GMT
server
cloudflare
x-timer
S1712012961.902753,VS0,VE1
etag
W/"027e00c5aa394fa8ef545c1826604251ff0088cb3d35e0e8818d203e33eeb2bb-br"
vary
x-fh-requested-host, accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t4HlClhOJ3ujE25U%2FpJh3Tx4Wi3WKenKNKzhJyr5NoZLl2A13%2BHLodYQgyIqdV2e2bztTXherMEc5JtlOcQ90QCqvmwTt2wB1hjoIB%2BL3ctGL8jnVe8fgfNbQsojvD47mwa0GeQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
86dea13e48919f40-FRA
expires
Tue, 02 Apr 2024 10:05:54 GMT
/
o268643.ingest.sentry.io/api/5532469/envelope/ 		2 B
299 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o268643.ingest.sentry.io/api/5532469/envelope/?sentry_key=c77fdd7be3ef42e984f09afdecd080dc&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.49.0
Requested by
Host: console.truelayer.com
URL: https://console.truelayer.com/219.9fb1e714f8c2cb93587c.js?286e590d085daabcbac5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://console.truelayer.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 02 Apr 2024 06:05:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
snippet.js
static.zdassets.com/ekr/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/snippet.js?key=e2311b25-2051-422d-929e-7eaa643f8b68
Requested by
Host: console.truelayer.com
URL: https://console.truelayer.com/main.659599511d23dc977160.js?286e590d085daabcbac5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 06:05:54 GMT
x-amz-version-id
sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
FP55XB5VFRXR2JJV
age
37
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
Bb/sLb3GNygsC2XL8RUYzNHCDmFtTSK9Wp9i9Q7fP2A7lgbVVDGHyXL9Rv1DCP3ZNWR4nJjWZUcfj/t+UuCPtg==
last-modified
Mon, 15 Jan 2024 02:56:11 GMT
server
cloudflare
etag
W/"c0053b411b753138af468db1bd3b19f3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TCtTct3h9dOdGsXFzbd5vbG1tzG4Vb9K0JjAZq5jzBX8FxCkuPYKdDvNslIsGa3BsjNIgqWcRvOuqWAvmkicpQNt6qsQzK8sDvf3Cc%2BeOvuW4NkqxJnfxbYLsu9B4kEEiRbkf0M%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=3600, s-maxage=60
access-control-max-age
0
cf-ray
86dea13f0938bf7b-WAW
access-control-allow-headers
*
beacon.min.js
static.cloudflareinsights.com/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: console.truelayer.com
URL: https://console.truelayer.com/219.9fb1e714f8c2cb93587c.js?286e590d085daabcbac5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 06:05:54 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
86dea13f3d3918ef-FRA
otSDKStub.js
cdn-ukwest.onetrust.com/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Requested by
Host: console.truelayer.com
URL: https://console.truelayer.com/219.9fb1e714f8c2cb93587c.js?286e590d085daabcbac5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Apr 2024 06:05:54 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
/RTAD1TAPuPWblD15GN1pg==
age
55524
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6842
x-ms-lease-status
unlocked
last-modified
Wed, 13 Mar 2024 22:17:20 GMT
server
cloudflare
etag
0x8DC43AB59EB7B5F
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
15526285-201e-005c-709d-7bd562000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
86dea13f4b545d80-FRA
expires
Wed, 03 Apr 2024 06:05:54 GMT
/
o268643.ingest.sentry.io/api/5532469/envelope/ 		2 B
56 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o268643.ingest.sentry.io/api/5532469/envelope/?sentry_key=c77fdd7be3ef42e984f09afdecd080dc&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.49.0
Requested by
Host: console.truelayer.com
URL: https://console.truelayer.com/219.9fb1e714f8c2cb93587c.js?286e590d085daabcbac5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://console.truelayer.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 02 Apr 2024 06:05:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
/
o268643.ingest.sentry.io/api/5532469/envelope/ 		41 B
98 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o268643.ingest.sentry.io/api/5532469/envelope/?sentry_key=c77fdd7be3ef42e984f09afdecd080dc&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.49.0
Requested by
Host: console.truelayer.com
URL: https://console.truelayer.com/219.9fb1e714f8c2cb93587c.js?286e590d085daabcbac5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://console.truelayer.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 02 Apr 2024 06:05:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41
/
i.tl-al.com/mp//track/ 		1 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.tl-al.com/mp//track/?ip=1&_=1712037954402
Requested by
Host: console.truelayer.com
URL: https://console.truelayer.com/219.9fb1e714f8c2cb93587c.js?286e590d085daabcbac5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1b02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Apr 2024 06:05:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-envoy-upstream-service-time
45
content-length
1
server
cloudflare
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://console.truelayer.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
86dea13f294d9f40-FRA
access-control-allow-headers
X-Requested-With
Primary Request identifier
signin.truelayer.com/u/login/
Redirect Chain
  • https://signin.truelayer.com/authorize?client_id=2UN27vb2OG8jzADXEhFdxNUGcv7WkLzQ&scope=openid+profile+email&redirect_uri=https%3A%2F%2Fconsole.truelayer.com&audience=https%3A%2F%2Fsignin.truelayer...
  • https://signin.truelayer.com/u/login/identifier?state=hKFo2SB4RHUwUVE2MnBCV2dtdVk0R2s2NzluMzg1N01xZjNhV6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIE1pbC15MUZhai0xQ1V3ZGY5SnhYNzA1TURSbUdaaGJNo2NpZNkgMlVOMjd2YjJ...
37 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://signin.truelayer.com/u/login/identifier?state=hKFo2SB4RHUwUVE2MnBCV2dtdVk0R2s2NzluMzg1N01xZjNhV6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIE1pbC15MUZhai0xQ1V3ZGY5SnhYNzA1TURSbUdaaGJNo2NpZNkgMlVOMjd2YjJPRzhqekFEWEVoRmR4TlVHY3Y3V2tMelE
Requested by
Host: console.truelayer.com
URL: https://console.truelayer.com/219.9fb1e714f8c2cb93587c.js?286e590d085daabcbac5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c9ce3f58df8334b8a0d46905a6abc93bb6d146740dcef9577601b214a7815bb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://console.truelayer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
86dea1417b911907-FRA
content-language
en
content-security-policy
frame-ancestors 'none'
content-type
text/html; charset=utf-8
date
Tue, 02 Apr 2024 06:05:55 GMT
etag
W/"9325-xo/yDiLfl7IHEpHQlPRuh/XXzV8"
expires
Tue, 02 Apr 2024 06:05:54 GMT
pragma
no-cache
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-auth0-dl
127
x-auth0-requestid
51a6ebc24afa3c1fd055
x-content-type-options
nosniff
x-frame-options
deny
x-ratelimit-limit
20
x-ratelimit-remaining
19
x-ratelimit-reset
1712037961
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
86dea13fda601907-FRA
content-length
446
content-type
text/html; charset=utf-8
date
Tue, 02 Apr 2024 06:05:54 GMT
location
/u/login/identifier?state=hKFo2SB4RHUwUVE2MnBCV2dtdVk0R2s2NzluMzg1N01xZjNhV6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIE1pbC15MUZhai0xQ1V3ZGY5SnhYNzA1TURSbUdaaGJNo2NpZNkgMlVOMjd2YjJPRzhqekFEWEVoRmR4TlVHY3Y3V2tMelE
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept, Accept-Encoding
x-auth0-requestid
e6daa5d3f5cc9881ee34
x-content-type-options
nosniff
x-ratelimit-limit
300
x-ratelimit-remaining
299
x-ratelimit-reset
1712037955
19a1de82-387b-470f-beaa-a9ea3598a6d3
https://console.truelayer.com/ 		463 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://console.truelayer.com/19a1de82-387b-470f-beaa-a9ea3598a6d3
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length
474428
Content-Type
e2311b25-2051-422d-929e-7eaa643f8b68
ekr.zdassets.com/compose/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/e2311b25-2051-422d-929e-7eaa643f8b68
Requested by
Host: console.truelayer.com
URL: https://console.truelayer.com/219.9fb1e714f8c2cb93587c.js?286e590d085daabcbac5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 06:05:54 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-encoding
br
cdn-cache-control
max-age=60
x-xss-protection
1; mode=block
x-request-id
86b6d2968edbf3dd-SEA, 86b6d2968edbf3dd-SEA
x-runtime
0.008988
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"30e19c3c2f2d19f8dea3b651589cf639"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tLmLVpbpy78%2BARtV%2FBtTDfQmR8Op613cW294bZlj2zVuAF04hpKQS4tXv9uZLHGyOB%2Bb3FTH%2FoDj2XxSpq6SX5PRiashevxNi8CMmlv2uKqMyoDhIuxP2mKJ3zgpM8XOKrw%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary
Accept, Origin, Accept-Encoding
cache-control
max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type
application/json; charset=utf-8
x-zendesk-zorg
yes
cf-ray
86dea1400a17348e-WAW
c858b4ca-e433-4f05-9903-caa04125de40.json
cdn-ukwest.onetrust.com/consent/c858b4ca-e433-4f05-9903-caa04125de40/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/consent/c858b4ca-e433-4f05-9903-caa04125de40/c858b4ca-e433-4f05-9903-caa04125de40.json
Requested by
Host: console.truelayer.com
URL: https://console.truelayer.com/219.9fb1e714f8c2cb93587c.js?286e590d085daabcbac5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Apr 2024 06:05:54 GMT
content-encoding
gzip
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
3641
content-md5
UbhozO97ZE1wbpxhvgxKqw==
content-length
1671
x-ms-lease-status
unlocked
last-modified
Wed, 12 Apr 2023 10:11:10 GMT
server
cloudflare
etag
0x8DB3B3E3D018684
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
1a325942-d01e-002f-02d4-7aa5a1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
86dea1403b736916-FRA
rum
cloudflareinsights.com/cdn-cgi/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://console.truelayer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://console.truelayer.com
access-control-max-age
86400
cf-ray
86dea1406ac43825-FRA
content-encoding
gzip
content-type
text/plain
date
Tue, 02 Apr 2024 06:05:54 GMT
server
cloudflare
vary
Origin
x-content-type-options
nosniff
x-frame-options
DENY
rum
cloudflareinsights.com/cdn-cgi/ 		0
37 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Requested by
Host: console.truelayer.com
URL: https://console.truelayer.com/219.9fb1e714f8c2cb93587c.js?286e590d085daabcbac5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Tue, 02 Apr 2024 06:05:54 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://console.truelayer.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
86dea140aadf3825-FRA
authorize
signin.truelayer.com/ Frame 6729 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://signin.truelayer.com/authorize?client_id=2UN27vb2OG8jzADXEhFdxNUGcv7WkLzQ&scope=openid+profile+email&redirect_uri=https%3A%2F%2Fconsole.truelayer.com&audience=https%3A%2F%2Fsignin.truelayer.com%2Fapi%2Fv2%2F&prompt=none&response_type=code&response_mode=web_message&state=bWRONDVqRDZTaEhKc1VsVjdPcm4zOFcxTFJVa0xLMGRNSm1qNzVEMExQfg%3D%3D&nonce=RnQtSFlXa2EuMzF1bTFyNi5HRDk4Rm1zZ1oyYmFQdDZhYzNpbVpxSy10aw%3D%3D&code_challenge=UYyHk16JdwrPMncyRnkWEZrB-5j4X8Ij7v5dDfQduBQ&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjEifQ%3D%3D
Requested by
Host: console.truelayer.com
URL: https://console.truelayer.com/219.9fb1e714f8c2cb93587c.js?286e590d085daabcbac5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
86dea13fda641907-FRA
content-encoding
br
content-type
text/html;charset=UTF-8
date
Tue, 02 Apr 2024 06:05:54 GMT
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-auth0-requestid
4243dac098168d407a44
x-content-type-options
nosniff
x-ratelimit-limit
300
x-ratelimit-remaining
299
x-ratelimit-reset
1712037955
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		59 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: console.truelayer.com
URL: https://console.truelayer.com/219.9fb1e714f8c2cb93587c.js?286e590d085daabcbac5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept
application/json
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 06:05:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
86dea140bbc36916-FRA
access-control-allow-headers
Content-Type
otBannerSdk.js
cdn-ukwest.onetrust.com/scripttemplates/6.39.0/ 		372 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/6.39.0/otBannerSdk.js
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Apr 2024 06:05:54 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
Zp/CcrZmK7hQ2S6c/t9Tpw==
age
55453
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
90454
x-ms-lease-status
unlocked
last-modified
Tue, 02 Aug 2022 20:24:21 GMT
server
cloudflare
etag
0x8DA74C4FB9CEAF2
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
7057fce5-801e-0015-73d4-7ae602000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
86dea1410c8a5d80-FRA
expires
Wed, 03 Apr 2024 06:05:54 GMT
web-widget-main-4f08213.js
static.zdassets.com/web_widget/messenger/latest/ Frame E219 		450 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4f08213.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=e2311b25-2051-422d-929e-7eaa643f8b68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 06:05:54 GMT
x-amz-version-id
0zGpVHKkrJOQww9XiUPNyKZ3IyglceWx
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
JYEGB9M4NV4X5CRK
age
417432
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
+8ho+arGqKjvsqN0vkIKrxo5DBYRSahZO9sPd9A92pOi4usW04fJjYYE+jOZBKLayJ5J1GXjcgpVrFrpoGa2pg==
last-modified
Tue, 26 Mar 2024 03:24:48 GMT
server
cloudflare
etag
W/"2feb6e5031e23bd9157503a402ea6035"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rRKbHWx2xoMaepU3%2F8X%2F9q5UkNcspVJ%2BK9G%2FJtrgVetooQk2rZKPjFJAbsLP3wZtxsWaNchknVy0m%2BBhyQTtVdGNVqihy41zEQQpn%2BdhcKxrrh3iRJxL2AP%2FmFQhkgLP7tq2aqo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
86dea1419b69bf7b-WAW
access-control-allow-headers
*
expires
Wed, 26 Mar 2025 03:24:46 GMT
en.json
cdn-ukwest.onetrust.com/consent/c858b4ca-e433-4f05-9903-caa04125de40/9f13ae68-2649-469a-a887-371008bce1f5/ 		42 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/consent/c858b4ca-e433-4f05-9903-caa04125de40/9f13ae68-2649-469a-a887-371008bce1f5/en.json
Requested by
Host: console.truelayer.com
URL: https://console.truelayer.com/219.9fb1e714f8c2cb93587c.js?286e590d085daabcbac5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Apr 2024 06:05:54 GMT
content-encoding
gzip
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1911
content-md5
SY8ZXGwI8THJIRp8wuT/Hw==
content-length
9985
x-ms-lease-status
unlocked
last-modified
Wed, 12 Apr 2023 10:11:10 GMT
server
cloudflare
etag
0x8DB3B3E3D16E17C
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
edb563f8-601e-0013-401e-7c73ff000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
86dea141cc6b6916-FRA
authorize
signin.truelayer.com/ Frame 930A 		1 KB
615 B 		Document
General
Check archive.org
Download Go to
Full URL
https://signin.truelayer.com/authorize?client_id=2UN27vb2OG8jzADXEhFdxNUGcv7WkLzQ&scope=openid+profile+email&redirect_uri=https%3A%2F%2Fconsole.truelayer.com&audience=https%3A%2F%2Fsignin.truelayer.com%2Fapi%2Fv2%2F&prompt=none&response_type=code&response_mode=web_message&state=T0UzQXZDMUozWS5VWTNFUkFpMzNmbHIxVFo1WEpqMWFOT1MzRWNWYVYxMQ%3D%3D&nonce=VW15STVxN2JIaThYYnM5aDdvSkZfNjlEVTBQczA0S0MyWjRhNjVyNi5ERA%3D%3D&code_challenge=96B905qNSpWRSgQN0EpmDa82QpyGu_JRd3y_BLU3Sls&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjEifQ%3D%3D
Requested by
Host: console.truelayer.com
URL: https://console.truelayer.com/219.9fb1e714f8c2cb93587c.js?286e590d085daabcbac5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
86dea141dbef1907-FRA
content-encoding
br
content-type
text/html;charset=UTF-8
date
Tue, 02 Apr 2024 06:05:54 GMT
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-auth0-requestid
c4ac9f895aaa7d12e229
x-content-type-options
nosniff
x-ratelimit-limit
300
x-ratelimit-remaining
299
x-ratelimit-reset
1712037955
otFlat.json
cdn-ukwest.onetrust.com/scripttemplates/6.39.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/6.39.0/assets/otFlat.json
Requested by
Host: console.truelayer.com
URL: https://console.truelayer.com/219.9fb1e714f8c2cb93587c.js?286e590d085daabcbac5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Apr 2024 06:05:54 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
Xx897lTVYGjMQiwuGCrzDA==
age
82410
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3007
x-ms-lease-status
unlocked
last-modified
Tue, 02 Aug 2022 20:24:08 GMT
server
cloudflare
etag
0x8DA74C4F43E52FB
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
590d8fe8-801e-0051-0dd4-7a3a6e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
86dea1424cb76916-FRA
expires
Wed, 03 Apr 2024 06:05:54 GMT
otPcCenter.json
cdn-ukwest.onetrust.com/scripttemplates/6.39.0/assets/v2/ 		62 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/6.39.0/assets/v2/otPcCenter.json
Requested by
Host: console.truelayer.com
URL: https://console.truelayer.com/219.9fb1e714f8c2cb93587c.js?286e590d085daabcbac5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Apr 2024 06:05:54 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
444ho/eGhWdN7ej7RCW2zw==
age
82410
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
13253
x-ms-lease-status
unlocked
last-modified
Tue, 02 Aug 2022 20:24:11 GMT
server
cloudflare
etag
0x8DA74C4F5CB3A8A
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
a0ebe124-601e-0050-67d4-7a3b93000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
86dea1424cb86916-FRA
expires
Wed, 03 Apr 2024 06:05:54 GMT
otCommonStyles.css
cdn-ukwest.onetrust.com/scripttemplates/6.39.0/assets/ 		22 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/6.39.0/assets/otCommonStyles.css
Requested by
Host: console.truelayer.com
URL: https://console.truelayer.com/219.9fb1e714f8c2cb93587c.js?286e590d085daabcbac5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Apr 2024 06:05:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
content-md5
B55i3ZY9miZIaUrwjufy0w==
age
82410
x-ms-lease-status
unlocked
last-modified
Tue, 02 Aug 2022 20:24:30 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
86ce0cb3-f01e-001a-62d4-7a0bf4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
86dea1424cb96916-FRA
expires
Wed, 03 Apr 2024 06:05:54 GMT
l
use.typekit.net/af/705e94/00000000000000003b9b3062/27/ 		0
0
TrueLayer-LOGO-truecolor-transp-horizontal.png
cdn-ukwest.onetrust.com/logos/3a3f34be-27cc-40cd-bc44-2cdc9b4819ab/b1c626c1-a9e4-4a22-8f2c-63a6da14d486/2ce606dc-1911-4b4e-92f4-f28114b8a445/ 		63 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-ukwest.onetrust.com/logos/3a3f34be-27cc-40cd-bc44-2cdc9b4819ab/b1c626c1-a9e4-4a22-8f2c-63a6da14d486/2ce606dc-1911-4b4e-92f4-f28114b8a445/TrueLayer-LOGO-truecolor-transp-horizontal.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Apr 2024 06:05:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
content-md5
2VbGCtcIIyxU68XsqcHlbg==
age
21626
content-length
80396
x-ms-lease-status
unlocked
last-modified
Fri, 08 Jan 2021 14:57:52 GMT
server
cloudflare
etag
0x8D8B3E5C6183D63
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
cef4390d-501e-001c-3ad4-7afc8c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
86dea142cd725d80-FRA
expires
Wed, 03 Apr 2024 06:05:55 GMT
powered_by_logo.svg
cdn-ukwest.onetrust.com/logos/static/ 		0
0
en-us-json-4f08213.js
static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/ Frame E219 		0
0
web-widget-84852-4f08213.js
static.zdassets.com/web_widget/messenger/latest/ Frame E219 		0
0
web-widget-79806-4f08213.js
static.zdassets.com/web_widget/messenger/latest/ Frame E219 		0
0
web-widget-92795-4f08213.js
static.zdassets.com/web_widget/messenger/latest/ Frame E219 		0
0
web-widget-15178-4f08213.js
static.zdassets.com/web_widget/messenger/latest/ Frame E219 		0
0
web-widget-59535-4f08213.js
static.zdassets.com/web_widget/messenger/latest/ Frame E219 		0
0
/
o268643.ingest.sentry.io/api/5532469/envelope/ 		0
0
rum
cloudflareinsights.com/cdn-cgi/ 		0
0
d
use.typekit.net/af/705e94/00000000000000003b9b3062/27/ 		0
0
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.0/css/ 		56 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.0/css/all.min.css
Requested by
Host: signin.truelayer.com
URL: https://signin.truelayer.com/u/login/identifier?state=hKFo2SB4RHUwUVE2MnBCV2dtdVk0R2s2NzluMzg1N01xZjNhV6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIE1pbC15MUZhai0xQ1V3ZGY5SnhYNzA1TURSbUdaaGJNo2NpZNkgMlVOMjd2YjJPRzhqekFEWEVoRmR4TlVHY3Y3V2tMelE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ae483e96b22708fa8261a54827b6265e207160d15cf49981eb111229d3bf505
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Origin
https://signin.truelayer.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 06:05:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
993474
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10022
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-de0a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Io0q%2FpZD0Pys20WTGKBHXpMTO3aB2qQUnqQiG5X5%2Fkj%2FdQ1BKmutkJrA46wOV6OhqxCbw7EILy%2FBmscPcb7zO8s0UvuinXWEWK240kxq8xC5AMIk23q%2BJGFRzkXOC86kYQxdoeBO"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
86dea143ad265d3c-FRA
expires
Sun, 23 Mar 2025 06:05:55 GMT
auth0-background.png
truelayer-assets.truelayer.com/truelayer-auth0/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://truelayer-assets.truelayer.com/truelayer-auth0/auth0-background.png
Requested by
Host: signin.truelayer.com
URL: https://signin.truelayer.com/u/login/identifier?state=hKFo2SB4RHUwUVE2MnBCV2dtdVk0R2s2NzluMzg1N01xZjNhV6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIE1pbC15MUZhai0xQ1V3ZGY5SnhYNzA1TURSbUdaaGJNo2NpZNkgMlVOMjd2YjJPRzhqekFEWEVoRmR4TlVHY3Y3V2tMelE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:180c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f3e05775beb7886a835ad7d0a6ac0caef979e78490424bb9a543d4a09312409
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 06:05:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1907
content-length
2072434
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"d21a4697cdfa0fc8ae3dad97956425c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jFZ6gIxEiZAV1%2FrGBDTRtPHNP0o2Thqtm3CuXaIQ6%2FMtBXzdXmLCZXwOsDIBYVrSMHzlsmF7J45H2QyhD242Aw43PycjcdmLx1Oxj%2BLCYV9KlRH6Gb8t7hp5jynS4uYFQun2uxxQN8ibVsQMHVEcH8w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
86dea143febdbb62-FRA
expires
Tue, 02 Apr 2024 10:05:55 GMT
main.cdn.min.css
cdn.auth0.com/ulp/react-components/1.87.4/css/ 		272 KB
63 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/ulp/react-components/1.87.4/css/main.cdn.min.css
Requested by
Host: signin.truelayer.com
URL: https://signin.truelayer.com/u/login/identifier?state=hKFo2SB4RHUwUVE2MnBCV2dtdVk0R2s2NzluMzg1N01xZjNhV6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIE1pbC15MUZhai0xQ1V3ZGY5SnhYNzA1TURSbUdaaGJNo2NpZNkgMlVOMjd2YjJPRzhqekFEWEVoRmR4TlVHY3Y3V2tMelE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2359:2600:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
40db496b666bc587f8159cca9f8ff43b1c83d8ef1d7b3438a5056480ece8a125
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
1tUZ2hbU4Y2ULW91Rsg26QsTE78M3mcV
content-encoding
gzip
via
1.1 192147d605f496db0417cf30a0012092.cloudfront.net (CloudFront)
date
Mon, 01 Apr 2024 07:30:43 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-cf-pop
FRA60-P10
age
81313
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
last-modified
Tue, 19 Mar 2024 12:47:33 GMT
server
AmazonS3
etag
W/"f13bbbda75559ca0f00deb30cf7d838e"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400
x-robots-tag
noindex
x-amz-cf-id
HCaUd9xbPtKbh4HPdd7vdZsM5X31WYh_VqtRqsVyJBoukKuaZkWvpQ==
tl-yellow.svg
truelayer-public-assets.s3-eu-west-1.amazonaws.com/logo/mark/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://truelayer-public-assets.s3-eu-west-1.amazonaws.com/logo/mark/tl-yellow.svg
Requested by
Host: signin.truelayer.com
URL: https://signin.truelayer.com/u/login/identifier?state=hKFo2SB4RHUwUVE2MnBCV2dtdVk0R2s2NzluMzg1N01xZjNhV6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIE1pbC15MUZhai0xQ1V3ZGY5SnhYNzA1TURSbUdaaGJNo2NpZNkgMlVOMjd2YjJPRzhqekFEWEVoRmR4TlVHY3Y3V2tMelE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.0.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
77e60dd622940e92853a4db48aeee8e712dd3f8566d801faff33dc19a1d2bb2f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 02 Apr 2024 06:05:56 GMT
x-amz-version-id
6fInhkk9TLoqkpsPI.MIZB4YiRx0AsSG
Last-Modified
Tue, 20 Jun 2023 10:30:57 GMT
Server
AmazonS3
x-amz-request-id
V297ZN5AKHNG4WGC
ETag
"b435c59067c04115c8c69b766020aab5"
x-amz-server-side-encryption
AES256
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
1416
x-amz-id-2
zFgdpaCH7364E7NTLjVyUYp/brgyAmE9Xw61MaGl9dh5/mVNm6Pq86bu6iNTrVj+UOfzw+B7Jt0=
rum
cloudflareinsights.com/cdn-cgi/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://console.truelayer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://console.truelayer.com
access-control-max-age
86400
cf-ray
86dea1436d083825-FRA
content-encoding
gzip
content-type
text/plain
date
Tue, 02 Apr 2024 06:05:55 GMT
server
cloudflare
vary
Origin
x-content-type-options
nosniff
x-frame-options
DENY
tl-black.svg
truelayer-public-assets.s3-eu-west-1.amazonaws.com/logo/mark/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://truelayer-public-assets.s3-eu-west-1.amazonaws.com/logo/mark/tl-black.svg
Requested by
Host: signin.truelayer.com
URL: https://signin.truelayer.com/u/login/identifier?state=hKFo2SB4RHUwUVE2MnBCV2dtdVk0R2s2NzluMzg1N01xZjNhV6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIE1pbC15MUZhai0xQ1V3ZGY5SnhYNzA1TURSbUdaaGJNo2NpZNkgMlVOMjd2YjJPRzhqekFEWEVoRmR4TlVHY3Y3V2tMelE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.0.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
77e60dd622940e92853a4db48aeee8e712dd3f8566d801faff33dc19a1d2bb2f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://signin.truelayer.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 02 Apr 2024 06:05:56 GMT
x-amz-version-id
tSinOFqHrS1rwhE9UqXnT9g4Q3yyqw.h
Last-Modified
Tue, 20 Jun 2023 10:30:50 GMT
Server
AmazonS3
x-amz-request-id
V29B7FZMEYB6DHC0
ETag
"b435c59067c04115c8c69b766020aab5"
x-amz-server-side-encryption
AES256
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
1416
x-amz-id-2
1fWvLALCWnT6KX8N3TqBAXep8C6U5bRrTEhzpr5eEnRmrpbdP6NMXbocgF43iuVel1XAc0e4jLI=
truncated
/ 		688 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fd0c91dae3964654557348546b167581cdac13a2e00555b3c5b73e0981d4b165

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		829 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
398694b37a019361e5ef43115595c5ef1612104be4bd5341e5096f33a787d9ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.0/webfonts/ 		74 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.0/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.0/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b66d17c9e92ceca4906b7944b0ce1410f95fb8c056aa29261b478504608b329
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.0/css/all.min.css
Origin
https://signin.truelayer.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 06:05:55 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1675204
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
75736
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-127d8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n4RXdp4WjOnnmin5LFnicyN1Wyw5txfZXKwLCjE5GODaCHNcaCpBNjUHtarOiG54UrPvPS4h85OfpXVHF%2FVkXpZ0WANnMOI06NzYecJMTdJQdSPoHtQHksDao7TCP0uf%2FGKWKtd%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
86dea144be495d3c-FRA
expires
Sun, 23 Mar 2025 06:05:55 GMT
favicon.ico
signin.truelayer.com/ 		9 B
500 B 		Other
General
Check archive.org
Download Go to
Full URL
https://signin.truelayer.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.153.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://signin.truelayer.com/u/login/identifier?state=hKFo2SB4RHUwUVE2MnBCV2dtdVk0R2s2NzluMzg1N01xZjNhV6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIE1pbC15MUZhai0xQ1V3ZGY5SnhYNzA1TURSbUdaaGJNo2NpZNkgMlVOMjd2YjJPRzhqekFEWEVoRmR4TlVHY3Y3V2tMelE
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 06:05:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-auth0-not-found
1
cf-cache-status
EXPIRED
x-auth0-requestid
fbfbea184255b72b55b3
server
cloudflare
x-content-type-options
nosniff
etag
W/"9-0gXL1ngzMqISxa6S1zx3F4wtLyg"
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
cache-control
public, max-age=300
cf-ray
86dea1473bbb348c-WAW
alt-svc
h3=":443"; ma=86400
content-length
9

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
use.typekit.net
URL
https://use.typekit.net/af/705e94/00000000000000003b9b3062/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Domain
cdn-ukwest.onetrust.com
URL
https://cdn-ukwest.onetrust.com/logos/static/powered_by_logo.svg
Domain
static.zdassets.com
URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-4f08213.js
Domain
static.zdassets.com
URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-84852-4f08213.js
Domain
static.zdassets.com
URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-79806-4f08213.js
Domain
static.zdassets.com
URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-92795-4f08213.js
Domain
static.zdassets.com
URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-15178-4f08213.js
Domain
static.zdassets.com
URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-59535-4f08213.js
Domain
o268643.ingest.sentry.io
URL
https://o268643.ingest.sentry.io/api/5532469/envelope/?sentry_key=c77fdd7be3ef42e984f09afdecd080dc&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.49.0
Domain
cloudflareinsights.com
URL
https://cloudflareinsights.com/cdn-cgi/rum
Domain
use.typekit.net
URL
https://use.typekit.net/af/705e94/00000000000000003b9b3062/27/d?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal object| ulpFlags

7 Cookies

Domain/Path Name / Value
.truelayer.com/ Name: mp_a07d50dcc295595dff34542c8f7334f3_mixpanel
Value: %7B%22distinct_id%22%3A%20%22%24device%3A18e9d6a02ee10a3-021ffee3cff138-26001a51-75300-18e9d6a02ef1ba8%22%2C%22%24device_id%22%3A%20%2218e9d6a02ee10a3-021ffee3cff138-26001a51-75300-18e9d6a02ef1ba8%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
signin.truelayer.com/ Name: did
Value: s%3Av0%3A10c45dd0-f0b7-11ee-91c2-c1bc7ba00cd2.NHYe0nMcvOpPRr5dq%2F7jGQsS2mdftD6s9by%2BADawROY
signin.truelayer.com/ Name: auth0
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQL1kEH1nP9CPBlael6Ff6B1AlxKJ0sRmMqEv9vyjRG-x5YqoocFeCmbhVCyI6V5Sbh-VE2RHQzMEnnZMNvcGc8SmY29va2llg6dleHBpcmVz1_-wbgQAZg-Uwq5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.HmOhu8U1%2FDLrbFjsNRgKXCH0BNlhzTP%2FiHMYTGrhuAo
signin.truelayer.com/ Name: did_compat
Value: s%3Av0%3A10c45dd0-f0b7-11ee-91c2-c1bc7ba00cd2.NHYe0nMcvOpPRr5dq%2F7jGQsS2mdftD6s9by%2BADawROY
signin.truelayer.com/ Name: auth0_compat
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQL1kEH1nP9CPBlael6Ff6B1AlxKJ0sRmMqEv9vyjRG-x5YqoocFeCmbhVCyI6V5Sbh-VE2RHQzMEnnZMNvcGc8SmY29va2llg6dleHBpcmVz1_-wbgQAZg-Uwq5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.HmOhu8U1%2FDLrbFjsNRgKXCH0BNlhzTP%2FiHMYTGrhuAo
.console.truelayer.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Tue+Apr+02+2024+08%3A05%3A54+GMT%2B0200+(Central+European+Summer+Time)&version=6.39.0&hosts=&landingPath=https%3A%2F%2Fconsole.truelayer.com%2F&groups=C0001%3A1%2CC0003%3A0%2CC0002%3A0
.signin.truelayer.com/ Name: __cf_bm
Value: W91qT2GK2tGHd8k5Knm0fxwQ4xEEtyy0NFVI3vxZGls-1712037955-1.0.1.1-pAaTPV0XcXsWzIexeI9hwepsAIYxfUfDxtRkniT69Hkgyl1Ozoq7v0n2uFiD44B6

1 Console Messages

Source Level URL
Text
network error URL: https://signin.truelayer.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https://*.onetrust.com/ https://i.tl-al.com https://*.ingest.sentry.io https://console-backend.truelayer.com https://otel-api.truelayer.com https://console-backend.truelayer-sandbox.com https://auth.truelayer.com https://clients-api.truelayer.com https://users-api.truelayer.com https://signin.truelayer.com https://truelayer.eu.auth0.com https://*.zendesk.com https://*.zopim.com https://api.smooch.io wss://api.smooch.io https://t7r-comptroller-sandbox.s3.eu-west-1.amazonaws.com https://t7r-comptroller-production.s3.eu-west-1.amazonaws.com https://i.tl-al.com https://i.t7r-al.dev https://console-backend.t7r.co https://signin.truelayer.com https://signin.t7r.co https://signin.t7r.dev https://widget.intercom.io https://cdn.eu.auth0.com https://support.truelayer.com https://ekr.zdassets.com/ wss://widget-mediator.zopim.com https://static.zdassets.com https://api-eu.mixpanel.com https://decide.mixpanel.com https://cdn.mxpnl.com https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://nexus-long-poller-a.intercom.io https://nexus-long-poller-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://share.intercom.io https://intercom-sheets.com https://www.intercom-reporting.com https://fast.wistia.net https://share.intercom.io https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://cloudflareinsights.com; script-src 'self' blob: https://*.onetrust.com/ https://i.tl-al.com https://i.t7r-al.dev https://cdn.eu.auth0.com https://static.zdassets.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://api.smooch.io https://collection.passfort.com https://static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' https://use.typekit.net https://p.typekit.net https://fonts.googleapis.com/; font-src 'self' data https://truelayer-assets.truelayer.com https://use.typekit.net https://js.intercomcdn.com https://fonts.googleapis.com; frame-src https://login.truelayer.com/ https://payment.truelayer-sandbox.com/ https://pay.truelayer.com/ https://signin.truelayer.com/ https://truelayer.eu.auth0.com/ https://intercom-sheets.com https://signin.truelayer.com https://signin.t7r.co https://signin.t7r.dev https://collection.passfort.com; img-src * data: blob: https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://truelayer-public-assets.s3-eu-west-1.amazonaws.com https://truelayer-public-assets.s3.amazonaws.com; object-src 'none'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn-ukwest.onetrust.com
cdn.auth0.com
cdnjs.cloudflare.com
cloudflareinsights.com
console.truelayer.com
ekr.zdassets.com
geolocation.onetrust.com
i.tl-al.com
o268643.ingest.sentry.io
p.typekit.net
signin.truelayer.com
static.cloudflareinsights.com
static.zdassets.com
truelayer-assets.truelayer.com
truelayer-public-assets.s3-eu-west-1.amazonaws.com
use.typekit.net
cdn-ukwest.onetrust.com
cloudflareinsights.com
o268643.ingest.sentry.io
static.zdassets.com
use.typekit.net
104.17.25.14
104.18.70.113
104.19.153.19
2600:9000:2359:2600:10:474e:104a:2961
2606:4700:4400::ac40:9b77
2606:4700::6810:4f49
2606:4700::6810:5049
2606:4700::6812:180c
2606:4700::6812:1b02
2606:4700::6813:9913
2a02:26f0:3500:16::215:1495
34.120.195.249
52.218.0.128
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
0b66d17c9e92ceca4906b7944b0ce1410f95fb8c056aa29261b478504608b329
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
2b7360f10a5170b43752a5956999cff204596f2b1176ede74884da6c1fcc85a9
398694b37a019361e5ef43115595c5ef1612104be4bd5341e5096f33a787d9ee
40db496b666bc587f8159cca9f8ff43b1c83d8ef1d7b3438a5056480ece8a125
4b380f0853d4323dd4a02325691d06c7464fbbeee9ba69a23eeac7d436862ea4
5aeb26a967da9872968235cb5f922a38dc91e42f843dd5dd015ea1874402753b
5eb926994ac2fecf7f3bc9ac0cf617f562f49839899124ff3e7812fb7ad3d52c
666191e6f1242bd11bbefa7eefff49445fa6c931ac5e212e6bce442c6a7bf46c
6ae483e96b22708fa8261a54827b6265e207160d15cf49981eb111229d3bf505
6c9ce3f58df8334b8a0d46905a6abc93bb6d146740dcef9577601b214a7815bb
77e60dd622940e92853a4db48aeee8e712dd3f8566d801faff33dc19a1d2bb2f
8e27d98db4514439a8e782f770821f19becdfe8e2826375312e5c6bb3f5c6662
8f3e05775beb7886a835ad7d0a6ac0caef979e78490424bb9a543d4a09312409
fd0c91dae3964654557348546b167581cdac13a2e00555b3c5b73e0981d4b165