urlscan.io logo urlscan.io
SecurityTrails logo

secure.borrowell.com Open in urlscan Pro
2606:4700::6810:7d46  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://freecreditscorecanada.ca/
Effective URL: https://secure.borrowell.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dgemstone-public-web%26re...
Submission Tags: phishingrod
Submission: On May 16 via api from DE — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 2 countries across 22 domains to perform 79 HTTP transactions. The main IP is 2606:4700::6810:7d46, located in United States and belongs to CLOUDFLARENET, US. The main domain is secure.borrowell.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on January 31st 2023. Valid for: a year.
This is the only time secure.borrowell.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
10 40.85.230.182 8075 (MICROSOFT...)
3 2607:f8b0:400... 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
2 108.138.106.101 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 35.186.249.72 15169 (GOOGLE)
2 2600:141b:13:... 20940 (AKAMAI-ASN1)
4 2620:116:800b... 14618 (AMAZON-AES)
8 52.54.60.197 14618 (AMAZON-AES)
2 18.164.96.46 16509 (AMAZON-02)
3 2001:4860:480... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2600:9000:24f... 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 18.164.96.95 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 15 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a04:4e42::485 54113 (FASTLY)
1 2606:2800:11f... 15133 (EDGECAST)
2 2607:f8b0:400... 15169 (GOOGLE)
2 40.71.12.235 8075 (MICROSOFT...)
79 24
1    2606:4700:3037::6815:2dd9 (United States)

ASN13335 (CLOUDFLARENET, US)
freecreditscorecanada.ca
10    40.85.230.182 (Toronto, Canada)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
app.borrowell.com
3    2607:f8b0:400c:c15::5f (Charleston, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2607:f8b0:4006:80c::2008 (New York, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    108.138.106.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-101.jfk50.r.cloudfront.net
static.hotjar.com
2    2606:4700::6812:346 (United States)

ASN13335 (CLOUDFLARENET, US)
snippet.growsumo.com
2    35.186.249.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com
d.impactradius-event.com
2    2600:141b:13::17d7:829b (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
websdk.appsflyer.com
4    2620:116:800b:21:4cb8:1820:80ca:50f7 (United States)

ASN14618 (AMAZON-AES, US)
secure.quantserve.com
pixel.quantserve.com
8    52.54.60.197 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-60-197.compute-1.amazonaws.com
tags.srv.stackadapt.com
2    18.164.96.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-46.jfk50.r.cloudfront.net
script.hotjar.com
3    2001:4860:4802:36::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2607:f8b0:4004:c06::9a (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2607:f8b0:400c:c07::5e (Charleston, United States)

ASN15169 (GOOGLE, US)
www.google.ca
2    2600:9000:24f7:c000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    2606:4700::6812:ad4 (United States)

ASN13335 (CLOUDFLARENET, US)
grsm.io
1    18.164.96.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-95.jfk50.r.cloudfront.net
vc.hotjar.io
2    2606:4700::6812:1f85 (United States)

ASN13335 (CLOUDFLARENET, US)
partnerlinks.io
15    2606:4700::6810:7d46 (United States)

ASN13335 (CLOUDFLARENET, US)
secure.borrowell.com
3    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2606:2800:11f:17a5:191a:18d5:537:22f9 (United States)

ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net
2    2607:f8b0:400c:c18::5e (Charleston, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    40.71.12.235 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
Apex Domain
Subdomains		 Transfer
25 borrowell.com
app.borrowell.com
secure.borrowell.com
7 MB
8 stackadapt.com
tags.srv.stackadapt.com — Cisco Umbrella Rank: 3058
14 KB
4 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1129
pixel.quantserve.com — Cisco Umbrella Rank: 945
19 KB
4 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 695
script.hotjar.com — Cisco Umbrella Rank: 957
145 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
329 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 379
132 KB
3 google.com
analytics.google.com — Cisco Umbrella Rank: 278
289 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 39
41 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 50
2 KB
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 892
281 B
2 gstatic.com
fonts.gstatic.com
171 KB
2 partnerlinks.io
partnerlinks.io — Cisco Umbrella Rank: 15885
283 B
2 grsm.io
grsm.io — Cisco Umbrella Rank: 15071
315 B
2 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1077
1 KB
2 appsflyer.com
websdk.appsflyer.com — Cisco Umbrella Rank: 5657
24 KB
2 impactradius-event.com
d.impactradius-event.com — Cisco Umbrella Rank: 3501
28 KB
2 growsumo.com
snippet.growsumo.com — Cisco Umbrella Rank: 47179
5 KB
1 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 2516
22 KB
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 2487
258 B
1 google.ca
www.google.ca — Cisco Umbrella Rank: 8406
408 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 91
255 B
1 freecreditscorecanada.ca
freecreditscorecanada.ca
547 B
79 22
Domain Requested by
15 secure.borrowell.com 1 redirects app.borrowell.com
secure.borrowell.com
10 app.borrowell.com app.borrowell.com
8 tags.srv.stackadapt.com app.borrowell.com
tags.srv.stackadapt.com
az416426.vo.msecnd.net
4 www.googletagmanager.com app.borrowell.com
www.googletagmanager.com
secure.borrowell.com
3 cdn.jsdelivr.net secure.borrowell.com
3 analytics.google.com www.googletagmanager.com
3 www.google-analytics.com app.borrowell.com
secure.borrowell.com
www.google-analytics.com
3 fonts.googleapis.com app.borrowell.com
client
secure.borrowell.com
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 fonts.gstatic.com secure.borrowell.com
fonts.googleapis.com
2 partnerlinks.io app.borrowell.com
az416426.vo.msecnd.net
2 pixel.quantserve.com app.borrowell.com
secure.borrowell.com
2 grsm.io app.borrowell.com
az416426.vo.msecnd.net
2 rules.quantcount.com secure.quantserve.com
2 script.hotjar.com static.hotjar.com
2 secure.quantserve.com app.borrowell.com
2 websdk.appsflyer.com app.borrowell.com
2 d.impactradius-event.com app.borrowell.com
2 snippet.growsumo.com app.borrowell.com
2 static.hotjar.com www.googletagmanager.com
1 az416426.vo.msecnd.net secure.borrowell.com
1 vc.hotjar.io app.borrowell.com
1 www.google.ca app.borrowell.com
1 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
1 freecreditscorecanada.ca 1 redirects
79 25

This site contains links to these domains. Also see Links.

Domain
borrowell.com
apps.apple.com
play.google.com
Subject Issuer Validity Valid
*.borrowell.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-31 -
2024-03-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
*.impactradius-event.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-07 -
2024-01-06		 a year crt.sh
*.appsflyer.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-22 -
2023-09-24		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.srv.stackadapt.com
Amazon RSA 2048 M02		 2023-02-27 -
2023-11-07		 8 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
quantserve.com
R3		 2023-04-14 -
2023-07-13		 3 months crt.sh
*.hotjar.io
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2022-07-11 -
2023-07-11		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
in.applicationinsights.azure.com
Microsoft Azure TLS Issuing CA 02		 2023-05-03 -
2024-04-27		 a year crt.sh

This page contains 1 frames:

Primary Page: https://secure.borrowell.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dgemstone-public-web%26redirect_uri%3Dhttps%253A%252F%252Fapp.borrowell.com%252F%2523%252Fcallback%26response_type%3Dcode%26scope%3Dopenid%2520email%2520roles%2520gemstone.web.identity.full_access%2520gemstone.web.public.full_access%2520pv.read%2520cc.read%2520IdentityServerApi%2520ecr.read%2520mc.read%2520pp.read%2520uc.read%2520ns.read%2520ps.read%2520ge.read%2520cbl.read%2520rr.read%2520promo.read%2520iv.read%2520signup.full_access%26state%3D0811d6a5300b4407b2f569bebc76de69%26code_challenge%3DtkwGQNM3--eSc8gyLHJ635emj1g8N4bQGp-HlnJN3cs%26code_challenge_method%3DS256%26response_mode%3Dquery
Frame ID: 7E7D34295BFF6D6FAC5DFA58F7790C47
Requests: 78 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Borrowell

Page URL History Show full URLs

  1. https://freecreditscorecanada.ca/ HTTP 301
    https://app.borrowell.com/ Page URL
  2. https://secure.borrowell.com/connect/authorize?client_id=gemstone-public-web&redirect_uri=https%3A%2F%2Fa... HTTP 302
    https://secure.borrowell.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dgems... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • d\.impactradius-event\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

79
Requests

96 %
HTTPS

71 %
IPv6

22
Domains

25
Subdomains

24
IPs

2
Countries

8542 kB
Transfer

28156 kB
Size

30
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://freecreditscorecanada.ca/ HTTP 301
    https://app.borrowell.com/ Page URL
  2. https://secure.borrowell.com/connect/authorize?client_id=gemstone-public-web&redirect_uri=https%3A%2F%2Fapp.borrowell.com%2F%23%2Fcallback&response_type=code&scope=openid%20email%20roles%20gemstone.web.identity.full_access%20gemstone.web.public.full_access%20pv.read%20cc.read%20IdentityServerApi%20ecr.read%20mc.read%20pp.read%20uc.read%20ns.read%20ps.read%20ge.read%20cbl.read%20rr.read%20promo.read%20iv.read%20signup.full_access&state=0811d6a5300b4407b2f569bebc76de69&code_challenge=tkwGQNM3--eSc8gyLHJ635emj1g8N4bQGp-HlnJN3cs&code_challenge_method=S256&response_mode=query HTTP 302
    https://secure.borrowell.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dgemstone-public-web%26redirect_uri%3Dhttps%253A%252F%252Fapp.borrowell.com%252F%2523%252Fcallback%26response_type%3Dcode%26scope%3Dopenid%2520email%2520roles%2520gemstone.web.identity.full_access%2520gemstone.web.public.full_access%2520pv.read%2520cc.read%2520IdentityServerApi%2520ecr.read%2520mc.read%2520pp.read%2520uc.read%2520ns.read%2520ps.read%2520ge.read%2520cbl.read%2520rr.read%2520promo.read%2520iv.read%2520signup.full_access%26state%3D0811d6a5300b4407b2f569bebc76de69%26code_challenge%3DtkwGQNM3--eSc8gyLHJ635emj1g8N4bQGp-HlnJN3cs%26code_challenge_method%3DS256%26response_mode%3Dquery Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://freecreditscorecanada.ca/ HTTP 301
  • https://app.borrowell.com/

79 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
app.borrowell.com/
Redirect Chain
  • https://freecreditscorecanada.ca/
  • https://app.borrowell.com/
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.borrowell.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.85.230.182 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b476d37caa6e9d7073f885887e54dd995b38012fbb47c2ab0c92c8ebf9f95661
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; object-src 'none';
Strict-Transport-Security max-age=2592000 max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-security-policy
upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; object-src 'none';
content-type
text/html
date
Tue, 16 May 2023 13:56:15 GMT
etag
"1d97f8dc2d51878"
expect-ct
max-age=86400, enforce
last-modified
Fri, 05 May 2023 20:11:22 GMT
permissions-policy
accelerometer=(self), camera=(self 'https://veriff.me'), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
referrer-policy
strict-origin-when-cross-origin
request-context
appId=cid-v1:fd71333b-614e-4dfb-9b66-21f109bb292b
strict-transport-security
max-age=2592000 max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=3600
cf-ray
7c841f7deeb95985-IAD
date
Tue, 16 May 2023 13:56:15 GMT
expires
Tue, 16 May 2023 14:56:15 GMT
location
https://app.borrowell.com/#/public/creditscore?utm_source=canadadrives&utm_medium=referral&utm_campaign=online&utm_content=fcsc
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KFEwwLNeIg7fjX4eTl9ajBbGaJoM7ZRlkytayR8tSF3mKKH1T21QR4JYfu5bTyzdKqBT9s5zyF6TJ25GB79SGDzR0618tSvoceBukPrfi2Uabh5sPmwxM3HVBcFyQtwRK7D8iBoIlQ0cbcblBCeeDXxCmT4LEqI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
icon
fonts.googleapis.com/ 		569 B
775 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: app.borrowell.com
URL: https://app.borrowell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c15::5f Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.borrowell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 16 May 2023 13:56:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 16 May 2023 13:56:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 16 May 2023 13:56:15 GMT
bwell.png
app.borrowell.com/assets/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.borrowell.com/assets/bwell.png
Requested by
Host: app.borrowell.com
URL: https://app.borrowell.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.85.230.182 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
baf9bdf9aa70f126c70c60bf37356c6ca5908a4719032a83e1990bbcab0cb884
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; object-src 'none';
Strict-Transport-Security max-age=2592000, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.borrowell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:56:15 GMT
strict-transport-security
max-age=2592000, max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; object-src 'none';
x-permitted-cross-domain-policies
none
content-length
15788
x-xss-protection
1; mode=block
request-context
appId=cid-v1:fd71333b-614e-4dfb-9b66-21f109bb292b
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 05 May 2023 20:11:22 GMT
etag
"1d97f8dc2d52cac"
expect-ct
max-age=86400, enforce
x-frame-options
DENY
content-type
image/png
permissions-policy
accelerometer=(self), camera=(self 'https://veriff.me'), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
accept-ranges
bytes
runtime-es2015.fc2670361181fbccb829.js
app.borrowell.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.borrowell.com/runtime-es2015.fc2670361181fbccb829.js
Requested by
Host: app.borrowell.com
URL: https://app.borrowell.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.85.230.182 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
01226f9d73834631861222dfdab3a4117e5a38ca4fa5c5842294ce9a5b3a57ec
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; object-src 'none';
Strict-Transport-Security max-age=2592000, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.borrowell.com/
Origin
https://app.borrowell.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:56:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=2592000, max-age=31536000; includeSubDomains; preload
x-permitted-cross-domain-policies
none
content-security-policy
upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; object-src 'none';
x-xss-protection
1; mode=block
request-context
appId=cid-v1:fd71333b-614e-4dfb-9b66-21f109bb292b
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 05 May 2023 20:10:08 GMT
etag
"1d97f8d96b9b75f"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
permissions-policy
accelerometer=(self), camera=(self 'https://veriff.me'), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
accept-ranges
bytes
polyfills-es2015.3e8cf5198617e4217dbf.js
app.borrowell.com/ 		609 KB
175 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.borrowell.com/polyfills-es2015.3e8cf5198617e4217dbf.js
Requested by
Host: app.borrowell.com
URL: https://app.borrowell.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.85.230.182 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
315a8a04fc322563b8bf11a74dfa23a46e4ef4636118a3b0ea2130fd4b2e102c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; object-src 'none';
Strict-Transport-Security max-age=2592000, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.borrowell.com/
Origin
https://app.borrowell.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:56:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=2592000, max-age=31536000; includeSubDomains; preload
x-permitted-cross-domain-policies
none
content-security-policy
upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; object-src 'none';
x-xss-protection
1; mode=block
request-context
appId=cid-v1:fd71333b-614e-4dfb-9b66-21f109bb292b
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 05 May 2023 20:10:38 GMT
etag
"1d97f8da892b6c4"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
permissions-policy
accelerometer=(self), camera=(self 'https://veriff.me'), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
accept-ranges
bytes
styles-es2015.010fd06c81d3b1b0652c.js
app.borrowell.com/ 		428 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.borrowell.com/styles-es2015.010fd06c81d3b1b0652c.js
Requested by
Host: app.borrowell.com
URL: https://app.borrowell.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.85.230.182 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d96000b35edf73757f80b96cbf1a48d572ba6e931462f884be5a51f505d9184e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; object-src 'none';
Strict-Transport-Security max-age=2592000, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.borrowell.com/
Origin
https://app.borrowell.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:56:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=2592000, max-age=31536000; includeSubDomains; preload
x-permitted-cross-domain-policies
none
content-security-policy
upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; object-src 'none';
x-xss-protection
1; mode=block
request-context
appId=cid-v1:fd71333b-614e-4dfb-9b66-21f109bb292b
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 05 May 2023 20:10:40 GMT
etag
"1d97f8da9cad1c5"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
permissions-policy
accelerometer=(self), camera=(self 'https://veriff.me'), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
accept-ranges
bytes
scripts.7c2166e8b8f5071feb05.js
app.borrowell.com/ 		100 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.borrowell.com/scripts.7c2166e8b8f5071feb05.js
Requested by
Host: app.borrowell.com
URL: https://app.borrowell.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.85.230.182 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6398097f940d3aab3cbfbab357054ca76dbc64df1a52ec55933e4072e2e63c69
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; object-src 'none';
Strict-Transport-Security max-age=2592000, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.borrowell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:56:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=2592000, max-age=31536000; includeSubDomains; preload
x-permitted-cross-domain-policies
none
content-security-policy
upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; object-src 'none';
x-xss-protection
1; mode=block
request-context
appId=cid-v1:fd71333b-614e-4dfb-9b66-21f109bb292b
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 05 May 2023 20:10:06 GMT
etag
"1d97f8d9589f23a"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
permissions-policy
accelerometer=(self), camera=(self 'https://veriff.me'), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
accept-ranges
bytes
vendor-es2015.8831799efd023d057a78.js
app.borrowell.com/ 		18 MB
6 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.borrowell.com/vendor-es2015.8831799efd023d057a78.js
Requested by
Host: app.borrowell.com
URL: https://app.borrowell.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.85.230.182 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2bd03bd4225b156ea7323916cc86537ccb7a5c0db2c9546ad72619898300d767
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; object-src 'none';
Strict-Transport-Security max-age=2592000, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.borrowell.com/
Origin
https://app.borrowell.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:56:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=2592000, max-age=31536000; includeSubDomains; preload
x-permitted-cross-domain-policies
none
content-security-policy
upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; object-src 'none';
x-xss-protection
1; mode=block
request-context
appId=cid-v1:fd71333b-614e-4dfb-9b66-21f109bb292b
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 05 May 2023 20:11:22 GMT
etag
"1d97f8dc3f7cb76"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
permissions-policy
accelerometer=(self), camera=(self 'https://veriff.me'), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
accept-ranges
bytes
main-es2015.6dd9a0a2ab6ab9a74834.js
app.borrowell.com/ 		4 MB
880 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.borrowell.com/main-es2015.6dd9a0a2ab6ab9a74834.js
Requested by
Host: app.borrowell.com
URL: https://app.borrowell.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.85.230.182 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8836c50a0fbc76d84d367a81f0443e930b7863b5c1e1e7d3ba8f32414dce4b0e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; object-src 'none';
Strict-Transport-Security max-age=2592000, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.borrowell.com/
Origin
https://app.borrowell.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:56:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=2592000, max-age=31536000; includeSubDomains; preload
x-permitted-cross-domain-policies
none
content-security-policy
upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; object-src 'none';
x-xss-protection
1; mode=block
request-context
appId=cid-v1:fd71333b-614e-4dfb-9b66-21f109bb292b
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 05 May 2023 20:10:38 GMT
etag
"1d97f8da8de9aee"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
permissions-policy
accelerometer=(self), camera=(self 'https://veriff.me'), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
accept-ranges
bytes
css
fonts.googleapis.com/ 		4 KB
727 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Merriweather:400,900&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c15::5f Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
517d85bd96d5feb6c4a78c58c64b89b2f36d1d51ade620ae746d37af585ddded
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.borrowell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 16 May 2023 13:56:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 16 May 2023 13:46:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 16 May 2023 13:56:16 GMT
Lato-Regular.75614cfcfedd509b1f7a.woff2
app.borrowell.com/ 		178 KB
179 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.borrowell.com/Lato-Regular.75614cfcfedd509b1f7a.woff2
Requested by
Host: app.borrowell.com
URL: https://app.borrowell.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.85.230.182 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
983b0caf336e8542214fc17019a4fc5e0360864b92806ca14d55c1fc1c2c5a0f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; object-src 'none';
Strict-Transport-Security max-age=2592000, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.borrowell.com/
Origin
https://app.borrowell.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:56:15 GMT
strict-transport-security
max-age=2592000, max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; object-src 'none';
x-permitted-cross-domain-policies
none
content-length
182708
x-xss-protection
1; mode=block
request-context
appId=cid-v1:fd71333b-614e-4dfb-9b66-21f109bb292b
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 05 May 2023 20:10:04 GMT
etag
"1d97f8d9455ffb4"
expect-ct
max-age=86400, enforce
x-frame-options
DENY
content-type
font/woff2
permissions-policy
accelerometer=(self), camera=(self 'https://veriff.me'), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
accept-ranges
bytes
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: app.borrowell.com
URL: https://app.borrowell.com/scripts.7c2166e8b8f5071feb05.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.borrowell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 16 May 2023 12:39:17 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
4619
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Tue, 16 May 2023 14:39:17 GMT
gtm.js
www.googletagmanager.com/ 		230 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K5GCC9
Requested by
Host: app.borrowell.com
URL: https://app.borrowell.com/scripts.7c2166e8b8f5071feb05.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7b4d247fd40ee412020b705de7c9b9790b034bb51311b0ba777ed78348994cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.borrowell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:56:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
81501
x-xss-protection
0
last-modified
Tue, 16 May 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 16 May 2023 13:56:16 GMT
js
www.googletagmanager.com/gtag/ 		251 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CF0B65WK14&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K5GCC9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4ff9ef583d40fddbbe9a6cd4197291c499697da0cf7ca945788654d235ab0d87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.borrowell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:56:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86693
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 16 May 2023 13:56:16 GMT
hotjar-41390.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-41390.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K5GCC9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-101.jfk50.r.cloudfront.net
Software
/
Resource Hash
5c3246717ee3792af928eee0f6ae1bdcbd1ef03273272684758b6302b9772447
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.borrowell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Tue, 16 May 2023 13:56:09 GMT
via
1.1 313dd6f62ed18c58ce60182660a6ec46.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
age
7
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/d50908442a0f00c3b9c153abbb4f24a7
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
zxqA5agzmLMauTbTQtsqWjzu1CL-pBiD5NDu9t-TSaeaUDkUqLNx5A==
growsumo.min.js
snippet.growsumo.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snippet.growsumo.com/growsumo.min.js
Requested by
Host: app.borrowell.com
URL: https://app.borrowell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b02ba5f322701b8d9c590f48d4dd5cb38f1f70d04284f7e10856a02fae83d887

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.borrowell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:56:16 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 20 Apr 2023 18:31:42 GMT
server
cloudflare
age
13
etag
W/"6441850e-1904"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
7c841f81da0f33fa-YUL
expires
Tue, 16 May 2023 17:56:16 GMT
A2096036-100a-4851-ae2f-0279a0b33db31.js
d.impactradius-event.com/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.impactradius-event.com/A2096036-100a-4851-ae2f-0279a0b33db31.js
Requested by
Host: app.borrowell.com
URL: https://app.borrowell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
72.249.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6a16a403b7ae17451850bde8fe40aaf4df877245d2ef4fa6c412f661965d0061

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.borrowell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:51:43 GMT
content-encoding
gzip
age
273
x-guploader-uploadid
ADPycdsl4DsZX59oDJlFJ8ZgrouEPY9pk8bQ970DIpsWyvo0rHGQiXvw4zASzJ3KNeWJV6OruoYb6GuvA55eyluiZmXN2w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13955
last-modified
Tue, 14 Mar 2023 20:02:40 GMT
server
UploadServer
etag
"ca1ea6ad860b12fa8315c203e6a3eaba"
vary
Accept-Encoding
x-goog-generation
1678824160078802
x-goog-hash
crc32c=PNo8Fw==, md5=yh6mrYYLEvqDFcID5qPqug==
access-control-allow-origin
*
content-type
text/javascript; charset=utf-8
cache-control
public,max-age=900,s-maxage=300
x-goog-stored-content-length
13955
accept-ranges
bytes
expires
Tue, 16 May 2023 13:56:43 GMT
/
websdk.appsflyer.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://websdk.appsflyer.com/?st=banners&
Requested by
Host: app.borrowell.com
URL: https://app.borrowell.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:829b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2dcc31514ac522e9afa01055f8a5da512739c809ad6fafe45cabaff1021a21e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.borrowell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 16 May 2023 13:56:16 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 Jan 2023 08:01:29 GMT
Server
AmazonS3
x-amz-request-id
GM4B1NQNW0ZJMM9G
ETag
"b0e78687523f348c2240034a51df837d"
x-amz-server-side-encryption
AES256
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=3315
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11777
x-amz-id-2
JUY4j2JQX6TmU6BfVXbpccqoGID27l36CQFfMD6inuaUAB38jcEySYT575muiF30e82k/ReTr0U=
Expires
Tue, 16 May 2023 14:51:31 GMT
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: app.borrowell.com
URL: https://app.borrowell.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:4cb8:1820:80ca:50f7 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.borrowell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:56:16 GMT
content-encoding
gzip
etag
"sLp6xTjO7svFVaOemhLWUQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 23 May 2023 13:56:16 GMT
events.js
tags.srv.stackadapt.com/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/events.js
Requested by
Host: app.borrowell.com
URL: https://app.borrowell.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.60.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-60-197.compute-1.amazonaws.com
Software
/
Resource Hash
61f75fab166543b3ee051601dc96d60f220e44da882266465eefa19fa10bbc9a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.borrowell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 16 May 2023 13:56:16 GMT
cache-control
max-age=5
content-encoding
gzip
content-type
text/javascript
modules.bfe9b3974f4dbc4fd0a0.js
script.hotjar.com/ 		264 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.bfe9b3974f4dbc4fd0a0.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-41390.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-46.jfk50.r.cloudfront.net
Software
/
Resource Hash
b370162829a0f77bc0bc9b78c8f97e9cbf8bcd9279ac2f8555f8dd9d7e328f94
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.borrowell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 12:09:08 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 9750f5ee94b45ad0faba87b3fac2aad6.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
6428
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
69472
last-modified
Tue, 16 May 2023 12:08:21 GMT
etag
"f7d169b59737e4c81422827687d2c665"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
OQKritl237X0AareUeH3Dtw8a8qBvWnzkw7vGTCjYSdeISVahfYfHA==
collect
analytics.google.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-CF0B65WK14&gtm=45je35a0&_p=816702589&_gaz=1&cid=1471470206.1684245376&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1684245376&sct=1&seg=0&dl=https%3A%2F%2Fapp.borrowell.com%2F&dt=Borrowell&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CF0B65WK14&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.borrowell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 13:56:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.borrowell.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-CF0B65WK14&cid=1471470206.1684245376&gtm=45je35a0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CF0B65WK14&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.borrowell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 13:56:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.borrowell.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-CF0B65WK14&cid=1471470206.1684245376&gtm=45je35a0&aip=1&z=196698689
Requested by
Host: app.borrowell.com
URL: https://app.borrowell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c07::5e Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.borrowell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 13:56:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sa.css
tags.srv.stackadapt.com/ 		65 B
203 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.css
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.60.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-60-197.compute-1.amazonaws.com
Software
/
Resource Hash
02f4b9dfe7f1792db8506a76e22530428d2ed4fa3441fa154adaf5f3ab84bc5c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.borrowell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 16 May 2023 13:56:16 GMT
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
65
content-type
text/css
sa.jpeg
tags.srv.stackadapt.com/ 		0
793 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.jpeg
Requested by
Host: app.borrowell.com
URL: https://app.borrowell.com/polyfills-es2015.3e8cf5198617e4217dbf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.60.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-60-197.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.borrowell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 16 May 2023 13:56:16 GMT
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
651
content-type
image/jpeg
rules-p-UjL7YNtpa4ZWS.js
rules.quantcount.com/ 		222 B
705 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-UjL7YNtpa4ZWS.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f7:c000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
29274015b12964fd3ec8c10c7e94208c11d8a6a325c6dd0f42631712050f2575

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.borrowell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:53:08 GMT
via
1.1 7d7f7790ad8ab9e81e905351df020944.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P1
age
690
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
222
last-modified
Thu, 13 Oct 2022 14:57:01 GMT
server
AmazonS3
etag
"97529393bae7241dd536edb328e6a82b"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
6yh3DBHD9F9C2APY43rJhcitujrnA68oQO1_6iXHZS0FfL8Jp3USIw==
pk_xtrtoNsK5imIPFFPIrAUOgmbpRIO7FNp
grsm.io/pr/gpk/ 		0
234 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grsm.io/pr/gpk/pk_xtrtoNsK5imIPFFPIrAUOgmbpRIO7FNp
Requested by
Host: app.borrowell.com
URL: https://app.borrowell.com/polyfills-es2015.3e8cf5198617e4217dbf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ad4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.borrowell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:56:16 GMT
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="This is not a P3P policy! See our docs for more info."
access-control-allow-origin
https://app.borrowell.com
content-type
text/plain; charset=utf-8
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
cf-ray
7c841f82d9a133eb-YUL
content-length
0
41390
vc.hotjar.io/sessions/ 		0
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/41390?s=0.25&r=0.2177037596992748
Requested by
Host: app.borrowell.com
URL: https://app.borrowell.com/polyfills-es2015.3e8cf5198617e4217dbf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-95.jfk50.r.cloudfront.net
Software
Python/3.8 aiohttp/3.8.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.borrowell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:56:16 GMT
via
1.1 9750f5ee94b45ad0faba87b3fac2aad6.cloudfront.net (CloudFront)
server
Python/3.8 aiohttp/3.8.4
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
K35-V-45ItiNCWpcu3jbkTxUHu07bYuRnyRr5aYlP6fh4mhMCCDjVg==
saq_pxl
tags.srv.stackadapt.com/ 		138 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/saq_pxl?uid=Inp-mmmH7EdC_nTnU2azVw&is_js=true&landing_url=https%3A%2F%2Fapp.borrowell.com%2F%23%2Fpublic%2Fcreditscore%3Futm_source%3Dcanadadrives%26utm_medium%3Dreferral%26utm_campaign%3Donline%26utm_content%3Dfcsc&t=Borrowell&tip=8vaT7BP0S9I1S2erddsW3cBPvehEhCUhzwWc4bzgPwY&host=https://app.borrowell.com&sa_conv_data_css_value=%270-37f9b510-00f2-50eb-6424-5c8a7e1dd33b%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd937f9b51000f250eb64245c8a7e1dd33b953899b5&sa-user-id-v2=s%253AN_m1EADyUOtkJFyKfh3TO5U4mbU.6R0JpurnyuhcEh%252FWXdII%252BSk0RG%252BscnbeiIznR8WOIGE&sa-user-id=s%253A0-37f9b510-00f2-50eb-6424-5c8a7e1dd33b.Qrckc%252Fw%252FO0%252BZqMwnlAgIJ3Q%252FJ66Q3thssWzjpoXzVTo
Requested by
Host: app.borrowell.com
URL: https://app.borrowell.com/polyfills-es2015.3e8cf5198617e4217dbf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.60.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-60-197.compute-1.amazonaws.com
Software
/
Resource Hash
0ff425c6e827e8cba48351704ff41c2558ac29a1464d566cdf3462c1ac37d5a6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.borrowell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
https://app.borrowell.com
date
Tue, 16 May 2023 13:56:16 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
138
access-control-allow-methods
GET
content-type
text/plain; charset=utf-8
pixel;r=570192074;labels=_fp.event.Default;rf=0;a=p-UjL7YNtpa4ZWS;url=https%3A%2F%2Fapp.borrowell.com%2F%23%2Fpublic%2Fcreditscore%3Futm_source%3Dcanadadrives%26utm_medium%3Dreferral%26utm_campaign...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=570192074;labels=_fp.event.Default;rf=0;a=p-UjL7YNtpa4ZWS;url=https%3A%2F%2Fapp.borrowell.com%2F%23%2Fpublic%2Fcreditscore%3Futm_source%3Dcanadadrives%26utm_medium%3Dreferral%26utm_campaign%3Donline%26utm_content%3Dfcsc;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1528298460-1684245376416;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=borrowell.com;dst=0;et=1684245376563;tzo=0;ogl=;ses=9a265017-685f-4d03-a07a-2a8656f63042;mdl=
Requested by
Host: app.borrowell.com
URL: https://app.borrowell.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:4cb8:1820:80ca:50f7 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.borrowell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 13:56:16 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pk_xtrtoNsK5imIPFFPIrAUOgmbpRIO7FNp
partnerlinks.io/pr/gpk/ 		0
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partnerlinks.io/pr/gpk/pk_xtrtoNsK5imIPFFPIrAUOgmbpRIO7FNp
Requested by
Host: app.borrowell.com
URL: https://app.borrowell.com/polyfills-es2015.3e8cf5198617e4217dbf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.borrowell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:56:16 GMT
server
cloudflare
vary
Accept-Encoding
p3p
CP="This is not a P3P policy! See our docs for more info."
access-control-allow-origin
https://app.borrowell.com
content-type
text/plain; charset=utf-8
access-control-allow-credentials
true
cf-ray
7c841f83ed1133ee-YUL
content-length
0
environment
app.borrowell.com/api/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.borrowell.com/api/environment
Requested by
Host: app.borrowell.com
URL: https://app.borrowell.com/polyfills-es2015.3e8cf5198617e4217dbf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.85.230.182 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; object-src 'none';
Strict-Transport-Security max-age=2592000, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.borrowell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:56:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=2592000, max-age=31536000; includeSubDomains; preload
referrer-policy
strict-origin-when-cross-origin
content-security-policy
upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; object-src 'none';
x-permitted-cross-domain-policies
none
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/json; charset=utf-8
permissions-policy
accelerometer=(self), camera=(self 'https://veriff.me'), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
x-xss-protection
1; mode=block
request-context
appId=cid-v1:fd71333b-614e-4dfb-9b66-21f109bb292b
openid-configuration
secure.borrowell.com/.well-known/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.borrowell.com/.well-known/openid-configuration
Requested by
Host: app.borrowell.com
URL: https://app.borrowell.com/polyfills-es2015.3e8cf5198617e4217dbf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7d46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.borrowell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:56:19 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
7c841f95a9583400-YUL
request-context
appId=cid-v1:5053b635-eed4-431e-8ff3-7552e44f4c76
Primary Request Login
secure.borrowell.com/Account/
Redirect Chain
  • https://secure.borrowell.com/connect/authorize?client_id=gemstone-public-web&redirect_uri=https%3A%2F%2Fapp.borrowell.com%2F%23%2Fcallback&response_type=code&scope=openid%20email%20roles%20gemstone...
  • https://secure.borrowell.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dgemstone-public-web%26redirect_uri%3Dhttps%253A%252F%252Fapp.borrowell.com%252F%2523%252Fcallbac...
18 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.borrowell.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dgemstone-public-web%26redirect_uri%3Dhttps%253A%252F%252Fapp.borrowell.com%252F%2523%252Fcallback%26response_type%3Dcode%26scope%3Dopenid%2520email%2520roles%2520gemstone.web.identity.full_access%2520gemstone.web.public.full_access%2520pv.read%2520cc.read%2520IdentityServerApi%2520ecr.read%2520mc.read%2520pp.read%2520uc.read%2520ns.read%2520ps.read%2520ge.read%2520cbl.read%2520rr.read%2520promo.read%2520iv.read%2520signup.full_access%26state%3D0811d6a5300b4407b2f569bebc76de69%26code_challenge%3DtkwGQNM3--eSc8gyLHJ635emj1g8N4bQGp-HlnJN3cs%26code_challenge_method%3DS256%26response_mode%3Dquery
Requested by
Host: app.borrowell.com
URL: https://app.borrowell.com/vendor-es2015.8831799efd023d057a78.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7d46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
7a77627349e34e6c63428f361ba2f6b95af4d31e2b32619bfb3d062ab15986b2
Security Headers
Name Value
Content-Security-Policy default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';style-src 'self' https://fonts.googleapis.com https://unpkg.com https://cdn.jsdelivr.net https://tags.srv.stackadapt.com/ https://www.googletagmanager.com;font-src 'self' https://fonts.gstatic.com;script-src 'self' 'unsafe-inline' https://unpkg.com https://www.google-analytics.com https://az416426.vo.msecnd.net https://cdn.jsdelivr.net https://www.googletagmanager.com/ https://static.hotjar.com https://cdn.adbloom.co https://websdk.appsflyer.com https://secure.quantserve.com https://tags.srv.stackadapt.com https://snippet.growsumo.com https://d.impactradius-event.com https://script.hotjar.com https://rules.quantcount.com https://qvdt3feo.com;img-src 'self' *;connect-src https://dc.services.visualstudio.com https://www.google-analytics.com https://grsm.io/ https://pixel.quantcount.com/ https://partnerlinks.io/ https://tags.srv.stackadapt.com/ ws://localhost:* https://www.googletagmanager.com https://analytics.google.com/ https://metrics.borrowell.com/snap https://secure.borrowell.com
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Security-Policy default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';style-src 'self' https://fonts.googleapis.com https://unpkg.com https://cdn.jsdelivr.net https://tags.srv.stackadapt.com/ https://www.googletagmanager.com;font-src 'self' https://fonts.gstatic.com;script-src 'self' 'unsafe-inline' https://unpkg.com https://www.google-analytics.com https://az416426.vo.msecnd.net https://cdn.jsdelivr.net https://www.googletagmanager.com/ https://static.hotjar.com https://cdn.adbloom.co https://websdk.appsflyer.com https://secure.quantserve.com https://tags.srv.stackadapt.com https://snippet.growsumo.com https://d.impactradius-event.com https://script.hotjar.com https://rules.quantcount.com https://qvdt3feo.com;img-src 'self' *;connect-src https://dc.services.visualstudio.com https://www.google-analytics.com https://grsm.io/ https://pixel.quantcount.com/ https://partnerlinks.io/ https://tags.srv.stackadapt.com/ ws://localhost:* https://www.googletagmanager.com https://analytics.google.com/ https://metrics.borrowell.com/snap https://secure.borrowell.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://app.borrowell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
7c841f971d014bd7-YUL
content-encoding
br
content-security-policy
default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';style-src 'self' https://fonts.googleapis.com https://unpkg.com https://cdn.jsdelivr.net https://tags.srv.stackadapt.com/ https://www.googletagmanager.com;font-src 'self' https://fonts.gstatic.com;script-src 'self' 'unsafe-inline' https://unpkg.com https://www.google-analytics.com https://az416426.vo.msecnd.net https://cdn.jsdelivr.net https://www.googletagmanager.com/ https://static.hotjar.com https://cdn.adbloom.co https://websdk.appsflyer.com https://secure.quantserve.com https://tags.srv.stackadapt.com https://snippet.growsumo.com https://d.impactradius-event.com https://script.hotjar.com https://rules.quantcount.com https://qvdt3feo.com;img-src 'self' *;connect-src https://dc.services.visualstudio.com https://www.google-analytics.com https://grsm.io/ https://pixel.quantcount.com/ https://partnerlinks.io/ https://tags.srv.stackadapt.com/ ws://localhost:* https://www.googletagmanager.com https://analytics.google.com/ https://metrics.borrowell.com/snap https://secure.borrowell.com
content-type
text/html; charset=utf-8
date
Tue, 16 May 2023 13:56:19 GMT
pragma
no-cache
referrer-policy
no-referrer
request-context
appId=cid-v1:5053b635-eed4-431e-8ff3-7552e44f4c76
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-content-security-policy
default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';style-src 'self' https://fonts.googleapis.com https://unpkg.com https://cdn.jsdelivr.net https://tags.srv.stackadapt.com/ https://www.googletagmanager.com;font-src 'self' https://fonts.gstatic.com;script-src 'self' 'unsafe-inline' https://unpkg.com https://www.google-analytics.com https://az416426.vo.msecnd.net https://cdn.jsdelivr.net https://www.googletagmanager.com/ https://static.hotjar.com https://cdn.adbloom.co https://websdk.appsflyer.com https://secure.quantserve.com https://tags.srv.stackadapt.com https://snippet.growsumo.com https://d.impactradius-event.com https://script.hotjar.com https://rules.quantcount.com https://qvdt3feo.com;img-src 'self' *;connect-src https://dc.services.visualstudio.com https://www.google-analytics.com https://grsm.io/ https://pixel.quantcount.com/ https://partnerlinks.io/ https://tags.srv.stackadapt.com/ ws://localhost:* https://www.googletagmanager.com https://analytics.google.com/ https://metrics.borrowell.com/snap https://secure.borrowell.com
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
ASP.NET

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
7c841f96bc344bd7-YUL
content-length
0
date
Tue, 16 May 2023 13:56:19 GMT
location
https://secure.borrowell.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dgemstone-public-web%26redirect_uri%3Dhttps%253A%252F%252Fapp.borrowell.com%252F%2523%252Fcallback%26response_type%3Dcode%26scope%3Dopenid%2520email%2520roles%2520gemstone.web.identity.full_access%2520gemstone.web.public.full_access%2520pv.read%2520cc.read%2520IdentityServerApi%2520ecr.read%2520mc.read%2520pp.read%2520uc.read%2520ns.read%2520ps.read%2520ge.read%2520cbl.read%2520rr.read%2520promo.read%2520iv.read%2520signup.full_access%26state%3D0811d6a5300b4407b2f569bebc76de69%26code_challenge%3DtkwGQNM3--eSc8gyLHJ635emj1g8N4bQGp-HlnJN3cs%26code_challenge_method%3DS256%26response_mode%3Dquery
request-context
appId=cid-v1:5053b635-eed4-431e-8ff3-7552e44f4c76
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains
x-powered-by
ASP.NET
collect
analytics.google.com/g/ 		0
0
collect
analytics.google.com/g/ 		0
0
icon
fonts.googleapis.com/ 		616 B
390 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons+Outlined
Requested by
Host: secure.borrowell.com
URL: https://secure.borrowell.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dgemstone-public-web%26redirect_uri%3Dhttps%253A%252F%252Fapp.borrowell.com%252F%2523%252Fcallback%26response_type%3Dcode%26scope%3Dopenid%2520email%2520roles%2520gemstone.web.identity.full_access%2520gemstone.web.public.full_access%2520pv.read%2520cc.read%2520IdentityServerApi%2520ecr.read%2520mc.read%2520pp.read%2520uc.read%2520ns.read%2520ps.read%2520ge.read%2520cbl.read%2520rr.read%2520promo.read%2520iv.read%2520signup.full_access%26state%3D0811d6a5300b4407b2f569bebc76de69%26code_challenge%3DtkwGQNM3--eSc8gyLHJ635emj1g8N4bQGp-HlnJN3cs%26code_challenge_method%3DS256%26response_mode%3Dquery
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c15::5f Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3f93939a32d53667337d1f980bb4fcac832e561c97882de60da2b9e49426d95a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 16 May 2023 13:56:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 16 May 2023 13:56:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 16 May 2023 13:56:19 GMT
material-components-web.min.css
cdn.jsdelivr.net/npm/material-components-web@latest/dist/ 		484 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/material-components-web@latest/dist/material-components-web.min.css
Requested by
Host: secure.borrowell.com
URL: https://secure.borrowell.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dgemstone-public-web%26redirect_uri%3Dhttps%253A%252F%252Fapp.borrowell.com%252F%2523%252Fcallback%26response_type%3Dcode%26scope%3Dopenid%2520email%2520roles%2520gemstone.web.identity.full_access%2520gemstone.web.public.full_access%2520pv.read%2520cc.read%2520IdentityServerApi%2520ecr.read%2520mc.read%2520pp.read%2520uc.read%2520ns.read%2520ps.read%2520ge.read%2520cbl.read%2520rr.read%2520promo.read%2520iv.read%2520signup.full_access%26state%3D0811d6a5300b4407b2f569bebc76de69%26code_challenge%3DtkwGQNM3--eSc8gyLHJ635emj1g8N4bQGp-HlnJN3cs%26code_challenge_method%3DS256%26response_mode%3Dquery
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
60f82e183aa0e791c1f3eb5bac905b5ae885f49f9708aeec8ec71a8b014c4f12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 16 May 2023 13:56:19 GMT
x-content-type-options
nosniff
content-encoding
br
age
26877
x-jsd-version
14.0.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
47878
x-served-by
cache-fra-eddf8230048-FRA, cache-yul12834-YUL
x-jsd-version-type
version
etag
W/"78f5e-DiLfwq4wpH8+fHZWjhQ3TyuO42w"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
site.min.css
secure.borrowell.com/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.borrowell.com/css/site.min.css?v=MruJ0tX689MfJ3nRq-5rKeZQaGGE3vNOC79IA0MZBb8
Requested by
Host: secure.borrowell.com
URL: https://secure.borrowell.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dgemstone-public-web%26redirect_uri%3Dhttps%253A%252F%252Fapp.borrowell.com%252F%2523%252Fcallback%26response_type%3Dcode%26scope%3Dopenid%2520email%2520roles%2520gemstone.web.identity.full_access%2520gemstone.web.public.full_access%2520pv.read%2520cc.read%2520IdentityServerApi%2520ecr.read%2520mc.read%2520pp.read%2520uc.read%2520ns.read%2520ps.read%2520ge.read%2520cbl.read%2520rr.read%2520promo.read%2520iv.read%2520signup.full_access%26state%3D0811d6a5300b4407b2f569bebc76de69%26code_challenge%3DtkwGQNM3--eSc8gyLHJ635emj1g8N4bQGp-HlnJN3cs%26code_challenge_method%3DS256%26response_mode%3Dquery
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7d46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
32bb89d2d5faf3d31f2779d1abee6b29e650686184def34e0bbf4803431905bf
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

request-context
appId=cid-v1:5053b635-eed4-431e-8ff3-7552e44f4c76
date
Tue, 16 May 2023 13:56:19 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 May 2023 13:31:52 GMT
server
cloudflare
age
6274
etag
W/"1d97c3149f24a1e"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=3600
cf-ray
7c841f97ae024bd7-YUL
expires
Tue, 16 May 2023 14:56:19 GMT
login.css
secure.borrowell.com/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.borrowell.com/css/login.css
Requested by
Host: secure.borrowell.com
URL: https://secure.borrowell.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dgemstone-public-web%26redirect_uri%3Dhttps%253A%252F%252Fapp.borrowell.com%252F%2523%252Fcallback%26response_type%3Dcode%26scope%3Dopenid%2520email%2520roles%2520gemstone.web.identity.full_access%2520gemstone.web.public.full_access%2520pv.read%2520cc.read%2520IdentityServerApi%2520ecr.read%2520mc.read%2520pp.read%2520uc.read%2520ns.read%2520ps.read%2520ge.read%2520cbl.read%2520rr.read%2520promo.read%2520iv.read%2520signup.full_access%26state%3D0811d6a5300b4407b2f569bebc76de69%26code_challenge%3DtkwGQNM3--eSc8gyLHJ635emj1g8N4bQGp-HlnJN3cs%26code_challenge_method%3DS256%26response_mode%3Dquery
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7d46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ae45516bebdea5097fa0565f3b7d6fbd0fb6a3138d30af5f4429c84712dcad2b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

request-context
appId=cid-v1:5053b635-eed4-431e-8ff3-7552e44f4c76
date
Tue, 16 May 2023 13:56:19 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 May 2023 13:28:34 GMT
server
cloudflare
age
6158
etag
W/"1d97c30d3ede3c0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=3600
cf-ray
7c841f97ae034bd7-YUL
expires
Tue, 16 May 2023 14:56:19 GMT
BW-Logo.svg
secure.borrowell.com/assets/ 		15 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.borrowell.com/assets/BW-Logo.svg
Requested by
Host: secure.borrowell.com
URL: https://secure.borrowell.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dgemstone-public-web%26redirect_uri%3Dhttps%253A%252F%252Fapp.borrowell.com%252F%2523%252Fcallback%26response_type%3Dcode%26scope%3Dopenid%2520email%2520roles%2520gemstone.web.identity.full_access%2520gemstone.web.public.full_access%2520pv.read%2520cc.read%2520IdentityServerApi%2520ecr.read%2520mc.read%2520pp.read%2520uc.read%2520ns.read%2520ps.read%2520ge.read%2520cbl.read%2520rr.read%2520promo.read%2520iv.read%2520signup.full_access%26state%3D0811d6a5300b4407b2f569bebc76de69%26code_challenge%3DtkwGQNM3--eSc8gyLHJ635emj1g8N4bQGp-HlnJN3cs%26code_challenge_method%3DS256%26response_mode%3Dquery
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7d46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
696af2f921f48a1c93803161b2a9261414f98a1e0831f76c273cefe8dc07888e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

request-context
appId=cid-v1:5053b635-eed4-431e-8ff3-7552e44f4c76
date
Tue, 16 May 2023 13:56:19 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 May 2023 13:28:34 GMT
server
cloudflare
age
6274
etag
W/"1d97c30d3edd155"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=3600
cf-ray
7c841f97ce384bd7-YUL
expires
Tue, 16 May 2023 14:56:19 GMT
app-store-badge.svg
secure.borrowell.com/assets/ 		21 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.borrowell.com/assets/app-store-badge.svg
Requested by
Host: secure.borrowell.com
URL: https://secure.borrowell.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dgemstone-public-web%26redirect_uri%3Dhttps%253A%252F%252Fapp.borrowell.com%252F%2523%252Fcallback%26response_type%3Dcode%26scope%3Dopenid%2520email%2520roles%2520gemstone.web.identity.full_access%2520gemstone.web.public.full_access%2520pv.read%2520cc.read%2520IdentityServerApi%2520ecr.read%2520mc.read%2520pp.read%2520uc.read%2520ns.read%2520ps.read%2520ge.read%2520cbl.read%2520rr.read%2520promo.read%2520iv.read%2520signup.full_access%26state%3D0811d6a5300b4407b2f569bebc76de69%26code_challenge%3DtkwGQNM3--eSc8gyLHJ635emj1g8N4bQGp-HlnJN3cs%26code_challenge_method%3DS256%26response_mode%3Dquery
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7d46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b5dc3edc024e128a1f23260a0af1f69e4ded1d3f257e7ca4d90dcbe7abb6d316
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

request-context
appId=cid-v1:5053b635-eed4-431e-8ff3-7552e44f4c76
date
Tue, 16 May 2023 13:56:19 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 May 2023 13:28:34 GMT
server
cloudflare
age
6158
etag
W/"1d97c30d3edb82e"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=3600
cf-ray
7c841f97ce3a4bd7-YUL
expires
Tue, 16 May 2023 14:56:19 GMT
google-play-badge.svg
secure.borrowell.com/assets/ 		23 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.borrowell.com/assets/google-play-badge.svg
Requested by
Host: secure.borrowell.com
URL: https://secure.borrowell.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dgemstone-public-web%26redirect_uri%3Dhttps%253A%252F%252Fapp.borrowell.com%252F%2523%252Fcallback%26response_type%3Dcode%26scope%3Dopenid%2520email%2520roles%2520gemstone.web.identity.full_access%2520gemstone.web.public.full_access%2520pv.read%2520cc.read%2520IdentityServerApi%2520ecr.read%2520mc.read%2520pp.read%2520uc.read%2520ns.read%2520ps.read%2520ge.read%2520cbl.read%2520rr.read%2520promo.read%2520iv.read%2520signup.full_access%26state%3D0811d6a5300b4407b2f569bebc76de69%26code_challenge%3DtkwGQNM3--eSc8gyLHJ635emj1g8N4bQGp-HlnJN3cs%26code_challenge_method%3DS256%26response_mode%3Dquery
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7d46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4ef776b0ca363283befa65843418b6e3ed3e35c7c0f07497231e154d9a97f5bc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

request-context
appId=cid-v1:5053b635-eed4-431e-8ff3-7552e44f4c76
date
Tue, 16 May 2023 13:56:19 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 May 2023 13:28:34 GMT
server
cloudflare
age
6158
etag
W/"1d97c30d3edb051"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=3600
cf-ray
7c841f97ce3b4bd7-YUL
expires
Tue, 16 May 2023 14:56:19 GMT
Credit-Score-Phone.png
secure.borrowell.com/assets/ 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.borrowell.com/assets/Credit-Score-Phone.png
Requested by
Host: secure.borrowell.com
URL: https://secure.borrowell.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dgemstone-public-web%26redirect_uri%3Dhttps%253A%252F%252Fapp.borrowell.com%252F%2523%252Fcallback%26response_type%3Dcode%26scope%3Dopenid%2520email%2520roles%2520gemstone.web.identity.full_access%2520gemstone.web.public.full_access%2520pv.read%2520cc.read%2520IdentityServerApi%2520ecr.read%2520mc.read%2520pp.read%2520uc.read%2520ns.read%2520ps.read%2520ge.read%2520cbl.read%2520rr.read%2520promo.read%2520iv.read%2520signup.full_access%26state%3D0811d6a5300b4407b2f569bebc76de69%26code_challenge%3DtkwGQNM3--eSc8gyLHJ635emj1g8N4bQGp-HlnJN3cs%26code_challenge_method%3DS256%26response_mode%3Dquery
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7d46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
0bac57692af9ab9f9ba9ca65c6584e61113c8e6333833b9acafa23998a3b32dc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:56:19 GMT
strict-transport-security
max-age=2592000; includeSubDomains
cf-cache-status
HIT
age
1834
x-powered-by
ASP.NET
content-length
83632
request-context
appId=cid-v1:5053b635-eed4-431e-8ff3-7552e44f4c76
last-modified
Mon, 01 May 2023 13:28:34 GMT
server
cloudflare
etag
"1d97c30d3ecabb0"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=3600
accept-ranges
bytes
cf-ray
7c841f97ce3c4bd7-YUL
expires
Tue, 16 May 2023 14:56:19 GMT
material-components-web.min.js
cdn.jsdelivr.net/npm/material-components-web@latest/dist/ 		469 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/material-components-web@latest/dist/material-components-web.min.js
Requested by
Host: secure.borrowell.com
URL: https://secure.borrowell.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dgemstone-public-web%26redirect_uri%3Dhttps%253A%252F%252Fapp.borrowell.com%252F%2523%252Fcallback%26response_type%3Dcode%26scope%3Dopenid%2520email%2520roles%2520gemstone.web.identity.full_access%2520gemstone.web.public.full_access%2520pv.read%2520cc.read%2520IdentityServerApi%2520ecr.read%2520mc.read%2520pp.read%2520uc.read%2520ns.read%2520ps.read%2520ge.read%2520cbl.read%2520rr.read%2520promo.read%2520iv.read%2520signup.full_access%26state%3D0811d6a5300b4407b2f569bebc76de69%26code_challenge%3DtkwGQNM3--eSc8gyLHJ635emj1g8N4bQGp-HlnJN3cs%26code_challenge_method%3DS256%26response_mode%3Dquery
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f031ccb7e4d8b3591570ef91fa86584eb1d8218c0750e0a1890b2a29bd814f78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 16 May 2023 13:56:19 GMT
x-content-type-options
nosniff
content-encoding
br
age
6397
x-jsd-version
14.0.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
79136
x-served-by
cache-fra-eddf8230057-FRA, cache-yul12834-YUL
x-jsd-version-type
version
etag
W/"753e8-dXfHptpBkNKN3rbobHZ1KhOsyb4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
css-vars-ponyfill.min.js
cdn.jsdelivr.net/npm/css-vars-ponyfill@2.1.1/dist/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/css-vars-ponyfill@2.1.1/dist/css-vars-ponyfill.min.js
Requested by
Host: secure.borrowell.com
URL: https://secure.borrowell.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dgemstone-public-web%26redirect_uri%3Dhttps%253A%252F%252Fapp.borrowell.com%252F%2523%252Fcallback%26response_type%3Dcode%26scope%3Dopenid%2520email%2520roles%2520gemstone.web.identity.full_access%2520gemstone.web.public.full_access%2520pv.read%2520cc.read%2520IdentityServerApi%2520ecr.read%2520mc.read%2520pp.read%2520uc.read%2520ns.read%2520ps.read%2520ge.read%2520cbl.read%2520rr.read%2520promo.read%2520iv.read%2520signup.full_access%26state%3D0811d6a5300b4407b2f569bebc76de69%26code_challenge%3DtkwGQNM3--eSc8gyLHJ635emj1g8N4bQGp-HlnJN3cs%26code_challenge_method%3DS256%26response_mode%3Dquery
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8b1ce38766902747a01fb7e687aed38df9c1680ce78a280b31aac4d398323c6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 16 May 2023 13:56:19 GMT
x-content-type-options
nosniff
content-encoding
br
age
5360162
x-jsd-version
2.1.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
7566
x-served-by
cache-fra-eddf8230037-FRA, cache-yul12834-YUL
x-jsd-version-type
version
etag
W/"52d7-5CSYhYAOX+8PAl5TQQFXMPXdXZU"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
site.min.js
secure.borrowell.com/js/ 		1 KB
624 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.borrowell.com/js/site.min.js?v=yX27h1rLTsR8Dv_gnM2AIH1a5k76jTr4HOj6jdprXR8
Requested by
Host: secure.borrowell.com
URL: https://secure.borrowell.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dgemstone-public-web%26redirect_uri%3Dhttps%253A%252F%252Fapp.borrowell.com%252F%2523%252Fcallback%26response_type%3Dcode%26scope%3Dopenid%2520email%2520roles%2520gemstone.web.identity.full_access%2520gemstone.web.public.full_access%2520pv.read%2520cc.read%2520IdentityServerApi%2520ecr.read%2520mc.read%2520pp.read%2520uc.read%2520ns.read%2520ps.read%2520ge.read%2520cbl.read%2520rr.read%2520promo.read%2520iv.read%2520signup.full_access%26state%3D0811d6a5300b4407b2f569bebc76de69%26code_challenge%3DtkwGQNM3--eSc8gyLHJ635emj1g8N4bQGp-HlnJN3cs%26code_challenge_method%3DS256%26response_mode%3Dquery
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7d46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c97dbb875acb4ec47c0effe09ccd80207d5ae64efa8d3af81ce8fa8dda6b5d1f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

request-context
appId=cid-v1:5053b635-eed4-431e-8ff3-7552e44f4c76
date
Tue, 16 May 2023 13:56:19 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 May 2023 13:31:52 GMT
server
cloudflare
age
6452
etag
W/"1d97c3149f25012"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
cf-ray
7c841f97ce314bd7-YUL
expires
Tue, 16 May 2023 14:56:19 GMT
jquery.min.js
secure.borrowell.com/lib/jquery/dist/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.borrowell.com/lib/jquery/dist/jquery.min.js
Requested by
Host: secure.borrowell.com
URL: https://secure.borrowell.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dgemstone-public-web%26redirect_uri%3Dhttps%253A%252F%252Fapp.borrowell.com%252F%2523%252Fcallback%26response_type%3Dcode%26scope%3Dopenid%2520email%2520roles%2520gemstone.web.identity.full_access%2520gemstone.web.public.full_access%2520pv.read%2520cc.read%2520IdentityServerApi%2520ecr.read%2520mc.read%2520pp.read%2520uc.read%2520ns.read%2520ps.read%2520ge.read%2520cbl.read%2520rr.read%2520promo.read%2520iv.read%2520signup.full_access%26state%3D0811d6a5300b4407b2f569bebc76de69%26code_challenge%3DtkwGQNM3--eSc8gyLHJ635emj1g8N4bQGp-HlnJN3cs%26code_challenge_method%3DS256%26response_mode%3Dquery
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7d46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

request-context
appId=cid-v1:5053b635-eed4-431e-8ff3-7552e44f4c76
date
Tue, 16 May 2023 13:56:19 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 May 2023 13:28:34 GMT
server
cloudflare
age
6274
etag
W/"1d97c30d3ecb086"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
cf-ray
7c841f97ce344bd7-YUL
expires
Tue, 16 May 2023 14:56:19 GMT
app-insight-events.js
secure.borrowell.com/js/ 		210 B
198 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.borrowell.com/js/app-insight-events.js
Requested by
Host: secure.borrowell.com
URL: https://secure.borrowell.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dgemstone-public-web%26redirect_uri%3Dhttps%253A%252F%252Fapp.borrowell.com%252F%2523%252Fcallback%26response_type%3Dcode%26scope%3Dopenid%2520email%2520roles%2520gemstone.web.identity.full_access%2520gemstone.web.public.full_access%2520pv.read%2520cc.read%2520IdentityServerApi%2520ecr.read%2520mc.read%2520pp.read%2520uc.read%2520ns.read%2520ps.read%2520ge.read%2520cbl.read%2520rr.read%2520promo.read%2520iv.read%2520signup.full_access%26state%3D0811d6a5300b4407b2f569bebc76de69%26code_challenge%3DtkwGQNM3--eSc8gyLHJ635emj1g8N4bQGp-HlnJN3cs%26code_challenge_method%3DS256%26response_mode%3Dquery
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7d46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b793e1af0cda90816228967ef2b508f555db366f201c56a6f387ec3080dcd50e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

request-context
appId=cid-v1:5053b635-eed4-431e-8ff3-7552e44f4c76
date
Tue, 16 May 2023 13:56:19 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 May 2023 13:28:34 GMT
server
cloudflare
age
6250
etag
W/"1d97c30d3ededd2"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
cf-ray
7c841f97ce364bd7-YUL
expires
Tue, 16 May 2023 14:56:19 GMT
analytics.js
www.google-analytics.com/ 		51 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: secure.borrowell.com
URL: https://secure.borrowell.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dgemstone-public-web%26redirect_uri%3Dhttps%253A%252F%252Fapp.borrowell.com%252F%2523%252Fcallback%26response_type%3Dcode%26scope%3Dopenid%2520email%2520roles%2520gemstone.web.identity.full_access%2520gemstone.web.public.full_access%2520pv.read%2520cc.read%2520IdentityServerApi%2520ecr.read%2520mc.read%2520pp.read%2520uc.read%2520ns.read%2520ps.read%2520ge.read%2520cbl.read%2520rr.read%2520promo.read%2520iv.read%2520signup.full_access%26state%3D0811d6a5300b4407b2f569bebc76de69%26code_challenge%3DtkwGQNM3--eSc8gyLHJ635emj1g8N4bQGp-HlnJN3cs%26code_challenge_method%3DS256%26response_mode%3Dquery
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 16 May 2023 12:39:17 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
4622
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Tue, 16 May 2023 14:39:17 GMT
gtm.js
www.googletagmanager.com/ 		230 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K5GCC9
Requested by
Host: secure.borrowell.com
URL: https://secure.borrowell.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dgemstone-public-web%26redirect_uri%3Dhttps%253A%252F%252Fapp.borrowell.com%252F%2523%252Fcallback%26response_type%3Dcode%26scope%3Dopenid%2520email%2520roles%2520gemstone.web.identity.full_access%2520gemstone.web.public.full_access%2520pv.read%2520cc.read%2520IdentityServerApi%2520ecr.read%2520mc.read%2520pp.read%2520uc.read%2520ns.read%2520ps.read%2520ge.read%2520cbl.read%2520rr.read%2520promo.read%2520iv.read%2520signup.full_access%26state%3D0811d6a5300b4407b2f569bebc76de69%26code_challenge%3DtkwGQNM3--eSc8gyLHJ635emj1g8N4bQGp-HlnJN3cs%26code_challenge_method%3DS256%26response_mode%3Dquery
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7b4d247fd40ee412020b705de7c9b9790b034bb51311b0ba777ed78348994cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:56:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
81501
x-xss-protection
0
last-modified
Tue, 16 May 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 16 May 2023 13:56:19 GMT
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: secure.borrowell.com
URL: https://secure.borrowell.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dgemstone-public-web%26redirect_uri%3Dhttps%253A%252F%252Fapp.borrowell.com%252F%2523%252Fcallback%26response_type%3Dcode%26scope%3Dopenid%2520email%2520roles%2520gemstone.web.identity.full_access%2520gemstone.web.public.full_access%2520pv.read%2520cc.read%2520IdentityServerApi%2520ecr.read%2520mc.read%2520pp.read%2520uc.read%2520ns.read%2520ps.read%2520ge.read%2520cbl.read%2520rr.read%2520promo.read%2520iv.read%2520signup.full_access%26state%3D0811d6a5300b4407b2f569bebc76de69%26code_challenge%3DtkwGQNM3--eSc8gyLHJ635emj1g8N4bQGp-HlnJN3cs%26code_challenge_method%3DS256%26response_mode%3Dquery
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:17a5:191a:18d5:537:22f9 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/79DC) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 16 May 2023 13:56:19 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
577
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (nya/79DC)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
0d5330fa-501e-0013-61fc-8755af000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Tue, 16 May 2023 14:26:19 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=28970725&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.borrowell.com%2FAccount%2FLogin%3FReturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253Dgemstone-public-web%2526redirect_uri%253Dhttps%25253A%25252F%25252Fapp.borrowell.com%25252F%252523%25252Fcallback%2526response_type%253Dcode%2526scope%253Dopenid%252520email%252520roles%252520gemstone.web.identity.full_access%252520gemstone.web.public.full_access%252520pv.read%252520cc.read%252520IdentityServerApi%252520ecr.read%252520mc.read%252520pp.read%252520uc.read%252520ns.read%252520ps.read%252520ge.read%252520cbl.read%252520rr.read%252520promo.read%252520iv.read%252520signup.full_access%2526state%253D0811d6a5300b4407b2f569bebc76de69%2526code_challenge%253DtkwGQNM3--eSc8gyLHJ635emj1g8N4bQGp-HlnJN3cs%2526code_challenge_method%253DS256%2526response_mode%253Dquery&dr=https%3A%2F%2Fapp.borrowell.com%2F&ul=en-us&de=UTF-8&dt=Borrowell&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=AACAAEABAAAAACAAI~&jid=2141974967&gjid=197347308&cid=1471470206.1684245376&tid=UA-56857616-1&_gid=1507718744.1684245376&_r=1&_slc=1&z=1735927415
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 16 May 2023 13:56:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure.borrowell.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
Desktop-Background.svg
secure.borrowell.com/assets/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.borrowell.com/assets/Desktop-Background.svg
Requested by
Host: secure.borrowell.com
URL: https://secure.borrowell.com/css/login.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7d46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
60e360fcc331eb2705b44caed159639c37abf4396d39946377bd5cb73affaa7a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secure.borrowell.com/css/login.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

request-context
appId=cid-v1:5053b635-eed4-431e-8ff3-7552e44f4c76
date
Tue, 16 May 2023 13:56:19 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 May 2023 13:28:34 GMT
server
cloudflare
age
7093
etag
W/"1d97c30d3edf619"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=3600
cf-ray
7c841f983f104bd7-YUL
expires
Tue, 16 May 2023 14:56:19 GMT
Lato-Regular.woff2
secure.borrowell.com/lib/fonts/Lato/ 		178 KB
179 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://secure.borrowell.com/lib/fonts/Lato/Lato-Regular.woff2
Requested by
Host: secure.borrowell.com
URL: https://secure.borrowell.com/css/site.min.css?v=MruJ0tX689MfJ3nRq-5rKeZQaGGE3vNOC79IA0MZBb8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7d46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
983b0caf336e8542214fc17019a4fc5e0360864b92806ca14d55c1fc1c2c5a0f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://secure.borrowell.com/css/site.min.css?v=MruJ0tX689MfJ3nRq-5rKeZQaGGE3vNOC79IA0MZBb8
Origin
https://secure.borrowell.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:56:19 GMT
strict-transport-security
max-age=2592000; includeSubDomains
cf-cache-status
HIT
age
3967
x-powered-by
ASP.NET
content-length
182708
request-context
appId=cid-v1:5053b635-eed4-431e-8ff3-7552e44f4c76
last-modified
Mon, 01 May 2023 13:28:34 GMT
server
cloudflare
etag
"1d97c30d3ef24b4"
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=3600
accept-ranges
bytes
cf-ray
7c841f983f164bd7-YUL
expires
Tue, 16 May 2023 14:56:19 GMT
u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2
fonts.gstatic.com/s/merriweather/v20/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v20/u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2
Requested by
Host: secure.borrowell.com
URL: https://secure.borrowell.com/css/site.min.css?v=MruJ0tX689MfJ3nRq-5rKeZQaGGE3vNOC79IA0MZBb8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c18::5e Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b5c9e4876832936836619c0b253bd8fd6c739560a6d5f287f51ac71b2edf7ae9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.borrowell.com/
Origin
https://secure.borrowell.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 17:42:04 GMT
x-content-type-options
nosniff
age
591255
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19056
x-xss-protection
0
last-modified
Tue, 19 Feb 2019 22:24:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 May 2024 17:42:04 GMT
gok-H7zzDkdnRel8-DQ6KAXJ69wP1tGnf4ZGhUce.woff2
fonts.gstatic.com/s/materialiconsoutlined/v109/ 		152 KB
152 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialiconsoutlined/v109/gok-H7zzDkdnRel8-DQ6KAXJ69wP1tGnf4ZGhUce.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons+Outlined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c18::5e Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35dca8a7145a17c8d1306f25a3ca091578e15396f0b22d61eb8e73262ac75577
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://secure.borrowell.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 06:17:38 GMT
x-content-type-options
nosniff
age
200321
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
155276
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 20:24:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 13 May 2024 06:17:38 GMT
Lato-Bold.woff2
secure.borrowell.com/lib/fonts/Lato/ 		181 KB
181 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://secure.borrowell.com/lib/fonts/Lato/Lato-Bold.woff2
Requested by
Host: secure.borrowell.com
URL: https://secure.borrowell.com/css/site.min.css?v=MruJ0tX689MfJ3nRq-5rKeZQaGGE3vNOC79IA0MZBb8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7d46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ae88fc0d7a961832f809527d30bd3983a6866d42f66a56ade23f543681594db6
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://secure.borrowell.com/css/site.min.css?v=MruJ0tX689MfJ3nRq-5rKeZQaGGE3vNOC79IA0MZBb8
Origin
https://secure.borrowell.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:56:19 GMT
strict-transport-security
max-age=2592000; includeSubDomains
cf-cache-status
HIT
age
4045
x-powered-by
ASP.NET
content-length
184912
request-context
appId=cid-v1:5053b635-eed4-431e-8ff3-7552e44f4c76
last-modified
Mon, 01 May 2023 13:28:34 GMT
server
cloudflare
etag
"1d97c30d3ef3f50"
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=3600
accept-ranges
bytes
cf-ray
7c841f984f254bd7-YUL
expires
Tue, 16 May 2023 14:56:19 GMT
collect
stats.g.doubleclick.net/j/ 		0
0
js
www.googletagmanager.com/gtag/ 		251 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CF0B65WK14&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K5GCC9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
aec24d4c4b71a895a416af15dd972c8a50ce5617eb9b0263e7b9cb5b4b6d6d4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:56:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86669
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 16 May 2023 13:56:20 GMT
hotjar-41390.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-41390.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K5GCC9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-101.jfk50.r.cloudfront.net
Software
/
Resource Hash
5c3246717ee3792af928eee0f6ae1bdcbd1ef03273272684758b6302b9772447
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Tue, 16 May 2023 13:56:09 GMT
via
1.1 313dd6f62ed18c58ce60182660a6ec46.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
age
10
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/d50908442a0f00c3b9c153abbb4f24a7
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
Rvxlqa9fhklQTe5Bzss8BZ4XvJW5fNrBpLAe8bPZKHJvG9B_xtp8bg==
/
websdk.appsflyer.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://websdk.appsflyer.com/?st=banners&
Requested by
Host: app.borrowell.com
URL: https://app.borrowell.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:829b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2dcc31514ac522e9afa01055f8a5da512739c809ad6fafe45cabaff1021a21e

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 16 May 2023 13:56:20 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 Jan 2023 08:01:29 GMT
Server
AmazonS3
x-amz-request-id
GM4B1NQNW0ZJMM9G
ETag
"b0e78687523f348c2240034a51df837d"
x-amz-server-side-encryption
AES256
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=3311
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11777
x-amz-id-2
JUY4j2JQX6TmU6BfVXbpccqoGID27l36CQFfMD6inuaUAB38jcEySYT575muiF30e82k/ReTr0U=
Expires
Tue, 16 May 2023 14:51:31 GMT
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: app.borrowell.com
URL: https://app.borrowell.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:4cb8:1820:80ca:50f7 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:56:19 GMT
content-encoding
gzip
etag
"sLp6xTjO7svFVaOemhLWUQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 23 May 2023 13:56:19 GMT
events.js
tags.srv.stackadapt.com/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/events.js
Requested by
Host: app.borrowell.com
URL: https://app.borrowell.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.60.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-60-197.compute-1.amazonaws.com
Software
/
Resource Hash
359af1c74ed3ad381d789883c020681057a587fd8efb6731d21f60aaa78277f4

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 16 May 2023 13:56:19 GMT
cache-control
max-age=5
content-encoding
gzip
content-type
text/javascript
growsumo.min.js
snippet.growsumo.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snippet.growsumo.com/growsumo.min.js
Requested by
Host: app.borrowell.com
URL: https://app.borrowell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b02ba5f322701b8d9c590f48d4dd5cb38f1f70d04284f7e10856a02fae83d887

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:56:20 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 20 Apr 2023 18:31:42 GMT
server
cloudflare
age
17
etag
W/"6441850e-1904"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
7c841f98eca833fa-YUL
expires
Tue, 16 May 2023 17:56:20 GMT
A2096036-100a-4851-ae2f-0279a0b33db31.js
d.impactradius-event.com/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.impactradius-event.com/A2096036-100a-4851-ae2f-0279a0b33db31.js
Requested by
Host: app.borrowell.com
URL: https://app.borrowell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
72.249.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6a16a403b7ae17451850bde8fe40aaf4df877245d2ef4fa6c412f661965d0061

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:51:43 GMT
content-encoding
gzip
age
276
x-guploader-uploadid
ADPycdsl4DsZX59oDJlFJ8ZgrouEPY9pk8bQ970DIpsWyvo0rHGQiXvw4zASzJ3KNeWJV6OruoYb6GuvA55eyluiZmXN2w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13955
last-modified
Tue, 14 Mar 2023 20:02:40 GMT
server
UploadServer
etag
"ca1ea6ad860b12fa8315c203e6a3eaba"
vary
Accept-Encoding
x-goog-generation
1678824160078802
x-goog-hash
crc32c=PNo8Fw==, md5=yh6mrYYLEvqDFcID5qPqug==
access-control-allow-origin
*
content-type
text/javascript; charset=utf-8
cache-control
public,max-age=900,s-maxage=300
x-goog-stored-content-length
13955
accept-ranges
bytes
expires
Tue, 16 May 2023 13:56:43 GMT
modules.bfe9b3974f4dbc4fd0a0.js
script.hotjar.com/ 		264 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.bfe9b3974f4dbc4fd0a0.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-41390.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-46.jfk50.r.cloudfront.net
Software
/
Resource Hash
b370162829a0f77bc0bc9b78c8f97e9cbf8bcd9279ac2f8555f8dd9d7e328f94
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 12:09:08 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 9750f5ee94b45ad0faba87b3fac2aad6.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
6432
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
69472
last-modified
Tue, 16 May 2023 12:08:21 GMT
etag
"f7d169b59737e4c81422827687d2c665"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
Fi8VN3NtqhwKuHbtMo5D4jCNYL2K71yD3YqUcY68rP5G02C7Kf7a3g==
sa.css
tags.srv.stackadapt.com/ 		65 B
203 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.css
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.60.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-60-197.compute-1.amazonaws.com
Software
/
Resource Hash
02f4b9dfe7f1792db8506a76e22530428d2ed4fa3441fa154adaf5f3ab84bc5c

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 16 May 2023 13:56:20 GMT
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
65
content-type
text/css
sa.jpeg
tags.srv.stackadapt.com/ 		0
792 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.jpeg
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.60.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-60-197.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 16 May 2023 13:56:20 GMT
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
651
content-type
image/jpeg
rules-p-UjL7YNtpa4ZWS.js
rules.quantcount.com/ 		222 B
695 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-UjL7YNtpa4ZWS.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f7:c000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
29274015b12964fd3ec8c10c7e94208c11d8a6a325c6dd0f42631712050f2575

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:53:08 GMT
via
1.1 7d7f7790ad8ab9e81e905351df020944.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P1
age
694
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
222
last-modified
Thu, 13 Oct 2022 14:57:01 GMT
server
AmazonS3
etag
"97529393bae7241dd536edb328e6a82b"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
_yixM9R2iEWnXXo1fZxkqfSHxt7_hcSnMTnqletH05BL5RaJ0qzvhQ==
pk_xtrtoNsK5imIPFFPIrAUOgmbpRIO7FNp
grsm.io/pr/gpk/ 		0
81 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grsm.io/pr/gpk/pk_xtrtoNsK5imIPFFPIrAUOgmbpRIO7FNp
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ad4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:56:20 GMT
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="This is not a P3P policy! See our docs for more info."
access-control-allow-origin
https://secure.borrowell.com
content-type
text/plain; charset=utf-8
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
cf-ray
7c841f99592233eb-YUL
content-length
0
collect
analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-CF0B65WK14&gtm=45je35a0&_p=28970725&cid=1471470206.1684245376&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1684245376&sct=1&seg=1&dl=https%3A%2F%2Fsecure.borrowell.com%2FAccount%2FLogin%3FReturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253Dgemstone-public-web%2526redirect_uri%253Dhttps%25253A%25252F%25252Fapp.borrowell.com%25252F%252523%25252Fcallback%2526response_type%253Dcode%2526scope%253Dopenid%252520email%252520roles%252520gemstone.web.identity.full_access%252520gemstone.web.public.full_access%252520pv.read%252520cc.read%252520IdentityServerApi%252520ecr.read%252520mc.read%252520pp.read%252520uc.read%252520ns.read%252520ps.read%252520ge.read%252520cbl.read%252520rr.read%252520promo.read%252520iv.read%252520signup.full_access%2526state%253D0811d6a5300b4407b2f569bebc76de69%2526code_challenge%253DtkwGQNM3--eSc8gyLHJ635emj1g8N4bQGp-HlnJN3cs%2526code_challenge_method%253DS256%2526response_mode%253Dquery&dr=https%3A%2F%2Fapp.borrowell.com%2F&dt=Borrowell&en=page_view
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CF0B65WK14&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 13:56:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure.borrowell.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel;r=1298045423;labels=_fp.event.Default;rf=0;a=p-UjL7YNtpa4ZWS;url=https%3A%2F%2Fsecure.borrowell.com%2FAccount%2FLogin%3FReturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253Dg...
pixel.quantserve.com/ 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1298045423;labels=_fp.event.Default;rf=0;a=p-UjL7YNtpa4ZWS;url=https%3A%2F%2Fsecure.borrowell.com%2FAccount%2FLogin%3FReturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253Dgemstone-public-web%2526redirect_uri%253Dhttps%25253A%25252F%25252Fapp.borrowell.com%25252F%252523%25252Fcallback%2526response_type%253Dcode%2526scope%253Dopenid%252520email%252520roles%252520gemstone.web.identity.full_access%252520gemstone.web.public.full_access%252520pv.read%252520cc.read%252520IdentityServerApi%252520ecr.read%252520mc.read%252520pp.read%252520uc.read%252520ns.read%252520ps.read%252520ge.read%252520cbl.read%252520rr.read%252520promo.read%252520iv.read%252520signup.full_access%2526state%253D0811d6a5300b4407b2f569bebc76de69%2526code_challenge%253DtkwGQNM3--eSc8gyLHJ635emj1g8N4bQGp-HlnJN3cs%2526code_challenge_method%253DS256%2526response_mode%253Dquery;ref=https%3A%2F%2Fapp.borrowell.com%2F;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=0;fpa=P0-1528298460-1684245376416;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;d=borrowell.com;dst=0;et=1684245380140;tzo=0;ogl=;ses=641b0e01-c5a4-4cfe-b484-c914e6c566c4;mdl=
Requested by
Host: secure.borrowell.com
URL: https://secure.borrowell.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dgemstone-public-web%26redirect_uri%3Dhttps%253A%252F%252Fapp.borrowell.com%252F%2523%252Fcallback%26response_type%3Dcode%26scope%3Dopenid%2520email%2520roles%2520gemstone.web.identity.full_access%2520gemstone.web.public.full_access%2520pv.read%2520cc.read%2520IdentityServerApi%2520ecr.read%2520mc.read%2520pp.read%2520uc.read%2520ns.read%2520ps.read%2520ge.read%2520cbl.read%2520rr.read%2520promo.read%2520iv.read%2520signup.full_access%26state%3D0811d6a5300b4407b2f569bebc76de69%26code_challenge%3DtkwGQNM3--eSc8gyLHJ635emj1g8N4bQGp-HlnJN3cs%26code_challenge_method%3DS256%26response_mode%3Dquery
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:4cb8:1820:80ca:50f7 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 16 May 2023 13:56:20 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pk_xtrtoNsK5imIPFFPIrAUOgmbpRIO7FNp
partnerlinks.io/pr/gpk/ 		0
80 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partnerlinks.io/pr/gpk/pk_xtrtoNsK5imIPFFPIrAUOgmbpRIO7FNp
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:56:20 GMT
server
cloudflare
vary
Accept-Encoding
p3p
CP="This is not a P3P policy! See our docs for more info."
access-control-allow-origin
https://secure.borrowell.com
content-type
text/plain; charset=utf-8
access-control-allow-credentials
true
cf-ray
7c841f99ec8433ee-YUL
content-length
0
saq_pxl
tags.srv.stackadapt.com/ 		138 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/saq_pxl?uid=Inp-mmmH7EdC_nTnU2azVw&is_js=true&landing_url=https%3A%2F%2Fsecure.borrowell.com%2FAccount%2FLogin%3FReturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253Dgemstone-public-web%2526redirect_uri%253Dhttps%25253A%25252F%25252Fapp.borrowell.com%25252F%252523%25252Fcallback%2526response_type%253Dcode%2526scope%253Dopenid%252520email%252520roles%252520gemstone.web.identity.full_access%252520gemstone.web.public.full_access%252520pv.read%252520cc.read%252520IdentityServerApi%252520ecr.read%252520mc.read%252520pp.read%252520uc.read%252520ns.read%252520ps.read%252520ge.read%252520cbl.read%252520rr.read%252520promo.read%252520iv.read%252520signup.full_access%2526state%253D0811d6a5300b4407b2f569bebc76de69%2526code_challenge%253DtkwGQNM3--eSc8gyLHJ635emj1g8N4bQGp-HlnJN3cs%2526code_challenge_method%253DS256%2526response_mode%253Dquery&t=Borrowell&tip=on04fgxH1iOd-Mj6NRIZIRa7MkTNDrowFVUCv5UxZH4&host=https://secure.borrowell.com&sa_conv_data_css_value=%270-37f9b510-00f2-50eb-6424-5c8a7e1dd33b%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd937f9b51000f250eb64245c8a7e1dd33b953899b5&sa-user-id-v2=s%253AN_m1EADyUOtkJFyKfh3TO5U4mbU.6R0JpurnyuhcEh%252FWXdII%252BSk0RG%252BscnbeiIznR8WOIGE&sa-user-id=s%253A0-37f9b510-00f2-50eb-6424-5c8a7e1dd33b.Qrckc%252Fw%252FO0%252BZqMwnlAgIJ3Q%252FJ66Q3thssWzjpoXzVTo
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.60.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-60-197.compute-1.amazonaws.com
Software
/
Resource Hash
0ff425c6e827e8cba48351704ff41c2558ac29a1464d566cdf3462c1ac37d5a6

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
https://secure.borrowell.com
date
Tue, 16 May 2023 13:56:20 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
138
access-control-allow-methods
GET
content-type
text/plain; charset=utf-8
track
dc.services.visualstudio.com/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.71.12.235 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://secure.borrowell.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Tue, 16 May 2023 13:56:20 GMT
x-content-type-options
nosniff
track
dc.services.visualstudio.com/v2/ 		96 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.71.12.235 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
faf2595b45a63c345533a8309ed505ae2a1375b20871a954f950ed9b24af456d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
en-CA,en;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
D037A6F0-E39C-468D-8E1B-DB0C5BD0A21D
strict-transport-security
max-age=31536000
date
Tue, 16 May 2023 13:56:20 GMT
x-content-type-options
nosniff
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
96
collect
analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-CF0B65WK14&gtm=45je35a0&_p=28970725&cid=1471470206.1684245376&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1684245376&sct=1&seg=1&dl=https%3A%2F%2Fsecure.borrowell.com%2FAccount%2FLogin%3FReturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253Dgemstone-public-web%2526redirect_uri%253Dhttps%25253A%25252F%25252Fapp.borrowell.com%25252F%252523%25252Fcallback%2526response_type%253Dcode%2526scope%253Dopenid%252520email%252520roles%252520gemstone.web.identity.full_access%252520gemstone.web.public.full_access%252520pv.read%252520cc.read%252520IdentityServerApi%252520ecr.read%252520mc.read%252520pp.read%252520uc.read%252520ns.read%252520ps.read%252520ge.read%252520cbl.read%252520rr.read%252520promo.read%252520iv.read%252520signup.full_access%2526state%253D0811d6a5300b4407b2f569bebc76de69%2526code_challenge%253DtkwGQNM3--eSc8gyLHJ635emj1g8N4bQGp-HlnJN3cs%2526code_challenge_method%253DS256%2526response_mode%253Dquery&dr=https%3A%2F%2Fapp.borrowell.com%2F&dt=Borrowell&en=scroll&epn.percent_scrolled=90&_et=15
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CF0B65WK14&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 13:56:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure.borrowell.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
analytics.google.com
URL
https://analytics.google.com/g/collect?v=2&tid=G-CF0B65WK14&gtm=45je35a0&_p=816702589&cid=1471470206.1684245376&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1684245376&sct=1&seg=0&dl=https%3A%2F%2Fapp.borrowell.com%2F&dt=Borrowell&en=scroll&epn.percent_scrolled=90&_et=10
Domain
analytics.google.com
URL
https://analytics.google.com/g/collect?v=2&tid=G-CF0B65WK14&gtm=45je35a0&_p=816702589&cid=1471470206.1684245376&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1684245376&sct=1&seg=0&dl=https%3A%2F%2Fapp.borrowell.com%2F&dt=Borrowell&en=user_engagement&_et=3378
Domain
stats.g.doubleclick.net
URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-56857616-1&cid=1471470206.1684245376&jid=2141974967&gjid=197347308&_gid=1507718744.1684245376&_u=AACAAEAAAAAAACAAI~&z=1812262704

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless string| GoogleAnalyticsObject function| ga object| dataLayer object| appInsights object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| mdc function| cssVars boolean| shouldEmitToSegment string| analyticsProxyEndpoint function| sendToProxy function| addTextFieldInputFocusEvents function| getLayoutType function| $ function| jQuery function| trackEvent function| trackPageView object| elInputField object| elLabel object| elTextField object| elError object| pwInputField object| pwLabel object| pwTextField object| pwError string| marketingSiteSessionId undefined| eventParams undefined| eventParams2 object| changeTracking boolean| loginClicked boolean| forgotPasswordClicked boolean| signUpClicked object| pwToggleButton object| loginButton object| loginButtonText object| forgotPasswordButton object| signUpLink object| AI object| Microsoft function| __extends function| _endsWith function| postscribe object| google_tag_manager_external object| google_tag_manager function| hj object| _hjSettings string| appsFlyerKey string| AppsFlyerSdkObject function| AF object| _qevents function| saq function| _saq string| ire_o function| ire object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| ImpactRadiusEvent object| irEvent function| quantserve function| __qc object| ezt object| _qoptions object| AF_cleanupMethods object| AF_SDK object| growsumo function| onYouTubeIframeAPIReady object| res object| saCookies string| current_window_url_param

30 Cookies

Domain/Path Name / Value
.app.borrowell.com/ Name: TiPMix
Value: 10.722721984939865
.app.borrowell.com/ Name: x-ms-routing-name
Value: self
.borrowell.com/ Name: _gid
Value: GA1.2.1507718744.1684245376
tags.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-37f9b510-00f2-50eb-6424-5c8a7e1dd33b.Qrckc%2Fw%2FO0%2BZqMwnlAgIJ3Q%2FJ66Q3thssWzjpoXzVTo
tags.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AN_m1EADyUOtkJFyKfh3TO5U4mbU.6R0JpurnyuhcEh%2FWXdII%2BSk0RG%2BscnbeiIznR8WOIGE
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AN_m1EADyUOtkJFyKfh3TO5U4mbU.6R0JpurnyuhcEh%2FWXdII%2BSk0RG%2BscnbeiIznR8WOIGE
app.borrowell.com/ Name: sa-user-id
Value: s%253A0-37f9b510-00f2-50eb-6424-5c8a7e1dd33b.Qrckc%252Fw%252FO0%252BZqMwnlAgIJ3Q%252FJ66Q3thssWzjpoXzVTo
app.borrowell.com/ Name: sa-user-id-v2
Value: s%253AN_m1EADyUOtkJFyKfh3TO5U4mbU.6R0JpurnyuhcEh%252FWXdII%252BSk0RG%252BscnbeiIznR8WOIGE
.borrowell.com/ Name: _hjFirstSeen
Value: 1
.borrowell.com/ Name: _hjIncludedInSessionSample_41390
Value: 0
.borrowell.com/ Name: _hjSession_41390
Value: eyJpZCI6IjVkNzNhZjc3LWU4OTYtNDZlMC04OWNmLWJjMzIxNWNkOWZkMCIsImNyZWF0ZWQiOjE2ODQyNDUzNzY0NzMsImluU2FtcGxlIjpmYWxzZX0=
.borrowell.com/ Name: _hjAbsoluteSessionInProgress
Value: 1
.borrowell.com/ Name: ps_mode
Value: trackingV1
.quantserve.com/ Name: mc
Value: 64638b80-93735-1f330-f6fe7
.borrowell.com/ Name: __qca
Value: P0-1528298460-1684245376416
.borrowell.com/ Name: IR_gbd
Value: borrowell.com
.borrowell.com/ Name: visit_url
Value: https://app.borrowell.com/#/public/creditscore?utm_source=canadadrives&utm_medium=referral&utm_campaign=online&utm_content=fcsc
.borrowell.com/ Name: __cf_bm
Value: WgFQYPkFIOMplsqllkLGoHKMb2Tdds149vwarqO2kjw-1684245379-0-AX9+pTyYnHg/5egIstbRqC0Gue9X9mquSc/HRHigZLz19S9rAKlitg5E3yh1dUdyGsKDFxeeUDPV4fIIIDQZqpY=
secure.borrowell.com/ Name: referer
Value: https%3A%2F%2Fapp.borrowell.com%2F
secure.borrowell.com/ Name: .AspNetCore.Antiforgery.w5W7x28NAIs
Value: CfDJ8NrvlMaFTW9NpH4pepBPv-Q9wjboySl4Uki9j2BlOtK0qYG7i9GMV3_zqVAQRlGxmyWW5HJp_95gGEZeIX13l1PxfBsDfTetODlYxFG398ydgDkcgwkxr701yFnUiKefw6QvrItpmazd05LIkIX0XvU
secure.borrowell.com/ Name: .AspNetCore.Mvc.CookieTempDataProvider
Value: CfDJ8NrvlMaFTW9NpH4pepBPv-RunJ2o495rWtsSTC7m4GRHKp1MXqxtpoZIVu1nRqwqUs5vxpdsHRyTH-rFRtLrr3F6cG5YOaOxiP0j3F8M4-aBjfpVsAnq4_j4P1s6Z3PYI-Pu9vlZQgQSpsxIAQzHqn6Z2jJBbgDaBlgOtTEhJ7lsPBp9IYwSMe1MHQQi6TDMcSUH5Ps3LMHZNZCKl_lN-Ew
.borrowell.com/ Name: _gat
Value: 1
secure.borrowell.com/ Name: ai_user
Value: trF6x|2023-05-16T13:56:19.939Z
secure.borrowell.com/ Name: sa-user-id
Value: s%253A0-37f9b510-00f2-50eb-6424-5c8a7e1dd33b.Qrckc%252Fw%252FO0%252BZqMwnlAgIJ3Q%252FJ66Q3thssWzjpoXzVTo
secure.borrowell.com/ Name: sa-user-id-v2
Value: s%253AN_m1EADyUOtkJFyKfh3TO5U4mbU.6R0JpurnyuhcEh%252FWXdII%252BSk0RG%252BscnbeiIznR8WOIGE
.borrowell.com/ Name: _hjSessionUser_41390
Value: eyJpZCI6IjE0ZTgyZjA3LTgwNTQtNTU1ZC1hYjdkLTZjMGZlMGNhMTZlZSIsImNyZWF0ZWQiOjE2ODQyNDUzNzY0NjMsImV4aXN0aW5nIjp0cnVlfQ==
.borrowell.com/ Name: _ga
Value: GA1.1.1471470206.1684245376
.borrowell.com/ Name: _ga_CF0B65WK14
Value: GS1.1.1684245376.1.1.1684245380.56.0.0
secure.borrowell.com/ Name: ai_session
Value: GJSCb|1684245380144.2|1684245380144.2
.borrowell.com/ Name: IR_11160
Value: 1684245380041%7C0%7C1684245380041%7C%7C

4 Console Messages

Source Level URL
Text
security error
Message:
Error with Permissions-Policy header: Parse of permissions policy failed because of errors reported by structured header parser.
security warning URL: https://secure.borrowell.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dgemstone-public-web%26redirect_uri%3Dhttps%253A%252F%252Fapp.borrowell.com%252F%2523%252Fcallback%26response_type%3Dcode%26scope%3Dopenid%2520email%2520roles%2520gemstone.web.identity.full_access%2520gemstone.web.public.full_access%2520pv.read%2520cc.read%2520IdentityServerApi%2520ecr.read%2520mc.read%2520pp.read%2520uc.read%2520ns.read%2520ps.read%2520ge.read%2520cbl.read%2520rr.read%2520promo.read%2520iv.read%2520signup.full_access%26state%3D0811d6a5300b4407b2f569bebc76de69%26code_challenge%3DtkwGQNM3--eSc8gyLHJ635emj1g8N4bQGp-HlnJN3cs%26code_challenge_method%3DS256%26response_mode%3Dquery
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security error URL: https://www.google-analytics.com/analytics.js(Line 35)
Message:
Refused to connect to 'https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-56857616-1&cid=1471470206.1684245376&jid=2141974967&gjid=197347308&_gid=1507718744.1684245376&_u=AACAAEAAAAAAACAAI~&z=1812262704' because it violates the following Content Security Policy directive: "connect-src https://dc.services.visualstudio.com https://www.google-analytics.com https://grsm.io/ https://pixel.quantcount.com/ https://partnerlinks.io/ https://tags.srv.stackadapt.com/ ws://localhost:* https://www.googletagmanager.com https://analytics.google.com/ https://metrics.borrowell.com/snap https://secure.borrowell.com".
security warning URL: https://script.hotjar.com/modules.bfe9b3974f4dbc4fd0a0.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; object-src 'none';
Strict-Transport-Security max-age=2592000 max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
app.borrowell.com
az416426.vo.msecnd.net
cdn.jsdelivr.net
d.impactradius-event.com
dc.services.visualstudio.com
fonts.googleapis.com
fonts.gstatic.com
freecreditscorecanada.ca
grsm.io
partnerlinks.io
pixel.quantserve.com
rules.quantcount.com
script.hotjar.com
secure.borrowell.com
secure.quantserve.com
snippet.growsumo.com
static.hotjar.com
stats.g.doubleclick.net
tags.srv.stackadapt.com
vc.hotjar.io
websdk.appsflyer.com
www.google-analytics.com
www.google.ca
www.googletagmanager.com
analytics.google.com
stats.g.doubleclick.net
108.138.106.101
18.164.96.46
18.164.96.95
2001:4860:4802:32::178
2001:4860:4802:36::181
2600:141b:13::17d7:829b
2600:9000:24f7:c000:6:44e3:f8c0:93a1
2606:2800:11f:17a5:191a:18d5:537:22f9
2606:4700:3037::6815:2dd9
2606:4700::6810:7d46
2606:4700::6812:1f85
2606:4700::6812:346
2606:4700::6812:ad4
2607:f8b0:4004:c06::9a
2607:f8b0:4006:80c::2008
2607:f8b0:400c:c07::5e
2607:f8b0:400c:c15::5f
2607:f8b0:400c:c18::5e
2620:116:800b:21:4cb8:1820:80ca:50f7
2a04:4e42::485
35.186.249.72
40.71.12.235
40.85.230.182
52.54.60.197
01226f9d73834631861222dfdab3a4117e5a38ca4fa5c5842294ce9a5b3a57ec
02f4b9dfe7f1792db8506a76e22530428d2ed4fa3441fa154adaf5f3ab84bc5c
0bac57692af9ab9f9ba9ca65c6584e61113c8e6333833b9acafa23998a3b32dc
0ff425c6e827e8cba48351704ff41c2558ac29a1464d566cdf3462c1ac37d5a6
29274015b12964fd3ec8c10c7e94208c11d8a6a325c6dd0f42631712050f2575
2bd03bd4225b156ea7323916cc86537ccb7a5c0db2c9546ad72619898300d767
315a8a04fc322563b8bf11a74dfa23a46e4ef4636118a3b0ea2130fd4b2e102c
32bb89d2d5faf3d31f2779d1abee6b29e650686184def34e0bbf4803431905bf
359af1c74ed3ad381d789883c020681057a587fd8efb6731d21f60aaa78277f4
35dca8a7145a17c8d1306f25a3ca091578e15396f0b22d61eb8e73262ac75577
3f93939a32d53667337d1f980bb4fcac832e561c97882de60da2b9e49426d95a
4ef776b0ca363283befa65843418b6e3ed3e35c7c0f07497231e154d9a97f5bc
4ff9ef583d40fddbbe9a6cd4197291c499697da0cf7ca945788654d235ab0d87
517d85bd96d5feb6c4a78c58c64b89b2f36d1d51ade620ae746d37af585ddded
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
5c3246717ee3792af928eee0f6ae1bdcbd1ef03273272684758b6302b9772447
60e360fcc331eb2705b44caed159639c37abf4396d39946377bd5cb73affaa7a
60f82e183aa0e791c1f3eb5bac905b5ae885f49f9708aeec8ec71a8b014c4f12
61f75fab166543b3ee051601dc96d60f220e44da882266465eefa19fa10bbc9a
6398097f940d3aab3cbfbab357054ca76dbc64df1a52ec55933e4072e2e63c69
696af2f921f48a1c93803161b2a9261414f98a1e0831f76c273cefe8dc07888e
6a16a403b7ae17451850bde8fe40aaf4df877245d2ef4fa6c412f661965d0061
7a77627349e34e6c63428f361ba2f6b95af4d31e2b32619bfb3d062ab15986b2
7b4d247fd40ee412020b705de7c9b9790b034bb51311b0ba777ed78348994cad
8836c50a0fbc76d84d367a81f0443e930b7863b5c1e1e7d3ba8f32414dce4b0e
8b1ce38766902747a01fb7e687aed38df9c1680ce78a280b31aac4d398323c6a
983b0caf336e8542214fc17019a4fc5e0360864b92806ca14d55c1fc1c2c5a0f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
ae45516bebdea5097fa0565f3b7d6fbd0fb6a3138d30af5f4429c84712dcad2b
ae88fc0d7a961832f809527d30bd3983a6866d42f66a56ade23f543681594db6
aec24d4c4b71a895a416af15dd972c8a50ce5617eb9b0263e7b9cb5b4b6d6d4e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b02ba5f322701b8d9c590f48d4dd5cb38f1f70d04284f7e10856a02fae83d887
b370162829a0f77bc0bc9b78c8f97e9cbf8bcd9279ac2f8555f8dd9d7e328f94
b476d37caa6e9d7073f885887e54dd995b38012fbb47c2ab0c92c8ebf9f95661
b5c9e4876832936836619c0b253bd8fd6c739560a6d5f287f51ac71b2edf7ae9
b5dc3edc024e128a1f23260a0af1f69e4ded1d3f257e7ca4d90dcbe7abb6d316
b793e1af0cda90816228967ef2b508f555db366f201c56a6f387ec3080dcd50e
baf9bdf9aa70f126c70c60bf37356c6ca5908a4719032a83e1990bbcab0cb884
c97dbb875acb4ec47c0effe09ccd80207d5ae64efa8d3af81ce8fa8dda6b5d1f
d96000b35edf73757f80b96cbf1a48d572ba6e931462f884be5a51f505d9184e
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e2dcc31514ac522e9afa01055f8a5da512739c809ad6fafe45cabaff1021a21e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f031ccb7e4d8b3591570ef91fa86584eb1d8218c0750e0a1890b2a29bd814f78
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
faf2595b45a63c345533a8309ed505ae2a1375b20871a954f950ed9b24af456d