urlscan.io logo urlscan.io
SecurityTrails logo

borrower.january.com Open in urlscan Pro
2600:9000:223d:8600:1c:3c6d:f4c0:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://borrower.january.com/
Effective URL: https://borrower.january.com/
Submission: On April 29 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 3 countries across 14 domains to perform 50 HTTP transactions. The main IP is 2600:9000:223d:8600:1c:3c6d:f4c0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is borrower.january.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on January 30th 2024. Valid for: a year.
This is the only time borrower.january.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
25 2600:9000:223... 16509 (AMAZON-02)
5 2600:9000:249... 16509 (AMAZON-02)
1 130.211.5.208 396982 (GOOGLE-CL...)
1 35.201.112.186 396982 (GOOGLE-CL...)
1 13.33.218.24 16509 (AMAZON-02)
3 35.186.194.58 15169 (GOOGLE)
2 35.71.155.136 16509 (AMAZON-02)
1 104.70.80.118 16625 (AKAMAI-AS)
1 18.193.18.243 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 143.204.215.118 16509 (AMAZON-02)
1 2600:1f18:24e... 14618 (AMAZON-AES)
1 18.66.122.90 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 35.190.25.25 15169 (GOOGLE)
50 16
25    2600:9000:223d:8600:1c:3c6d:f4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
borrower.january.com
5    2600:9000:2491:e600:1e:6cda:f640:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.january.com
1    130.211.5.208 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 208.5.211.130.bc.googleusercontent.com
cdn4.mxpnl.com
1    35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com
edge.fullstory.com
1    13.33.218.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-218-24.fra60.r.cloudfront.net
www.datadoghq-browser-agent.com
3    35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com
rs.fullstory.com
2    35.71.155.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: a73d3afe8ff45acb7.awsglobalaccelerator.com
edge.api.flagsmith.com
1    104.70.80.118 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-70-80-118.deploy.static.akamaitechnologies.com
cdn.safecharge.com
1    18.193.18.243 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-18-243.eu-central-1.compute.amazonaws.com
widget.usersnap.com
1    2a00:1450:400c:c0a::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
accounts.google.com
1    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
1    143.204.215.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-118.fra53.r.cloudfront.net
january.com
1    2600:1f18:24e6:b901:df2:fc91:fc4d:9bbb (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rum-http-intake.logs.datadoghq.com
1    18.66.122.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-90.fra60.r.cloudfront.net
resources.usersnap.com
1    2606:4700::6810:8bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
1    35.190.25.25 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 25.25.190.35.bc.googleusercontent.com
api-js.mixpanel.com
Apex Domain
Subdomains		 Transfer
31 january.com
borrower.january.com
www.january.com
january.com
760 KB
4 fullstory.com
edge.fullstory.com — Cisco Umbrella Rank: 2169
rs.fullstory.com — Cisco Umbrella Rank: 2172
79 KB
2 google.com
accounts.google.com — Cisco Umbrella Rank: 20
apis.google.com — Cisco Umbrella Rank: 127
103 KB
2 usersnap.com
widget.usersnap.com — Cisco Umbrella Rank: 23063
resources.usersnap.com — Cisco Umbrella Rank: 30463
150 KB
2 flagsmith.com
edge.api.flagsmith.com — Cisco Umbrella Rank: 43323
806 B
1 mixpanel.com
api-js.mixpanel.com — Cisco Umbrella Rank: 2189
375 B
1 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2505
1 KB
1 datadoghq.com
rum-http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 7956
1 safecharge.com
cdn.safecharge.com — Cisco Umbrella Rank: 94002
1 KB
1 datadoghq-browser-agent.com
www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 1455
21 KB
1 mxpnl.com
cdn4.mxpnl.com — Cisco Umbrella Rank: 12595
19 KB
0 hs-analytics.net Failed
js.hs-analytics.net Failed
0 hs-banner.com Failed
js.hs-banner.com Failed
0 hscollectedforms.net Failed
js.hscollectedforms.net Failed
50 14
Domain Requested by
25 borrower.january.com borrower.january.com
5 www.january.com borrower.january.com
edge.fullstory.com
3 rs.fullstory.com edge.fullstory.com
www.datadoghq-browser-agent.com
2 edge.api.flagsmith.com www.datadoghq-browser-agent.com
1 api-js.mixpanel.com www.datadoghq-browser-agent.com
1 js.hs-scripts.com borrower.january.com
1 resources.usersnap.com widget.usersnap.com
1 rum-http-intake.logs.datadoghq.com www.datadoghq-browser-agent.com
1 january.com 1 redirects
1 apis.google.com borrower.january.com
1 accounts.google.com borrower.january.com
1 widget.usersnap.com borrower.january.com
1 cdn.safecharge.com borrower.january.com
1 www.datadoghq-browser-agent.com borrower.january.com
1 edge.fullstory.com borrower.january.com
edge.fullstory.com
1 cdn4.mxpnl.com borrower.january.com
0 js.hs-analytics.net Failed js.hs-scripts.com
0 js.hs-banner.com Failed js.hs-scripts.com
0 js.hscollectedforms.net Failed js.hs-scripts.com
50 19

This site contains links to these domains. Also see Links.

Domain
www.january.com
Subject Issuer Validity Valid
*.january.com
Amazon RSA 2048 M02		 2024-01-30 -
2025-02-27		 a year crt.sh
*.mxpnl.com
GeoTrust TLS RSA CA G1		 2023-07-12 -
2024-08-11		 a year crt.sh
edge.fullstory.com
GTS CA 1D4		 2024-03-07 -
2024-06-05		 3 months crt.sh
*.datadoghq-browser-agent.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-12 -
2024-12-14		 a year crt.sh
rs.fullstory.com
GTS CA 1D4		 2024-03-05 -
2024-06-03		 3 months crt.sh
edge.api.flagsmith.com
Amazon RSA 2048 M03		 2023-10-23 -
2024-11-21		 a year crt.sh
*.safecharge.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-05 -
2024-09-04		 a year crt.sh
usersnap.com
Amazon RSA 2048 M03		 2023-08-09 -
2024-09-06		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
*.logs.datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-16 -
2025-02-17		 a year crt.sh
hs-scripts.com
E1		 2024-04-01 -
2024-06-30		 3 months crt.sh
*.mixpanel.com
GeoTrust TLS RSA CA G1		 2024-02-08 -
2025-03-10		 a year crt.sh

This page contains 2 frames:

Primary Page: https://borrower.january.com/
Frame ID: 571680C2E022489BCC9CB80BB1284DAB
Requests: 49 HTTP requests in this frame

Frame: https://resources.usersnap.com/widget-assets/js/entries/globalSetup/708f83ac43687f8d04c1.js
Frame ID: 574FEA16F2C53CEBB5B622A3B2A6D601
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Pay Off Your Debt - January

Page URL History Show full URLs

  1. http://borrower.january.com/ HTTP 307
    https://borrower.january.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <meta[^>]*google-signin-client_id
  • apis\.google\.com/js/platform\.js
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Page Statistics

50
Requests

90 %
HTTPS

38 %
IPv6

14
Domains

19
Subdomains

16
IPs

3
Countries

1136 kB
Transfer

3269 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://borrower.january.com/ HTTP 307
    https://borrower.january.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34
  • https://january.com/static/prime_hsts.png HTTP 301
  • https://www.january.com/static/prime_hsts.png

50 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
borrower.january.com/
Redirect Chain
  • http://borrower.january.com/
  • https://borrower.january.com/
9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://borrower.january.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:8600:1c:3c6d:f4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
735b87570dcb2f4a75f6d25c0f78ea48d0e02dfd2b6696398735eb4294985857
Security Headers
Name Value
Content-Security-Policy object-src 'none'; manifest-src 'self'; base-uri 'self'; report-uri 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc'; report-to 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc';
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

cache-control
no-cache
content-encoding
br
content-security-policy
object-src 'none'; manifest-src 'self'; base-uri 'self'; report-uri 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc'; report-to 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc';
content-type
text/html
date
Mon, 29 Apr 2024 07:08:52 GMT
etag
W/"1c5afe3f055ae494966da7af9117a489"
last-modified
Sun, 28 Apr 2024 19:20:24 GMT
referrer-policy
same-origin
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-amz-cf-id
XkBgGf5ht5VamfTEzQjF5gYrlZSSPTmpVfO4BrRCF8GrvK4M3Lpssg==
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://borrower.january.com/
Non-Authoritative-Reason
HSTS
step1.1f542b8b.webp
borrower.january.com/static/media/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://borrower.january.com/static/media/step1.1f542b8b.webp
Requested by
Host: borrower.january.com
URL: https://borrower.january.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:8600:1c:3c6d:f4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8b94c178326236577bed89db26d65e6cd22289de71fb4c90ae72259988073b20
Security Headers
Name Value
Content-Security-Policy object-src 'none'; manifest-src 'self'; base-uri 'self'; report-uri 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc'; report-to 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc';
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://borrower.january.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
content-security-policy
object-src 'none'; manifest-src 'self'; base-uri 'self'; report-uri 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc'; report-to 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc';
x-content-type-options
nosniff
date
Sun, 28 Apr 2024 14:27:03 GMT
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
age
60110
x-cache
Hit from cloudfront
content-length
3820
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sat, 27 Apr 2024 00:55:50 GMT
server
AmazonS3
etag
"1f542b8ba6f615d90ca861305ed743c0"
x-frame-options
DENY
vary
Accept-Encoding
content-type
binary/octet-stream
x-amz-cf-id
WTD-I9sAddGlwy0BsTIlX1KDq-4DUXev7dx6_HkzAvyAqr0Jgbi53w==
step2.86042705.webp
borrower.january.com/static/media/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://borrower.january.com/static/media/step2.86042705.webp
Requested by
Host: borrower.january.com
URL: https://borrower.january.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:8600:1c:3c6d:f4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
319e35b0e85a5457315670cad78d27e44368fd3f8b347eca4de072b78972e349
Security Headers
Name Value
Content-Security-Policy object-src 'none'; manifest-src 'self'; base-uri 'self'; report-uri 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc'; report-to 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc';
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://borrower.january.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 07:08:53 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
object-src 'none'; manifest-src 'self'; base-uri 'self'; report-uri 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc'; report-to 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc';
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
content-length
3928
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sun, 28 Apr 2024 19:20:24 GMT
server
AmazonS3
etag
"86042705036d65c7d58a2ac17d59080c"
x-frame-options
DENY
content-type
binary/octet-stream
x-amz-cf-id
qhndE2YM15VQzpgyeSyxS0X6YGtCDLBlqcldMIonrn0PpHkYF4bAdg==
step3.82f51b6c.webp
borrower.january.com/static/media/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://borrower.january.com/static/media/step3.82f51b6c.webp
Requested by
Host: borrower.january.com
URL: https://borrower.january.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:8600:1c:3c6d:f4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
92ea60cceb052976d09dba01ca34be3ba7cfda26888bf864d9c55e51b3f29826
Security Headers
Name Value
Content-Security-Policy object-src 'none'; manifest-src 'self'; base-uri 'self'; report-uri 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc'; report-to 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc';
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://borrower.january.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
content-security-policy
object-src 'none'; manifest-src 'self'; base-uri 'self'; report-uri 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc'; report-to 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc';
x-content-type-options
nosniff
date
Mon, 29 Apr 2024 02:20:26 GMT
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
age
17307
x-cache
Hit from cloudfront
content-length
14914
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sat, 27 Apr 2024 00:55:50 GMT
server
AmazonS3
etag
"82f51b6c41fbd0a2cda96fac08d129dd"
x-frame-options
DENY
vary
Accept-Encoding
content-type
binary/octet-stream
x-amz-cf-id
OVFD3yl1Wztcz3kMcuz5fNtbeTWPGsjJjmno15Eb574IsfR24I6ZMA==
downArrow.8a878e96.svg
borrower.january.com/static/media/ 		165 B
837 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://borrower.january.com/static/media/downArrow.8a878e96.svg
Requested by
Host: borrower.january.com
URL: https://borrower.january.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:8600:1c:3c6d:f4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e9dde2e22e3b556234a5fb1aee7c52bfefae009917408567c62055025712ef54
Security Headers
Name Value
Content-Security-Policy object-src 'none'; manifest-src 'self'; base-uri 'self'; report-uri 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc'; report-to 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc';
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://borrower.january.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
content-security-policy
object-src 'none'; manifest-src 'self'; base-uri 'self'; report-uri 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc'; report-to 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc';
x-content-type-options
nosniff
date
Mon, 29 Apr 2024 07:08:53 GMT
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
x-cache
RefreshHit from cloudfront
content-length
165
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 12 Jan 2024 22:29:42 GMT
server
AmazonS3
etag
"8a878e96dabae3a3a3a5a607a9a6ed6f"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/svg+xml
x-amz-cf-id
QvUDItT7e62lsKGY2Zj7VmwVxcvXJrundKDyt-nMk7U4DZTzTPhz6Q==
logo.5fdbeb88.svg
borrower.january.com/static/media/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://borrower.january.com/static/media/logo.5fdbeb88.svg
Requested by
Host: borrower.january.com
URL: https://borrower.january.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:8600:1c:3c6d:f4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
515f7ce21c023ec0d7b82b23e7dece0944c82f4461d1d084818c02b22ba44bbe
Security Headers
Name Value
Content-Security-Policy object-src 'none'; manifest-src 'self'; base-uri 'self'; report-uri 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc'; report-to 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc';
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://borrower.january.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
content-security-policy
object-src 'none'; manifest-src 'self'; base-uri 'self'; report-uri 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc'; report-to 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc';
x-content-type-options
nosniff
date
Sun, 28 Apr 2024 14:27:03 GMT
content-encoding
br
x-amz-cf-pop
FRA56-P3
age
60110
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 12 Jan 2024 22:29:42 GMT
server
AmazonS3
etag
W/"5fdbeb88ffa70cbe7c09711b50348305"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/svg+xml
x-amz-cf-id
yL9tIMp2bg1D6zc46KrEktifOOKsW82m4Ko4n2ympZ6HSW4-v9fkOw==
dots.e06ca401.webp
borrower.january.com/static/media/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://borrower.january.com/static/media/dots.e06ca401.webp
Requested by
Host: borrower.january.com
URL: https://borrower.january.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:8600:1c:3c6d:f4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
554342860c1a080d5dc99ae007322433c581513725f701addb5d82bb2e67bf5a
Security Headers
Name Value
Content-Security-Policy object-src 'none'; manifest-src 'self'; base-uri 'self'; report-uri 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc'; report-to 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc';
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://borrower.january.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
content-security-policy
object-src 'none'; manifest-src 'self'; base-uri 'self'; report-uri 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc'; report-to 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc';
x-content-type-options
nosniff
date
Mon, 29 Apr 2024 02:20:27 GMT
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
age
17305
x-cache
Hit from cloudfront
content-length
6638
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sat, 27 Apr 2024 00:55:50 GMT
server
AmazonS3
etag
"e06ca401e46b20754948a89cbc0903d0"
x-frame-options
DENY
vary
Accept-Encoding
content-type
binary/octet-stream
x-amz-cf-id
kEu_CKkhJNxHQY65PK5rZpflpRBzt5gjy8MgZmvnFeDdKamwEAg8eA==
logo_dark.f208790e.svg
borrower.january.com/static/media/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://borrower.january.com/static/media/logo_dark.f208790e.svg
Requested by
Host: borrower.january.com
URL: https://borrower.january.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:8600:1c:3c6d:f4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cae9025e92c291613b6e9e218e58e2b8b9d6c400e9d8010c68f92481784b98c0
Security Headers
Name Value
Content-Security-Policy object-src 'none'; manifest-src 'self'; base-uri 'self'; report-uri 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc'; report-to 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc';
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://borrower.january.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
content-security-policy
object-src 'none'; manifest-src 'self'; base-uri 'self'; report-uri 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc'; report-to 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc';
x-content-type-options
nosniff
date
Mon, 29 Apr 2024 07:08:53 GMT
content-encoding
br
x-amz-cf-pop
FRA56-P3
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-cache
RefreshHit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 12 Jan 2024 22:29:42 GMT
server
AmazonS3
etag
W/"f208790e6f4d995af29aae4101a72ca1"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/svg+xml
x-amz-cf-id
YJAiku1QVuL7ZYqoBQD9jSVrgTMhAJsI1belx6WC66nq8mVSuC87lw==
man_circle.9ec1a855.webp
borrower.january.com/static/media/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://borrower.january.com/static/media/man_circle.9ec1a855.webp
Requested by
Host: borrower.january.com
URL: https://borrower.january.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:8600:1c:3c6d:f4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5e9a20631fdbd48d93eadfb13f35d5ddb44d0144edb3f00df756825e620fb91b
Security Headers
Name Value
Content-Security-Policy object-src 'none'; manifest-src 'self'; base-uri 'self'; report-uri 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc'; report-to 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc';
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://borrower.january.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
content-security-policy
object-src 'none'; manifest-src 'self'; base-uri 'self'; report-uri 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc'; report-to 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc';
x-content-type-options
nosniff
date
Mon, 29 Apr 2024 02:20:31 GMT
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
age
17302
x-cache
Hit from cloudfront
content-length
17920
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sat, 27 Apr 2024 00:55:50 GMT
server
AmazonS3
etag
"9ec1a855ae58f202fba5a35ffad67a28"
x-frame-options
DENY
vary
Accept-Encoding
content-type
binary/octet-stream
x-amz-cf-id
_5iJ8IDT5LFWvn-sbfj-JBvcpb1snEfOffBAbJAwLT7b4dP0hSKKSg==
january-favicon.3c102c8a.png
borrower.january.com/static/media/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://borrower.january.com/static/media/january-favicon.3c102c8a.png
Requested by
Host: borrower.january.com
URL: https://borrower.january.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:8600:1c:3c6d:f4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
335b2f97ddf5d069df8f69fc2b23b2391db4b17e0b9f962a45a3cbcd6087c248
Security Headers
Name Value
Content-Security-Policy object-src 'none'; manifest-src 'self'; base-uri 'self'; report-uri 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc'; report-to 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc';
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://borrower.january.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 07:08:53 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
object-src 'none'; manifest-src 'self'; base-uri 'self'; report-uri 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc'; report-to 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc';
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
content-length
1109
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sun, 28 Apr 2024 19:20:24 GMT
server
AmazonS3
etag
"3c102c8acec130f2c338d4f33a66e789"
x-frame-options
DENY
content-type
image/png
x-amz-cf-id
1CDpeJrOxNCqOo3pvTtQK-8ss_VfbG2-csstfQ_BBdJkSm-rdlViKg==
P22MackinacBold.8bc1e8da.woff
borrower.january.com/static/media/ 		9 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://borrower.january.com/static/media/P22MackinacBold.8bc1e8da.woff
Requested by
Host: borrower.january.com
URL: https://borrower.january.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:8600:1c:3c6d:f4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
735b87570dcb2f4a75f6d25c0f78ea48d0e02dfd2b6696398735eb4294985857
Security Headers
Name Value
Content-Security-Policy object-src 'none'; manifest-src 'self'; base-uri 'self'; report-uri 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc'; report-to 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc';
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://borrower.january.com/
Origin
https://borrower.january.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 07:08:52 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
object-src 'none'; manifest-src 'self'; base-uri 'self'; report-uri 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc'; report-to 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc';
content-encoding
br
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
x-cache
Error from cloudfront
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sun, 28 Apr 2024 19:20:24 GMT
server
AmazonS3
etag
W/"1c5afe3f055ae494966da7af9117a489"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/html
cache-control
no-cache
x-amz-cf-id
wjvLJjLGxVTNBAYBRHlByEepv292he8V-cmU3NR9zyHdKFhnClqaVQ==
P22MackinacBold.8bc1e8da.woff2
borrower.january.com/static/media/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://borrower.january.com/static/media/P22MackinacBold.8bc1e8da.woff2
Requested by
Host: borrower.january.com
URL: https://borrower.january.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:8600:1c:3c6d:f4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d1e96bb27720c4418bad93f130c46e69485a8d81b606fb49398708f1fce4f13c
Security Headers
Name Value
Content-Security-Policy object-src 'none'; manifest-src 'self'; base-uri 'self'; report-uri 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc'; report-to 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc';
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://borrower.january.com/
Origin
https://borrower.january.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
content-security-policy
object-src 'none'; manifest-src 'self'; base-uri 'self'; report-uri 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc'; report-to 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc';
x-content-type-options
nosniff
date
Mon, 29 Apr 2024 02:20:23 GMT
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
age
17310
x-cache
Hit from cloudfront
content-length
35656
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 21 Dec 2022 18:45:43 GMT
server
AmazonS3
etag
"8bc1e8da3b8f6f9ea95caab466b870fc"
x-frame-options
DENY
vary
Accept-Encoding
content-type
font/woff2
x-amz-cf-id
FrKxDqsGzeH1s5I1N2LgzwYQyxmIMZIxrdK6Q75rJ3LXdYLAE64ZWQ==
P22MackinacProBold.ecd6e5a5.woff2
borrower.january.com/static/media/ 		73 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://borrower.january.com/static/media/P22MackinacProBold.ecd6e5a5.woff2
Requested by
Host: borrower.january.com
URL: https://borrower.january.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:8600:1c:3c6d:f4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2fa0b9bf5099f0c230f3b526e35d4df85072ea091b48372f9dfee95ab3e0324e
Security Headers
Name Value
Content-Security-Policy object-src 'none'; manifest-src 'self'; base-uri 'self'; report-uri 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc'; report-to 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc';
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://borrower.january.com/
Origin
https://borrower.january.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 07:08:53 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
object-src 'none'; manifest-src 'self'; base-uri 'self'; report-uri 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc'; report-to 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc';
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
content-length
75116
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sun, 28 Apr 2024 19:20:24 GMT
server
AmazonS3
etag
"ecd6e5a5449c71fdfadbcaa5073e1053"
x-frame-options
DENY
content-type
binary/octet-stream
x-amz-cf-id
voYhy2MJyxjET_laOibs6eA1a2Wct3Gu6bMmRxRj2PtgDv8EO6vy-g==
MNKYBananaGrotesk-Regular.730de7c3.woff2
borrower.january.com/static/media/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://borrower.january.com/static/media/MNKYBananaGrotesk-Regular.730de7c3.woff2
Requested by
Host: borrower.january.com
URL: https://borrower.january.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:8600:1c:3c6d:f4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e6e6867c21ac90b204e50e98d9f47fe432e30d85ec5e84159bf390296475d4f
Security Headers
Name Value
Content-Security-Policy object-src 'none'; manifest-src 'self'; base-uri 'self'; report-uri 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc'; report-to 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc';
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://borrower.january.com/
Origin
https://borrower.january.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 12:03:39 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
object-src 'none'; manifest-src 'self'; base-uri 'self'; report-uri 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc'; report-to 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc';
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
age
68714
x-cache
Hit from cloudfront
content-length
24976
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sat, 27 Apr 2024 00:55:49 GMT
server
AmazonS3
etag
"730de7c32264ae930986d3ef87b1de6f"
x-frame-options
DENY
content-type
binary/octet-stream
x-amz-cf-id
vrJmrwn91mXhWnKWbRRGtSrEd0LghpzCltsfswzjG7CkiS0RHVPMUg==
MNKYBananaGrotesk-Bold.01d81fb2.woff2
borrower.january.com/static/media/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://borrower.january.com/static/media/MNKYBananaGrotesk-Bold.01d81fb2.woff2
Requested by
Host: borrower.january.com
URL: https://borrower.january.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:8600:1c:3c6d:f4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4927a107412f9b737480bb1d90a3bd55ae03a770c06a1fe486edcd804e8f24ca
Security Headers
Name Value
Content-Security-Policy object-src 'none'; manifest-src 'self'; base-uri 'self'; report-uri 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc'; report-to 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc';
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://borrower.january.com/
Origin
https://borrower.january.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 12:03:39 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
object-src 'none'; manifest-src 'self'; base-uri 'self'; report-uri 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc'; report-to 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc';
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
age
68714
x-cache
Hit from cloudfront
content-length
25380
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sat, 27 Apr 2024 00:55:49 GMT
server
AmazonS3
etag
"01d81fb21ce4453c794c5d1b8fea4a35"
x-frame-options
DENY
content-type
binary/octet-stream
x-amz-cf-id
0MKgkfg-bQNgtbDLgKNe6tYpBVdrtev41E6A996ytQReDCNxcZGcJg==
events
www.january.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.january.com/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:e600:1e:6cda:f640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://borrower.january.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://borrower.january.com
allow
OPTIONS, POST
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 29 Apr 2024 07:08:52 GMT
permissions-policy
interest-cohort=()
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=31536000
vary
Origin, Cookie
via
1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
x-amz-cf-id
v7kkH3f2PViXaqhNCEPuXymlxSsO6BzEATIbOhLTB_UqFqb1FxqueQ==
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
mixpanel-2-latest.min.js
cdn4.mxpnl.com/libs/ 		54 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn4.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by
Host: borrower.january.com
URL: https://borrower.january.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.5.208 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
208.5.211.130.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
87a9dc9be70cd0233d8ce1e472fe0751e178b7a1a42f5adde35f275ef0cefcc3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 07:05:08 GMT
content-encoding
gzip
age
224
x-guploader-uploadid
ABPtcPrz8sUQepA8r_q-mF5sYy8AYWWfbBYueuukKMt0GXSlRaqSysM6j9fvrPuasjfbFPrsYGE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18793
last-modified
Fri, 26 Apr 2024 20:55:25 GMT
server
UploadServer
etag
"699087d24603faf41a8ef844dd0c55d1"
vary
Accept-Encoding
x-goog-generation
1714164925156474
x-goog-hash
crc32c=4oRQEw==, md5=aZCH0kYD+vQajvhE3QxV0Q==
access-control-allow-origin
*
content-type
text/javascript
cache-control
public,max-age=600
x-goog-stored-content-length
18793
accept-ranges
bytes
expires
Mon, 29 Apr 2024 07:15:08 GMT
events
www.january.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.january.com/events
Requested by
Host: borrower.january.com
URL: https://borrower.january.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:e600:1e:6cda:f640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 29 Apr 2024 07:08:52 GMT
via
1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
content-length
0
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
nginx
vary
Origin, Cookie
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
access-control-allow-origin
https://borrower.january.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
x-amz-cf-id
g8LRWjv99IAE-YrzeDr9bQIqif3wTinOaug8s1aRPw8FsrQYrfePaw==
fs.js
edge.fullstory.com/s/ 		270 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: borrower.january.com
URL: https://borrower.january.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
714e572d89d556563c1364be11abf53243e01bec73dcec44bf812fa77059b385

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://borrower.january.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 06:41:40 GMT
content-encoding
br
age
1632
x-guploader-uploadid
ABPtcPoJZ7x_oBwnxXrjltdqkrz45cfj4HsrCyrt7zvpWYwJd5Pf9nw5-1pAhoORGheVhz95dlGXJVm8fg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74572
last-modified
Wed, 24 Apr 2024 15:55:38 GMT
server
UploadServer
etag
"9568c49933648165a4b57d6134954fb0"
vary
Accept-Encoding
x-goog-generation
1713974138368602
x-goog-hash
crc32c=TIbhRA==, md5=lWjEmTNkgWWktX1hNJVPsA==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600,no-transform
x-goog-stored-content-length
74572
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 29 Apr 2024 07:41:40 GMT
datadog-rum.js
www.datadoghq-browser-agent.com/ 		64 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.datadoghq-browser-agent.com/datadog-rum.js
Requested by
Host: borrower.january.com
URL: https://borrower.january.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.218.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-218-24.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
54cc471e6d75456315e6685c7af0dcdee292fddb9c31d4b7b0c5f75eb668d35c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 07:08:22 GMT
content-encoding
br
via
1.1 172c1df55a41f1a1b144f3711399cfc4.cloudfront.net (CloudFront)
last-modified
Mon, 19 Jul 2021 12:21:08 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P10
age
34
etag
W/"6f16bc452a225d7da116aa4c430872f8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=14400, s-maxage=60
timing-allow-origin
*
x-amz-cf-id
s3L9-BnjBYXzeuqhpeAOXdz1aZ35BRKvzxVLPVIfMTTyNWd8mjq0EQ==
main.3d26f6a8.chunk.css
borrower.january.com/static/css/ 		921 B
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://borrower.january.com/static/css/main.3d26f6a8.chunk.css
Requested by
Host: borrower.january.com
URL: https://borrower.january.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:8600:1c:3c6d:f4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
76284b4f0392413a897eaf783e412cd6bcf4fad956aaf6369ba49d4a68168ef2
Security Headers
Name Value
Content-Security-Policy object-src 'none'; manifest-src 'self'; base-uri 'self'; report-uri 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc'; report-to 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc';
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://borrower.january.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
content-security-policy
object-src 'none'; manifest-src 'self'; base-uri 'self'; report-uri 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc'; report-to 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc';
x-content-type-options
nosniff
date
Mon, 29 Apr 2024 07:08:53 GMT
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
x-cache
RefreshHit from cloudfront
content-length
921
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sat, 27 Apr 2024 00:55:49 GMT
server
AmazonS3
etag
"9732de126eb65e3604d0308e60944984"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
x-amz-cf-id
PrP3Ub2Ns9HhZux0sMtmjMppV9_W_LwooLVK2EV46e5X1JmC37jR9w==
runtime~main.e680afcf.js
borrower.january.com/static/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://borrower.january.com/static/js/runtime~main.e680afcf.js
Requested by
Host: borrower.january.com
URL: https://borrower.january.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:8600:1c:3c6d:f4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
33bf8ee571da58c68e96ed692ec7eeaace4f2522297778ebb76c7b365d7ac707
Security Headers
Name Value
Content-Security-Policy object-src 'none'; manifest-src 'self'; base-uri 'self'; report-uri 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc'; report-to 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc';
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://borrower.january.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 07:08:53 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
object-src 'none'; manifest-src 'self'; base-uri 'self'; report-uri 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc'; report-to 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc';
content-encoding
br
x-amz-cf-pop
FRA56-P3
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sun, 28 Apr 2024 19:20:24 GMT
server
AmazonS3
etag
W/"ac5baa26a47d05628c5990d2a5b18247"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
x-amz-cf-id
xVI7o_BtRgWxqrzHn2hU9ezMESCmsUVIq_euDvB11r3cJiiNWN1nZg==
web
edge.fullstory.com/s/settings/NA3ZB/v1/ 		0
0
web
rs.fullstory.com/s/settings/NA3ZB/v1/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/s/settings/NA3ZB/v1/web
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
8dd86535b2157f0ac0dd105ad286502a73ce4dcbaec9f43d7f43d5e1eff9216d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://borrower.january.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://borrower.january.com
date
Mon, 29 Apr 2024 07:08:52 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json; charset=utf-8
6.1721b828.chunk.js
borrower.january.com/static/js/ 		625 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://borrower.january.com/static/js/6.1721b828.chunk.js
Requested by
Host: borrower.january.com
URL: https://borrower.january.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:8600:1c:3c6d:f4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2c5b18307102626c10938d96e2c5e788bd47b8568d539a4cca2d3335eebca26d
Security Headers
Name Value
Content-Security-Policy object-src 'none'; manifest-src 'self'; base-uri 'self'; report-uri 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc'; report-to 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc';
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://borrower.january.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 21:43:36 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
object-src 'none'; manifest-src 'self'; base-uri 'self'; report-uri 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc'; report-to 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc';
content-encoding
br
x-amz-cf-pop
FRA56-P3
age
33917
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sun, 28 Apr 2024 19:20:23 GMT
server
AmazonS3
etag
W/"ade16215f1da4f28b2e5221518f80cc2"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
x-amz-cf-id
-d6IO_0EWRWEJxpqwIvyy_E4rCZIqJzuo4XKeLHlXzWE-9f4Frkv3w==
33.d29155ab.chunk.js
borrower.january.com/static/js/ 		273 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://borrower.january.com/static/js/33.d29155ab.chunk.js
Requested by
Host: borrower.january.com
URL: https://borrower.january.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:8600:1c:3c6d:f4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
496ef96f8c51f2ef68ce6a80ec97831e38c44ea4eb1be71ec71d496dbee98f34
Security Headers
Name Value
Content-Security-Policy object-src 'none'; manifest-src 'self'; base-uri 'self'; report-uri 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc'; report-to 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc';
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://borrower.january.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
content-security-policy
object-src 'none'; manifest-src 'self'; base-uri 'self'; report-uri 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc'; report-to 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc';
x-content-type-options
nosniff
date
Mon, 29 Apr 2024 07:08:53 GMT
content-encoding
br
x-amz-cf-pop
FRA56-P3
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-cache
RefreshHit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sat, 27 Apr 2024 00:55:49 GMT
server
AmazonS3
etag
W/"480214fe9e306c52f39846aa9e3e7013"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
x-amz-cf-id
VeQElOoxX3Bj4I_THnn8ibBOy6O6_rgcF4wylKaDRTYJZfyM5uwpwg==
page
rs.fullstory.com/rec/ 		5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/page
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
a5657678006b1553dc1836d1b30bab43b761e3ee79cd714c0795352aa91e9f65

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://borrower.january.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 29 Apr 2024 07:08:52 GMT
content-encoding
gzip
via
1.1 google
content-type
application/json; charset=utf-8
access-control-allow-origin
https://borrower.january.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1487
main.54dc0536.chunk.js
borrower.january.com/static/js/ 		738 KB
280 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://borrower.january.com/static/js/main.54dc0536.chunk.js
Requested by
Host: borrower.january.com
URL: https://borrower.january.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:8600:1c:3c6d:f4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7b2b9938ca676bf8cf9f41cd06b0131fea675b7cf5e0bb04d11e5821492376fa
Security Headers
Name Value
Content-Security-Policy object-src 'none'; manifest-src 'self'; base-uri 'self'; report-uri 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc'; report-to 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc';
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://borrower.january.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 21:43:36 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
object-src 'none'; manifest-src 'self'; base-uri 'self'; report-uri 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc'; report-to 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc';
content-encoding
br
x-amz-cf-pop
FRA56-P3
age
33916
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sun, 28 Apr 2024 19:20:23 GMT
server
AmazonS3
etag
W/"80eed8cb257e3cbc04229ae8456b0f7e"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
x-amz-cf-id
Foa8OHy8LcOs9uNnCSOuDiz10MTaGY5kKzyswQJh1q_hfKCk1L4j4A==
/
edge.api.flagsmith.com/api/v1/flags/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://edge.api.flagsmith.com/api/v1/flags/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.155.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a73d3afe8ff45acb7.awsglobalaccelerator.com
Software
awselb/2.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-environment-key
Access-Control-Request-Method
GET
Origin
https://borrower.january.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
*
access-control-expose-headers
x-flagsmith-document-updated-at
access-control-max-age
86400
allow
GET, HEAD, OPTIONS
content-length
0
content-type
application/json
date
Mon, 29 Apr 2024 07:08:53 GMT
server
awselb/2.0
/
edge.api.flagsmith.com/api/v1/flags/ 		2 KB
806 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.api.flagsmith.com/api/v1/flags/
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.155.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a73d3afe8ff45acb7.awsglobalaccelerator.com
Software
awselb/2.0 /
Resource Hash
17544063a76c01addc4338f27065a4d8c7baebe44358d04e38483676184fe7a5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
x-environment-key
6kqyrTAF86x9tTKiMpYUXy
Referer
https://borrower.january.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

aws-lambda-region
eu-west-2
date
Mon, 29 Apr 2024 07:08:53 GMT
content-encoding
gzip
aws-resource-region
eu-west-2
server
awselb/2.0
content-type
application/json
access-control-allow-origin
*
x-flagsmith-document-updated-at
1713894094.381149
cache-control
max-age=0
access-control-allow-credentials
true
access-control-expose-headers
x-flagsmith-document-updated-at
access-control-allow-headers
*
content-length
496
sc_api_applepay.min.js
cdn.safecharge.com/safecharge_resources/v1/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.safecharge.com/safecharge_resources/v1/sc_api_applepay.min.js
Requested by
Host: borrower.january.com
URL: https://borrower.january.com/static/js/main.54dc0536.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.70.80.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-70-80-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ca16a908d7566efdd90b1da4ea401323e44f163900f81f6101bffc69c3da5f1b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://borrower.january.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 07:08:53 GMT
content-encoding
gzip
last-modified
Fri, 16 Nov 2018 10:12:51 GMT
etag
"5bee9823-a6c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
cache-control
max-age=86400
accept-ranges
bytes
content-length
1062
a2bca1fc-41ab-4d27-88b3-dc8b7a9782ae
widget.usersnap.com/global/load/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.usersnap.com/global/load/a2bca1fc-41ab-4d27-88b3-dc8b7a9782ae?onload=onUsersnapCXLoad
Requested by
Host: borrower.january.com
URL: https://borrower.january.com/static/js/main.54dc0536.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.18.243 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-18-243.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
2a788871bb1482ecd3fe6f49dbd83cee571c010ec8f4dcd3380bfb3cede37d2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://borrower.january.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 07:08:52 GMT
strict-transport-security
max-age=31536000
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
content-encoding
gzip
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET
cache-control
max-age=10
cross-origin-resource-policy
cross-origin
x-xss-protection
1; mode=block
41.701fac0c.chunk.js
borrower.january.com/static/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://borrower.january.com/static/js/41.701fac0c.chunk.js
Requested by
Host: borrower.january.com
URL: https://borrower.january.com/static/js/runtime~main.e680afcf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:8600:1c:3c6d:f4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
afe6014f0528a199ac83065dceea41823aa9f383e9464e878d7347c8a6056d5c
Security Headers
Name Value
Content-Security-Policy object-src 'none'; manifest-src 'self'; base-uri 'self'; report-uri 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc'; report-to 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc';
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://borrower.january.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 02:20:26 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
object-src 'none'; manifest-src 'self'; base-uri 'self'; report-uri 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc'; report-to 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc';
content-encoding
br
x-amz-cf-pop
FRA56-P3
age
17307
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sun, 28 Apr 2024 19:20:23 GMT
server
AmazonS3
etag
W/"66ee71531c8fff0c534efc72f8ccedc7"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
x-amz-cf-id
Ghv0lGoVv83kE-YVzWLk4MmTySCaZgjF7JGBrBm1s6TcTM_sA68HZA==
client
accounts.google.com/gsi/ 		215 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: borrower.january.com
URL: https://borrower.january.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::54 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8586c49c032911bb1746f05009029f0aedeb90662d952330565bb33a6d43ee61
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-Rt7qXxfSwh0kUD_5m_0MNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://borrower.january.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 07:08:53 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-Rt7qXxfSwh0kUD_5m_0MNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 29 Apr 2024 07:08:53 GMT
platform.js
apis.google.com/js/ 		55 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: borrower.january.com
URL: https://borrower.january.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e6ed92748268abd57ed026022eba9da32c4d231e9ff8b57175244ca5b46c077
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://borrower.january.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 29 Apr 2024 07:08:53 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21302
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"791be0a0400d03a0"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 29 Apr 2024 07:08:53 GMT
prime_hsts.png
www.january.com/static/
Redirect Chain
  • https://january.com/static/prime_hsts.png
  • https://www.january.com/static/prime_hsts.png
272 B
792 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.january.com/static/prime_hsts.png
Requested by
Host: borrower.january.com
URL: https://borrower.january.com/
Protocol
H2
Server
2600:9000:2491:e600:1e:6cda:f640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5a8a0d7b7c5e4b4132f9e47d9ed02e770191e17d282d80537d5436efe33f6cfa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://borrower.january.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Apr 2024 07:08:53 GMT
via
1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
content-length
272
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 28 Apr 2024 19:04:48 GMT
server
nginx
etag
"662e9dd0-110"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=315360000, public; immutable
accept-ranges
bytes
x-amz-cf-id
s7zp8nBop61ovoswreyecFAYGdBk54sajBMk-gMQzDWaS88UF1vNOQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Mon, 29 Apr 2024 02:20:26 GMT
via
1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
17307
x-cache
Hit from cloudfront
location
https://www.january.com/static/prime_hsts.png
cache-control
max-age=1800; public
content-length
0
x-amz-cf-id
fY0BlrudzY4AN4HNSqhGTVSLkjFxt1oJbGTFL2huFi771sAHRp_CEA==
pub2ad3e2cc839b84d04bb2f6673087b6bc
rum-http-intake.logs.datadoghq.com/v1/input/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://rum-http-intake.logs.datadoghq.com/v1/input/pub2ad3e2cc839b84d04bb2f6673087b6bc?ddsource=browser&ddtags=sdk_version%3A2.18.0%2Cenv%3Aproduction%2Cservice%3ABorrower%20Portal&batch_time=1714374532948
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:df2:fc91:fc4d:9bbb Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://borrower.january.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
16.7e51dade.chunk.js
borrower.january.com/static/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://borrower.january.com/static/js/16.7e51dade.chunk.js
Requested by
Host: borrower.january.com
URL: https://borrower.january.com/static/js/runtime~main.e680afcf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:8600:1c:3c6d:f4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f498e2fe88b1cbbede92d5044afdb86564729bea0a81798696abef15784c8689
Security Headers
Name Value
Content-Security-Policy object-src 'none'; manifest-src 'self'; base-uri 'self'; report-uri 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc'; report-to 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc';
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://borrower.january.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 07:08:54 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
object-src 'none'; manifest-src 'self'; base-uri 'self'; report-uri 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc'; report-to 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc';
content-encoding
br
x-amz-cf-pop
FRA56-P3
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sun, 28 Apr 2024 19:20:23 GMT
server
AmazonS3
etag
W/"8c71dc94016240ad19ae2ea55d8b98f2"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
x-amz-cf-id
O0dcJimVqiKcxloZqi14ROihcrqepcNltYwB9QFlnNJLGAvxMINM6Q==
708f83ac43687f8d04c1.js
resources.usersnap.com/widget-assets/js/entries/globalSetup/ Frame 574F 		657 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.usersnap.com/widget-assets/js/entries/globalSetup/708f83ac43687f8d04c1.js
Requested by
Host: widget.usersnap.com
URL: https://widget.usersnap.com/global/load/a2bca1fc-41ab-4d27-88b3-dc8b7a9782ae?onload=onUsersnapCXLoad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-90.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
16a9a75528b8e264a31be17c0018a2ff0062f81248a973f9456d836bb6b53984

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 09:55:05 GMT
content-encoding
br
via
1.1 fce673b0e9c8ffbca0678547d3b9c424.cloudfront.net (CloudFront)
last-modified
Wed, 24 Apr 2024 09:43:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
422029
etag
W/"2dc5961dbb5f8b15b270acacfc8b726d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
x-amz-cf-id
BqcvTWuY0o4K7paCOT3L2k2JzCVR66MLi_f9fpi3QhO779-bJhagdw==
35.923a9c51.chunk.js
borrower.january.com/static/js/ 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://borrower.january.com/static/js/35.923a9c51.chunk.js
Requested by
Host: borrower.january.com
URL: https://borrower.january.com/static/js/runtime~main.e680afcf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:8600:1c:3c6d:f4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
70243a2736c656fd9e412c19acb3f3222c1f98ee75aee4f5613ac545a55c869c
Security Headers
Name Value
Content-Security-Policy object-src 'none'; manifest-src 'self'; base-uri 'self'; report-uri 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc'; report-to 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc';
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://borrower.january.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
content-security-policy
object-src 'none'; manifest-src 'self'; base-uri 'self'; report-uri 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc'; report-to 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc';
x-content-type-options
nosniff
date
Sun, 28 Apr 2024 16:47:42 GMT
content-encoding
br
x-amz-cf-pop
FRA56-P3
age
51672
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sat, 27 Apr 2024 00:55:49 GMT
server
AmazonS3
etag
W/"53847d51630ad0920b65f5c4f5d8c757"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
x-amz-cf-id
FaYTZx1koDvRWxVTOz0-RT8arVG8hAeDGnbBSDGLDt4Uy0XUukaesw==
44.257656ea.chunk.js
borrower.january.com/static/js/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://borrower.january.com/static/js/44.257656ea.chunk.js
Requested by
Host: borrower.january.com
URL: https://borrower.january.com/static/js/runtime~main.e680afcf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:8600:1c:3c6d:f4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f4d9800d8630053a6e1e1b8c2970c65b160c54a52b95ac155c0e6e8f480da437
Security Headers
Name Value
Content-Security-Policy object-src 'none'; manifest-src 'self'; base-uri 'self'; report-uri 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc'; report-to 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc';
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://borrower.january.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
content-security-policy
object-src 'none'; manifest-src 'self'; base-uri 'self'; report-uri 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc'; report-to 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc';
x-content-type-options
nosniff
date
Mon, 29 Apr 2024 07:08:54 GMT
content-encoding
br
x-amz-cf-pop
FRA56-P3
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-cache
RefreshHit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sat, 27 Apr 2024 00:55:49 GMT
server
AmazonS3
etag
W/"5bb390d9f289158013966d41e5bc66f9"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
x-amz-cf-id
WDDrcfRGLvBU6arnrogRgijRDJyItNUc2SavxdnnZPwy77gf3ZaOBQ==
events
www.january.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.january.com/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:e600:1e:6cda:f640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://borrower.january.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://borrower.january.com
allow
POST, OPTIONS
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 29 Apr 2024 07:08:53 GMT
permissions-policy
interest-cohort=()
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=31536000
vary
Origin, Cookie
via
1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
x-amz-cf-id
TIYjJhVr706fFPOaSycj8qtyoyI1L2OOpcK-oh_eCM0nowy7JR6cVQ==
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
events
www.january.com/ 		0
699 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.january.com/events
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:e600:1e:6cda:f640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://borrower.january.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 29 Apr 2024 07:08:53 GMT
via
1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
content-length
0
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
nginx
vary
Origin, Cookie
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
access-control-allow-origin
https://borrower.january.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
x-amz-cf-id
Dp3ymbeYyCTzfK9uY89485muG8Zb404xTnDX9G3tIU5hdh0VmNm0Zw==
19890070.js
js.hs-scripts.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/19890070.js
Requested by
Host: borrower.january.com
URL: https://borrower.january.com/static/js/44.257656ea.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35d6d81c4dfbd4a27246b0802d11452504264cd9ccc80def1efd01962bdada96
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://borrower.january.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 07:08:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
1a5b53c2-daf5-4826-88b4-6f6c2af224f0
x-envoy-upstream-service-time
12
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
1a5b53c2-daf5-4826-88b4-6f6c2af224f0
last-modified
Sun, 28 Apr 2024 20:28:35 GMT
server
cloudflare
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://borrower.january.com
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-5d47c8d44f-bx5mh
access-control-allow-credentials
true
cache-control
public, max-age=90
cf-ray
87bd76a39984bbc8-FRA
expires
Mon, 29 Apr 2024 07:10:23 GMT
truncated
/ 		165 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e9dde2e22e3b556234a5fb1aee7c52bfefae009917408567c62055025712ef54

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
515f7ce21c023ec0d7b82b23e7dece0944c82f4461d1d084818c02b22ba44bbe

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cae9025e92c291613b6e9e218e58e2b8b9d6c400e9d8010c68f92481784b98c0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
collectedforms.js
js.hscollectedforms.net/ 		0
0
banner.js
js.hs-banner.com/v2/19890070/ 		0
0
19890070.js
js.hs-analytics.net/analytics/1714374300000/ 		0
0
january-favicon.3c102c8a.png
borrower.january.com/static/media/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://borrower.january.com/static/media/january-favicon.3c102c8a.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:8600:1c:3c6d:f4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
335b2f97ddf5d069df8f69fc2b23b2391db4b17e0b9f962a45a3cbcd6087c248
Security Headers
Name Value
Content-Security-Policy object-src 'none'; manifest-src 'self'; base-uri 'self'; report-uri 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc'; report-to 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://borrower.january.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 07:08:53 GMT
content-security-policy
object-src 'none'; manifest-src 'self'; base-uri 'self'; report-uri 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc'; report-to 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc';
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Sun, 28 Apr 2024 19:20:24 GMT
server
AmazonS3
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
etag
"3c102c8acec130f2c338d4f33a66e789"
x-frame-options
DENY
x-cache
Miss from cloudfront
content-type
image/png
content-length
1109
x-xss-protection
1; mode=block
x-amz-cf-id
1CDpeJrOxNCqOo3pvTtQK-8ss_VfbG2-csstfQ_BBdJkSm-rdlViKg==
v2
rs.fullstory.com/rec/bundle/ 		29 B
43 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/bundle/v2?OrgId=NA3ZB&UserId=88fd0c4b-8017-45f1-a941-0157305e0889&SessionId=cdda7415-71ab-4b53-b16f-8f4b1971ab8e&PageId=e19d84e9-ec2a-426c-aba5-e73895890243&Seq=1&ClientTime=1714374535189&PageStart=1714374532678&PrevBundleTime=0&LastActivity=2361&IsNewSession=true&ContentEncoding=gzip
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
199f3bf01e19dc79184378cb351f8ac7af0306d5553e16d5f74928f0c0c07eb2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://borrower.january.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://borrower.january.com
date
Mon, 29 Apr 2024 07:08:55 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
content-type
application/json; charset=utf-8
/
api-js.mixpanel.com/track/ 		25 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1714374537100
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.25.25 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
25.25.190.35.bc.googleusercontent.com
Software
envoy /
Resource Hash
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://borrower.january.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=604800; includeSubDomains
date
Mon, 29 Apr 2024 07:08:57 GMT
via
1.1 google
server
envoy
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://borrower.january.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
22
access-control-allow-headers
X-Requested-With
content-length
25
alt-svc
clear

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
edge.fullstory.com
URL
https://edge.fullstory.com/s/settings/NA3ZB/v1/web
Domain
js.hscollectedforms.net
URL
https://js.hscollectedforms.net/collectedforms.js
Domain
js.hs-banner.com
URL
https://js.hs-banner.com/v2/19890070/banner.js
Domain
js.hs-analytics.net
URL
https://js.hs-analytics.net/analytics/1714374300000/19890070.js

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| mixpanel boolean| _fs_debug string| _fs_host string| _fs_script string| _fs_org string| _fs_namespace function| FS object| DD_RUM string| _fs_loaded function| _fs_shutdown object| _sentryDebugIds object| webpackJsonp object| __SENTRY__ number| 2f1acc6c3a606b082e5eef5e54414ffb object| regeneratorRuntime function| FlagsmithEventSource object| flagsmith function| onUsersnapCXLoad object| __APOLLO_CLIENT__ object| sfc object| gapi object| ___jsl object| default_gsi object| _F_toggles object| google object| closure_lm_574666 object| _hsp

6 Cookies

Domain/Path Name / Value
.january.com/ Name: mp_59fc721590b4dba8d4179061d968de60_mixpanel
Value: %7B%22distinct_id%22%3A%20%22%24device%3A18f28af5c0531f-0f35bdf12fd1ca-26001d51-1d4c00-18f28af5c0531f%22%2C%22%24device_id%22%3A%20%2218f28af5c0531f-0f35bdf12fd1ca-26001d51-1d4c00-18f28af5c0531f%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22__mps%22%3A%20%7B%7D%2C%22__mpso%22%3A%20%7B%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%7D
borrower.january.com/ Name: _dd_s
Value: rum=1&id=ffaa3923-e02d-4aa8-b5f2-74da3b3f2098&created=1714374532135&expire=1714375432135
.january.com/ Name: fs_lua
Value: 1.1714374532677
.january.com/ Name: fs_uid
Value: #NA3ZB#88fd0c4b-8017-45f1-a941-0157305e0889:cdda7415-71ab-4b53-b16f-8f4b1971ab8e:1714374532677::1#/1745910534
.january.com/ Name: ystbed_171219
Value: %7B%22device_id%22%3A%20%22b171cac1-88c2-4dd6-b498-8c17f1445dfd%22%7D
.january.com/ Name: session
Value: eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlLCJzZXNzaW9uX3V1aWQiOiIzNTVkZWRlMi0wNzlkLTRlMzAtYmZiYi05NGU4N2VhNWVhOGMifQ.Zi9HhQ.3OS-H27WweC03Fr5ErVlPsP3Dj8

4 Console Messages

Source Level URL
Text
security error URL: https://edge.fullstory.com/s/fs.js(Line 3)
Message:
Refused to connect to 'https://edge.fullstory.com/s/settings/NA3ZB/v1/web' because it violates the following Content Security Policy directive: "connect-src 'self' https://secure.safecharge.com https://widget.usersnap.com https://debtsy-account-documents-prod.s3.amazonaws.com https://www.debtsy.com https://www.january.com https://*.sentry.io https://www.debtsy.com/api/graphql https://www.january.com/api/graphql https://www.debtsy.com/events https://www.january.com/events https://*.logs.datadoghq.com https://api-js.mixpanel.com/ https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://rs.fullstory.com wss://ws.pusherapp.com https://edge.api.flagsmith.com".
security error URL: https://js.hs-scripts.com/19890070.js(Line 2)
Message:
Refused to load the script 'https://js.hscollectedforms.net/collectedforms.js' because it violates the following Content Security Policy directive: "script-src 'self' https://cdn.safecharge.com https://js.hs-scripts.com https://cdn.plaid.com/ https://www.datadoghq-browser-agent.com https://sentry.io/api/embed/ https://www.google-analytics.com/analytics.js https://edge.fullstory.com/s/fs.js http://cdn.mxpnl.com/libs/ https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://accounts.google.com https://apis.google.com https://widget.usersnap.com https://resources.usersnap.com 'sha256-3UZnJiUmLKDbXEjPsm9EHc0R7InC5uAtj5O1u68mBzM='". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://js.hs-scripts.com/19890070.js(Line 6)
Message:
Refused to load the script 'https://js.hs-banner.com/v2/19890070/banner.js' because it violates the following Content Security Policy directive: "script-src 'self' https://cdn.safecharge.com https://js.hs-scripts.com https://cdn.plaid.com/ https://www.datadoghq-browser-agent.com https://sentry.io/api/embed/ https://www.google-analytics.com/analytics.js https://edge.fullstory.com/s/fs.js http://cdn.mxpnl.com/libs/ https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://accounts.google.com https://apis.google.com https://widget.usersnap.com https://resources.usersnap.com 'sha256-3UZnJiUmLKDbXEjPsm9EHc0R7InC5uAtj5O1u68mBzM='". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://js.hs-scripts.com/19890070.js(Line 7)
Message:
Refused to load the script 'https://js.hs-analytics.net/analytics/1714374300000/19890070.js' because it violates the following Content Security Policy directive: "script-src 'self' https://cdn.safecharge.com https://js.hs-scripts.com https://cdn.plaid.com/ https://www.datadoghq-browser-agent.com https://sentry.io/api/embed/ https://www.google-analytics.com/analytics.js https://edge.fullstory.com/s/fs.js http://cdn.mxpnl.com/libs/ https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://accounts.google.com https://apis.google.com https://widget.usersnap.com https://resources.usersnap.com 'sha256-3UZnJiUmLKDbXEjPsm9EHc0R7InC5uAtj5O1u68mBzM='". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy object-src 'none'; manifest-src 'self'; base-uri 'self'; report-uri 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc'; report-to 'https://sentry.io/api/144822/security/?sentry_key=4693be96acc0414fac531adae524bafc';
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
api-js.mixpanel.com
apis.google.com
borrower.january.com
cdn.safecharge.com
cdn4.mxpnl.com
edge.api.flagsmith.com
edge.fullstory.com
january.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
resources.usersnap.com
rs.fullstory.com
rum-http-intake.logs.datadoghq.com
widget.usersnap.com
www.datadoghq-browser-agent.com
www.january.com
edge.fullstory.com
js.hs-analytics.net
js.hs-banner.com
js.hscollectedforms.net
104.70.80.118
13.33.218.24
130.211.5.208
143.204.215.118
18.193.18.243
18.66.122.90
2600:1f18:24e6:b901:df2:fc91:fc4d:9bbb
2600:9000:223d:8600:1c:3c6d:f4c0:93a1
2600:9000:2491:e600:1e:6cda:f640:93a1
2606:4700::6810:8bd1
2a00:1450:4001:82b::200e
2a00:1450:400c:c0a::54
35.186.194.58
35.190.25.25
35.201.112.186
35.71.155.136
16a9a75528b8e264a31be17c0018a2ff0062f81248a973f9456d836bb6b53984
17544063a76c01addc4338f27065a4d8c7baebe44358d04e38483676184fe7a5
199f3bf01e19dc79184378cb351f8ac7af0306d5553e16d5f74928f0c0c07eb2
2a788871bb1482ecd3fe6f49dbd83cee571c010ec8f4dcd3380bfb3cede37d2d
2c5b18307102626c10938d96e2c5e788bd47b8568d539a4cca2d3335eebca26d
2fa0b9bf5099f0c230f3b526e35d4df85072ea091b48372f9dfee95ab3e0324e
319e35b0e85a5457315670cad78d27e44368fd3f8b347eca4de072b78972e349
335b2f97ddf5d069df8f69fc2b23b2391db4b17e0b9f962a45a3cbcd6087c248
33bf8ee571da58c68e96ed692ec7eeaace4f2522297778ebb76c7b365d7ac707
35d6d81c4dfbd4a27246b0802d11452504264cd9ccc80def1efd01962bdada96
4927a107412f9b737480bb1d90a3bd55ae03a770c06a1fe486edcd804e8f24ca
496ef96f8c51f2ef68ce6a80ec97831e38c44ea4eb1be71ec71d496dbee98f34
4e6e6867c21ac90b204e50e98d9f47fe432e30d85ec5e84159bf390296475d4f
515f7ce21c023ec0d7b82b23e7dece0944c82f4461d1d084818c02b22ba44bbe
54cc471e6d75456315e6685c7af0dcdee292fddb9c31d4b7b0c5f75eb668d35c
554342860c1a080d5dc99ae007322433c581513725f701addb5d82bb2e67bf5a
5a8a0d7b7c5e4b4132f9e47d9ed02e770191e17d282d80537d5436efe33f6cfa
5e9a20631fdbd48d93eadfb13f35d5ddb44d0144edb3f00df756825e620fb91b
70243a2736c656fd9e412c19acb3f3222c1f98ee75aee4f5613ac545a55c869c
714e572d89d556563c1364be11abf53243e01bec73dcec44bf812fa77059b385
735b87570dcb2f4a75f6d25c0f78ea48d0e02dfd2b6696398735eb4294985857
76284b4f0392413a897eaf783e412cd6bcf4fad956aaf6369ba49d4a68168ef2
7b2b9938ca676bf8cf9f41cd06b0131fea675b7cf5e0bb04d11e5821492376fa
8586c49c032911bb1746f05009029f0aedeb90662d952330565bb33a6d43ee61
87a9dc9be70cd0233d8ce1e472fe0751e178b7a1a42f5adde35f275ef0cefcc3
8b94c178326236577bed89db26d65e6cd22289de71fb4c90ae72259988073b20
8dd86535b2157f0ac0dd105ad286502a73ce4dcbaec9f43d7f43d5e1eff9216d
92ea60cceb052976d09dba01ca34be3ba7cfda26888bf864d9c55e51b3f29826
9e6ed92748268abd57ed026022eba9da32c4d231e9ff8b57175244ca5b46c077
a5657678006b1553dc1836d1b30bab43b761e3ee79cd714c0795352aa91e9f65
afe6014f0528a199ac83065dceea41823aa9f383e9464e878d7347c8a6056d5c
ca16a908d7566efdd90b1da4ea401323e44f163900f81f6101bffc69c3da5f1b
cae9025e92c291613b6e9e218e58e2b8b9d6c400e9d8010c68f92481784b98c0
d1e96bb27720c4418bad93f130c46e69485a8d81b606fb49398708f1fce4f13c
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9dde2e22e3b556234a5fb1aee7c52bfefae009917408567c62055025712ef54
f498e2fe88b1cbbede92d5044afdb86564729bea0a81798696abef15784c8689
f4d9800d8630053a6e1e1b8c2970c65b160c54a52b95ac155c0e6e8f480da437