www.bambooloans.com Open in urlscan Pro
75.2.71.185  Public Scan

:method

GET

:authority

www.bambooloans.com

:scheme

https

:path

/

pragma

no-cache

cache-control

no-cache

upgrade-insecure-requests

1

user-agent

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

accept

text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9

sec-fetch-site

none

sec-fetch-mode

navigate

sec-fetch-user

?1

sec-fetch-dest

document

accept-encoding

gzip, deflate, br

accept-language

en-US

Upgrade-Insecure-Requests

1

User-Agent

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

date

Tue, 26 Jan 2021 08:16:34 GMT

content-type

text/html; charset=utf-8

x-frame-options

DENY

x-xss-protection

1; mode=block

x-content-type-options

nosniff

x-download-options

noopen

x-permitted-cross-domain-policies

none

referrer-policy

strict-origin-when-cross-origin

vary

Accept-Encoding

content-encoding

gzip

etag

W/"41b0458331c7c7871aaa7a77a6035b2c"

cache-control

max-age=0, private, must-revalidate

set-cookie

user_logged_in=false; path=/; secure _session_id=27aafbbc29809347bbef5ead8b03deab; path=/; expires=Tue, 26 Jan 2021 08:46:34 GMT; HttpOnly; secure

x-request-id

f1495be4-d5d0-4b5c-9ac6-dd89ba540ced

x-runtime

0.091213

content-security-policy

connect-src 'self' api.rollbar.com rs.fullstory.com www.tag4arm.com www.google-analytics.com adservice.google.com stats.g.doubleclick.net *.twilio.com wss://tsock.us1.twilio.com/v3/wsconnect api.pay360.com sampson.bambooloans.com wss://ws.pusherapp.com *.pusher.com firstbanco-production-attachments.s3.eu-west-1.amazonaws.com;default-src 'self';font-src 'self' data: fonts.googleapis.com fonts.gstatic.com;form-action 'self';frame-ancestors 'self';frame-src 'self' tpc.googlesyndication.com fls.doubleclick.net bid.g.doubleclick.net 8103783.fls.doubleclick.net widget.trustpilot.com bamboo.lon.netverify.com upload.lon.netverify.com secure.mite.pay360.com secure.pay360.com consentcdn.cookiebot.com;img-src 'self' data: www.tag4arm.com stats.g.doubleclick.net lh3.googleusercontent.com www.google-analytics.com www.googletagmanager.com ssl.gstatic.com www.gstatic.com www.google.com www.google.co.uk googleads.g.doubleclick.net s3-eu-west-1.amazonaws.com/firstbanco-email-assets/ s3-eu-west-1.amazonaws.com/firstbanco-production-broker-logos/ firstbanco-production-cms-uploads.s3.eu-west-1.amazonaws.com;media-src 'none';object-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com tagmanager.google.com;style-src-elem 'self' 'unsafe-inline' use.fontawesome.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css;upgrade-insecure-requests ;block-all-mixed-content ;report-uri /csp-violations;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;

x-content-security-policy

connect-src 'self' api.rollbar.com rs.fullstory.com www.tag4arm.com www.google-analytics.com adservice.google.com stats.g.doubleclick.net *.twilio.com wss://tsock.us1.twilio.com/v3/wsconnect api.pay360.com sampson.bambooloans.com wss://ws.pusherapp.com *.pusher.com firstbanco-production-attachments.s3.eu-west-1.amazonaws.com;default-src 'self';font-src 'self' data: fonts.googleapis.com fonts.gstatic.com;form-action 'self';frame-ancestors 'self';frame-src 'self' tpc.googlesyndication.com fls.doubleclick.net bid.g.doubleclick.net 8103783.fls.doubleclick.net widget.trustpilot.com bamboo.lon.netverify.com upload.lon.netverify.com secure.mite.pay360.com secure.pay360.com consentcdn.cookiebot.com;img-src 'self' data: www.tag4arm.com stats.g.doubleclick.net lh3.googleusercontent.com www.google-analytics.com www.googletagmanager.com ssl.gstatic.com www.gstatic.com www.google.com www.google.co.uk googleads.g.doubleclick.net s3-eu-west-1.amazonaws.com/firstbanco-email-assets/ s3-eu-west-1.amazonaws.com/firstbanco-production-broker-logos/ firstbanco-production-cms-uploads.s3.eu-west-1.amazonaws.com;media-src 'none';object-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com tagmanager.google.com;style-src-elem 'self' 'unsafe-inline' use.fontawesome.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css;upgrade-insecure-requests ;block-all-mixed-content ;report-uri /csp-violations;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;

feature-policy

geolocation 'none'; midi 'none'; notifications 'none'; push 'none'; microphone 'none'; camera 'self'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; vibrate 'none'; fullscreen 'none'; payment 'none';

strict-transport-security

max-age=31536000

Redirect headers

Location

https://www.bambooloans.com/

Content-Length

0

Connection

keep-alive

Referer

https://www.bambooloans.com/

User-Agent

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

date

Tue, 26 Jan 2021 08:16:34 GMT

content-encoding

gzip

last-modified

Thu, 14 Jan 2021 10:39:13 GMT

server

Microsoft-IIS/10.0

etag

"809ebf7f61ead61:0"

vary

Accept-Encoding

content-type

application/javascript

cache-control

public, max-age=376

accept-ranges

bytes

content-length

17320

expires

Tue, 26 Jan 2021 08:22:50 GMT

Referer

https://www.bambooloans.com/

User-Agent

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

date

Tue, 26 Jan 2021 08:16:34 GMT

content-encoding

gzip

vary

Accept-Encoding

x-content-security-policy

connect-src 'self' api.rollbar.com rs.fullstory.com www.tag4arm.com www.google-analytics.com adservice.google.com stats.g.doubleclick.net *.twilio.com wss://tsock.us1.twilio.com/v3/wsconnect api.pay360.com sampson.bambooloans.com wss://ws.pusherapp.com *.pusher.com firstbanco-production-attachments.s3.eu-west-1.amazonaws.com;default-src 'self';font-src 'self' data: fonts.googleapis.com fonts.gstatic.com;form-action 'self';frame-ancestors 'self';frame-src 'self' tpc.googlesyndication.com fls.doubleclick.net bid.g.doubleclick.net 8103783.fls.doubleclick.net widget.trustpilot.com bamboo.lon.netverify.com upload.lon.netverify.com secure.mite.pay360.com secure.pay360.com consentcdn.cookiebot.com;img-src 'self' data: www.tag4arm.com stats.g.doubleclick.net lh3.googleusercontent.com www.google-analytics.com www.googletagmanager.com ssl.gstatic.com www.gstatic.com www.google.com www.google.co.uk googleads.g.doubleclick.net s3-eu-west-1.amazonaws.com/firstbanco-email-assets/ s3-eu-west-1.amazonaws.com/firstbanco-production-broker-logos/ firstbanco-production-cms-uploads.s3.eu-west-1.amazonaws.com;media-src 'none';object-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com tagmanager.google.com;style-src-elem 'self' 'unsafe-inline' use.fontawesome.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css;upgrade-insecure-requests ;block-all-mixed-content ;report-uri /csp-violations;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;

age

0

content-length

5928

referrer-policy

strict-origin-when-cross-origin

last-modified

Fri, 22 Jan 2021 12:13:42 GMT

strict-transport-security

max-age=31536000

x-varnish

64634100

via

1.1 varnish-v4

cache-control

public, max-age=604800

feature-policy

geolocation 'none'; midi 'none'; notifications 'none'; push 'none'; microphone 'none'; camera 'self'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; vibrate 'none'; fullscreen 'none'; payment 'none';

content-security-policy

connect-src 'self' api.rollbar.com rs.fullstory.com www.tag4arm.com www.google-analytics.com adservice.google.com stats.g.doubleclick.net *.twilio.com wss://tsock.us1.twilio.com/v3/wsconnect api.pay360.com sampson.bambooloans.com wss://ws.pusherapp.com *.pusher.com firstbanco-production-attachments.s3.eu-west-1.amazonaws.com;default-src 'self';font-src 'self' data: fonts.googleapis.com fonts.gstatic.com;form-action 'self';frame-ancestors 'self';frame-src 'self' tpc.googlesyndication.com fls.doubleclick.net bid.g.doubleclick.net 8103783.fls.doubleclick.net widget.trustpilot.com bamboo.lon.netverify.com upload.lon.netverify.com secure.mite.pay360.com secure.pay360.com consentcdn.cookiebot.com;img-src 'self' data: www.tag4arm.com stats.g.doubleclick.net lh3.googleusercontent.com www.google-analytics.com www.googletagmanager.com ssl.gstatic.com www.gstatic.com www.google.com www.google.co.uk googleads.g.doubleclick.net s3-eu-west-1.amazonaws.com/firstbanco-email-assets/ s3-eu-west-1.amazonaws.com/firstbanco-production-broker-logos/ firstbanco-production-cms-uploads.s3.eu-west-1.amazonaws.com;media-src 'none';object-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com tagmanager.google.com;style-src-elem 'self' 'unsafe-inline' use.fontawesome.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css;upgrade-insecure-requests ;block-all-mixed-content ;report-uri /csp-violations;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;

accept-ranges

bytes

content-type

application/javascript

expires

Mon, 01 Feb 2021 12:09:31 +0000

Referer

https://www.bambooloans.com/

User-Agent

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

date

Tue, 26 Jan 2021 08:16:34 GMT

content-encoding

gzip

vary

Accept-Encoding

x-content-security-policy

connect-src 'self' api.rollbar.com rs.fullstory.com www.tag4arm.com www.google-analytics.com adservice.google.com stats.g.doubleclick.net *.twilio.com wss://tsock.us1.twilio.com/v3/wsconnect api.pay360.com sampson.bambooloans.com wss://ws.pusherapp.com *.pusher.com firstbanco-production-attachments.s3.eu-west-1.amazonaws.com;default-src 'self';font-src 'self' data: fonts.googleapis.com fonts.gstatic.com;form-action 'self';frame-ancestors 'self';frame-src 'self' tpc.googlesyndication.com fls.doubleclick.net bid.g.doubleclick.net 8103783.fls.doubleclick.net widget.trustpilot.com bamboo.lon.netverify.com upload.lon.netverify.com secure.mite.pay360.com secure.pay360.com consentcdn.cookiebot.com;img-src 'self' data: www.tag4arm.com stats.g.doubleclick.net lh3.googleusercontent.com www.google-analytics.com www.googletagmanager.com ssl.gstatic.com www.gstatic.com www.google.com www.google.co.uk googleads.g.doubleclick.net s3-eu-west-1.amazonaws.com/firstbanco-email-assets/ s3-eu-west-1.amazonaws.com/firstbanco-production-broker-logos/ firstbanco-production-cms-uploads.s3.eu-west-1.amazonaws.com;media-src 'none';object-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com tagmanager.google.com;style-src-elem 'self' 'unsafe-inline' use.fontawesome.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css;upgrade-insecure-requests ;block-all-mixed-content ;report-uri /csp-violations;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;

age

0

content-length

7060

referrer-policy

strict-origin-when-cross-origin

last-modified

Fri, 22 Jan 2021 12:13:42 GMT

strict-transport-security

max-age=31536000

x-varnish

64882079

via

1.1 varnish-v4

cache-control

public, max-age=604800

feature-policy

geolocation 'none'; midi 'none'; notifications 'none'; push 'none'; microphone 'none'; camera 'self'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; vibrate 'none'; fullscreen 'none'; payment 'none';

content-security-policy

connect-src 'self' api.rollbar.com rs.fullstory.com www.tag4arm.com www.google-analytics.com adservice.google.com stats.g.doubleclick.net *.twilio.com wss://tsock.us1.twilio.com/v3/wsconnect api.pay360.com sampson.bambooloans.com wss://ws.pusherapp.com *.pusher.com firstbanco-production-attachments.s3.eu-west-1.amazonaws.com;default-src 'self';font-src 'self' data: fonts.googleapis.com fonts.gstatic.com;form-action 'self';frame-ancestors 'self';frame-src 'self' tpc.googlesyndication.com fls.doubleclick.net bid.g.doubleclick.net 8103783.fls.doubleclick.net widget.trustpilot.com bamboo.lon.netverify.com upload.lon.netverify.com secure.mite.pay360.com secure.pay360.com consentcdn.cookiebot.com;img-src 'self' data: www.tag4arm.com stats.g.doubleclick.net lh3.googleusercontent.com www.google-analytics.com www.googletagmanager.com ssl.gstatic.com www.gstatic.com www.google.com www.google.co.uk googleads.g.doubleclick.net s3-eu-west-1.amazonaws.com/firstbanco-email-assets/ s3-eu-west-1.amazonaws.com/firstbanco-production-broker-logos/ firstbanco-production-cms-uploads.s3.eu-west-1.amazonaws.com;media-src 'none';object-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com tagmanager.google.com;style-src-elem 'self' 'unsafe-inline' use.fontawesome.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css;upgrade-insecure-requests ;block-all-mixed-content ;report-uri /csp-violations;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;

accept-ranges

bytes

content-type

application/javascript

expires

Mon, 01 Feb 2021 12:08:09 +0000

Referer

https://www.bambooloans.com/

User-Agent

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

date

Tue, 26 Jan 2021 08:16:34 GMT

content-encoding

gzip

vary

Accept-Encoding

x-content-security-policy

connect-src 'self' api.rollbar.com rs.fullstory.com www.tag4arm.com www.google-analytics.com adservice.google.com stats.g.doubleclick.net *.twilio.com wss://tsock.us1.twilio.com/v3/wsconnect api.pay360.com sampson.bambooloans.com wss://ws.pusherapp.com *.pusher.com firstbanco-production-attachments.s3.eu-west-1.amazonaws.com;default-src 'self';font-src 'self' data: fonts.googleapis.com fonts.gstatic.com;form-action 'self';frame-ancestors 'self';frame-src 'self' tpc.googlesyndication.com fls.doubleclick.net bid.g.doubleclick.net 8103783.fls.doubleclick.net widget.trustpilot.com bamboo.lon.netverify.com upload.lon.netverify.com secure.mite.pay360.com secure.pay360.com consentcdn.cookiebot.com;img-src 'self' data: www.tag4arm.com stats.g.doubleclick.net lh3.googleusercontent.com www.google-analytics.com www.googletagmanager.com ssl.gstatic.com www.gstatic.com www.google.com www.google.co.uk googleads.g.doubleclick.net s3-eu-west-1.amazonaws.com/firstbanco-email-assets/ s3-eu-west-1.amazonaws.com/firstbanco-production-broker-logos/ firstbanco-production-cms-uploads.s3.eu-west-1.amazonaws.com;media-src 'none';object-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com tagmanager.google.com;style-src-elem 'self' 'unsafe-inline' use.fontawesome.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css;upgrade-insecure-requests ;block-all-mixed-content ;report-uri /csp-violations;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;

age

0

content-length

7505

referrer-policy

strict-origin-when-cross-origin

last-modified

Fri, 22 Jan 2021 12:13:42 GMT

strict-transport-security

max-age=31536000

x-varnish

62519360

via

1.1 varnish-v4

cache-control

public, max-age=604800

feature-policy

geolocation 'none'; midi 'none'; notifications 'none'; push 'none'; microphone 'none'; camera 'self'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; vibrate 'none'; fullscreen 'none'; payment 'none';

content-security-policy

connect-src 'self' api.rollbar.com rs.fullstory.com www.tag4arm.com www.google-analytics.com adservice.google.com stats.g.doubleclick.net *.twilio.com wss://tsock.us1.twilio.com/v3/wsconnect api.pay360.com sampson.bambooloans.com wss://ws.pusherapp.com *.pusher.com firstbanco-production-attachments.s3.eu-west-1.amazonaws.com;default-src 'self';font-src 'self' data: fonts.googleapis.com fonts.gstatic.com;form-action 'self';frame-ancestors 'self';frame-src 'self' tpc.googlesyndication.com fls.doubleclick.net bid.g.doubleclick.net 8103783.fls.doubleclick.net widget.trustpilot.com bamboo.lon.netverify.com upload.lon.netverify.com secure.mite.pay360.com secure.pay360.com consentcdn.cookiebot.com;img-src 'self' data: www.tag4arm.com stats.g.doubleclick.net lh3.googleusercontent.com www.google-analytics.com www.googletagmanager.com ssl.gstatic.com www.gstatic.com www.google.com www.google.co.uk googleads.g.doubleclick.net s3-eu-west-1.amazonaws.com/firstbanco-email-assets/ s3-eu-west-1.amazonaws.com/firstbanco-production-broker-logos/ firstbanco-production-cms-uploads.s3.eu-west-1.amazonaws.com;media-src 'none';object-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com tagmanager.google.com;style-src-elem 'self' 'unsafe-inline' use.fontawesome.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css;upgrade-insecure-requests ;block-all-mixed-content ;report-uri /csp-violations;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;

accept-ranges

bytes

content-type

application/javascript

expires

Mon, 01 Feb 2021 12:06:36 +0000

Referer

https://www.bambooloans.com/

User-Agent

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

date

Tue, 26 Jan 2021 08:16:34 GMT

content-encoding

gzip

vary

Accept-Encoding

x-content-security-policy

connect-src 'self' api.rollbar.com rs.fullstory.com www.tag4arm.com www.google-analytics.com adservice.google.com stats.g.doubleclick.net *.twilio.com wss://tsock.us1.twilio.com/v3/wsconnect api.pay360.com sampson.bambooloans.com wss://ws.pusherapp.com *.pusher.com firstbanco-production-attachments.s3.eu-west-1.amazonaws.com;default-src 'self';font-src 'self' data: fonts.googleapis.com fonts.gstatic.com;form-action 'self';frame-ancestors 'self';frame-src 'self' tpc.googlesyndication.com fls.doubleclick.net bid.g.doubleclick.net 8103783.fls.doubleclick.net widget.trustpilot.com bamboo.lon.netverify.com upload.lon.netverify.com secure.mite.pay360.com secure.pay360.com consentcdn.cookiebot.com;img-src 'self' data: www.tag4arm.com stats.g.doubleclick.net lh3.googleusercontent.com www.google-analytics.com www.googletagmanager.com ssl.gstatic.com www.gstatic.com www.google.com www.google.co.uk googleads.g.doubleclick.net s3-eu-west-1.amazonaws.com/firstbanco-email-assets/ s3-eu-west-1.amazonaws.com/firstbanco-production-broker-logos/ firstbanco-production-cms-uploads.s3.eu-west-1.amazonaws.com;media-src 'none';object-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com tagmanager.google.com;style-src-elem 'self' 'unsafe-inline' use.fontawesome.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css;upgrade-insecure-requests ;block-all-mixed-content ;report-uri /csp-violations;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;

age

0

content-length

2856

referrer-policy

strict-origin-when-cross-origin

last-modified

Fri, 22 Jan 2021 12:13:42 GMT

strict-transport-security

max-age=31536000

x-varnish

64634103

via

1.1 varnish-v4

cache-control

public, max-age=604800

feature-policy

geolocation 'none'; midi 'none'; notifications 'none'; push 'none'; microphone 'none'; camera 'self'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; vibrate 'none'; fullscreen 'none'; payment 'none';

content-security-policy

connect-src 'self' api.rollbar.com rs.fullstory.com www.tag4arm.com www.google-analytics.com adservice.google.com stats.g.doubleclick.net *.twilio.com wss://tsock.us1.twilio.com/v3/wsconnect api.pay360.com sampson.bambooloans.com wss://ws.pusherapp.com *.pusher.com firstbanco-production-attachments.s3.eu-west-1.amazonaws.com;default-src 'self';font-src 'self' data: fonts.googleapis.com fonts.gstatic.com;form-action 'self';frame-ancestors 'self';frame-src 'self' tpc.googlesyndication.com fls.doubleclick.net bid.g.doubleclick.net 8103783.fls.doubleclick.net widget.trustpilot.com bamboo.lon.netverify.com upload.lon.netverify.com secure.mite.pay360.com secure.pay360.com consentcdn.cookiebot.com;img-src 'self' data: www.tag4arm.com stats.g.doubleclick.net lh3.googleusercontent.com www.google-analytics.com www.googletagmanager.com ssl.gstatic.com www.gstatic.com www.google.com www.google.co.uk googleads.g.doubleclick.net s3-eu-west-1.amazonaws.com/firstbanco-email-assets/ s3-eu-west-1.amazonaws.com/firstbanco-production-broker-logos/ firstbanco-production-cms-uploads.s3.eu-west-1.amazonaws.com;media-src 'none';object-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com tagmanager.google.com;style-src-elem 'self' 'unsafe-inline' use.fontawesome.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css;upgrade-insecure-requests ;block-all-mixed-content ;report-uri /csp-violations;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;

accept-ranges

bytes

content-type

application/javascript

expires

Mon, 01 Feb 2021 12:06:36 +0000

Referer

https://www.bambooloans.com/

User-Agent

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

date

Tue, 26 Jan 2021 08:16:34 GMT

content-encoding

gzip

vary

Accept-Encoding

x-content-security-policy

connect-src 'self' api.rollbar.com rs.fullstory.com www.tag4arm.com www.google-analytics.com adservice.google.com stats.g.doubleclick.net *.twilio.com wss://tsock.us1.twilio.com/v3/wsconnect api.pay360.com sampson.bambooloans.com wss://ws.pusherapp.com *.pusher.com firstbanco-production-attachments.s3.eu-west-1.amazonaws.com;default-src 'self';font-src 'self' data: fonts.googleapis.com fonts.gstatic.com;form-action 'self';frame-ancestors 'self';frame-src 'self' tpc.googlesyndication.com fls.doubleclick.net bid.g.doubleclick.net 8103783.fls.doubleclick.net widget.trustpilot.com bamboo.lon.netverify.com upload.lon.netverify.com secure.mite.pay360.com secure.pay360.com consentcdn.cookiebot.com;img-src 'self' data: www.tag4arm.com stats.g.doubleclick.net lh3.googleusercontent.com www.google-analytics.com www.googletagmanager.com ssl.gstatic.com www.gstatic.com www.google.com www.google.co.uk googleads.g.doubleclick.net s3-eu-west-1.amazonaws.com/firstbanco-email-assets/ s3-eu-west-1.amazonaws.com/firstbanco-production-broker-logos/ firstbanco-production-cms-uploads.s3.eu-west-1.amazonaws.com;media-src 'none';object-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com tagmanager.google.com;style-src-elem 'self' 'unsafe-inline' use.fontawesome.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css;upgrade-insecure-requests ;block-all-mixed-content ;report-uri /csp-violations;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;

age

0

content-length

42566

referrer-policy

strict-origin-when-cross-origin

last-modified

Fri, 22 Jan 2021 12:13:42 GMT

strict-transport-security

max-age=31536000

x-varnish

65475719

via

1.1 varnish-v4

cache-control

public, max-age=604800

feature-policy

geolocation 'none'; midi 'none'; notifications 'none'; push 'none'; microphone 'none'; camera 'self'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; vibrate 'none'; fullscreen 'none'; payment 'none';

content-security-policy

connect-src 'self' api.rollbar.com rs.fullstory.com www.tag4arm.com www.google-analytics.com adservice.google.com stats.g.doubleclick.net *.twilio.com wss://tsock.us1.twilio.com/v3/wsconnect api.pay360.com sampson.bambooloans.com wss://ws.pusherapp.com *.pusher.com firstbanco-production-attachments.s3.eu-west-1.amazonaws.com;default-src 'self';font-src 'self' data: fonts.googleapis.com fonts.gstatic.com;form-action 'self';frame-ancestors 'self';frame-src 'self' tpc.googlesyndication.com fls.doubleclick.net bid.g.doubleclick.net 8103783.fls.doubleclick.net widget.trustpilot.com bamboo.lon.netverify.com upload.lon.netverify.com secure.mite.pay360.com secure.pay360.com consentcdn.cookiebot.com;img-src 'self' data: www.tag4arm.com stats.g.doubleclick.net lh3.googleusercontent.com www.google-analytics.com www.googletagmanager.com ssl.gstatic.com www.gstatic.com www.google.com www.google.co.uk googleads.g.doubleclick.net s3-eu-west-1.amazonaws.com/firstbanco-email-assets/ s3-eu-west-1.amazonaws.com/firstbanco-production-broker-logos/ firstbanco-production-cms-uploads.s3.eu-west-1.amazonaws.com;media-src 'none';object-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com tagmanager.google.com;style-src-elem 'self' 'unsafe-inline' use.fontawesome.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css;upgrade-insecure-requests ;block-all-mixed-content ;report-uri /csp-violations;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;

accept-ranges

bytes

content-type

application/javascript

expires

Mon, 01 Feb 2021 12:08:09 +0000

Referer

https://www.bambooloans.com/

User-Agent

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

date

Tue, 26 Jan 2021 08:16:34 GMT

content-encoding

gzip

vary

Accept-Encoding

x-content-security-policy

connect-src 'self' api.rollbar.com rs.fullstory.com www.tag4arm.com www.google-analytics.com adservice.google.com stats.g.doubleclick.net *.twilio.com wss://tsock.us1.twilio.com/v3/wsconnect api.pay360.com sampson.bambooloans.com wss://ws.pusherapp.com *.pusher.com firstbanco-production-attachments.s3.eu-west-1.amazonaws.com;default-src 'self';font-src 'self' data: fonts.googleapis.com fonts.gstatic.com;form-action 'self';frame-ancestors 'self';frame-src 'self' tpc.googlesyndication.com fls.doubleclick.net bid.g.doubleclick.net 8103783.fls.doubleclick.net widget.trustpilot.com bamboo.lon.netverify.com upload.lon.netverify.com secure.mite.pay360.com secure.pay360.com consentcdn.cookiebot.com;img-src 'self' data: www.tag4arm.com stats.g.doubleclick.net lh3.googleusercontent.com www.google-analytics.com www.googletagmanager.com ssl.gstatic.com www.gstatic.com www.google.com www.google.co.uk googleads.g.doubleclick.net s3-eu-west-1.amazonaws.com/firstbanco-email-assets/ s3-eu-west-1.amazonaws.com/firstbanco-production-broker-logos/ firstbanco-production-cms-uploads.s3.eu-west-1.amazonaws.com;media-src 'none';object-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com tagmanager.google.com;style-src-elem 'self' 'unsafe-inline' use.fontawesome.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css;upgrade-insecure-requests ;block-all-mixed-content ;report-uri /csp-violations;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;

age

0

content-length

944

referrer-policy

strict-origin-when-cross-origin

last-modified

Fri, 22 Jan 2021 12:13:42 GMT

strict-transport-security

max-age=31536000

x-varnish

65475716

via

1.1 varnish-v4

cache-control

public, max-age=604800

feature-policy

geolocation 'none'; midi 'none'; notifications 'none'; push 'none'; microphone 'none'; camera 'self'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; vibrate 'none'; fullscreen 'none'; payment 'none';

content-security-policy

connect-src 'self' api.rollbar.com rs.fullstory.com www.tag4arm.com www.google-analytics.com adservice.google.com stats.g.doubleclick.net *.twilio.com wss://tsock.us1.twilio.com/v3/wsconnect api.pay360.com sampson.bambooloans.com wss://ws.pusherapp.com *.pusher.com firstbanco-production-attachments.s3.eu-west-1.amazonaws.com;default-src 'self';font-src 'self' data: fonts.googleapis.com fonts.gstatic.com;form-action 'self';frame-ancestors 'self';frame-src 'self' tpc.googlesyndication.com fls.doubleclick.net bid.g.doubleclick.net 8103783.fls.doubleclick.net widget.trustpilot.com bamboo.lon.netverify.com upload.lon.netverify.com secure.mite.pay360.com secure.pay360.com consentcdn.cookiebot.com;img-src 'self' data: www.tag4arm.com stats.g.doubleclick.net lh3.googleusercontent.com www.google-analytics.com www.googletagmanager.com ssl.gstatic.com www.gstatic.com www.google.com www.google.co.uk googleads.g.doubleclick.net s3-eu-west-1.amazonaws.com/firstbanco-email-assets/ s3-eu-west-1.amazonaws.com/firstbanco-production-broker-logos/ firstbanco-production-cms-uploads.s3.eu-west-1.amazonaws.com;media-src 'none';object-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com tagmanager.google.com;style-src-elem 'self' 'unsafe-inline' use.fontawesome.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css;upgrade-insecure-requests ;block-all-mixed-content ;report-uri /csp-violations;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;

accept-ranges

bytes

content-type

text/css

expires

Mon, 01 Feb 2021 12:06:36 +0000

Referer

https://www.bambooloans.com/

User-Agent

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

date

Fri, 22 Jan 2021 16:31:52 GMT

content-encoding

gzip

x-content-type-options

nosniff

age

315882

cross-origin-resource-policy

cross-origin

alt-svc

h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

content-length

5437

x-xss-protection

0

last-modified

Tue, 03 Mar 2020 19:15:00 GMT

server

sffe

vary

Accept-Encoding

content-type

text/javascript; charset=UTF-8

access-control-allow-origin

*

cache-control

public, max-age=31536000, stale-while-revalidate=2592000

accept-ranges

bytes

timing-allow-origin

*

expires

Sat, 22 Jan 2022 16:31:52 GMT

Origin

https://www.bambooloans.com

Referer

https://www.bambooloans.com/

User-Agent

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

date

Tue, 26 Jan 2021 08:16:34 GMT

content-encoding

br

x-content-type-options

nosniff

cf-cache-status

HIT

nel

{"max_age":604800,"report_to":"cf-nel"}

age

2693830

cross-origin-resource-policy

cross-origin

alt-svc

h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

content-length

18159

cf-request-id

07df5d248f0000d6b1ed814000000001

timing-allow-origin

*

last-modified

Mon, 04 May 2020 16:16:00 GMT

server

cloudflare

cf-cdnjs-via

cfworker/kv

etag

"5eb03fc0-10826"

expect-ct

max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

strict-transport-security

max-age=15780000

report-to

{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bohVLPDrqWamQI3REAkw%2BzEb21nd9wj9zZVfTL6d8VayipAXXyD4wOUe5kiqMKJb6ygI8TtjQkcmicZzVrf2ztRsCdyr2i3Hzvo3GllcmUwPFAcWtMQmxPfI2hLv%2FNF9Iw%3D%3D"}],"group":"cf-nel","max_age":604800}

content-type

application/javascript; charset=utf-8

access-control-allow-origin

*

vary

Accept-Encoding

cache-control

public, max-age=30672000

accept-ranges

bytes

cf-ray

6178cae74f2dd6b1-FRA

expires

Sun, 16 Jan 2022 08:16:34 GMT

Origin

https://www.bambooloans.com

Referer

https://www.bambooloans.com/

User-Agent

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

date

Mon, 25 Jan 2021 16:19:14 GMT

content-encoding

gzip

x-content-type-options

nosniff

age

57440

cross-origin-resource-policy

cross-origin

alt-svc

h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

content-length

31021

x-xss-protection

0

last-modified

Fri, 08 May 2020 07:05:03 GMT

server

sffe

vary

Accept-Encoding

content-type

text/javascript; charset=UTF-8

access-control-allow-origin

*

cache-control

public, max-age=31536000, stale-while-revalidate=2592000

accept-ranges

bytes

timing-allow-origin

*

expires

Tue, 25 Jan 2022 16:19:14 GMT

Referer

https://www.bambooloans.com/

User-Agent

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

strict-transport-security

max-age=31536000

content-encoding

gzip

x-content-type-options

nosniff

age

79709

x-amz-server-side-encryption

AES256

x-cache

Hit from cloudfront

date

Mon, 25 Jan 2021 10:08:06 GMT

content-length

725

x-xss-protection

1; mode=block

last-modified

Mon, 04 Jan 2021 09:37:03 GMT

server

AmazonS3

etag

"a8b627afb958156461c3c99288acacf5"

content-type

application/x-javascript

via

1.1 e96895e7fdc48b58a3d95d2e8e23a8b0.cloudfront.net (CloudFront)

cache-control

max-age=86400

x-amz-cf-pop

ZRH50-C1

accept-ranges

bytes

x-amz-cf-id

dUcEmWRQOGVNxPid7Pj2TJBbUT-9VcINqBoqjSajMs5iQG3NGEC56g==

Referer

https://www.bambooloans.com/

User-Agent

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

x-amz-server-side-encryption

AES256

date

Mon, 25 Jan 2021 11:39:32 GMT

content-encoding

gzip

last-modified

Wed, 16 Sep 2020 17:22:10 GMT

server

AmazonS3

age

74223

etag

W/"a8fba411a1bff293e4ee09a44b83e291"

vary

Access-Control-Request-Headers,Access-Control-Request-Method

access-control-allow-methods

GET

content-type

application/javascript

access-control-allow-origin

*

x-cache

Hit from cloudfront

x-amz-cf-pop

ZRH50-C1

x-amz-cf-id

SE444il8obGhYDluLEciBNZjCKdBEl7ugDxV9eIbfcb43SPEUpBuuQ==

via

1.1 d7147e532e5cf73689fcb39fa760bcf3.cloudfront.net (CloudFront)

Referer

https://www.bambooloans.com/

User-Agent

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

date

Tue, 26 Jan 2021 08:16:34 GMT

content-encoding

gzip

vary

Accept-Encoding

x-content-security-policy

connect-src 'self' api.rollbar.com rs.fullstory.com www.tag4arm.com www.google-analytics.com adservice.google.com stats.g.doubleclick.net *.twilio.com wss://tsock.us1.twilio.com/v3/wsconnect api.pay360.com sampson.bambooloans.com wss://ws.pusherapp.com *.pusher.com firstbanco-production-attachments.s3.eu-west-1.amazonaws.com;default-src 'self';font-src 'self' data: fonts.googleapis.com fonts.gstatic.com;form-action 'self';frame-ancestors 'self';frame-src 'self' tpc.googlesyndication.com fls.doubleclick.net bid.g.doubleclick.net 8103783.fls.doubleclick.net widget.trustpilot.com bamboo.lon.netverify.com upload.lon.netverify.com secure.mite.pay360.com secure.pay360.com consentcdn.cookiebot.com;img-src 'self' data: www.tag4arm.com stats.g.doubleclick.net lh3.googleusercontent.com www.google-analytics.com www.googletagmanager.com ssl.gstatic.com www.gstatic.com www.google.com www.google.co.uk googleads.g.doubleclick.net s3-eu-west-1.amazonaws.com/firstbanco-email-assets/ s3-eu-west-1.amazonaws.com/firstbanco-production-broker-logos/ firstbanco-production-cms-uploads.s3.eu-west-1.amazonaws.com;media-src 'none';object-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com tagmanager.google.com;style-src-elem 'self' 'unsafe-inline' use.fontawesome.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css;upgrade-insecure-requests ;block-all-mixed-content ;report-uri /csp-violations;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;

age

0

content-length

47191

referrer-policy

strict-origin-when-cross-origin

last-modified

Fri, 22 Jan 2021 12:16:00 GMT

strict-transport-security

max-age=31536000

x-varnish

63796714

via

1.1 varnish-v4

cache-control

public, max-age=604800

feature-policy

geolocation 'none'; midi 'none'; notifications 'none'; push 'none'; microphone 'none'; camera 'self'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; vibrate 'none'; fullscreen 'none'; payment 'none';

content-security-policy

connect-src 'self' api.rollbar.com rs.fullstory.com www.tag4arm.com www.google-analytics.com adservice.google.com stats.g.doubleclick.net *.twilio.com wss://tsock.us1.twilio.com/v3/wsconnect api.pay360.com sampson.bambooloans.com wss://ws.pusherapp.com *.pusher.com firstbanco-production-attachments.s3.eu-west-1.amazonaws.com;default-src 'self';font-src 'self' data: fonts.googleapis.com fonts.gstatic.com;form-action 'self';frame-ancestors 'self';frame-src 'self' tpc.googlesyndication.com fls.doubleclick.net bid.g.doubleclick.net 8103783.fls.doubleclick.net widget.trustpilot.com bamboo.lon.netverify.com upload.lon.netverify.com secure.mite.pay360.com secure.pay360.com consentcdn.cookiebot.com;img-src 'self' data: www.tag4arm.com stats.g.doubleclick.net lh3.googleusercontent.com www.google-analytics.com www.googletagmanager.com ssl.gstatic.com www.gstatic.com www.google.com www.google.co.uk googleads.g.doubleclick.net s3-eu-west-1.amazonaws.com/firstbanco-email-assets/ s3-eu-west-1.amazonaws.com/firstbanco-production-broker-logos/ firstbanco-production-cms-uploads.s3.eu-west-1.amazonaws.com;media-src 'none';object-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com tagmanager.google.com;style-src-elem 'self' 'unsafe-inline' use.fontawesome.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css;upgrade-insecure-requests ;block-all-mixed-content ;report-uri /csp-violations;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;

accept-ranges

bytes

content-type

text/css

expires

Mon, 01 Feb 2021 12:09:31 +0000

Referer

https://www.bambooloans.com/

User-Agent

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

date

Tue, 26 Jan 2021 08:16:34 GMT

content-encoding

gzip

vary

Accept-Encoding

x-content-security-policy

connect-src 'self' api.rollbar.com rs.fullstory.com www.tag4arm.com www.google-analytics.com adservice.google.com stats.g.doubleclick.net *.twilio.com wss://tsock.us1.twilio.com/v3/wsconnect api.pay360.com sampson.bambooloans.com wss://ws.pusherapp.com *.pusher.com firstbanco-production-attachments.s3.eu-west-1.amazonaws.com;default-src 'self';font-src 'self' data: fonts.googleapis.com fonts.gstatic.com;form-action 'self';frame-ancestors 'self';frame-src 'self' tpc.googlesyndication.com fls.doubleclick.net bid.g.doubleclick.net 8103783.fls.doubleclick.net widget.trustpilot.com bamboo.lon.netverify.com upload.lon.netverify.com secure.mite.pay360.com secure.pay360.com consentcdn.cookiebot.com;img-src 'self' data: www.tag4arm.com stats.g.doubleclick.net lh3.googleusercontent.com www.google-analytics.com www.googletagmanager.com ssl.gstatic.com www.gstatic.com www.google.com www.google.co.uk googleads.g.doubleclick.net s3-eu-west-1.amazonaws.com/firstbanco-email-assets/ s3-eu-west-1.amazonaws.com/firstbanco-production-broker-logos/ firstbanco-production-cms-uploads.s3.eu-west-1.amazonaws.com;media-src 'none';object-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com tagmanager.google.com;style-src-elem 'self' 'unsafe-inline' use.fontawesome.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css;upgrade-insecure-requests ;block-all-mixed-content ;report-uri /csp-violations;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;

age

0

content-length

68169

referrer-policy

strict-origin-when-cross-origin

last-modified

Fri, 22 Jan 2021 12:16:00 GMT

strict-transport-security

max-age=31536000

x-varnish

62668765

via

1.1 varnish-v4

cache-control

public, max-age=604800

feature-policy

geolocation 'none'; midi 'none'; notifications 'none'; push 'none'; microphone 'none'; camera 'self'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; vibrate 'none'; fullscreen 'none'; payment 'none';

content-security-policy

connect-src 'self' api.rollbar.com rs.fullstory.com www.tag4arm.com www.google-analytics.com adservice.google.com stats.g.doubleclick.net *.twilio.com wss://tsock.us1.twilio.com/v3/wsconnect api.pay360.com sampson.bambooloans.com wss://ws.pusherapp.com *.pusher.com firstbanco-production-attachments.s3.eu-west-1.amazonaws.com;default-src 'self';font-src 'self' data: fonts.googleapis.com fonts.gstatic.com;form-action 'self';frame-ancestors 'self';frame-src 'self' tpc.googlesyndication.com fls.doubleclick.net bid.g.doubleclick.net 8103783.fls.doubleclick.net widget.trustpilot.com bamboo.lon.netverify.com upload.lon.netverify.com secure.mite.pay360.com secure.pay360.com consentcdn.cookiebot.com;img-src 'self' data: www.tag4arm.com stats.g.doubleclick.net lh3.googleusercontent.com www.google-analytics.com www.googletagmanager.com ssl.gstatic.com www.gstatic.com www.google.com www.google.co.uk googleads.g.doubleclick.net s3-eu-west-1.amazonaws.com/firstbanco-email-assets/ s3-eu-west-1.amazonaws.com/firstbanco-production-broker-logos/ firstbanco-production-cms-uploads.s3.eu-west-1.amazonaws.com;media-src 'none';object-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com tagmanager.google.com;style-src-elem 'self' 'unsafe-inline' use.fontawesome.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css;upgrade-insecure-requests ;block-all-mixed-content ;report-uri /csp-violations;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;

accept-ranges

bytes

content-type

application/javascript

expires

Mon, 01 Feb 2021 12:08:09 +0000

Referer

https://www.bambooloans.com/

User-Agent

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

date

Tue, 26 Jan 2021 08:16:34 GMT

content-encoding

gzip

vary

Accept-Encoding

x-content-security-policy

connect-src 'self' api.rollbar.com rs.fullstory.com www.tag4arm.com www.google-analytics.com adservice.google.com stats.g.doubleclick.net *.twilio.com wss://tsock.us1.twilio.com/v3/wsconnect api.pay360.com sampson.bambooloans.com wss://ws.pusherapp.com *.pusher.com firstbanco-production-attachments.s3.eu-west-1.amazonaws.com;default-src 'self';font-src 'self' data: fonts.googleapis.com fonts.gstatic.com;form-action 'self';frame-ancestors 'self';frame-src 'self' tpc.googlesyndication.com fls.doubleclick.net bid.g.doubleclick.net 8103783.fls.doubleclick.net widget.trustpilot.com bamboo.lon.netverify.com upload.lon.netverify.com secure.mite.pay360.com secure.pay360.com consentcdn.cookiebot.com;img-src 'self' data: www.tag4arm.com stats.g.doubleclick.net lh3.googleusercontent.com www.google-analytics.com www.googletagmanager.com ssl.gstatic.com www.gstatic.com www.google.com www.google.co.uk googleads.g.doubleclick.net s3-eu-west-1.amazonaws.com/firstbanco-email-assets/ s3-eu-west-1.amazonaws.com/firstbanco-production-broker-logos/ firstbanco-production-cms-uploads.s3.eu-west-1.amazonaws.com;media-src 'none';object-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com tagmanager.google.com;style-src-elem 'self' 'unsafe-inline' use.fontawesome.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css;upgrade-insecure-requests ;block-all-mixed-content ;report-uri /csp-violations;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;

age

0

content-length

7533

referrer-policy

strict-origin-when-cross-origin

last-modified

Fri, 22 Jan 2021 12:13:42 GMT

strict-transport-security

max-age=31536000

x-varnish

64554620

via

1.1 varnish-v4

cache-control

public, max-age=604800

feature-policy

geolocation 'none'; midi 'none'; notifications 'none'; push 'none'; microphone 'none'; camera 'self'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; vibrate 'none'; fullscreen 'none'; payment 'none';

content-security-policy

connect-src 'self' api.rollbar.com rs.fullstory.com www.tag4arm.com www.google-analytics.com adservice.google.com stats.g.doubleclick.net *.twilio.com wss://tsock.us1.twilio.com/v3/wsconnect api.pay360.com sampson.bambooloans.com wss://ws.pusherapp.com *.pusher.com firstbanco-production-attachments.s3.eu-west-1.amazonaws.com;default-src 'self';font-src 'self' data: fonts.googleapis.com fonts.gstatic.com;form-action 'self';frame-ancestors 'self';frame-src 'self' tpc.googlesyndication.com fls.doubleclick.net bid.g.doubleclick.net 8103783.fls.doubleclick.net widget.trustpilot.com bamboo.lon.netverify.com upload.lon.netverify.com secure.mite.pay360.com secure.pay360.com consentcdn.cookiebot.com;img-src 'self' data: www.tag4arm.com stats.g.doubleclick.net lh3.googleusercontent.com www.google-analytics.com www.googletagmanager.com ssl.gstatic.com www.gstatic.com www.google.com www.google.co.uk googleads.g.doubleclick.net s3-eu-west-1.amazonaws.com/firstbanco-email-assets/ s3-eu-west-1.amazonaws.com/firstbanco-production-broker-logos/ firstbanco-production-cms-uploads.s3.eu-west-1.amazonaws.com;media-src 'none';object-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com tagmanager.google.com;style-src-elem 'self' 'unsafe-inline' use.fontawesome.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css;upgrade-insecure-requests ;block-all-mixed-content ;report-uri /csp-violations;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;

accept-ranges

bytes

content-type

application/javascript

expires

Mon, 01 Feb 2021 12:09:31 +0000

Referer

https://www.bambooloans.com/

User-Agent

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

date

Tue, 26 Jan 2021 08:16:34 GMT

content-encoding

gzip

vary

Accept-Encoding

x-content-security-policy

connect-src 'self' api.rollbar.com rs.fullstory.com www.tag4arm.com www.google-analytics.com adservice.google.com stats.g.doubleclick.net *.twilio.com wss://tsock.us1.twilio.com/v3/wsconnect api.pay360.com sampson.bambooloans.com wss://ws.pusherapp.com *.pusher.com firstbanco-production-attachments.s3.eu-west-1.amazonaws.com;default-src 'self';font-src 'self' data: fonts.googleapis.com fonts.gstatic.com;form-action 'self';frame-ancestors 'self';frame-src 'self' tpc.googlesyndication.com fls.doubleclick.net bid.g.doubleclick.net 8103783.fls.doubleclick.net widget.trustpilot.com bamboo.lon.netverify.com upload.lon.netverify.com secure.mite.pay360.com secure.pay360.com consentcdn.cookiebot.com;img-src 'self' data: www.tag4arm.com stats.g.doubleclick.net lh3.googleusercontent.com www.google-analytics.com www.googletagmanager.com ssl.gstatic.com www.gstatic.com www.google.com www.google.co.uk googleads.g.doubleclick.net s3-eu-west-1.amazonaws.com/firstbanco-email-assets/ s3-eu-west-1.amazonaws.com/firstbanco-production-broker-logos/ firstbanco-production-cms-uploads.s3.eu-west-1.amazonaws.com;media-src 'none';object-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com tagmanager.google.com;style-src-elem 'self' 'unsafe-inline' use.fontawesome.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css;upgrade-insecure-requests ;block-all-mixed-content ;report-uri /csp-violations;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;

age

0

content-length

2640

referrer-policy

strict-origin-when-cross-origin

last-modified

Fri, 22 Jan 2021 12:13:42 GMT

strict-transport-security

max-age=31536000

x-varnish

63796717

via

1.1 varnish-v4

cache-control

public, max-age=604800

feature-policy

geolocation 'none'; midi 'none'; notifications 'none'; push 'none'; microphone 'none'; camera 'self'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; vibrate 'none'; fullscreen 'none'; payment 'none';

content-security-policy

connect-src 'self' api.rollbar.com rs.fullstory.com www.tag4arm.com www.google-analytics.com adservice.google.com stats.g.doubleclick.net *.twilio.com wss://tsock.us1.twilio.com/v3/wsconnect api.pay360.com sampson.bambooloans.com wss://ws.pusherapp.com *.pusher.com firstbanco-production-attachments.s3.eu-west-1.amazonaws.com;default-src 'self';font-src 'self' data: fonts.googleapis.com fonts.gstatic.com;form-action 'self';frame-ancestors 'self';frame-src 'self' tpc.googlesyndication.com fls.doubleclick.net bid.g.doubleclick.net 8103783.fls.doubleclick.net widget.trustpilot.com bamboo.lon.netverify.com upload.lon.netverify.com secure.mite.pay360.com secure.pay360.com consentcdn.cookiebot.com;img-src 'self' data: www.tag4arm.com stats.g.doubleclick.net lh3.googleusercontent.com www.google-analytics.com www.googletagmanager.com ssl.gstatic.com www.gstatic.com www.google.com www.google.co.uk googleads.g.doubleclick.net s3-eu-west-1.amazonaws.com/firstbanco-email-assets/ s3-eu-west-1.amazonaws.com/firstbanco-production-broker-logos/ firstbanco-production-cms-uploads.s3.eu-west-1.amazonaws.com;media-src 'none';object-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com tagmanager.google.com;style-src-elem 'self' 'unsafe-inline' use.fontawesome.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css;upgrade-insecure-requests ;block-all-mixed-content ;report-uri /csp-violations;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;

accept-ranges

bytes

content-type

application/javascript

expires

Mon, 01 Feb 2021 12:06:36 +0000

Referer

https://www.bambooloans.com/

User-Agent

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

date

Tue, 26 Jan 2021 08:16:34 GMT

via

1.1 varnish-v4

referrer-policy

strict-origin-when-cross-origin

last-modified

Fri, 22 Jan 2021 12:11:52 GMT

age

0

strict-transport-security

max-age=31536000

content-type

image/png

expires

Mon, 01 Feb 2021 12:08:09 +0000

cache-control

public, max-age=604800

feature-policy

geolocation 'none'; midi 'none'; notifications 'none'; push 'none'; microphone 'none'; camera 'self'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; vibrate 'none'; fullscreen 'none'; payment 'none';

x-varnish

64495689

content-security-policy

connect-src 'self' api.rollbar.com rs.fullstory.com www.tag4arm.com www.google-analytics.com adservice.google.com stats.g.doubleclick.net *.twilio.com wss://tsock.us1.twilio.com/v3/wsconnect api.pay360.com sampson.bambooloans.com wss://ws.pusherapp.com *.pusher.com firstbanco-production-attachments.s3.eu-west-1.amazonaws.com;default-src 'self';font-src 'self' data: fonts.googleapis.com fonts.gstatic.com;form-action 'self';frame-ancestors 'self';frame-src 'self' tpc.googlesyndication.com fls.doubleclick.net bid.g.doubleclick.net 8103783.fls.doubleclick.net widget.trustpilot.com bamboo.lon.netverify.com upload.lon.netverify.com secure.mite.pay360.com secure.pay360.com consentcdn.cookiebot.com;img-src 'self' data: www.tag4arm.com stats.g.doubleclick.net lh3.googleusercontent.com www.google-analytics.com www.googletagmanager.com ssl.gstatic.com www.gstatic.com www.google.com www.google.co.uk googleads.g.doubleclick.net s3-eu-west-1.amazonaws.com/firstbanco-email-assets/ s3-eu-west-1.amazonaws.com/firstbanco-production-broker-logos/ firstbanco-production-cms-uploads.s3.eu-west-1.amazonaws.com;media-src 'none';object-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com tagmanager.google.com;style-src-elem 'self' 'unsafe-inline' use.fontawesome.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css;upgrade-insecure-requests ;block-all-mixed-content ;report-uri /csp-violations;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;

accept-ranges

bytes

content-length

74745

x-content-security-policy

connect-src 'self' api.rollbar.com rs.fullstory.com www.tag4arm.com www.google-analytics.com adservice.google.com stats.g.doubleclick.net *.twilio.com wss://tsock.us1.twilio.com/v3/wsconnect api.pay360.com sampson.bambooloans.com wss://ws.pusherapp.com *.pusher.com firstbanco-production-attachments.s3.eu-west-1.amazonaws.com;default-src 'self';font-src 'self' data: fonts.googleapis.com fonts.gstatic.com;form-action 'self';frame-ancestors 'self';frame-src 'self' tpc.googlesyndication.com fls.doubleclick.net bid.g.doubleclick.net 8103783.fls.doubleclick.net widget.trustpilot.com bamboo.lon.netverify.com upload.lon.netverify.com secure.mite.pay360.com secure.pay360.com consentcdn.cookiebot.com;img-src 'self' data: www.tag4arm.com stats.g.doubleclick.net lh3.googleusercontent.com www.google-analytics.com www.googletagmanager.com ssl.gstatic.com www.gstatic.com www.google.com www.google.co.uk googleads.g.doubleclick.net s3-eu-west-1.amazonaws.com/firstbanco-email-assets/ s3-eu-west-1.amazonaws.com/firstbanco-production-broker-logos/ firstbanco-production-cms-uploads.s3.eu-west-1.amazonaws.com;media-src 'none';object-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com tagmanager.google.com;style-src-elem 'self' 'unsafe-inline' use.fontawesome.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css;upgrade-insecure-requests ;block-all-mixed-content ;report-uri /csp-violations;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;

Referer

https://www.bambooloans.com/

User-Agent

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

date

Tue, 26 Jan 2021 08:16:34 GMT

via

1.1 varnish-v4

referrer-policy

strict-origin-when-cross-origin

last-modified

Fri, 22 Jan 2021 12:11:52 GMT

age

0

strict-transport-security

max-age=31536000

content-type

image/png

expires

Mon, 01 Feb 2021 12:09:31 +0000

cache-control

public, max-age=604800

feature-policy

geolocation 'none'; midi 'none'; notifications 'none'; push 'none'; microphone 'none'; camera 'self'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; vibrate 'none'; fullscreen 'none'; payment 'none';

x-varnish

64754442

content-security-policy

connect-src 'self' api.rollbar.com rs.fullstory.com www.tag4arm.com www.google-analytics.com adservice.google.com stats.g.doubleclick.net *.twilio.com wss://tsock.us1.twilio.com/v3/wsconnect api.pay360.com sampson.bambooloans.com wss://ws.pusherapp.com *.pusher.com firstbanco-production-attachments.s3.eu-west-1.amazonaws.com;default-src 'self';font-src 'self' data: fonts.googleapis.com fonts.gstatic.com;form-action 'self';frame-ancestors 'self';frame-src 'self' tpc.googlesyndication.com fls.doubleclick.net bid.g.doubleclick.net 8103783.fls.doubleclick.net widget.trustpilot.com bamboo.lon.netverify.com upload.lon.netverify.com secure.mite.pay360.com secure.pay360.com consentcdn.cookiebot.com;img-src 'self' data: www.tag4arm.com stats.g.doubleclick.net lh3.googleusercontent.com www.google-analytics.com www.googletagmanager.com ssl.gstatic.com www.gstatic.com www.google.com www.google.co.uk googleads.g.doubleclick.net s3-eu-west-1.amazonaws.com/firstbanco-email-assets/ s3-eu-west-1.amazonaws.com/firstbanco-production-broker-logos/ firstbanco-production-cms-uploads.s3.eu-west-1.amazonaws.com;media-src 'none';object-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com tagmanager.google.com;style-src-elem 'self' 'unsafe-inline' use.fontawesome.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css;upgrade-insecure-requests ;block-all-mixed-content ;report-uri /csp-violations;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;

accept-ranges

bytes

content-length

11082

x-content-security-policy

connect-src 'self' api.rollbar.com rs.fullstory.com www.tag4arm.com www.google-analytics.com adservice.google.com stats.g.doubleclick.net *.twilio.com wss://tsock.us1.twilio.com/v3/wsconnect api.pay360.com sampson.bambooloans.com wss://ws.pusherapp.com *.pusher.com firstbanco-production-attachments.s3.eu-west-1.amazonaws.com;default-src 'self';font-src 'self' data: fonts.googleapis.com fonts.gstatic.com;form-action 'self';frame-ancestors 'self';frame-src 'self' tpc.googlesyndication.com fls.doubleclick.net bid.g.doubleclick.net 8103783.fls.doubleclick.net widget.trustpilot.com bamboo.lon.netverify.com upload.lon.netverify.com secure.mite.pay360.com secure.pay360.com consentcdn.cookiebot.com;img-src 'self' data: www.tag4arm.com stats.g.doubleclick.net lh3.googleusercontent.com www.google-analytics.com www.googletagmanager.com ssl.gstatic.com www.gstatic.com www.google.com www.google.co.uk googleads.g.doubleclick.net s3-eu-west-1.amazonaws.com/firstbanco-email-assets/ s3-eu-west-1.amazonaws.com/firstbanco-production-broker-logos/ firstbanco-production-cms-uploads.s3.eu-west-1.amazonaws.com;media-src 'none';object-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com tagmanager.google.com;style-src-elem 'self' 'unsafe-inline' use.fontawesome.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css;upgrade-insecure-requests ;block-all-mixed-content ;report-uri /csp-violations;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;

Referer

https://www.bambooloans.com/

User-Agent

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

date

Tue, 26 Jan 2021 08:16:34 GMT

via

1.1 varnish-v4

referrer-policy

strict-origin-when-cross-origin

last-modified

Fri, 22 Jan 2021 12:11:52 GMT

age

0

strict-transport-security

max-age=31536000

content-type

image/png

expires

Mon, 01 Feb 2021 12:08:09 +0000

cache-control

public, max-age=604800

feature-policy

geolocation 'none'; midi 'none'; notifications 'none'; push 'none'; microphone 'none'; camera 'self'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; vibrate 'none'; fullscreen 'none'; payment 'none';

x-varnish

62683149

content-security-policy

connect-src 'self' api.rollbar.com rs.fullstory.com www.tag4arm.com www.google-analytics.com adservice.google.com stats.g.doubleclick.net *.twilio.com wss://tsock.us1.twilio.com/v3/wsconnect api.pay360.com sampson.bambooloans.com wss://ws.pusherapp.com *.pusher.com firstbanco-production-attachments.s3.eu-west-1.amazonaws.com;default-src 'self';font-src 'self' data: fonts.googleapis.com fonts.gstatic.com;form-action 'self';frame-ancestors 'self';frame-src 'self' tpc.googlesyndication.com fls.doubleclick.net bid.g.doubleclick.net 8103783.fls.doubleclick.net widget.trustpilot.com bamboo.lon.netverify.com upload.lon.netverify.com secure.mite.pay360.com secure.pay360.com consentcdn.cookiebot.com;img-src 'self' data: www.tag4arm.com stats.g.doubleclick.net lh3.googleusercontent.com www.google-analytics.com www.googletagmanager.com ssl.gstatic.com www.gstatic.com www.google.com www.google.co.uk googleads.g.doubleclick.net s3-eu-west-1.amazonaws.com/firstbanco-email-assets/ s3-eu-west-1.amazonaws.com/firstbanco-production-broker-logos/ firstbanco-production-cms-uploads.s3.eu-west-1.amazonaws.com;media-src 'none';object-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com tagmanager.google.com;style-src-elem 'self' 'unsafe-inline' use.fontawesome.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css;upgrade-insecure-requests ;block-all-mixed-content ;report-uri /csp-violations;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;

accept-ranges

bytes

content-length

14214

x-content-security-policy

connect-src 'self' api.rollbar.com rs.fullstory.com www.tag4arm.com www.google-analytics.com adservice.google.com stats.g.doubleclick.net *.twilio.com wss://tsock.us1.twilio.com/v3/wsconnect api.pay360.com sampson.bambooloans.com wss://ws.pusherapp.com *.pusher.com firstbanco-production-attachments.s3.eu-west-1.amazonaws.com;default-src 'self';font-src 'self' data: fonts.googleapis.com fonts.gstatic.com;form-action 'self';frame-ancestors 'self';frame-src 'self' tpc.googlesyndication.com fls.doubleclick.net bid.g.doubleclick.net 8103783.fls.doubleclick.net widget.trustpilot.com bamboo.lon.netverify.com upload.lon.netverify.com secure.mite.pay360.com secure.pay360.com consentcdn.cookiebot.com;img-src 'self' data: www.tag4arm.com stats.g.doubleclick.net lh3.googleusercontent.com www.google-analytics.com www.googletagmanager.com ssl.gstatic.com www.gstatic.com www.google.com www.google.co.uk googleads.g.doubleclick.net s3-eu-west-1.amazonaws.com/firstbanco-email-assets/ s3-eu-west-1.amazonaws.com/firstbanco-production-broker-logos/ firstbanco-production-cms-uploads.s3.eu-west-1.amazonaws.com;media-src 'none';object-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com tagmanager.google.com;style-src-elem 'self' 'unsafe-inline' use.fontawesome.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css;upgrade-insecure-requests ;block-all-mixed-content ;report-uri /csp-violations;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;

Referer

https://www.bambooloans.com/

User-Agent

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

date

Tue, 26 Jan 2021 08:16:34 GMT

via

1.1 varnish-v4

referrer-policy

strict-origin-when-cross-origin

last-modified

Fri, 22 Jan 2021 12:11:52 GMT

age

0

strict-transport-security

max-age=31536000

content-type

image/png

expires

Mon, 01 Feb 2021 12:09:31 +0000

cache-control

public, max-age=604800

feature-policy

geolocation 'none'; midi 'none'; notifications 'none'; push 'none'; microphone 'none'; camera 'self'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; vibrate 'none'; fullscreen 'none'; payment 'none';

x-varnish

65475722

content-security-policy

connect-src 'self' api.rollbar.com rs.fullstory.com www.tag4arm.com www.google-analytics.com adservice.google.com stats.g.doubleclick.net *.twilio.com wss://tsock.us1.twilio.com/v3/wsconnect api.pay360.com sampson.bambooloans.com wss://ws.pusherapp.com *.pusher.com firstbanco-production-attachments.s3.eu-west-1.amazonaws.com;default-src 'self';font-src 'self' data: fonts.googleapis.com fonts.gstatic.com;form-action 'self';frame-ancestors 'self';frame-src 'self' tpc.googlesyndication.com fls.doubleclick.net bid.g.doubleclick.net 8103783.fls.doubleclick.net widget.trustpilot.com bamboo.lon.netverify.com upload.lon.netverify.com secure.mite.pay360.com secure.pay360.com consentcdn.cookiebot.com;img-src 'self' data: www.tag4arm.com stats.g.doubleclick.net lh3.googleusercontent.com www.google-analytics.com www.googletagmanager.com ssl.gstatic.com www.gstatic.com www.google.com www.google.co.uk googleads.g.doubleclick.net s3-eu-west-1.amazonaws.com/firstbanco-email-assets/ s3-eu-west-1.amazonaws.com/firstbanco-production-broker-logos/ firstbanco-production-cms-uploads.s3.eu-west-1.amazonaws.com;media-src 'none';object-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com tagmanager.google.com;style-src-elem 'self' 'unsafe-inline' use.fontawesome.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css;upgrade-insecure-requests ;block-all-mixed-content ;report-uri /csp-violations;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;

accept-ranges

bytes

content-length

17863

x-content-security-policy

connect-src 'self' api.rollbar.com rs.fullstory.com www.tag4arm.com www.google-analytics.com adservice.google.com stats.g.doubleclick.net *.twilio.com wss://tsock.us1.twilio.com/v3/wsconnect api.pay360.com sampson.bambooloans.com wss://ws.pusherapp.com *.pusher.com firstbanco-production-attachments.s3.eu-west-1.amazonaws.com;default-src 'self';font-src 'self' data: fonts.googleapis.com fonts.gstatic.com;form-action 'self';frame-ancestors 'self';frame-src 'self' tpc.googlesyndication.com fls.doubleclick.net bid.g.doubleclick.net 8103783.fls.doubleclick.net widget.trustpilot.com bamboo.lon.netverify.com upload.lon.netverify.com secure.mite.pay360.com secure.pay360.com consentcdn.cookiebot.com;img-src 'self' data: www.tag4arm.com stats.g.doubleclick.net lh3.googleusercontent.com www.google-analytics.com www.googletagmanager.com ssl.gstatic.com www.gstatic.com www.google.com www.google.co.uk googleads.g.doubleclick.net s3-eu-west-1.amazonaws.com/firstbanco-email-assets/ s3-eu-west-1.amazonaws.com/firstbanco-production-broker-logos/ firstbanco-production-cms-uploads.s3.eu-west-1.amazonaws.com;media-src 'none';object-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com tagmanager.google.com;style-src-elem 'self' 'unsafe-inline' use.fontawesome.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css;upgrade-insecure-requests ;block-all-mixed-content ;report-uri /csp-violations;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;

Referer

https://www.bambooloans.com/

User-Agent

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

date

Tue, 26 Jan 2021 08:16:34 GMT

via

1.1 varnish-v4

referrer-policy

strict-origin-when-cross-origin

last-modified

Fri, 22 Jan 2021 12:11:52 GMT

age

0

strict-transport-security

max-age=31536000

content-type

image/png

expires

Mon, 01 Feb 2021 12:06:36 +0000

cache-control

public, max-age=604800

feature-policy

geolocation 'none'; midi 'none'; notifications 'none'; push 'none'; microphone 'none'; camera 'self'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; vibrate 'none'; fullscreen 'none'; payment 'none';

x-varnish

64554623

content-security-policy

connect-src 'self' api.rollbar.com rs.fullstory.com www.tag4arm.com www.google-analytics.com adservice.google.com stats.g.doubleclick.net *.twilio.com wss://tsock.us1.twilio.com/v3/wsconnect api.pay360.com sampson.bambooloans.com wss://ws.pusherapp.com *.pusher.com firstbanco-production-attachments.s3.eu-west-1.amazonaws.com;default-src 'self';font-src 'self' data: fonts.googleapis.com fonts.gstatic.com;form-action 'self';frame-ancestors 'self';frame-src 'self' tpc.googlesyndication.com fls.doubleclick.net bid.g.doubleclick.net 8103783.fls.doubleclick.net widget.trustpilot.com bamboo.lon.netverify.com upload.lon.netverify.com secure.mite.pay360.com secure.pay360.com consentcdn.cookiebot.com;img-src 'self' data: www.tag4arm.com stats.g.doubleclick.net lh3.googleusercontent.com www.google-analytics.com www.googletagmanager.com ssl.gstatic.com www.gstatic.com www.google.com www.google.co.uk googleads.g.doubleclick.net s3-eu-west-1.amazonaws.com/firstbanco-email-assets/ s3-eu-west-1.amazonaws.com/firstbanco-production-broker-logos/ firstbanco-production-cms-uploads.s3.eu-west-1.amazonaws.com;media-src 'none';object-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com tagmanager.google.com;style-src-elem 'self' 'unsafe-inline' use.fontawesome.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css;upgrade-insecure-requests ;block-all-mixed-content ;report-uri /csp-violations;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;

accept-ranges

bytes

content-length

21235

x-content-security-policy

connect-src 'self' api.rollbar.com rs.fullstory.com www.tag4arm.com www.google-analytics.com adservice.google.com stats.g.doubleclick.net *.twilio.com wss://tsock.us1.twilio.com/v3/wsconnect api.pay360.com sampson.bambooloans.com wss://ws.pusherapp.com *.pusher.com firstbanco-production-attachments.s3.eu-west-1.amazonaws.com;default-src 'self';font-src 'self' data: fonts.googleapis.com fonts.gstatic.com;form-action 'self';frame-ancestors 'self';frame-src 'self' tpc.googlesyndication.com fls.doubleclick.net bid.g.doubleclick.net 8103783.fls.doubleclick.net widget.trustpilot.com bamboo.lon.netverify.com upload.lon.netverify.com secure.mite.pay360.com secure.pay360.com consentcdn.cookiebot.com;img-src 'self' data: www.tag4arm.com stats.g.doubleclick.net lh3.googleusercontent.com www.google-analytics.com www.googletagmanager.com ssl.gstatic.com www.gstatic.com www.google.com www.google.co.uk googleads.g.doubleclick.net s3-eu-west-1.amazonaws.com/firstbanco-email-assets/ s3-eu-west-1.amazonaws.com/firstbanco-production-broker-logos/ firstbanco-production-cms-uploads.s3.eu-west-1.amazonaws.com;media-src 'none';object-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com tagmanager.google.com;style-src-elem 'self' 'unsafe-inline' use.fontawesome.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css;upgrade-insecure-requests ;block-all-mixed-content ;report-uri /csp-violations;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;

Referer

https://www.bambooloans.com/

User-Agent

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

date

Tue, 26 Jan 2021 08:16:34 GMT

via

1.1 varnish-v4

referrer-policy

strict-origin-when-cross-origin

last-modified

Fri, 22 Jan 2021 12:11:52 GMT

age

0

strict-transport-security

max-age=31536000

content-type

image/png

expires

Mon, 01 Feb 2021 12:08:09 +0000

cache-control

public, max-age=604800

feature-policy

geolocation 'none'; midi 'none'; notifications 'none'; push 'none'; microphone 'none'; camera 'self'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; vibrate 'none'; fullscreen 'none'; payment 'none';

x-varnish

63796720

content-security-policy

connect-src 'self' api.rollbar.com rs.fullstory.com www.tag4arm.com www.google-analytics.com adservice.google.com stats.g.doubleclick.net *.twilio.com wss://tsock.us1.twilio.com/v3/wsconnect api.pay360.com sampson.bambooloans.com wss://ws.pusherapp.com *.pusher.com firstbanco-production-attachments.s3.eu-west-1.amazonaws.com;default-src 'self';font-src 'self' data: fonts.googleapis.com fonts.gstatic.com;form-action 'self';frame-ancestors 'self';frame-src 'self' tpc.googlesyndication.com fls.doubleclick.net bid.g.doubleclick.net 8103783.fls.doubleclick.net widget.trustpilot.com bamboo.lon.netverify.com upload.lon.netverify.com secure.mite.pay360.com secure.pay360.com consentcdn.cookiebot.com;img-src 'self' data: www.tag4arm.com stats.g.doubleclick.net lh3.googleusercontent.com www.google-analytics.com www.googletagmanager.com ssl.gstatic.com www.gstatic.com www.google.com www.google.co.uk googleads.g.doubleclick.net s3-eu-west-1.amazonaws.com/firstbanco-email-assets/ s3-eu-west-1.amazonaws.com/firstbanco-production-broker-logos/ firstbanco-production-cms-uploads.s3.eu-west-1.amazonaws.com;media-src 'none';object-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com tagmanager.google.com;style-src-elem 'self' 'unsafe-inline' use.fontawesome.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css;upgrade-insecure-requests ;block-all-mixed-content ;report-uri /csp-violations;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;

accept-ranges

bytes

content-length

191721

x-content-security-policy

connect-src 'self' api.rollbar.com rs.fullstory.com www.tag4arm.com www.google-analytics.com adservice.google.com stats.g.doubleclick.net *.twilio.com wss://tsock.us1.twilio.com/v3/wsconnect api.pay360.com sampson.bambooloans.com wss://ws.pusherapp.com *.pusher.com firstbanco-production-attachments.s3.eu-west-1.amazonaws.com;default-src 'self';font-src 'self' data: fonts.googleapis.com fonts.gstatic.com;form-action 'self';frame-ancestors 'self';frame-src 'self' tpc.googlesyndication.com fls.doubleclick.net bid.g.doubleclick.net 8103783.fls.doubleclick.net widget.trustpilot.com bamboo.lon.netverify.com upload.lon.netverify.com secure.mite.pay360.com secure.pay360.com consentcdn.cookiebot.com;img-src 'self' data: www.tag4arm.com stats.g.doubleclick.net lh3.googleusercontent.com www.google-analytics.com www.googletagmanager.com ssl.gstatic.com www.gstatic.com www.google.com www.google.co.uk googleads.g.doubleclick.net s3-eu-west-1.amazonaws.com/firstbanco-email-assets/ s3-eu-west-1.amazonaws.com/firstbanco-production-broker-logos/ firstbanco-production-cms-uploads.s3.eu-west-1.amazonaws.com;media-src 'none';object-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com tagmanager.google.com;style-src-elem 'self' 'unsafe-inline' use.fontawesome.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css;upgrade-insecure-requests ;block-all-mixed-content ;report-uri /csp-violations;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;

Referer

User-Agent

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Content-Type

image/png

Referer

User-Agent

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Content-Type

img/png

Referer

User-Agent

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Content-Type

img/png

Referer

https://www.bambooloans.com/

User-Agent

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

strict-transport-security

max-age=31536000

content-encoding

gzip

x-content-type-options

nosniff

cross-origin-resource-policy

cross-origin

alt-svc

h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

x-xss-protection

0

last-modified

Tue, 26 Jan 2021 08:16:34 GMT

server

ESF

date

Tue, 26 Jan 2021 08:16:34 GMT

x-frame-options

SAMEORIGIN

content-type

text/css; charset=utf-8

access-control-allow-origin

*

cache-control

private, max-age=86400, stale-while-revalidate=604800

timing-allow-origin

*

link

<https://fonts.gstatic.com>; rel=preconnect; crossorigin

expires

Tue, 26 Jan 2021 08:16:34 GMT

Referer

https://www.bambooloans.com/

User-Agent

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

date

Tue, 26 Jan 2021 08:16:34 GMT

content-encoding

br

vary

Accept-Encoding

cross-origin-resource-policy

cross-origin

alt-svc

h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

content-length

53947

x-xss-protection

0

last-modified

Tue, 26 Jan 2021 06:00:00 GMT

server

Google Tag Manager

strict-transport-security

max-age=31536000; includeSubDomains

content-type

application/javascript; charset=UTF-8

access-control-allow-origin

*

cache-control

private, max-age=900

access-control-allow-credentials

true

access-control-allow-headers

Cache-Control

expires

Tue, 26 Jan 2021 08:16:34 GMT

Referer

User-Agent

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Content-Type

image/svg+xml

Referer

https://www.bambooloans.com/assets/application-e93e4b2fb1e7895c9f86bb47a8db46039a57f22907b32f107c4ce43586b5cf9c.css

User-Agent

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

date

Tue, 26 Jan 2021 08:16:34 GMT

via

1.1 varnish-v4

referrer-policy

strict-origin-when-cross-origin

last-modified

Fri, 22 Jan 2021 12:11:52 GMT

age

0

strict-transport-security

max-age=31536000

content-type

image/jpeg

expires

Mon, 01 Feb 2021 12:06:36 +0000

cache-control

public, max-age=604800

feature-policy

geolocation 'none'; midi 'none'; notifications 'none'; push 'none'; microphone 'none'; camera 'self'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; vibrate 'none'; fullscreen 'none'; payment 'none';

x-varnish

64754445

content-security-policy

connect-src 'self' api.rollbar.com rs.fullstory.com www.tag4arm.com www.google-analytics.com adservice.google.com stats.g.doubleclick.net *.twilio.com wss://tsock.us1.twilio.com/v3/wsconnect api.pay360.com sampson.bambooloans.com wss://ws.pusherapp.com *.pusher.com firstbanco-production-attachments.s3.eu-west-1.amazonaws.com;default-src 'self';font-src 'self' data: fonts.googleapis.com fonts.gstatic.com;form-action 'self';frame-ancestors 'self';frame-src 'self' tpc.googlesyndication.com fls.doubleclick.net bid.g.doubleclick.net 8103783.fls.doubleclick.net widget.trustpilot.com bamboo.lon.netverify.com upload.lon.netverify.com secure.mite.pay360.com secure.pay360.com consentcdn.cookiebot.com;img-src 'self' data: www.tag4arm.com stats.g.doubleclick.net lh3.googleusercontent.com www.google-analytics.com www.googletagmanager.com ssl.gstatic.com www.gstatic.com www.google.com www.google.co.uk googleads.g.doubleclick.net s3-eu-west-1.amazonaws.com/firstbanco-email-assets/ s3-eu-west-1.amazonaws.com/firstbanco-production-broker-logos/ firstbanco-production-cms-uploads.s3.eu-west-1.amazonaws.com;media-src 'none';object-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com tagmanager.google.com;style-src-elem 'self' 'unsafe-inline' use.fontawesome.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css;upgrade-insecure-requests ;block-all-mixed-content ;report-uri /csp-violations;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;

accept-ranges

bytes

content-length

121976

x-content-security-policy

connect-src 'self' api.rollbar.com rs.fullstory.com www.tag4arm.com www.google-analytics.com adservice.google.com stats.g.doubleclick.net *.twilio.com wss://tsock.us1.twilio.com/v3/wsconnect api.pay360.com sampson.bambooloans.com wss://ws.pusherapp.com *.pusher.com firstbanco-production-attachments.s3.eu-west-1.amazonaws.com;default-src 'self';font-src 'self' data: fonts.googleapis.com fonts.gstatic.com;form-action 'self';frame-ancestors 'self';frame-src 'self' tpc.googlesyndication.com fls.doubleclick.net bid.g.doubleclick.net 8103783.fls.doubleclick.net widget.trustpilot.com bamboo.lon.netverify.com upload.lon.netverify.com secure.mite.pay360.com secure.pay360.com consentcdn.cookiebot.com;img-src 'self' data: www.tag4arm.com stats.g.doubleclick.net lh3.googleusercontent.com www.google-analytics.com www.googletagmanager.com ssl.gstatic.com www.gstatic.com www.google.com www.google.co.uk googleads.g.doubleclick.net s3-eu-west-1.amazonaws.com/firstbanco-email-assets/ s3-eu-west-1.amazonaws.com/firstbanco-production-broker-logos/ firstbanco-production-cms-uploads.s3.eu-west-1.amazonaws.com;media-src 'none';object-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com tagmanager.google.com;style-src-elem 'self' 'unsafe-inline' use.fontawesome.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css;upgrade-insecure-requests ;block-all-mixed-content ;report-uri /csp-violations;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;

Referer

User-Agent

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Content-Type

image/svg+xml

Referer

https://www.bambooloans.com/assets/application-e93e4b2fb1e7895c9f86bb47a8db46039a57f22907b32f107c4ce43586b5cf9c.css

User-Agent

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

date

Tue, 26 Jan 2021 08:16:34 GMT

content-encoding

gzip

vary

Accept-Encoding

x-content-security-policy

connect-src 'self' api.rollbar.com rs.fullstory.com www.tag4arm.com www.google-analytics.com adservice.google.com stats.g.doubleclick.net *.twilio.com wss://tsock.us1.twilio.com/v3/wsconnect api.pay360.com sampson.bambooloans.com wss://ws.pusherapp.com *.pusher.com firstbanco-production-attachments.s3.eu-west-1.amazonaws.com;default-src 'self';font-src 'self' data: fonts.googleapis.com fonts.gstatic.com;form-action 'self';frame-ancestors 'self';frame-src 'self' tpc.googlesyndication.com fls.doubleclick.net bid.g.doubleclick.net 8103783.fls.doubleclick.net widget.trustpilot.com bamboo.lon.netverify.com upload.lon.netverify.com secure.mite.pay360.com secure.pay360.com consentcdn.cookiebot.com;img-src 'self' data: www.tag4arm.com stats.g.doubleclick.net lh3.googleusercontent.com www.google-analytics.com www.googletagmanager.com ssl.gstatic.com www.gstatic.com www.google.com www.google.co.uk googleads.g.doubleclick.net s3-eu-west-1.amazonaws.com/firstbanco-email-assets/ s3-eu-west-1.amazonaws.com/firstbanco-production-broker-logos/ firstbanco-production-cms-uploads.s3.eu-west-1.amazonaws.com;media-src 'none';object-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com tagmanager.google.com;style-src-elem 'self' 'unsafe-inline' use.fontawesome.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css;upgrade-insecure-requests ;block-all-mixed-content ;report-uri /csp-violations;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;

age

0

content-length

2363

referrer-policy

strict-origin-when-cross-origin

last-modified

Fri, 22 Jan 2021 12:11:52 GMT

strict-transport-security

max-age=31536000

x-varnish

64495692

via

1.1 varnish-v4

cache-control

public, max-age=604800

feature-policy

geolocation 'none'; midi 'none'; notifications 'none'; push 'none'; microphone 'none'; camera 'self'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; vibrate 'none'; fullscreen 'none'; payment 'none';

content-security-policy

connect-src 'self' api.rollbar.com rs.fullstory.com www.tag4arm.com www.google-analytics.com adservice.google.com stats.g.doubleclick.net *.twilio.com wss://tsock.us1.twilio.com/v3/wsconnect api.pay360.com sampson.bambooloans.com wss://ws.pusherapp.com *.pusher.com firstbanco-production-attachments.s3.eu-west-1.amazonaws.com;default-src 'self';font-src 'self' data: fonts.googleapis.com fonts.gstatic.com;form-action 'self';frame-ancestors 'self';frame-src 'self' tpc.googlesyndication.com fls.doubleclick.net bid.g.doubleclick.net 8103783.fls.doubleclick.net widget.trustpilot.com bamboo.lon.netverify.com upload.lon.netverify.com secure.mite.pay360.com secure.pay360.com consentcdn.cookiebot.com;img-src 'self' data: www.tag4arm.com stats.g.doubleclick.net lh3.googleusercontent.com www.google-analytics.com www.googletagmanager.com ssl.gstatic.com www.gstatic.com www.google.com www.google.co.uk googleads.g.doubleclick.net s3-eu-west-1.amazonaws.com/firstbanco-email-assets/ s3-eu-west-1.amazonaws.com/firstbanco-production-broker-logos/ firstbanco-production-cms-uploads.s3.eu-west-1.amazonaws.com;media-src 'none';object-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com tagmanager.google.com;style-src-elem 'self' 'unsafe-inline' use.fontawesome.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css;upgrade-insecure-requests ;block-all-mixed-content ;report-uri /csp-violations;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;

accept-ranges

bytes

content-type

image/svg+xml

expires

Mon, 01 Feb 2021 12:09:31 +0000

Referer

https://www.bambooloans.com/assets/application-e93e4b2fb1e7895c9f86bb47a8db46039a57f22907b32f107c4ce43586b5cf9c.css

User-Agent

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

date

Tue, 26 Jan 2021 08:16:34 GMT

content-encoding

gzip

vary

Accept-Encoding

x-content-security-policy

connect-src 'self' api.rollbar.com rs.fullstory.com www.tag4arm.com www.google-analytics.com adservice.google.com stats.g.doubleclick.net *.twilio.com wss://tsock.us1.twilio.com/v3/wsconnect api.pay360.com sampson.bambooloans.com wss://ws.pusherapp.com *.pusher.com firstbanco-production-attachments.s3.eu-west-1.amazonaws.com;default-src 'self';font-src 'self' data: fonts.googleapis.com fonts.gstatic.com;form-action 'self';frame-ancestors 'self';frame-src 'self' tpc.googlesyndication.com fls.doubleclick.net bid.g.doubleclick.net 8103783.fls.doubleclick.net widget.trustpilot.com bamboo.lon.netverify.com upload.lon.netverify.com secure.mite.pay360.com secure.pay360.com consentcdn.cookiebot.com;img-src 'self' data: www.tag4arm.com stats.g.doubleclick.net lh3.googleusercontent.com www.google-analytics.com www.googletagmanager.com ssl.gstatic.com www.gstatic.com www.google.com www.google.co.uk googleads.g.doubleclick.net s3-eu-west-1.amazonaws.com/firstbanco-email-assets/ s3-eu-west-1.amazonaws.com/firstbanco-production-broker-logos/ firstbanco-production-cms-uploads.s3.eu-west-1.amazonaws.com;media-src 'none';object-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com tagmanager.google.com;style-src-elem 'self' 'unsafe-inline' use.fontawesome.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css;upgrade-insecure-requests ;block-all-mixed-content ;report-uri /csp-violations;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;

age

0

content-length

5004

referrer-policy

strict-origin-when-cross-origin

last-modified

Fri, 22 Jan 2021 12:11:52 GMT

strict-transport-security

max-age=31536000

x-varnish

62683152

via

1.1 varnish-v4

cache-control

public, max-age=604800

feature-policy

geolocation 'none'; midi 'none'; notifications 'none'; push 'none'; microphone 'none'; camera 'self'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; vibrate 'none'; fullscreen 'none'; payment 'none';

content-security-policy

connect-src 'self' api.rollbar.com rs.fullstory.com www.tag4arm.com www.google-analytics.com adservice.google.com stats.g.doubleclick.net *.twilio.com wss://tsock.us1.twilio.com/v3/wsconnect api.pay360.com sampson.bambooloans.com wss://ws.pusherapp.com *.pusher.com firstbanco-production-attachments.s3.eu-west-1.amazonaws.com;default-src 'self';font-src 'self' data: fonts.googleapis.com fonts.gstatic.com;form-action 'self';frame-ancestors 'self';frame-src 'self' tpc.googlesyndication.com fls.doubleclick.net bid.g.doubleclick.net 8103783.fls.doubleclick.net widget.trustpilot.com bamboo.lon.netverify.com upload.lon.netverify.com secure.mite.pay360.com secure.pay360.com consentcdn.cookiebot.com;img-src 'self' data: www.tag4arm.com stats.g.doubleclick.net lh3.googleusercontent.com www.google-analytics.com www.googletagmanager.com ssl.gstatic.com www.gstatic.com www.google.com www.google.co.uk googleads.g.doubleclick.net s3-eu-west-1.amazonaws.com/firstbanco-email-assets/ s3-eu-west-1.amazonaws.com/firstbanco-production-broker-logos/ firstbanco-production-cms-uploads.s3.eu-west-1.amazonaws.com;media-src 'none';object-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com tagmanager.google.com;style-src-elem 'self' 'unsafe-inline' use.fontawesome.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css;upgrade-insecure-requests ;block-all-mixed-content ;report-uri /csp-violations;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;

accept-ranges

bytes

content-type

image/svg+xml

expires

Mon, 01 Feb 2021 12:09:31 +0000

Referer

https://www.bambooloans.com/assets/application-e93e4b2fb1e7895c9f86bb47a8db46039a57f22907b32f107c4ce43586b5cf9c.css

User-Agent

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

date

Tue, 26 Jan 2021 08:16:34 GMT

content-encoding

gzip

vary

Accept-Encoding

x-content-security-policy

connect-src 'self' api.rollbar.com rs.fullstory.com www.tag4arm.com www.google-analytics.com adservice.google.com stats.g.doubleclick.net *.twilio.com wss://tsock.us1.twilio.com/v3/wsconnect api.pay360.com sampson.bambooloans.com wss://ws.pusherapp.com *.pusher.com firstbanco-production-attachments.s3.eu-west-1.amazonaws.com;default-src 'self';font-src 'self' data: fonts.googleapis.com fonts.gstatic.com;form-action 'self';frame-ancestors 'self';frame-src 'self' tpc.googlesyndication.com fls.doubleclick.net bid.g.doubleclick.net 8103783.fls.doubleclick.net widget.trustpilot.com bamboo.lon.netverify.com upload.lon.netverify.com secure.mite.pay360.com secure.pay360.com consentcdn.cookiebot.com;img-src 'self' data: www.tag4arm.com stats.g.doubleclick.net lh3.googleusercontent.com www.google-analytics.com www.googletagmanager.com ssl.gstatic.com www.gstatic.com www.google.com www.google.co.uk googleads.g.doubleclick.net s3-eu-west-1.amazonaws.com/firstbanco-email-assets/ s3-eu-west-1.amazonaws.com/firstbanco-production-broker-logos/ firstbanco-production-cms-uploads.s3.eu-west-1.amazonaws.com;media-src 'none';object-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com tagmanager.google.com;style-src-elem 'self' 'unsafe-inline' use.fontawesome.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css;upgrade-insecure-requests ;block-all-mixed-content ;report-uri /csp-violations;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;

age

0

content-length

1443

referrer-policy

strict-origin-when-cross-origin

last-modified

Fri, 22 Jan 2021 12:11:52 GMT

strict-transport-security

max-age=31536000

x-varnish

64554626

via

1.1 varnish-v4

cache-control

public, max-age=604800

feature-policy

geolocation 'none'; midi 'none'; notifications 'none'; push 'none'; microphone 'none'; camera 'self'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; vibrate 'none'; fullscreen 'none'; payment 'none';

content-security-policy

connect-src 'self' api.rollbar.com rs.fullstory.com www.tag4arm.com www.google-analytics.com adservice.google.com stats.g.doubleclick.net *.twilio.com wss://tsock.us1.twilio.com/v3/wsconnect api.pay360.com sampson.bambooloans.com wss://ws.pusherapp.com *.pusher.com firstbanco-production-attachments.s3.eu-west-1.amazonaws.com;default-src 'self';font-src 'self' data: fonts.googleapis.com fonts.gstatic.com;form-action 'self';frame-ancestors 'self';frame-src 'self' tpc.googlesyndication.com fls.doubleclick.net bid.g.doubleclick.net 8103783.fls.doubleclick.net widget.trustpilot.com bamboo.lon.netverify.com upload.lon.netverify.com secure.mite.pay360.com secure.pay360.com consentcdn.cookiebot.com;img-src 'self' data: www.tag4arm.com stats.g.doubleclick.net lh3.googleusercontent.com www.google-analytics.com www.googletagmanager.com ssl.gstatic.com www.gstatic.com www.google.com www.google.co.uk googleads.g.doubleclick.net s3-eu-west-1.amazonaws.com/firstbanco-email-assets/ s3-eu-west-1.amazonaws.com/firstbanco-production-broker-logos/ firstbanco-production-cms-uploads.s3.eu-west-1.amazonaws.com;media-src 'none';object-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com tagmanager.google.com;style-src-elem 'self' 'unsafe-inline' use.fontawesome.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css;upgrade-insecure-requests ;block-all-mixed-content ;report-uri /csp-violations;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;

accept-ranges

bytes

content-type

image/svg+xml

expires

Mon, 01 Feb 2021 12:08:09 +0000

Referer

https://www.bambooloans.com/assets/application-e93e4b2fb1e7895c9f86bb47a8db46039a57f22907b32f107c4ce43586b5cf9c.css

User-Agent

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

date

Tue, 26 Jan 2021 08:16:34 GMT

content-encoding

gzip

vary

Accept-Encoding

x-content-security-policy

connect-src 'self' api.rollbar.com rs.fullstory.com www.tag4arm.com www.google-analytics.com adservice.google.com stats.g.doubleclick.net *.twilio.com wss://tsock.us1.twilio.com/v3/wsconnect api.pay360.com sampson.bambooloans.com wss://ws.pusherapp.com *.pusher.com firstbanco-production-attachments.s3.eu-west-1.amazonaws.com;default-src 'self';font-src 'self' data: fonts.googleapis.com fonts.gstatic.com;form-action 'self';frame-ancestors 'self';frame-src 'self' tpc.googlesyndication.com fls.doubleclick.net bid.g.doubleclick.net 8103783.fls.doubleclick.net widget.trustpilot.com bamboo.lon.netverify.com upload.lon.netverify.com secure.mite.pay360.com secure.pay360.com consentcdn.cookiebot.com;img-src 'self' data: www.tag4arm.com stats.g.doubleclick.net lh3.googleusercontent.com www.google-analytics.com www.googletagmanager.com ssl.gstatic.com www.gstatic.com www.google.com www.google.co.uk googleads.g.doubleclick.net s3-eu-west-1.amazonaws.com/firstbanco-email-assets/ s3-eu-west-1.amazonaws.com/firstbanco-production-broker-logos/ firstbanco-production-cms-uploads.s3.eu-west-1.amazonaws.com;media-src 'none';object-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com tagmanager.google.com;style-src-elem 'self' 'unsafe-inline' use.fontawesome.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css;upgrade-insecure-requests ;block-all-mixed-content ;report-uri /csp-violations;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;

age

0

content-length

594

referrer-policy

strict-origin-when-cross-origin

last-modified

Fri, 22 Jan 2021 12:11:52 GMT

strict-transport-security

max-age=31536000

x-varnish

65475725

via

1.1 varnish-v4

cache-control

public, max-age=604800

feature-policy

geolocation 'none'; midi 'none'; notifications 'none'; push 'none'; microphone 'none'; camera 'self'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; vibrate 'none'; fullscreen 'none'; payment 'none';

content-security-policy

connect-src 'self' api.rollbar.com rs.fullstory.com www.tag4arm.com www.google-analytics.com adservice.google.com stats.g.doubleclick.net *.twilio.com wss://tsock.us1.twilio.com/v3/wsconnect api.pay360.com sampson.bambooloans.com wss://ws.pusherapp.com *.pusher.com firstbanco-production-attachments.s3.eu-west-1.amazonaws.com;default-src 'self';font-src 'self' data: fonts.googleapis.com fonts.gstatic.com;form-action 'self';frame-ancestors 'self';frame-src 'self' tpc.googlesyndication.com fls.doubleclick.net bid.g.doubleclick.net 8103783.fls.doubleclick.net widget.trustpilot.com bamboo.lon.netverify.com upload.lon.netverify.com secure.mite.pay360.com secure.pay360.com consentcdn.cookiebot.com;img-src 'self' data: www.tag4arm.com stats.g.doubleclick.net lh3.googleusercontent.com www.google-analytics.com www.googletagmanager.com ssl.gstatic.com www.gstatic.com www.google.com www.google.co.uk googleads.g.doubleclick.net s3-eu-west-1.amazonaws.com/firstbanco-email-assets/ s3-eu-west-1.amazonaws.com/firstbanco-production-broker-logos/ firstbanco-production-cms-uploads.s3.eu-west-1.amazonaws.com;media-src 'none';object-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com tagmanager.google.com;style-src-elem 'self' 'unsafe-inline' use.fontawesome.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css;upgrade-insecure-requests ;block-all-mixed-content ;report-uri /csp-violations;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;

accept-ranges

bytes

content-type

image/svg+xml

expires

Mon, 01 Feb 2021 12:06:36 +0000

Referer

https://www.bambooloans.com/assets/application-e93e4b2fb1e7895c9f86bb47a8db46039a57f22907b32f107c4ce43586b5cf9c.css

User-Agent

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

date

Tue, 26 Jan 2021 08:16:34 GMT

content-encoding

gzip

vary

Accept-Encoding

x-content-security-policy

connect-src 'self' api.rollbar.com rs.fullstory.com www.tag4arm.com www.google-analytics.com adservice.google.com stats.g.doubleclick.net *.twilio.com wss://tsock.us1.twilio.com/v3/wsconnect api.pay360.com sampson.bambooloans.com wss://ws.pusherapp.com *.pusher.com firstbanco-production-attachments.s3.eu-west-1.amazonaws.com;default-src 'self';font-src 'self' data: fonts.googleapis.com fonts.gstatic.com;form-action 'self';frame-ancestors 'self';frame-src 'self' tpc.googlesyndication.com fls.doubleclick.net bid.g.doubleclick.net 8103783.fls.doubleclick.net widget.trustpilot.com bamboo.lon.netverify.com upload.lon.netverify.com secure.mite.pay360.com secure.pay360.com consentcdn.cookiebot.com;img-src 'self' data: www.tag4arm.com stats.g.doubleclick.net lh3.googleusercontent.com www.google-analytics.com www.googletagmanager.com ssl.gstatic.com www.gstatic.com www.google.com www.google.co.uk googleads.g.doubleclick.net s3-eu-west-1.amazonaws.com/firstbanco-email-assets/ s3-eu-west-1.amazonaws.com/firstbanco-production-broker-logos/ firstbanco-production-cms-uploads.s3.eu-west-1.amazonaws.com;media-src 'none';object-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com tagmanager.google.com;style-src-elem 'self' 'unsafe-inline' use.fontawesome.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css;upgrade-insecure-requests ;block-all-mixed-content ;report-uri /csp-violations;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;

age

0

content-length

302

referrer-policy

strict-origin-when-cross-origin

last-modified

Fri, 22 Jan 2021 12:11:52 GMT

strict-transport-security

max-age=31536000

x-varnish

63796723

via

1.1 varnish-v4

cache-control

public, max-age=604800

feature-policy

geolocation 'none'; midi 'none'; notifications 'none'; push 'none'; microphone 'none'; camera 'self'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; vibrate 'none'; fullscreen 'none'; payment 'none';

content-security-policy

connect-src 'self' api.rollbar.com rs.fullstory.com www.tag4arm.com www.google-analytics.com adservice.google.com stats.g.doubleclick.net *.twilio.com wss://tsock.us1.twilio.com/v3/wsconnect api.pay360.com sampson.bambooloans.com wss://ws.pusherapp.com *.pusher.com firstbanco-production-attachments.s3.eu-west-1.amazonaws.com;default-src 'self';font-src 'self' data: fonts.googleapis.com fonts.gstatic.com;form-action 'self';frame-ancestors 'self';frame-src 'self' tpc.googlesyndication.com fls.doubleclick.net bid.g.doubleclick.net 8103783.fls.doubleclick.net widget.trustpilot.com bamboo.lon.netverify.com upload.lon.netverify.com secure.mite.pay360.com secure.pay360.com consentcdn.cookiebot.com;img-src 'self' data: www.tag4arm.com stats.g.doubleclick.net lh3.googleusercontent.com www.google-analytics.com www.googletagmanager.com ssl.gstatic.com www.gstatic.com www.google.com www.google.co.uk googleads.g.doubleclick.net s3-eu-west-1.amazonaws.com/firstbanco-email-assets/ s3-eu-west-1.amazonaws.com/firstbanco-production-broker-logos/ firstbanco-production-cms-uploads.s3.eu-west-1.amazonaws.com;media-src 'none';object-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com tagmanager.google.com;style-src-elem 'self' 'unsafe-inline' use.fontawesome.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css;upgrade-insecure-requests ;block-all-mixed-content ;report-uri /csp-violations;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ fullstory.com edge.fullstory.com www.tag4arm.com ajax.googleapis.com googleads.g.doubleclick.net ssl.google-analytics.com tagmanager.google.com tpc.googlesyndication.com tpc.googlesyndication.com www.google-analytics.com www.google.com/pagead/ www.googleadservices.com www.googletagmanager.com media.twiliocdn.com assets.flex.twilio.com https://code.jquery.com/jquery-3.2.1.slim.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js api.mite.pay360.com api.pay360.com widget.trustpilot.com consent.cookiebot.com consentcdn.cookiebot.com js.pusher.com;

accept-ranges

bytes

content-type

image/svg+xml

expires

Mon, 01 Feb 2021 12:09:31 +0000

Referer

User-Agent

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Content-Type

image/svg+xml