prod-developer.jn3cx6xo36.net Open in urlscan Pro
52.51.104.248 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://prod-developer.jn3cx6xo36.net/application/new
Submission: On February 14 via manual (February 14th 2023, 3:39:02 pm UTC) from GB — Scanned from GB

Summary HTTP 20 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 20 HTTP transactions. The main IP is 52.51.104.248, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is prod-developer.jn3cx6xo36.net.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on July 20th 2022. Valid for: a year.

This is the only time prod-developer.jn3cx6xo36.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	52.51.104.248 52.51.104.248	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
20	2

18 52.51.104.248 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-104-248.eu-west-1.compute.amazonaws.com

prod-developer.jn3cx6xo36.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	jn3cx6xo36.net prod-developer.jn3cx6xo36.net	2 MB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 93	20 KB
20	2

	Domain	Requested by
18	prod-developer.jn3cx6xo36.net	prod-developer.jn3cx6xo36.net
2	www.google-analytics.com	prod-developer.jn3cx6xo36.net www.google-analytics.com
20	2

This site contains links to these domains. Also see Links.

Domain
www.starlingbank.com
github.com
www.twitter.com

Subject Issuer	Validity	Valid
*.starlingbank.com GlobalSign RSA OV SSL CA 2018	`2022-07-20` - `2023-08-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://prod-developer.jn3cx6xo36.net/application/new
Frame ID: 955FF8E3932AC590BFE52FCAB1808D06
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in – Starling Developers

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

20
Requests

10 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

1983 kB
Transfer

5805 kB
Size

3
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.starlingbank.com/

Search URL Search Domain Scan URL

URL: https://github.com/starlingbank

Search URL Search Domain Scan URL

URL: https://www.twitter.com/starlingdev/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request new Show response
prod-developer.jn3cx6xo36.net/application/ 2 KB
2 KB 257ms
110ms Document
text/html 52.51.104.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-developer.jn3cx6xo36.net/application/new

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.104.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-104-248.eu-west-1.compute.amazonaws.com

Software

nginx / Starling Bank

Resource Hash

bda14f61679d323f9061f566b81b2f094a9755644a98cec62a731e06e8419ba0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' www.google-analytics.com; object-src 'self'; img-src 'self' data: www.google-analytics.com starlingbank.github.io; style-src 'self' 'sha256-8v0QoKdA8/K9fO9Krf5lmHK6qAlejCwnrHZHUeB1UTs='; form-action 'self'; frame-ancestors 'self'; font-src data: 'self'; connect-src 'self' www.google-analytics.com api-sandbox.starlingbank.com payment-api-sandbox.starlingbank.com api.starlingbank.com payment-api.starlingbank.com; child-src 'self' docs.google.com starlingbank.typeform.com; base-uri 'self'; manifest-src 'self'; media-src 'self' data:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-store
Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: default-src 'self'; script-src 'self' www.google-analytics.com; object-src 'self'; img-src 'self' data: www.google-analytics.com starlingbank.github.io; style-src 'self' 'sha256-8v0QoKdA8/K9fO9Krf5lmHK6qAlejCwnrHZHUeB1UTs='; form-action 'self'; frame-ancestors 'self'; font-src data: 'self'; connect-src 'self' www.google-analytics.com api-sandbox.starlingbank.com payment-api-sandbox.starlingbank.com api.starlingbank.com payment-api.starlingbank.com; child-src 'self' docs.google.com starlingbank.typeform.com; base-uri 'self'; manifest-src 'self'; media-src 'self' data:
Content-Type: text/html; charset=utf-8
Date: Tue, 14 Feb 2023 15:38:56 GMT
ETag: W/"a589622238b2ff22d6e8b6f3f3fbfafb"
Last-Modified: Wed, 18 Jan 2023 15:45:00 GMT
Referrer-Policy: no-referrer
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: Starling Bank
X-XSS-Protection: 0
x-amz-id-2: xObCSQZv/NAmW36jXENn/txVqRDTMQLRg09/y2dwwwansNDf8IS9iBfjGYFHl8ME9VAcF2XLqYg=
x-amz-request-id: TK7BNX0JTYWMWTD2
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK main.b04f8f8e95a18cf2a722.css
prod-developer.jn3cx6xo36.net/ 446 KB
96 KB 149ms
148ms Stylesheet
text/css 52.51.104.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-developer.jn3cx6xo36.net/main.b04f8f8e95a18cf2a722.css

Requested by

Host: prod-developer.jn3cx6xo36.net
URL: https://prod-developer.jn3cx6xo36.net/application/new

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.104.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-104-248.eu-west-1.compute.amazonaws.com

Software

nginx / Starling Bank

Resource Hash

dbc04f4905c04311adbcea56cd82cfd61a955b8afb89d763978271c3bcabf016

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' www.google-analytics.com; object-src 'self'; img-src 'self' data: www.google-analytics.com starlingbank.github.io; style-src 'self' 'sha256-8v0QoKdA8/K9fO9Krf5lmHK6qAlejCwnrHZHUeB1UTs='; form-action 'self'; frame-ancestors 'self'; font-src data: 'self'; connect-src 'self' www.google-analytics.com api-sandbox.starlingbank.com payment-api-sandbox.starlingbank.com api.starlingbank.com payment-api.starlingbank.com; child-src 'self' docs.google.com starlingbank.typeform.com; base-uri 'self'; manifest-src 'self'; media-src 'self' data:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Tue, 14 Feb 2023 15:38:56 GMT
Content-Security-Policy: default-src 'self'; script-src 'self' www.google-analytics.com; object-src 'self'; img-src 'self' data: www.google-analytics.com starlingbank.github.io; style-src 'self' 'sha256-8v0QoKdA8/K9fO9Krf5lmHK6qAlejCwnrHZHUeB1UTs='; form-action 'self'; frame-ancestors 'self'; font-src data: 'self'; connect-src 'self' www.google-analytics.com api-sandbox.starlingbank.com payment-api-sandbox.starlingbank.com api.starlingbank.com payment-api.starlingbank.com; child-src 'self' docs.google.com starlingbank.typeform.com; base-uri 'self'; manifest-src 'self'; media-src 'self' data:
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
x-amz-request-id: TK77AYXZCR014ENA
x-amz-server-side-encryption: AES256
X-Powered-By: Starling Bank
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: MfqfyxvAuSONyt1aT8YkrEuQELqI486HW6Asp0S3MsaO+J0PAFf2xIKDXcrusvCReSrPAlBl98U=
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 18 Jan 2023 15:45:00 GMT
Server: nginx
ETag: W/"0678d0d11469cbb58fc4bb529b82997c"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=2592000

GET
H/1.1 200
OK normalize.cae5134ddc374d890244.js Show response
prod-developer.jn3cx6xo36.net/ 15 KB
7 KB 229ms
110ms Script
text/javascript 52.51.104.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-developer.jn3cx6xo36.net/normalize.cae5134ddc374d890244.js

Requested by

Host: prod-developer.jn3cx6xo36.net
URL: https://prod-developer.jn3cx6xo36.net/application/new

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.104.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-104-248.eu-west-1.compute.amazonaws.com

Software

nginx / Starling Bank

Resource Hash

191ca2e4450de6c73139164c78c334ad2b85e4e64121d140c3e00a22f94ae01f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' www.google-analytics.com; object-src 'self'; img-src 'self' data: www.google-analytics.com starlingbank.github.io; style-src 'self' 'sha256-8v0QoKdA8/K9fO9Krf5lmHK6qAlejCwnrHZHUeB1UTs='; form-action 'self'; frame-ancestors 'self'; font-src data: 'self'; connect-src 'self' www.google-analytics.com api-sandbox.starlingbank.com payment-api-sandbox.starlingbank.com api.starlingbank.com payment-api.starlingbank.com; child-src 'self' docs.google.com starlingbank.typeform.com; base-uri 'self'; manifest-src 'self'; media-src 'self' data:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Tue, 14 Feb 2023 15:38:56 GMT
Content-Security-Policy: default-src 'self'; script-src 'self' www.google-analytics.com; object-src 'self'; img-src 'self' data: www.google-analytics.com starlingbank.github.io; style-src 'self' 'sha256-8v0QoKdA8/K9fO9Krf5lmHK6qAlejCwnrHZHUeB1UTs='; form-action 'self'; frame-ancestors 'self'; font-src data: 'self'; connect-src 'self' www.google-analytics.com api-sandbox.starlingbank.com payment-api-sandbox.starlingbank.com api.starlingbank.com payment-api.starlingbank.com; child-src 'self' docs.google.com starlingbank.typeform.com; base-uri 'self'; manifest-src 'self'; media-src 'self' data:
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
x-amz-request-id: TK7E61122AKBD3M2
x-amz-server-side-encryption: AES256
X-Powered-By: Starling Bank
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: 6DxKNGRdaXFKiix1iM0kKkhwZjbHw604P0wHjTDNqfb61XhaTjkPRX3Bs/SQBEmq4km3tEJhHtk=
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 18 Jan 2023 15:45:00 GMT
Server: nginx
ETag: W/"87add74dc9b145edb627007a3611b38e"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=2592000

GET
H/1.1 200
OK main.60c32e99cf733bf88861.js Show response
prod-developer.jn3cx6xo36.net/ 5 MB
2 MB 277ms
158ms Script
text/javascript 52.51.104.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-developer.jn3cx6xo36.net/main.60c32e99cf733bf88861.js

Requested by

Host: prod-developer.jn3cx6xo36.net
URL: https://prod-developer.jn3cx6xo36.net/application/new

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.104.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-104-248.eu-west-1.compute.amazonaws.com

Software

nginx / Starling Bank

Resource Hash

f97cc431b083bd8b8dfa6d68a7b8c457cc543aa9c3fe817f52032a20eaaafb48

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' www.google-analytics.com; object-src 'self'; img-src 'self' data: www.google-analytics.com starlingbank.github.io; style-src 'self' 'sha256-8v0QoKdA8/K9fO9Krf5lmHK6qAlejCwnrHZHUeB1UTs='; form-action 'self'; frame-ancestors 'self'; font-src data: 'self'; connect-src 'self' www.google-analytics.com api-sandbox.starlingbank.com payment-api-sandbox.starlingbank.com api.starlingbank.com payment-api.starlingbank.com; child-src 'self' docs.google.com starlingbank.typeform.com; base-uri 'self'; manifest-src 'self'; media-src 'self' data:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Tue, 14 Feb 2023 15:38:56 GMT
Content-Security-Policy: default-src 'self'; script-src 'self' www.google-analytics.com; object-src 'self'; img-src 'self' data: www.google-analytics.com starlingbank.github.io; style-src 'self' 'sha256-8v0QoKdA8/K9fO9Krf5lmHK6qAlejCwnrHZHUeB1UTs='; form-action 'self'; frame-ancestors 'self'; font-src data: 'self'; connect-src 'self' www.google-analytics.com api-sandbox.starlingbank.com payment-api-sandbox.starlingbank.com api.starlingbank.com payment-api.starlingbank.com; child-src 'self' docs.google.com starlingbank.typeform.com; base-uri 'self'; manifest-src 'self'; media-src 'self' data:
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
x-amz-request-id: TK76EG23JWVRCN4H
x-amz-server-side-encryption: AES256
X-Powered-By: Starling Bank
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: LHIHIXDw19jGQ6+PCV+nWPwVorBUr6CDksOMuXuMSoO9an3plXiRhrmtAYADtgYm+U8W96c7LG4=
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 18 Jan 2023 15:45:00 GMT
Server: nginx
ETag: W/"666b58dea875f08b0f37c7b62c0adbc6"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=2592000

GET
H/1.1 200
OK vendor.08ffacf410de0d8331c6.js Show response
prod-developer.jn3cx6xo36.net/ 200 KB
70 KB 304ms
184ms Script
text/javascript 52.51.104.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-developer.jn3cx6xo36.net/vendor.08ffacf410de0d8331c6.js

Requested by

Host: prod-developer.jn3cx6xo36.net
URL: https://prod-developer.jn3cx6xo36.net/application/new

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.104.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-104-248.eu-west-1.compute.amazonaws.com

Software

nginx / Starling Bank

Resource Hash

6c8a8b96d06bc3c0a6db938949990a1a4dd93517fc675df9b389dfc25df39972

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' www.google-analytics.com; object-src 'self'; img-src 'self' data: www.google-analytics.com starlingbank.github.io; style-src 'self' 'sha256-8v0QoKdA8/K9fO9Krf5lmHK6qAlejCwnrHZHUeB1UTs='; form-action 'self'; frame-ancestors 'self'; font-src data: 'self'; connect-src 'self' www.google-analytics.com api-sandbox.starlingbank.com payment-api-sandbox.starlingbank.com api.starlingbank.com payment-api.starlingbank.com; child-src 'self' docs.google.com starlingbank.typeform.com; base-uri 'self'; manifest-src 'self'; media-src 'self' data:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Tue, 14 Feb 2023 15:38:56 GMT
Content-Security-Policy: default-src 'self'; script-src 'self' www.google-analytics.com; object-src 'self'; img-src 'self' data: www.google-analytics.com starlingbank.github.io; style-src 'self' 'sha256-8v0QoKdA8/K9fO9Krf5lmHK6qAlejCwnrHZHUeB1UTs='; form-action 'self'; frame-ancestors 'self'; font-src data: 'self'; connect-src 'self' www.google-analytics.com api-sandbox.starlingbank.com payment-api-sandbox.starlingbank.com api.starlingbank.com payment-api.starlingbank.com; child-src 'self' docs.google.com starlingbank.typeform.com; base-uri 'self'; manifest-src 'self'; media-src 'self' data:
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
x-amz-request-id: TK75JWEA9RSWWMCH
x-amz-server-side-encryption: AES256
X-Powered-By: Starling Bank
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: /572jccldfA6OWUQfstshFnUkfEOjPwvOV5TfabPecrtHQ1FiwSwXOlduL3EdE7E4ud25FN1amo=
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 18 Jan 2023 15:45:00 GMT
Server: nginx
ETag: W/"80ac3a53d9d4ef21b31cf418766607ea"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=2592000

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 166ms
49ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: prod-developer.jn3cx6xo36.net
URL: https://prod-developer.jn3cx6xo36.net/main.60c32e99cf733bf88861.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 14 Feb 2023 14:54:50 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2647
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 14 Feb 2023 16:54:50 GMT

GET
H/1.1 200
OK profile Show response
prod-developer.jn3cx6xo36.net/partner-developer/api/v1/developer/ 59 B
1 KB 69ms
69ms Fetch
application/json 52.51.104.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-developer.jn3cx6xo36.net/partner-developer/api/v1/developer/profile

Requested by

Host: prod-developer.jn3cx6xo36.net
URL: https://prod-developer.jn3cx6xo36.net/main.60c32e99cf733bf88861.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.104.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-104-248.eu-west-1.compute.amazonaws.com

Software

nginx / Starling Bank

Resource Hash

e731d15ed842aa48b141bd1acc9e73a95025d170de8977d17e53eb747da86262

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' www.google-analytics.com; object-src 'self'; img-src 'self' data: www.google-analytics.com starlingbank.github.io; style-src 'self' 'sha256-8v0QoKdA8/K9fO9Krf5lmHK6qAlejCwnrHZHUeB1UTs='; form-action 'self'; frame-ancestors 'self'; font-src data: 'self'; connect-src 'self' www.google-analytics.com api-sandbox.starlingbank.com payment-api-sandbox.starlingbank.com api.starlingbank.com payment-api.starlingbank.com; child-src 'self' docs.google.com starlingbank.typeform.com; base-uri 'self'; manifest-src 'self'; media-src 'self' data:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json
Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 14 Feb 2023 15:38:57 GMT
Content-Security-Policy: default-src 'self'; script-src 'self' www.google-analytics.com; object-src 'self'; img-src 'self' data: www.google-analytics.com starlingbank.github.io; style-src 'self' 'sha256-8v0QoKdA8/K9fO9Krf5lmHK6qAlejCwnrHZHUeB1UTs='; form-action 'self'; frame-ancestors 'self'; font-src data: 'self'; connect-src 'self' www.google-analytics.com api-sandbox.starlingbank.com payment-api-sandbox.starlingbank.com api.starlingbank.com payment-api.starlingbank.com; child-src 'self' docs.google.com starlingbank.typeform.com; base-uri 'self'; manifest-src 'self'; media-src 'self' data:
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: Starling Bank
Transfer-Encoding: chunked
Connection: keep-alive
Server-Timing: intid;desc=7f757f8209210501
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Cache-Control: no-store

GET
H/1.1 200
OK login.e43d05cce6f1c38cb091.js Show response
prod-developer.jn3cx6xo36.net/ 8 KB
4 KB 107ms
107ms Script
text/javascript 52.51.104.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-developer.jn3cx6xo36.net/login.e43d05cce6f1c38cb091.js

Requested by

Host: prod-developer.jn3cx6xo36.net
URL: https://prod-developer.jn3cx6xo36.net/main.60c32e99cf733bf88861.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.104.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-104-248.eu-west-1.compute.amazonaws.com

Software

nginx / Starling Bank

Resource Hash

63e59c0016a456c86553c90fcd338b98a34b788115629001053965c71a1cb91d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' www.google-analytics.com; object-src 'self'; img-src 'self' data: www.google-analytics.com starlingbank.github.io; style-src 'self' 'sha256-8v0QoKdA8/K9fO9Krf5lmHK6qAlejCwnrHZHUeB1UTs='; form-action 'self'; frame-ancestors 'self'; font-src data: 'self'; connect-src 'self' www.google-analytics.com api-sandbox.starlingbank.com payment-api-sandbox.starlingbank.com api.starlingbank.com payment-api.starlingbank.com; child-src 'self' docs.google.com starlingbank.typeform.com; base-uri 'self'; manifest-src 'self'; media-src 'self' data:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Tue, 14 Feb 2023 15:38:58 GMT
Content-Security-Policy: default-src 'self'; script-src 'self' www.google-analytics.com; object-src 'self'; img-src 'self' data: www.google-analytics.com starlingbank.github.io; style-src 'self' 'sha256-8v0QoKdA8/K9fO9Krf5lmHK6qAlejCwnrHZHUeB1UTs='; form-action 'self'; frame-ancestors 'self'; font-src data: 'self'; connect-src 'self' www.google-analytics.com api-sandbox.starlingbank.com payment-api-sandbox.starlingbank.com api.starlingbank.com payment-api.starlingbank.com; child-src 'self' docs.google.com starlingbank.typeform.com; base-uri 'self'; manifest-src 'self'; media-src 'self' data:
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
x-amz-request-id: FRZ8NKPEZ6B1JC5T
x-amz-server-side-encryption: AES256
X-Powered-By: Starling Bank
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: yf8ltWb8DSCe4SEQgfaBdBg756wc1p6b6FGaT2d5yc3hrOrOLGdqYt/SDcWtA+53BQnX5fm24fg=
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 18 Jan 2023 15:45:00 GMT
Server: nginx
ETag: W/"6d327c3b68c05f9c7c4d20da725227f9"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=2592000

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
218 B 55ms
55ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=479969474&t=pageview&_s=1&dl=https%3A%2F%2Fprod-developer.jn3cx6xo36.net%2Flogin%3Fnext%3D%2Fapplication%2Fnew&dp=%2Flogin&ul=en-us&de=UTF-8&dt=Starling%20Developers&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1668558591&gjid=2024554510&cid=235210956.1676389138&tid=UA-63149657-5&_gid=1939363889.1676389138&_r=1&_slc=1&z=1752650059

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 15:38:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://prod-developer.jn3cx6xo36.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK developer-organisation-flag Show response
prod-developer.jn3cx6xo36.net/partner-developer/api/v1/developer/organisation/ 38 B
1 KB 57ms
57ms Fetch
application/json 52.51.104.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-developer.jn3cx6xo36.net/partner-developer/api/v1/developer/organisation/developer-organisation-flag

Requested by

Host: prod-developer.jn3cx6xo36.net
URL: https://prod-developer.jn3cx6xo36.net/main.60c32e99cf733bf88861.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.104.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-104-248.eu-west-1.compute.amazonaws.com

Software

nginx / Starling Bank

Resource Hash

f6a29cdcc3687f11f9d0eec3e648394dd3369ec714630e92af511fe876a871b5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' www.google-analytics.com; object-src 'self'; img-src 'self' data: www.google-analytics.com starlingbank.github.io; style-src 'self' 'sha256-8v0QoKdA8/K9fO9Krf5lmHK6qAlejCwnrHZHUeB1UTs='; form-action 'self'; frame-ancestors 'self'; font-src data: 'self'; connect-src 'self' www.google-analytics.com api-sandbox.starlingbank.com payment-api-sandbox.starlingbank.com api.starlingbank.com payment-api.starlingbank.com; child-src 'self' docs.google.com starlingbank.typeform.com; base-uri 'self'; manifest-src 'self'; media-src 'self' data:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json
Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 14 Feb 2023 15:38:58 GMT
Content-Security-Policy: default-src 'self'; script-src 'self' www.google-analytics.com; object-src 'self'; img-src 'self' data: www.google-analytics.com starlingbank.github.io; style-src 'self' 'sha256-8v0QoKdA8/K9fO9Krf5lmHK6qAlejCwnrHZHUeB1UTs='; form-action 'self'; frame-ancestors 'self'; font-src data: 'self'; connect-src 'self' www.google-analytics.com api-sandbox.starlingbank.com payment-api-sandbox.starlingbank.com api.starlingbank.com payment-api.starlingbank.com; child-src 'self' docs.google.com starlingbank.typeform.com; base-uri 'self'; manifest-src 'self'; media-src 'self' data:
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: Starling Bank
Transfer-Encoding: chunked
Connection: keep-alive
Server-Timing: intid;desc=2d34808ccbe214ad
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Cache-Control: no-store

GET
H/1.1 200
OK pat-flag Show response
prod-developer.jn3cx6xo36.net/partner-developer/api/v1/access-token/ 48 B
1 KB 66ms
65ms Fetch
application/json 52.51.104.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-developer.jn3cx6xo36.net/partner-developer/api/v1/access-token/pat-flag

Requested by

Host: prod-developer.jn3cx6xo36.net
URL: https://prod-developer.jn3cx6xo36.net/main.60c32e99cf733bf88861.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.104.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-104-248.eu-west-1.compute.amazonaws.com

Software

nginx / Starling Bank

Resource Hash

3972329155abe1bb7c68016f8ff6a60f4838c5fb3d1c349e2d25ee1cae9d8a4c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' www.google-analytics.com; object-src 'self'; img-src 'self' data: www.google-analytics.com starlingbank.github.io; style-src 'self' 'sha256-8v0QoKdA8/K9fO9Krf5lmHK6qAlejCwnrHZHUeB1UTs='; form-action 'self'; frame-ancestors 'self'; font-src data: 'self'; connect-src 'self' www.google-analytics.com api-sandbox.starlingbank.com payment-api-sandbox.starlingbank.com api.starlingbank.com payment-api.starlingbank.com; child-src 'self' docs.google.com starlingbank.typeform.com; base-uri 'self'; manifest-src 'self'; media-src 'self' data:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json
Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 14 Feb 2023 15:38:58 GMT
Content-Security-Policy: default-src 'self'; script-src 'self' www.google-analytics.com; object-src 'self'; img-src 'self' data: www.google-analytics.com starlingbank.github.io; style-src 'self' 'sha256-8v0QoKdA8/K9fO9Krf5lmHK6qAlejCwnrHZHUeB1UTs='; form-action 'self'; frame-ancestors 'self'; font-src data: 'self'; connect-src 'self' www.google-analytics.com api-sandbox.starlingbank.com payment-api-sandbox.starlingbank.com api.starlingbank.com payment-api.starlingbank.com; child-src 'self' docs.google.com starlingbank.typeform.com; base-uri 'self'; manifest-src 'self'; media-src 'self' data:
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: Starling Bank
Transfer-Encoding: chunked
Connection: keep-alive
Server-Timing: intid;desc=694a057e171ffda7
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Cache-Control: no-store

GET
H/1.1 200
OK UniversalSans-v1-2-18-20-20-513112121111-11-650.woff
prod-developer.jn3cx6xo36.net/fonts/ 31 KB
32 KB 117ms
116ms Font
font/woff 52.51.104.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-developer.jn3cx6xo36.net/fonts/UniversalSans-v1-2-18-20-20-513112121111-11-650.woff

Requested by

Host: prod-developer.jn3cx6xo36.net
URL: https://prod-developer.jn3cx6xo36.net/main.b04f8f8e95a18cf2a722.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.104.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-104-248.eu-west-1.compute.amazonaws.com

Software

nginx / Starling Bank

Resource Hash

92a9b7caa098c92fc85fcb4e2efe2219684e85f905acd1dae563ab3c695cb991

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' www.google-analytics.com; object-src 'self'; img-src 'self' data: www.google-analytics.com starlingbank.github.io; style-src 'self' 'sha256-8v0QoKdA8/K9fO9Krf5lmHK6qAlejCwnrHZHUeB1UTs='; form-action 'self'; frame-ancestors 'self'; font-src data: 'self'; connect-src 'self' www.google-analytics.com api-sandbox.starlingbank.com payment-api-sandbox.starlingbank.com api.starlingbank.com payment-api.starlingbank.com; child-src 'self' docs.google.com starlingbank.typeform.com; base-uri 'self'; manifest-src 'self'; media-src 'self' data:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
Origin: https://prod-developer.jn3cx6xo36.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Tue, 14 Feb 2023 15:38:58 GMT
Content-Security-Policy: default-src 'self'; script-src 'self' www.google-analytics.com; object-src 'self'; img-src 'self' data: www.google-analytics.com starlingbank.github.io; style-src 'self' 'sha256-8v0QoKdA8/K9fO9Krf5lmHK6qAlejCwnrHZHUeB1UTs='; form-action 'self'; frame-ancestors 'self'; font-src data: 'self'; connect-src 'self' www.google-analytics.com api-sandbox.starlingbank.com payment-api-sandbox.starlingbank.com api.starlingbank.com payment-api.starlingbank.com; child-src 'self' docs.google.com starlingbank.typeform.com; base-uri 'self'; manifest-src 'self'; media-src 'self' data:
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
x-amz-request-id: HQEYY1QJQPP0DBMA
x-amz-server-side-encryption: AES256
X-Powered-By: Starling Bank
Connection: keep-alive
Content-Length: 31436
x-amz-id-2: jhqd/AODPVYPSl/Ny+kMp4a76Aw1mz3ey0tasY/8qXNCWK7ry9ExGLx7O+imGrmBRWSj3mNUvd4=
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 18 Jan 2023 15:45:00 GMT
Server: nginx
ETag: "770a7acce7c7caf0c25cae0f4b08ff72"
X-Frame-Options: SAMEORIGIN
Content-Type: font/woff
Cache-Control: max-age=2592000
Accept-Ranges: bytes

GET
H/1.1 200
OK UniversalSans-v1-2-18-20-20-513112121111-11-450.woff
prod-developer.jn3cx6xo36.net/fonts/ 31 KB
32 KB 143ms
143ms Font
font/woff 52.51.104.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-developer.jn3cx6xo36.net/fonts/UniversalSans-v1-2-18-20-20-513112121111-11-450.woff

Requested by

Host: prod-developer.jn3cx6xo36.net
URL: https://prod-developer.jn3cx6xo36.net/main.b04f8f8e95a18cf2a722.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.104.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-104-248.eu-west-1.compute.amazonaws.com

Software

nginx / Starling Bank

Resource Hash

def2f708f1431a987bdec1a1ae64014deb44fe9b04468455fe948b42de39a329

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' www.google-analytics.com; object-src 'self'; img-src 'self' data: www.google-analytics.com starlingbank.github.io; style-src 'self' 'sha256-8v0QoKdA8/K9fO9Krf5lmHK6qAlejCwnrHZHUeB1UTs='; form-action 'self'; frame-ancestors 'self'; font-src data: 'self'; connect-src 'self' www.google-analytics.com api-sandbox.starlingbank.com payment-api-sandbox.starlingbank.com api.starlingbank.com payment-api.starlingbank.com; child-src 'self' docs.google.com starlingbank.typeform.com; base-uri 'self'; manifest-src 'self'; media-src 'self' data:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
Origin: https://prod-developer.jn3cx6xo36.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Tue, 14 Feb 2023 15:38:58 GMT
Content-Security-Policy: default-src 'self'; script-src 'self' www.google-analytics.com; object-src 'self'; img-src 'self' data: www.google-analytics.com starlingbank.github.io; style-src 'self' 'sha256-8v0QoKdA8/K9fO9Krf5lmHK6qAlejCwnrHZHUeB1UTs='; form-action 'self'; frame-ancestors 'self'; font-src data: 'self'; connect-src 'self' www.google-analytics.com api-sandbox.starlingbank.com payment-api-sandbox.starlingbank.com api.starlingbank.com payment-api.starlingbank.com; child-src 'self' docs.google.com starlingbank.typeform.com; base-uri 'self'; manifest-src 'self'; media-src 'self' data:
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
x-amz-request-id: HQEV6WYXBCG5B7VE
x-amz-server-side-encryption: AES256
X-Powered-By: Starling Bank
Connection: keep-alive
Content-Length: 31260
x-amz-id-2: VzyoLgjAS+N/uG50ocDljcWLISUYUmAzMS95k6hAzOGM3VyA/XDl8aFgZowcXpqMa9Fm8NLCY0g=
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 18 Jan 2023 15:45:00 GMT
Server: nginx
ETag: "49479dd240e1a1a5a2d7ac7cec58d7e2"
X-Frame-Options: SAMEORIGIN
Content-Type: font/woff
Cache-Control: max-age=2592000
Accept-Ranges: bytes

GET
H/1.1 200
OK fontawesome-webfont.woff2
prod-developer.jn3cx6xo36.net/fonts/ 75 KB
77 KB 222ms
188ms Font
font/woff2 52.51.104.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-developer.jn3cx6xo36.net/fonts/fontawesome-webfont.woff2

Requested by

Host: prod-developer.jn3cx6xo36.net
URL: https://prod-developer.jn3cx6xo36.net/main.b04f8f8e95a18cf2a722.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.104.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-104-248.eu-west-1.compute.amazonaws.com

Software

nginx / Starling Bank

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' www.google-analytics.com; object-src 'self'; img-src 'self' data: www.google-analytics.com starlingbank.github.io; style-src 'self' 'sha256-8v0QoKdA8/K9fO9Krf5lmHK6qAlejCwnrHZHUeB1UTs='; form-action 'self'; frame-ancestors 'self'; font-src data: 'self'; connect-src 'self' www.google-analytics.com api-sandbox.starlingbank.com payment-api-sandbox.starlingbank.com api.starlingbank.com payment-api.starlingbank.com; child-src 'self' docs.google.com starlingbank.typeform.com; base-uri 'self'; manifest-src 'self'; media-src 'self' data:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
Origin: https://prod-developer.jn3cx6xo36.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Tue, 14 Feb 2023 15:38:58 GMT
Content-Security-Policy: default-src 'self'; script-src 'self' www.google-analytics.com; object-src 'self'; img-src 'self' data: www.google-analytics.com starlingbank.github.io; style-src 'self' 'sha256-8v0QoKdA8/K9fO9Krf5lmHK6qAlejCwnrHZHUeB1UTs='; form-action 'self'; frame-ancestors 'self'; font-src data: 'self'; connect-src 'self' www.google-analytics.com api-sandbox.starlingbank.com payment-api-sandbox.starlingbank.com api.starlingbank.com payment-api.starlingbank.com; child-src 'self' docs.google.com starlingbank.typeform.com; base-uri 'self'; manifest-src 'self'; media-src 'self' data:
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
x-amz-request-id: HQEH25YESKJYJSX1
x-amz-server-side-encryption: AES256
X-Powered-By: Starling Bank
Connection: keep-alive
Content-Length: 77160
x-amz-id-2: a8r5LWwEGBXHHxNPwf+YfH5p8wUKWLeXiI4CFWHPFPMOw6cmZF/jgNbJmHRhSQFw0nFqdi7zMa0=
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 18 Jan 2023 15:45:00 GMT
Server: nginx
ETag: "af7ae505a9eed503f8b8e6982036873e"
X-Frame-Options: SAMEORIGIN
Content-Type: font/woff2
Cache-Control: max-age=2592000
Accept-Ranges: bytes

GET
H/1.1 200
OK developer-logo.png
prod-developer.jn3cx6xo36.net/ 25 KB
26 KB 126ms
101ms Image
image/png 52.51.104.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-developer.jn3cx6xo36.net/developer-logo.png

Requested by

Host: prod-developer.jn3cx6xo36.net
URL: https://prod-developer.jn3cx6xo36.net/login?next=/application/new

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.104.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-104-248.eu-west-1.compute.amazonaws.com

Software

nginx / Starling Bank

Resource Hash

2e00e6d293cc577f90d6bdff411c772547cdf497f720281aaf4fb29b913cf680

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' www.google-analytics.com; object-src 'self'; img-src 'self' data: www.google-analytics.com starlingbank.github.io; style-src 'self' 'sha256-8v0QoKdA8/K9fO9Krf5lmHK6qAlejCwnrHZHUeB1UTs='; form-action 'self'; frame-ancestors 'self'; font-src data: 'self'; connect-src 'self' www.google-analytics.com api-sandbox.starlingbank.com payment-api-sandbox.starlingbank.com api.starlingbank.com payment-api.starlingbank.com; child-src 'self' docs.google.com starlingbank.typeform.com; base-uri 'self'; manifest-src 'self'; media-src 'self' data:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Tue, 14 Feb 2023 15:38:58 GMT
Content-Security-Policy: default-src 'self'; script-src 'self' www.google-analytics.com; object-src 'self'; img-src 'self' data: www.google-analytics.com starlingbank.github.io; style-src 'self' 'sha256-8v0QoKdA8/K9fO9Krf5lmHK6qAlejCwnrHZHUeB1UTs='; form-action 'self'; frame-ancestors 'self'; font-src data: 'self'; connect-src 'self' www.google-analytics.com api-sandbox.starlingbank.com payment-api-sandbox.starlingbank.com api.starlingbank.com payment-api.starlingbank.com; child-src 'self' docs.google.com starlingbank.typeform.com; base-uri 'self'; manifest-src 'self'; media-src 'self' data:
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
x-amz-request-id: HQEMAJC32Y5D03PH
x-amz-server-side-encryption: AES256
X-Powered-By: Starling Bank
Connection: keep-alive
Content-Length: 25175
x-amz-id-2: NxAJs6l2ayj2JuyrYExgeDXZzDs2/DMxGUG7LhGNgk2iHaBWofgsICs9uyA/bxFzgcs+MGa4Ogg=
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 18 Jan 2023 15:45:00 GMT
Server: nginx
ETag: "d3ecc558ca29c95253b4907c4cb58b5e"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=2592000
Accept-Ranges: bytes

GET
H/1.1 200
OK logo.png
prod-developer.jn3cx6xo36.net/ 40 KB
41 KB 209ms
134ms Image
image/png 52.51.104.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-developer.jn3cx6xo36.net/logo.png

Requested by

Host: prod-developer.jn3cx6xo36.net
URL: https://prod-developer.jn3cx6xo36.net/login?next=/application/new

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.104.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-104-248.eu-west-1.compute.amazonaws.com

Software

nginx / Starling Bank

Resource Hash

0519356ed220088435784513753efaf3f287474291bbea5367fc778962f6801e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' www.google-analytics.com; object-src 'self'; img-src 'self' data: www.google-analytics.com starlingbank.github.io; style-src 'self' 'sha256-8v0QoKdA8/K9fO9Krf5lmHK6qAlejCwnrHZHUeB1UTs='; form-action 'self'; frame-ancestors 'self'; font-src data: 'self'; connect-src 'self' www.google-analytics.com api-sandbox.starlingbank.com payment-api-sandbox.starlingbank.com api.starlingbank.com payment-api.starlingbank.com; child-src 'self' docs.google.com starlingbank.typeform.com; base-uri 'self'; manifest-src 'self'; media-src 'self' data:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Tue, 14 Feb 2023 15:38:58 GMT
Content-Security-Policy: default-src 'self'; script-src 'self' www.google-analytics.com; object-src 'self'; img-src 'self' data: www.google-analytics.com starlingbank.github.io; style-src 'self' 'sha256-8v0QoKdA8/K9fO9Krf5lmHK6qAlejCwnrHZHUeB1UTs='; form-action 'self'; frame-ancestors 'self'; font-src data: 'self'; connect-src 'self' www.google-analytics.com api-sandbox.starlingbank.com payment-api-sandbox.starlingbank.com api.starlingbank.com payment-api.starlingbank.com; child-src 'self' docs.google.com starlingbank.typeform.com; base-uri 'self'; manifest-src 'self'; media-src 'self' data:
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
x-amz-request-id: HQEY7DD2RCGK6CEY
x-amz-server-side-encryption: AES256
X-Powered-By: Starling Bank
Connection: keep-alive
Content-Length: 40498
x-amz-id-2: HrF1rk88atoME0ETTCAJXbEGB7jTFP9mn5lLZ4+apuG2khdx9BI3YR7gXi5cXcHvqXDlFkwkJz8=
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 18 Jan 2023 15:45:00 GMT
Server: nginx
ETag: "9e828cec9bcd5a9af20c3c815535f8b2"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=2592000
Accept-Ranges: bytes

GET
H/1.1 200
OK slack-icon.png
prod-developer.jn3cx6xo36.net/ 2 KB
4 KB 165ms
89ms Image
image/png 52.51.104.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-developer.jn3cx6xo36.net/slack-icon.png

Requested by

Host: prod-developer.jn3cx6xo36.net
URL: https://prod-developer.jn3cx6xo36.net/login?next=/application/new

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.104.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-104-248.eu-west-1.compute.amazonaws.com

Software

nginx / Starling Bank

Resource Hash

229d394a6131e2f7ef7c937a33d6a84f455ae710e2b1e5aa44b2bfb890c5ee02

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' www.google-analytics.com; object-src 'self'; img-src 'self' data: www.google-analytics.com starlingbank.github.io; style-src 'self' 'sha256-8v0QoKdA8/K9fO9Krf5lmHK6qAlejCwnrHZHUeB1UTs='; form-action 'self'; frame-ancestors 'self'; font-src data: 'self'; connect-src 'self' www.google-analytics.com api-sandbox.starlingbank.com payment-api-sandbox.starlingbank.com api.starlingbank.com payment-api.starlingbank.com; child-src 'self' docs.google.com starlingbank.typeform.com; base-uri 'self'; manifest-src 'self'; media-src 'self' data:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Tue, 14 Feb 2023 15:38:58 GMT
Content-Security-Policy: default-src 'self'; script-src 'self' www.google-analytics.com; object-src 'self'; img-src 'self' data: www.google-analytics.com starlingbank.github.io; style-src 'self' 'sha256-8v0QoKdA8/K9fO9Krf5lmHK6qAlejCwnrHZHUeB1UTs='; form-action 'self'; frame-ancestors 'self'; font-src data: 'self'; connect-src 'self' www.google-analytics.com api-sandbox.starlingbank.com payment-api-sandbox.starlingbank.com api.starlingbank.com payment-api.starlingbank.com; child-src 'self' docs.google.com starlingbank.typeform.com; base-uri 'self'; manifest-src 'self'; media-src 'self' data:
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
x-amz-request-id: HQEP13Z7XYM2318A
x-amz-server-side-encryption: AES256
X-Powered-By: Starling Bank
Connection: keep-alive
Content-Length: 2364
x-amz-id-2: PJ6d7SLPpr41fWzup2k3Z12c+u0zXwaS62jF2wdcYm9/1JRAhjHWaMQQFTCp7ASrRuWodQu0ITQ=
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 18 Jan 2023 15:45:00 GMT
Server: nginx
ETag: "648fc0cfa7bf372d3260a1160c525945"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=2592000
Accept-Ranges: bytes

GET
H/1.1 200
OK github-icon.png
prod-developer.jn3cx6xo36.net/ 2 KB
4 KB 103ms
98ms Image
image/png 52.51.104.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-developer.jn3cx6xo36.net/github-icon.png

Requested by

Host: prod-developer.jn3cx6xo36.net
URL: https://prod-developer.jn3cx6xo36.net/login?next=/application/new

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.104.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-104-248.eu-west-1.compute.amazonaws.com

Software

nginx / Starling Bank

Resource Hash

d83f28ac90b5e2f003fc551af3ee1b92979898570f0c1df7ebdd7f7a065e8061

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' www.google-analytics.com; object-src 'self'; img-src 'self' data: www.google-analytics.com starlingbank.github.io; style-src 'self' 'sha256-8v0QoKdA8/K9fO9Krf5lmHK6qAlejCwnrHZHUeB1UTs='; form-action 'self'; frame-ancestors 'self'; font-src data: 'self'; connect-src 'self' www.google-analytics.com api-sandbox.starlingbank.com payment-api-sandbox.starlingbank.com api.starlingbank.com payment-api.starlingbank.com; child-src 'self' docs.google.com starlingbank.typeform.com; base-uri 'self'; manifest-src 'self'; media-src 'self' data:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Tue, 14 Feb 2023 15:38:58 GMT
Content-Security-Policy: default-src 'self'; script-src 'self' www.google-analytics.com; object-src 'self'; img-src 'self' data: www.google-analytics.com starlingbank.github.io; style-src 'self' 'sha256-8v0QoKdA8/K9fO9Krf5lmHK6qAlejCwnrHZHUeB1UTs='; form-action 'self'; frame-ancestors 'self'; font-src data: 'self'; connect-src 'self' www.google-analytics.com api-sandbox.starlingbank.com payment-api-sandbox.starlingbank.com api.starlingbank.com payment-api.starlingbank.com; child-src 'self' docs.google.com starlingbank.typeform.com; base-uri 'self'; manifest-src 'self'; media-src 'self' data:
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
x-amz-request-id: HQEN8R3HCCCM9GWQ
x-amz-server-side-encryption: AES256
X-Powered-By: Starling Bank
Connection: keep-alive
Content-Length: 2392
x-amz-id-2: lOG+z5HwoJdCoQFAATIvZQn+xgicuSthNzBLM7DoU6C/+cTpArx08If8PzITWRh2FaYUt1UOMq0=
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 18 Jan 2023 15:45:00 GMT
Server: nginx
ETag: "c832b5ae6999521a467c5b5badc90b8b"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=2592000
Accept-Ranges: bytes

GET
H/1.1 200
OK twitter-icon.png
prod-developer.jn3cx6xo36.net/ 2 KB
3 KB 127ms
110ms Image
image/png 52.51.104.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-developer.jn3cx6xo36.net/twitter-icon.png

Requested by

Host: prod-developer.jn3cx6xo36.net
URL: https://prod-developer.jn3cx6xo36.net/login?next=/application/new

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.104.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-104-248.eu-west-1.compute.amazonaws.com

Software

nginx / Starling Bank

Resource Hash

15244e7b0537341da373188483832690b464ed1cc6eded94f2757ce2ef0498c1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' www.google-analytics.com; object-src 'self'; img-src 'self' data: www.google-analytics.com starlingbank.github.io; style-src 'self' 'sha256-8v0QoKdA8/K9fO9Krf5lmHK6qAlejCwnrHZHUeB1UTs='; form-action 'self'; frame-ancestors 'self'; font-src data: 'self'; connect-src 'self' www.google-analytics.com api-sandbox.starlingbank.com payment-api-sandbox.starlingbank.com api.starlingbank.com payment-api.starlingbank.com; child-src 'self' docs.google.com starlingbank.typeform.com; base-uri 'self'; manifest-src 'self'; media-src 'self' data:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Tue, 14 Feb 2023 15:38:58 GMT
Content-Security-Policy: default-src 'self'; script-src 'self' www.google-analytics.com; object-src 'self'; img-src 'self' data: www.google-analytics.com starlingbank.github.io; style-src 'self' 'sha256-8v0QoKdA8/K9fO9Krf5lmHK6qAlejCwnrHZHUeB1UTs='; form-action 'self'; frame-ancestors 'self'; font-src data: 'self'; connect-src 'self' www.google-analytics.com api-sandbox.starlingbank.com payment-api-sandbox.starlingbank.com api.starlingbank.com payment-api.starlingbank.com; child-src 'self' docs.google.com starlingbank.typeform.com; base-uri 'self'; manifest-src 'self'; media-src 'self' data:
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
x-amz-request-id: HQEMK0ZE87SKZNS8
x-amz-server-side-encryption: AES256
X-Powered-By: Starling Bank
Connection: keep-alive
Content-Length: 2245
x-amz-id-2: ZAbZSwksjdmYCR7Cwx5jEVCCAYP+/Eq+rpKVpmF9wExmESjP1zknChC0VdagSJ9Q9J9mmslN2XU=
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 18 Jan 2023 15:45:00 GMT
Server: nginx
ETag: "0564e7a575400def3c98710930a02fc7"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=2592000
Accept-Ranges: bytes

GET
H/1.1 200
OK logo-vertical.png
prod-developer.jn3cx6xo36.net/ 20 KB
21 KB 89ms
89ms Image
image/png 52.51.104.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-developer.jn3cx6xo36.net/logo-vertical.png

Requested by

Host: prod-developer.jn3cx6xo36.net
URL: https://prod-developer.jn3cx6xo36.net/login?next=/application/new

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.104.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-104-248.eu-west-1.compute.amazonaws.com

Software

nginx / Starling Bank

Resource Hash

389061b31349312b6a36fec07e07cef6fa719323f37b54c147a57b4309f2f533

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' www.google-analytics.com; object-src 'self'; img-src 'self' data: www.google-analytics.com starlingbank.github.io; style-src 'self' 'sha256-8v0QoKdA8/K9fO9Krf5lmHK6qAlejCwnrHZHUeB1UTs='; form-action 'self'; frame-ancestors 'self'; font-src data: 'self'; connect-src 'self' www.google-analytics.com api-sandbox.starlingbank.com payment-api-sandbox.starlingbank.com api.starlingbank.com payment-api.starlingbank.com; child-src 'self' docs.google.com starlingbank.typeform.com; base-uri 'self'; manifest-src 'self'; media-src 'self' data:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Tue, 14 Feb 2023 15:38:58 GMT
Content-Security-Policy: default-src 'self'; script-src 'self' www.google-analytics.com; object-src 'self'; img-src 'self' data: www.google-analytics.com starlingbank.github.io; style-src 'self' 'sha256-8v0QoKdA8/K9fO9Krf5lmHK6qAlejCwnrHZHUeB1UTs='; form-action 'self'; frame-ancestors 'self'; font-src data: 'self'; connect-src 'self' www.google-analytics.com api-sandbox.starlingbank.com payment-api-sandbox.starlingbank.com api.starlingbank.com payment-api.starlingbank.com; child-src 'self' docs.google.com starlingbank.typeform.com; base-uri 'self'; manifest-src 'self'; media-src 'self' data:
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
x-amz-request-id: HQEYG1PSJBYATQ6D
x-amz-server-side-encryption: AES256
X-Powered-By: Starling Bank
Connection: keep-alive
Content-Length: 20624
x-amz-id-2: /yZlCOlKwjEJqJ89Wn3Sb4Cf9wncICp+BC/tRBRHQTauUEMvLGNVwHTzKthKwoqYzT+so8Xn0Xw=
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 18 Jan 2023 15:45:00 GMT
Server: nginx
ETag: "9f7591334d665c8587da248edafdee37"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=2592000
Accept-Ranges: bytes

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.jn3cx6xo36.net/	1970-01-20 19:15:49	Name: _ga Value: GA1.2.235210956.1676389138
.jn3cx6xo36.net/	1970-01-20 09:41:15	Name: _gid Value: GA1.2.1939363889.1676389138
.jn3cx6xo36.net/	1970-01-20 09:39:49	Name: _gat Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; script-src 'self' www.google-analytics.com; object-src 'self'; img-src 'self' data: www.google-analytics.com starlingbank.github.io; style-src 'self' 'sha256-8v0QoKdA8/K9fO9Krf5lmHK6qAlejCwnrHZHUeB1UTs='; form-action 'self'; frame-ancestors 'self'; font-src data: 'self'; connect-src 'self' www.google-analytics.com api-sandbox.starlingbank.com payment-api-sandbox.starlingbank.com api.starlingbank.com payment-api.starlingbank.com; child-src 'self' docs.google.com starlingbank.typeform.com; base-uri 'self'; manifest-src 'self'; media-src 'self' data:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

prod-developer.jn3cx6xo36.net
www.google-analytics.com
2a00:1450:4001:80b::200e
52.51.104.248
0519356ed220088435784513753efaf3f287474291bbea5367fc778962f6801e
15244e7b0537341da373188483832690b464ed1cc6eded94f2757ce2ef0498c1
191ca2e4450de6c73139164c78c334ad2b85e4e64121d140c3e00a22f94ae01f
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
229d394a6131e2f7ef7c937a33d6a84f455ae710e2b1e5aa44b2bfb890c5ee02
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e00e6d293cc577f90d6bdff411c772547cdf497f720281aaf4fb29b913cf680
389061b31349312b6a36fec07e07cef6fa719323f37b54c147a57b4309f2f533
3972329155abe1bb7c68016f8ff6a60f4838c5fb3d1c349e2d25ee1cae9d8a4c
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
63e59c0016a456c86553c90fcd338b98a34b788115629001053965c71a1cb91d
6c8a8b96d06bc3c0a6db938949990a1a4dd93517fc675df9b389dfc25df39972
92a9b7caa098c92fc85fcb4e2efe2219684e85f905acd1dae563ab3c695cb991
bda14f61679d323f9061f566b81b2f094a9755644a98cec62a731e06e8419ba0
d83f28ac90b5e2f003fc551af3ee1b92979898570f0c1df7ebdd7f7a065e8061
dbc04f4905c04311adbcea56cd82cfd61a955b8afb89d763978271c3bcabf016
def2f708f1431a987bdec1a1ae64014deb44fe9b04468455fe948b42de39a329
e731d15ed842aa48b141bd1acc9e73a95025d170de8977d17e53eb747da86262
f6a29cdcc3687f11f9d0eec3e648394dd3369ec714630e92af511fe876a871b5
f97cc431b083bd8b8dfa6d68a7b8c457cc543aa9c3fe817f52032a20eaaafb48

prod-developer.jn3cx6xo36.net Open in urlscan Pro 52.51.104.248 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

20 Requests

10 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

1983 kBTransfer

5805 kBSize

3 Cookies

3 Outgoing links

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

3 Cookies

Security Headers

Indicators

prod-developer.jn3cx6xo36.net Open in urlscan Pro
52.51.104.248 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

10 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

1983 kB
Transfer

5805 kB
Size

3
Cookies

20 HTTP transactions
0 data transactions