lending.regions.com Open in urlscan Pro
205.255.102.33 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila
Submission: On January 17 via manual (January 17th 2025, 8:10:13 pm UTC) from AE — Scanned from IS

Summary HTTP 87 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 42 IPs in 5 countries across 33 domains to perform 87 HTTP transactions. The main IP is 205.255.102.33, located in United States and belongs to REGIONS-ASN-1, US. The main domain is lending.regions.com.
TLS certificate: Issued by Sectigo RSA Extended Validation Secur... on November 26th 2024. Valid for: a year.

This is the only time lending.regions.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	205.255.102.33 205.255.102.33	10801 (REGIONS-A...) (REGIONS-ASN-1)
1	142.250.185.170 142.250.185.170	15169 (GOOGLE) (GOOGLE)
3	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
2	178.249.97.23 178.249.97.23	11054 (LIVEPERSON) (LIVEPERSON)
2	178.249.97.99 178.249.97.99	11054 (LIVEPERSON) (LIVEPERSON)
5	34.120.154.120 34.120.154.120	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	65.9.66.103 65.9.66.103	16509 (AMAZON-02) (AMAZON-02)
2	208.89.12.87 208.89.12.87	11054 (LIVEPERSON) (LIVEPERSON)
3	150.171.28.10 150.171.28.10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
3	142.250.186.168 142.250.186.168	15169 (GOOGLE) (GOOGLE)
1 2	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
1	18.172.103.101 18.172.103.101	16509 (AMAZON-02) (AMAZON-02)
2	91.228.74.166 91.228.74.166	16509 (AMAZON-02) (AMAZON-02)
1	65.9.66.36 65.9.66.36	16509 (AMAZON-02) (AMAZON-02)
1	23.52.181.90 23.52.181.90	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.16.241.19 2.16.241.19	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
2	54.171.122.26 54.171.122.26	16509 (AMAZON-02) (AMAZON-02)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2.19.224.184 2.19.224.184	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	172.66.0.227 172.66.0.227	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	185.89.210.122 185.89.210.122	29990 (ASN-APPNEX) (ASN-APPNEX)
2	100.24.183.77 100.24.183.77	14618 (AMAZON-AES) (AMAZON-AES)
1 3	34.248.62.168 34.248.62.168	16509 (AMAZON-02) (AMAZON-02)
1	18.66.102.57 18.66.102.57	16509 (AMAZON-02) (AMAZON-02)
1	54.78.18.81 54.78.18.81	16509 (AMAZON-02) (AMAZON-02)
2	63.140.62.17 63.140.62.17	16509 (AMAZON-02) (AMAZON-02)
1 1	54.75.135.140 54.75.135.140	16509 (AMAZON-02) (AMAZON-02)
1	143.204.215.42 143.204.215.42	16509 (AMAZON-02) (AMAZON-02)
1	18.172.112.123 18.172.112.123	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.185.100 142.250.185.100	15169 (GOOGLE) (GOOGLE)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	23.32.185.35 23.32.185.35	16625 (AKAMAI-AS) (AKAMAI-AS)
4	157.240.253.35 157.240.253.35	32934 (FACEBOOK) (FACEBOOK)
2	184.27.97.112 184.27.97.112	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1	142.250.181.227 142.250.181.227	15169 (GOOGLE) (GOOGLE)
1	52.72.185.114 52.72.185.114	14618 (AMAZON-AES) (AMAZON-AES)
1	104.16.124.96 104.16.124.96	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	193.0.160.131 193.0.160.131	54312 (ROCKETFUEL) (ROCKETFUEL)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
87	42

20 205.255.102.33 (United States)

ASN10801 (REGIONS-ASN-1, US)
PTR: offertracker.regions.com

lending.regions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.97.23 (United States)

ASN11054 (LIVEPERSON, US)

lptag.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.97.99 (United States)

ASN11054 (LIVEPERSON, US)
PTR: lo-accdn.lpsnmedia.net

accdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.120.154.120 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 120.154.120.34.bc.googleusercontent.com

lpcdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 65.9.66.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-103.fra56.r.cloudfront.net

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 208.89.12.87 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va.v.liveperson.net

va.v.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 150.171.28.10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.166 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

9100576.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.172.103.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-103-101.fra60.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.228.74.166 (United Kingdom)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-36.fra56.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.52.181.90 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-181-90.deploy.static.akamaitechnologies.com

p.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.241.19 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a2-16-241-19.deploy.static.akamaitechnologies.com

cdn.bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.171.122.26 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-122-26.eu-west-1.compute.amazonaws.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.224.184 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-224-184.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.66.0.227 (United States)

ASN13335 (CLOUDFLARENET, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.122 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 100.24.183.77 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-24-183-77.compute-1.amazonaws.com

pxl.jivox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.248.62.168 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-62-168.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-57.fra56.r.cloudfront.net

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.78.18.81 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-18-81.eu-west-1.compute.amazonaws.com

regions.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.62.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-17.data.adobedc.net

smetrics.regions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.75.135.140 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-135-140.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-42.fra53.r.cloudfront.net

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.172.112.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-112-123.fra60.r.cloudfront.net

cdn.boomtrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.100 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.185.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-35.deploy.static.akamaitechnologies.com

cm.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.253.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.27.97.112 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-27-97-112.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net

www.google.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.72.185.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-185-114.compute-1.amazonaws.com

people.api.boomtrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.124.96 (None, )

ASN13335 (CLOUDFLARENET, US)

www.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)

20839218p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	regions.com lending.regions.com smetrics.regions.com — Cisco Umbrella Rank: 78742	923 KB
7	lpsnmedia.net accdn.lpsnmedia.net — Cisco Umbrella Rank: 5289 lpcdn.lpsnmedia.net — Cisco Umbrella Rank: 5376	288 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	424 B
4	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 256 regions.demdex.net — Cisco Umbrella Rank: 153498	3 KB
4	teads.tv p.teads.tv — Cisco Umbrella Rank: 5954 cm.teads.tv — Cisco Umbrella Rank: 6206 t.teads.tv — Cisco Umbrella Rank: 3681	8 KB
4	doubleclick.net 2 redirects 9100576.fls.doubleclick.net — Cisco Umbrella Rank: 197416 pubads.g.doubleclick.net — Cisco Umbrella Rank: 428 googleads.g.doubleclick.net — Cisco Umbrella Rank: 45	1 KB
4	ensighten.com nexus.ensighten.com — Cisco Umbrella Rank: 4927	63 KB
4	liveperson.net lptag.liveperson.net — Cisco Umbrella Rank: 4816 va.v.liveperson.net — Cisco Umbrella Rank: 5830	169 KB
3	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1305 insight.adsrvr.org — Cisco Umbrella Rank: 947	6 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	199 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 358	15 KB
3	gstatic.com fonts.gstatic.com	43 KB
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 3	24 B
2	boomtrain.com cdn.boomtrain.com — Cisco Umbrella Rank: 5876 people.api.boomtrain.com — Cisco Umbrella Rank: 6089	31 KB
2	jivox.com pxl.jivox.com — Cisco Umbrella Rank: 11425	738 B
2	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1696	585 B
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1648 pixel.quantserve.com — Cisco Umbrella Rank: 1053	10 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	80 KB
1	rfihub.com 20839218p.rfihub.com — Cisco Umbrella Rank: 223555
1	cloudflare.com www.cloudflare.com — Cisco Umbrella Rank: 6699	417 B
1	google.es www.google.es — Cisco Umbrella Rank: 25603	455 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 88	3 KB
1	rfihub.net c1.rfihub.net — Cisco Umbrella Rank: 5130	6 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1590	490 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1689	704 B
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 274	228 B
1	t.co t.co — Cisco Umbrella Rank: 943	630 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 1030	395 B
1	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 980	765 B
1	linkedin.com dc.ads.linkedin.com — Cisco Umbrella Rank: 10029	748 B
1	bttrack.com cdn.bttrack.com — Cisco Umbrella Rank: 10732	4 KB
1	rezync.com live.rezync.com — Cisco Umbrella Rank: 1187	3 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1 KB
87	33

	Domain	Requested by
20	lending.regions.com	lending.regions.com
5	lpcdn.lpsnmedia.net	lptag.liveperson.net
4	www.facebook.com	lending.regions.com
4	nexus.ensighten.com	lending.regions.com nexus.ensighten.com
3	dpm.demdex.net	1 redirects lending.regions.com
3	www.googletagmanager.com	nexus.ensighten.com www.googletagmanager.com
3	bat.bing.com	nexus.ensighten.com bat.bing.com lending.regions.com
3	fonts.gstatic.com	fonts.googleapis.com
2	insight.adsrvr.org	js.adsrvr.org
2	t.teads.tv	lending.regions.com
2	www.google.com	1 redirects www.googletagmanager.com
2	smetrics.regions.com	lending.regions.com nexus.ensighten.com
2	pxl.jivox.com	lending.regions.com
2	sp.analytics.yahoo.com	lending.regions.com
2	9100576.fls.doubleclick.net	1 redirects nexus.ensighten.com
2	connect.facebook.net	nexus.ensighten.com connect.facebook.net
2	va.v.liveperson.net	lptag.liveperson.net
2	accdn.lpsnmedia.net	lptag.liveperson.net
2	lptag.liveperson.net	lending.regions.com
1	20839218p.rfihub.com	c1.rfihub.net
1	www.cloudflare.com	lending.regions.com
1	people.api.boomtrain.com	lending.regions.com
1	www.google.es	lending.regions.com
1	googleads.g.doubleclick.net	1 redirects
1	cm.teads.tv	lending.regions.com
1	www.googleadservices.com	www.googletagmanager.com
1	cdn.boomtrain.com	lending.regions.com
1	c1.rfihub.net	lending.regions.com
1	cm.everesttech.net	1 redirects
1	regions.demdex.net	nexus.ensighten.com
1	pixel.quantserve.com	lending.regions.com
1	rules.quantcount.com	secure.quantserve.com
1	ib.adnxs.com	lending.regions.com
1	pubads.g.doubleclick.net	lending.regions.com
1	t.co	lending.regions.com
1	analytics.twitter.com	lending.regions.com
1	ct.pinterest.com	lending.regions.com
1	dc.ads.linkedin.com	lending.regions.com
1	cdn.bttrack.com	nexus.ensighten.com
1	p.teads.tv	nexus.ensighten.com
1	live.rezync.com	nexus.ensighten.com
1	secure.quantserve.com	nexus.ensighten.com
1	js.adsrvr.org	nexus.ensighten.com
1	fonts.googleapis.com	lending.regions.com
87	44

This site contains links to these domains. Also see Links.

Domain
www.regions.com
ir.regions.com

Subject Issuer	Validity	Valid
lending.regions.com Sectigo RSA Extended Validation Secure Server CA	`2024-11-26` - `2025-11-26`	a year	crt.sh
upload.video.google.com WR2	`2024-12-09` - `2025-03-03`	3 months	crt.sh
*.gstatic.com WR2	`2024-12-09` - `2025-03-03`	3 months	crt.sh
*.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2024-09-17` - `2025-09-17`	a year	crt.sh
*.lpsnmedia.net Sectigo RSA Organization Validation Secure Server CA	`2024-10-08` - `2025-10-08`	a year	crt.sh
nexus.ensighten.com Amazon RSA 2048 M03	`2024-08-29` - `2025-09-28`	a year	crt.sh
*.v.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2024-08-20` - `2025-08-20`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 08	`2024-12-15` - `2025-06-13`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-10-27` - `2025-01-25`	3 months	crt.sh
*.google-analytics.com WR2	`2024-12-09` - `2025-03-03`	3 months	crt.sh
*.doubleclick.net WR2	`2024-12-09` - `2025-03-03`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
quantserve.com R11	`2024-12-21` - `2025-03-21`	3 months	crt.sh
*.rezync.com Amazon RSA 2048 M03	`2024-09-23` - `2025-10-20`	a year	crt.sh
teads.tv R10	`2024-11-25` - `2025-02-23`	3 months	crt.sh
cdn.bttrack.com E6	`2024-12-31` - `2025-03-31`	3 months	crt.sh
*.sp.analytics.yahoo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-12-24` - `2025-06-18`	6 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-10-14` - `2025-04-14`	6 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-02` - `2025-08-07`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-19` - `2025-08-18`	a year	crt.sh
t.co E6	`2024-11-26` - `2025-02-24`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-12-09` - `2025-03-03`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
*.jivox.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-24` - `2025-06-19`	a year	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-25` - `2025-10-26`	a year	crt.sh
smetrics.regions.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-13` - `2025-07-14`	a year	crt.sh
*.rfihub.net Amazon RSA 2048 M03	`2024-09-30` - `2025-10-29`	a year	crt.sh
*.boomtrain.com Amazon RSA 2048 M02	`2024-12-10` - `2026-01-08`	a year	crt.sh
*.google.com WR2	`2024-12-09` - `2025-03-03`	3 months	crt.sh
*.googleadservices.com WR2	`2024-12-09` - `2025-03-03`	3 months	crt.sh
*.api.boomtrain.com Amazon RSA 2048 M02	`2024-08-16` - `2025-09-13`	a year	crt.sh
www.cloudflare.com WE1	`2025-01-14` - `2025-04-14`	3 months	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2024-04-08` - `2025-04-27`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila
Frame ID: 8A3FB2939A25C8A951FFFFDF65B79AD6
Requests: 81 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.31.1-release_1465379762/storage.secure.min.html?loc=https%3A%2F%2Flending.regions.com&site=60208595&ist=sessionStorage&env=prod&accdn=accdn.lpsnmedia.net
Frame ID: 2CA7D35463F1B4A97BC5DF988427F28C
Requests: 1 HTTP requests in this frame

Frame: https://9100576.fls.doubleclick.net/activityi;dc_pre=CMzB0_jH_YoDFYfvEQgdr9gZ2A;src=9100576;type=start;u2=buying-and-refinancing;u9=/welcome?type=1&mlo=barbaravila;u10=null;u11=undefined;u12=null;u13=null;cat=regio000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=0;ord=4131736344627.779
Frame ID: E13EA97FBB5937315C432711587D54B0
Requests: 1 HTTP requests in this frame

Frame: https://regions.demdex.net/dest5.html?d_nsid=undefined
Frame ID: E73E02E647BB5417DEB17B3BC0186CFE
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/51g0/sw_iframe.html?origin=https%3A%2F%2Flending.regions.com
Frame ID: 5B8906CE6162C09D365C4D57DDAC589E
Requests: 1 HTTP requests in this frame

Frame: https://20839218p.rfihub.com/ca.html?ver=9&rb=46121&ca=20839218&cust1=https%3A%2F%2Flending.regions.com%2F&userid=5ad8900c-2048-4108-a6ae-4b8f39e87dd3%3A1737144604.883674&pe=https%3A%2F%2Flending.regions.com%2Fapp%2Fbuying-and-refinancing%2Fwelcome%3Ftype%3D1%26mlo%3Dbarbaravila&pf=&ra=7692557638320698
Frame ID: D371FA4461267CD1E27BA1D3A7E1BF35
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=u4lrxod&ref=https%3A%2F%2Flending.regions.com%2Fapp%2Fbuying-and-refinancing%2Fwelcome%3Ftype%3D1%26mlo%3Dbarbaravila&upid=3e7kzj5&upv=1.1.0&paapi=1
Frame ID: F8BA13C0BB024B8E91C54563FB7269DB
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=pkkjyal&ref=https%3A%2F%2Flending.regions.com%2Fapp%2Fbuying-and-refinancing%2Fwelcome%3Ftype%3D1%26mlo%3Dbarbaravila&upid=xzxny28&upv=1.1.0&paapi=1
Frame ID: C101E440F1AF1DA3B214D70ABA25F3A6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Regions - Buying And Refinancing

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

//nexus\.ensighten\.com/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Page Statistics

87
Requests

97 %
HTTPS

0 %
IPv6

33
Domains

44
Subdomains

42
IPs

5
Countries

1862 kB
Transfer

6361 kB
Size

62
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.regions.com/about_regions.rf
Title: About Regions

Search URL Search Domain Scan URL

URL: http://ir.regions.com/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://www.regions.com/about_regions/privacy_security.rf
Title: Privacy & Security

Search URL Search Domain Scan URL

URL: https://www.regions.com/about_regions/terms_conditions.rf
Title: Website Terms of Use

Search URL Search Domain Scan URL

URL: https://www.regions.com/about_regions/online_privacy_notice_to_customers.rf#ads
Title: Online Tracking & Advertising

Search URL Search Domain Scan URL

URL: https://www.regions.com/about-regions/accessible-banking
Title: Accessible Banking

Search URL Search Domain Scan URL

URL: https://www.regions.com/personal_banking/ehl.rf

Search URL Search Domain Scan URL

URL: https://www.regions.com/help/fdic-statement

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://9100576.fls.doubleclick.net/activityi;src=9100576;type=start;u2=buying-and-refinancing;u9=/welcome?type=1&mlo=barbaravila;u10=null;u11=undefined;u12=null;u13=null;cat=regio000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=0;ord=4131736344627.779 HTTP 302
https://9100576.fls.doubleclick.net/activityi;dc_pre=CMzB0_jH_YoDFYfvEQgdr9gZ2A;src=9100576;type=start;u2=buying-and-refinancing;u9=/welcome?type=1&mlo=barbaravila;u10=null;u11=undefined;u12=null;u13=null;cat=regio000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=0;ord=4131736344627.779

Request Chain 57

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&d_nsid=0&ts=1737144604230 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&d_nsid=0&ts=1737144604230

Request Chain 64

https://cm.everesttech.net/cm/dd?d_uuid=01479712411743869854024592722816086513 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Z4q5HQAAAIRzCwN-

Request Chain 79

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1013536406/?random=1099536631&cv=11&fst=1737144605125&bg=ffffff&guid=ON&async=1&gtm=45be51g0v867528959za200&gcd=13l3lPl2l1l1&dma_cps=syphamo&dma=1&tag_exp=102067555~102067808~102081485~102123607&u_w=1600&u_h=1200&url=https%3A%2F%2Flending.regions.com%2Fapp%2Fbuying-and-refinancing%2Fwelcome%3Ftype%3D1%26mlo%3Dbarbaravila&label=F0kQCIWIgqYBEJatpeMD&hn=www.googleadservices.com&frm=0&tiba=Regions%20-%20Buying%20And%20Refinancing&gtm_ee=1&npa=1&pscdl=noapi&auid=622684318.1737144605&ec_mode=a&fdr=CA&capi=1&data=event%3Dconversion%3Bd%3Dtype%5C%3Dstart%5C%3Bu2%5C%3Dbuying-and-refinancing%5C%3Bu9%5C%3D%2Fwelcome%3Ftype%5C%3D1%26mlo%5C%3Dbarbaravila%5C%3Bu10%5C%3Dnull%5C%3Bu11%5C%3Dundefined%5C%3Bu12%5C%3Dnull%5C%3Bu13%5C%3Dnull%5C%3Bcat%5C%3Dregio000&em=tv.1~em.j85NOk_LGR4G3tUu89G2AcAPV8fSmn94OsLwlalDays&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQIIkMmxAgjTxbECCOvMsQJKFXRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIiteY-cf9igMVcMtEBx2t-xeXMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL2xlbmRpbmcucmVnaW9ucy5jb20vQldDaEFJZ0p5b3ZBWVF2TkNVckw2RDdzczNFaTBBRVBrSjNSUEFvOVIwdlF3R0ZTQ2kwQXNlOGQ5emFldnRmWUZ6RmpNU3hUSUpiUkhFQ3dKV0cwclRLS1k HTTP 302
https://www.google.com/pagead/1p-conversion/1013536406/?random=1099536631&cv=11&fst=1737144605125&bg=ffffff&guid=ON&async=1&gtm=45be51g0v867528959za200&gcd=13l3lPl2l1l1&dma_cps=syphamo&dma=1&tag_exp=102067555~102067808~102081485~102123607&u_w=1600&u_h=1200&url=https%3A%2F%2Flending.regions.com%2Fapp%2Fbuying-and-refinancing%2Fwelcome%3Ftype%3D1%26mlo%3Dbarbaravila&label=F0kQCIWIgqYBEJatpeMD&hn=www.googleadservices.com&frm=0&tiba=Regions%20-%20Buying%20And%20Refinancing&gtm_ee=1&npa=1&pscdl=noapi&auid=622684318.1737144605&ec_mode=a&fdr=CA&capi=1&data=event%3Dconversion%3Bd%3Dtype%5C%3Dstart%5C%3Bu2%5C%3Dbuying-and-refinancing%5C%3Bu9%5C%3D%2Fwelcome%3Ftype%5C%3D1%26mlo%5C%3Dbarbaravila%5C%3Bu10%5C%3Dnull%5C%3Bu11%5C%3Dundefined%5C%3Bu12%5C%3Dnull%5C%3Bu13%5C%3Dnull%5C%3Bcat%5C%3Dregio000&em=tv.1~em.j85NOk_LGR4G3tUu89G2AcAPV8fSmn94OsLwlalDays&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQIIkMmxAgjTxbECCOvMsQJKFXRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIiteY-cf9igMVcMtEBx2t-xeXMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL2xlbmRpbmcucmVnaW9ucy5jb20vQldDaEFJZ0p5b3ZBWVF2TkNVckw2RDdzczNFaTBBRVBrSjNSUEFvOVIwdlF3R0ZTQ2kwQXNlOGQ5emFldnRmWUZ6RmpNU3hUSUpiUkhFQ3dKV0cwclRLS1k&is_vtc=1&cid=CAQSKQCa7L7d6VQRBNwDVVfbEDuULRpZ0w7FjLIETULIwYFhafUEHACBxbEz&random=955113373 HTTP 302
https://www.google.es/pagead/1p-conversion/1013536406/?random=1099536631&cv=11&fst=1737144605125&bg=ffffff&guid=ON&async=1&gtm=45be51g0v867528959za200&gcd=13l3lPl2l1l1&dma_cps=syphamo&dma=1&tag_exp=102067555~102067808~102081485~102123607&u_w=1600&u_h=1200&url=https%3A%2F%2Flending.regions.com%2Fapp%2Fbuying-and-refinancing%2Fwelcome%3Ftype%3D1%26mlo%3Dbarbaravila&label=F0kQCIWIgqYBEJatpeMD&hn=www.googleadservices.com&frm=0&tiba=Regions%20-%20Buying%20And%20Refinancing&gtm_ee=1&npa=1&pscdl=noapi&auid=622684318.1737144605&ec_mode=a&fdr=CA&capi=1&data=event%3Dconversion%3Bd%3Dtype%5C%3Dstart%5C%3Bu2%5C%3Dbuying-and-refinancing%5C%3Bu9%5C%3D%2Fwelcome%3Ftype%5C%3D1%26mlo%5C%3Dbarbaravila%5C%3Bu10%5C%3Dnull%5C%3Bu11%5C%3Dundefined%5C%3Bu12%5C%3Dnull%5C%3Bu13%5C%3Dnull%5C%3Bcat%5C%3Dregio000&em=tv.1~em.j85NOk_LGR4G3tUu89G2AcAPV8fSmn94OsLwlalDays&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQIIkMmxAgjTxbECCOvMsQJKFXRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIiteY-cf9igMVcMtEBx2t-xeXMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL2xlbmRpbmcucmVnaW9ucy5jb20vQldDaEFJZ0p5b3ZBWVF2TkNVckw2RDdzczNFaTBBRVBrSjNSUEFvOVIwdlF3R0ZTQ2kwQXNlOGQ5emFldnRmWUZ6RmpNU3hUSUpiUkhFQ3dKV0cwclRLS1k&is_vtc=1&cid=CAQSKQCa7L7d6VQRBNwDVVfbEDuULRpZ0w7FjLIETULIwYFhafUEHACBxbEz&random=955113373&ipr=y

87 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request welcome Show response
lending.regions.com/app/buying-and-refinancing/ 11 KB
4 KB 1169ms
462ms Document
text/html 205.255.102.33
REGIONS-ASN-1

General

Check archive.org

Show headers Download Go to

Full URL

https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

205.255.102.33 , United States, ASN10801 (REGIONS-ASN-1, US),

Reverse DNS

offertracker.regions.com

Software

Resource Hash

dd0e0a0eee136e7f3c5205890b1943128c56c498e17bd0fca7eefda599be961c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control: private
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2686
Content-Security-Policy-Report-Only: default-src 'none'; script-src 'strict-dynamic' https: http: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.cloudflare.com *.googleapis.com *.dot.gov *.teads.tv *.bing.com *.demdex.net *.boomtrain.com; img-src * data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src https://fonts.gstatic.com;frame-src *.doubleclick.net *.rfihub.com *.teads.tv *.demdex.net *.boomtrain.com *.lpsnmedia.net;object-src 'none';base-uri 'self';form-action 'self'
Content-Type: text/html; charset=utf-8
Date: Fri, 17 Jan 2025 20:09:54 GMT
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.2
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 916ms
215ms Stylesheet
text/css 142.250.185.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700

Requested by

Host: lending.regions.com
URL: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f10.1e100.net

Software

ESF /

Resource Hash

55cb4df4b517a838340cdff1e9c871e2fb97ea1ff0b36490f8f8ba588619083a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 17 Jan 2025 20:09:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 17 Jan 2025 20:09:55 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 17 Jan 2025 18:38:01 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H/1.1 200
OK styles.541fe196eba56aa4bbd7.css
lending.regions.com/app/buying-and-refinancing/ 71 KB
15 KB 483ms
483ms Stylesheet
text/css 205.255.102.33
REGIONS-ASN-1

General

Check archive.org

Show headers Download Go to

Full URL

https://lending.regions.com/app/buying-and-refinancing/styles.541fe196eba56aa4bbd7.css

Requested by

Host: lending.regions.com
URL: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

205.255.102.33 , United States, ASN10801 (REGIONS-ASN-1, US),

Reverse DNS

offertracker.regions.com

Software

Resource Hash

450c59e1fcbd592165171263b00b1289a75b4d043844fd6b0a530829e736b4e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: "1db501f273ad780"
Connection: keep-alive
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: default-src 'none'; script-src 'strict-dynamic' https: http: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.cloudflare.com *.googleapis.com *.dot.gov *.teads.tv *.bing.com *.demdex.net *.boomtrain.com; img-src * data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src https://fonts.gstatic.com;frame-src *.doubleclick.net *.rfihub.com *.teads.tv *.demdex.net *.boomtrain.com *.lpsnmedia.net;object-src 'none';base-uri 'self';form-action 'self'
Content-Length: 14936
Date: Fri, 17 Jan 2025 20:09:55 GMT
Content-Type: text/css
Last-Modified: Mon, 16 Dec 2024 19:01:07 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK load-spin.gif
lending.regions.com/app/buying-and-refinancing/assets/images/ 94 KB
95 KB 758ms
217ms Image
image/gif 205.255.102.33
REGIONS-ASN-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lending.regions.com/app/buying-and-refinancing/assets/images/load-spin.gif

Requested by

Host: lending.regions.com
URL: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

205.255.102.33 , United States, ASN10801 (REGIONS-ASN-1, US),

Reverse DNS

offertracker.regions.com

Software

Resource Hash

2dda53773f7314c330389e74000b62aa82509da1b6d39998ab4e391ef0484613

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "1db501f26a24d7f"
Age: 3
Connection: keep-alive
X-Content-Type-Options: nosniff
Via: NS-CACHE-10.0: 35
Content-Security-Policy-Report-Only: default-src 'none'; script-src 'strict-dynamic' https: http: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.cloudflare.com *.googleapis.com *.dot.gov *.teads.tv *.bing.com *.demdex.net *.boomtrain.com; img-src * data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src https://fonts.gstatic.com;frame-src *.doubleclick.net *.rfihub.com *.teads.tv *.demdex.net *.boomtrain.com *.lpsnmedia.net;object-src 'none';base-uri 'self';form-action 'self'
Content-Length: 96383
Date: Fri, 17 Jan 2025 20:09:55 GMT
Content-Type: image/gif
Last-Modified: Mon, 16 Dec 2024 19:01:06 GMT
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK runtime.224a49ef2d70a1fa6cd2.js Show response
lending.regions.com/app/buying-and-refinancing/ 3 KB
3 KB 2437ms
265ms Script
application/javascript 205.255.102.33
REGIONS-ASN-1

General

Check archive.org

Show headers Download Go to

Full URL

https://lending.regions.com/app/buying-and-refinancing/runtime.224a49ef2d70a1fa6cd2.js

Requested by

Host: lending.regions.com
URL: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

205.255.102.33 , United States, ASN10801 (REGIONS-ASN-1, US),

Reverse DNS

offertracker.regions.com

Software

Resource Hash

7512390eaafb395b16777479525c03c581cc7002c39fb2cf532f34a502312218

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: "1db501f273bc1be"
Connection: keep-alive
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: default-src 'none'; script-src 'strict-dynamic' https: http: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.cloudflare.com *.googleapis.com *.dot.gov *.teads.tv *.bing.com *.demdex.net *.boomtrain.com; img-src * data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src https://fonts.gstatic.com;frame-src *.doubleclick.net *.rfihub.com *.teads.tv *.demdex.net *.boomtrain.com *.lpsnmedia.net;object-src 'none';base-uri 'self';form-action 'self'
Content-Length: 1779
Date: Fri, 17 Jan 2025 20:09:57 GMT
Content-Type: application/javascript
Last-Modified: Mon, 16 Dec 2024 19:01:07 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK polyfills.7d90e27069d2ad6ded0d.js Show response
lending.regions.com/app/buying-and-refinancing/ 95 KB
42 KB 1863ms
653ms Script
application/javascript 205.255.102.33
REGIONS-ASN-1

General

Check archive.org

Show headers Download Go to

Full URL

https://lending.regions.com/app/buying-and-refinancing/polyfills.7d90e27069d2ad6ded0d.js

Requested by

Host: lending.regions.com
URL: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

205.255.102.33 , United States, ASN10801 (REGIONS-ASN-1, US),

Reverse DNS

offertracker.regions.com

Software

Resource Hash

b54ab91c712446c73cfcbb25280dbdb9c9857f80c258e0772ff619996ea1d270

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: "1db501f273ab6d3"
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: default-src 'none'; script-src 'strict-dynamic' https: http: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.cloudflare.com *.googleapis.com *.dot.gov *.teads.tv *.bing.com *.demdex.net *.boomtrain.com; img-src * data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src https://fonts.gstatic.com;frame-src *.doubleclick.net *.rfihub.com *.teads.tv *.demdex.net *.boomtrain.com *.lpsnmedia.net;object-src 'none';base-uri 'self';form-action 'self'
Content-Length: 42247
Date: Fri, 17 Jan 2025 20:09:55 GMT
Content-Type: application/javascript
Last-Modified: Mon, 16 Dec 2024 19:01:07 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK main.d1eb36ae7a1d9c9ea61e.js Show response
lending.regions.com/app/buying-and-refinancing/ 3 MB
642 KB 1962ms
652ms Script
application/javascript 205.255.102.33
REGIONS-ASN-1

General

Check archive.org

Show headers Download Go to

Full URL

https://lending.regions.com/app/buying-and-refinancing/main.d1eb36ae7a1d9c9ea61e.js

Requested by

Host: lending.regions.com
URL: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

205.255.102.33 , United States, ASN10801 (REGIONS-ASN-1, US),

Reverse DNS

offertracker.regions.com

Software

Resource Hash

4c826eec381a7d0ae26b359fa388d34baf55d0eff3d4598e50262108c002401b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: "1db501f27124c24"
Connection: keep-alive
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: default-src 'none'; script-src 'strict-dynamic' https: http: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.cloudflare.com *.googleapis.com *.dot.gov *.teads.tv *.bing.com *.demdex.net *.boomtrain.com; img-src * data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src https://fonts.gstatic.com;frame-src *.doubleclick.net *.rfihub.com *.teads.tv *.demdex.net *.boomtrain.com *.lpsnmedia.net;object-src 'none';base-uri 'self';form-action 'self'
Date: Fri, 17 Jan 2025 20:09:57 GMT
Content-Type: application/javascript
Last-Modified: Mon, 16 Dec 2024 19:01:07 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK load-complete.gif
lending.regions.com/app/buying-and-refinancing/assets/images/ 48 KB
48 KB 1621ms
207ms Image
image/gif 205.255.102.33
REGIONS-ASN-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lending.regions.com/app/buying-and-refinancing/assets/images/load-complete.gif

Requested by

Host: lending.regions.com
URL: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

205.255.102.33 , United States, ASN10801 (REGIONS-ASN-1, US),

Reverse DNS

offertracker.regions.com

Software

Resource Hash

53a3ef651c5ef807495ceb1a0eff69088e35965034d73f1aea57b3fb316a921d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "1db501f26a38b23"
Age: 1
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Via: NS-CACHE-10.0: 31, NS-CACHE-10.0: 35
Content-Security-Policy-Report-Only: default-src 'none'; script-src 'strict-dynamic' https: http: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.cloudflare.com *.googleapis.com *.dot.gov *.teads.tv *.bing.com *.demdex.net *.boomtrain.com; img-src * data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src https://fonts.gstatic.com;frame-src *.doubleclick.net *.rfihub.com *.teads.tv *.demdex.net *.boomtrain.com *.lpsnmedia.net;object-src 'none';base-uri 'self';form-action 'self'
Content-Length: 48675
Date: Fri, 17 Jan 2025 20:09:57 GMT
Content-Type: image/gif
Last-Modified: Mon, 16 Dec 2024 19:01:06 GMT
X-Frame-Options: SAMEORIGIN

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 15 KB
15 KB 984ms
103ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://lending.regions.com
Referer: https://fonts.googleapis.com/

Response headers

age: 287108
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 14 Jan 2026 12:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 14 Jan 2025 12:24:48 GMT
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14892
x-xss-protection: 0
server: sffe

GET
H2 200 tag.js Show response
lptag.liveperson.net/tag/ 27 KB
10 KB 3254ms
2948ms Script
application/javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/tag/tag.js?site=60208595

Requested by

Host: lending.regions.com
URL: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

2823fbfa7b9256867e21af1ecbfbb98583c8ef0e0b495f6f01d862ef58e3d93d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
content-encoding: gzip
etag: "6657cfc2-253d"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PATCH
x-content-type-options: nosniff
content-length: 9533
date: Fri, 17 Jan 2025 20:09:56 GMT
content-type: application/javascript
last-modified: Thu, 30 May 2024 01:00:50 GMT
server: ws
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 .jsonp Show response
lptag.liveperson.net/lptag/api/account/60208595/configuration/applications/taglets/ 524 KB
157 KB 262ms
262ms Script
application/x-javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/lptag/api/account/60208595/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Requested by

Host: lending.regions.com
URL: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

e02d163a5eff47c455197a6f5e87d1c2fa9bc0c0e1c4c662a8d2c778851cdbed

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

x-cache-status: HIT
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public, max-age=630
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PATCH
x-content-type-options: nosniff
date: Fri, 17 Jan 2025 20:09:59 GMT
content-type: application/x-javascript;charset=UTF-8
server: ws
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 / Show response
accdn.lpsnmedia.net/api/account/60208595/configuration/setting/accountproperties/ 7 KB
3 KB 1505ms
1202ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/60208595/configuration/setting/accountproperties/?cb=accountSettingsCB

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/60208595/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

2b9a9ef085652321e219bc54c4f729428e8860b466d458b8d9a0bbf4651951f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

x-cache-status: HIT
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PATCH
x-content-type-options: nosniff
expires: Fri, 17 Jan 2025 20:10:37 GMT
date: Fri, 17 Jan 2025 20:10:00 GMT
content-type: application/javascript
vary: Accept
server: ws
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 ui-framework.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.40.1-release_1497670326/ 38 KB
12 KB 1871ms
1176ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.40.1-release_1497670326/ui-framework.js?version=10.40.1-release_1497670326

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/60208595/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

120.154.120.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

dd101610bfdd5074e44f8db73ae061dfbd46c7b6a7c860171e525088e85b6474

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=oKNHqQ==, md5=BYdG3qhck64DJvVkVcqFTw==
content-encoding: br
age: 2622
x-content-type-options: nosniff
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 39335
date: Fri, 17 Jan 2025 19:26:20 GMT
last-modified: Sun, 20 Oct 2024 13:15:07 GMT
content-type: application/javascript
vary: Accept-Encoding
x-guploader-uploadid: AFIdbgRdlrkehtIPwiqaKCwdWu_xmLyMMfpyBhS2EhHO8tXiDxqALRcAn1AFMRxL2Mr9tYlXivgwmWo
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public,max-age=31536000
timing-allow-origin: https://z1.le.liveperson.net, https://va.le.liveperson.net, https://z2.le.liveperson.net, https://lo.le.liveperson.net, https://am.le.liveperson.net, https://z3.le.liveperson.net, https://sy.le.liveperson.net, https://me.le.liveperson.net, https://vz-care-dev.liveengage.verizon.com, https://vz-care-qa.liveengage.verizon.com, https://vz-care.liveengage.verizon.com
x-goog-storage-class: MULTI_REGIONAL
via: 1.1 google
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1729430107826024
content-length: 11797
server: UploadServer

GET
H2 200 surveylogicinstance.min.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.40.1-release_1497670326/ 8 KB
2 KB 1890ms
1195ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.40.1-release_1497670326/surveylogicinstance.min.js?version=10.40.1-release_1497670326

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/60208595/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

120.154.120.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

7fcbc5d3c3265e7038e929c1cff2495764dd435c770852863eb46b9791c49524

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=Qyp3Rw==, md5=paUQAgyh/ZCObtCdJZmPqw==
content-encoding: br
age: 373
x-content-type-options: nosniff
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 7794
date: Fri, 17 Jan 2025 20:03:49 GMT
last-modified: Sun, 20 Oct 2024 13:15:07 GMT
content-type: application/javascript
vary: Accept-Encoding
x-guploader-uploadid: AFIdbgQS5RFR1iCe-_CoiU9r23GJ3FLuR3AUJX0wJx426WumsJsiMV426i7R8ChFH5RsMZ3-
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public,max-age=31536000
timing-allow-origin: https://z1.le.liveperson.net, https://va.le.liveperson.net, https://z2.le.liveperson.net, https://lo.le.liveperson.net, https://am.le.liveperson.net, https://z3.le.liveperson.net, https://sy.le.liveperson.net, https://me.le.liveperson.net, https://vz-care-dev.liveengage.verizon.com, https://vz-care-qa.liveengage.verizon.com, https://vz-care.liveengage.verizon.com
x-goog-storage-class: MULTI_REGIONAL
via: 1.1 google
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1729430107798387
content-length: 2275
server: UploadServer

GET
H2 200 zones Show response
accdn.lpsnmedia.net/api/account/60208595/configuration/le-campaigns/ 2 KB
1 KB 1503ms
1204ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/60208595/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/60208595/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

57cfe33dfb7599ad22879b96b7260b88c77544f52df91f738bfe2a5a7ba58d30

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

x-cache-status: HIT
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PATCH
x-content-type-options: nosniff
expires: Fri, 17 Jan 2025 20:10:37 GMT
date: Fri, 17 Jan 2025 20:10:00 GMT
content-type: application/javascript
vary: Accept
server: ws
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 storage.secure.min.js Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.31.1-release_1465379762/ 44 KB
15 KB 424ms
424ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_secure_storage/3.31.1-release_1465379762/storage.secure.min.js?loc=https%3A%2F%2Flending.regions.com&site=60208595&env=prod&accdn=accdn.lpsnmedia.net

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/60208595/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

120.154.120.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

9a8d16cf69b04f17bf869fdc4b81588cde13c410f37e079820b54e1baed4bac7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=8YO1Sw==, md5=4+aMlAImxNFdUXksF62+nA==
content-encoding: br
age: 1130
x-content-type-options: nosniff
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 44755
date: Fri, 17 Jan 2025 19:51:12 GMT
last-modified: Sun, 20 Oct 2024 13:17:36 GMT
content-type: application/javascript
vary: Accept-Encoding
x-guploader-uploadid: AFIdbgTI65jeYvTNpjk42E2L_9RyAZWjdt4MOiAi5hojEg9Z3j-zOMbTbsd8lnyLoIEUCH4iUxhf7bs
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public,max-age=31536000
timing-allow-origin: https://z1.le.liveperson.net, https://va.le.liveperson.net, https://z2.le.liveperson.net, https://lo.le.liveperson.net, https://am.le.liveperson.net, https://z3.le.liveperson.net, https://sy.le.liveperson.net, https://me.le.liveperson.net, https://vz-care-dev.liveengage.verizon.com, https://vz-care-qa.liveengage.verizon.com, https://vz-care.liveengage.verizon.com
x-goog-storage-class: MULTI_REGIONAL
via: 1.1 google
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1729430256453751
content-length: 14853
server: UploadServer

GET
H2 200 storage.secure.min.html
lpcdn.lpsnmedia.net/le_secure_storage/3.31.1-release_1465379762/ Frame 2CA7 0
0 734ms
194ms Document
text/html 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_secure_storage/3.31.1-release_1465379762/storage.secure.min.html?loc=https%3A%2F%2Flending.regions.com&site=60208595&ist=sessionStorage&env=prod&accdn=accdn.lpsnmedia.net

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/60208595/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

120.154.120.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://lending.regions.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 990
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=31536000
content-length: 48665
content-type: text/html
date: Fri, 17 Jan 2025 19:53:32 GMT
etag: "6cab0de42e6bc92faedc367ff28099c4"
last-modified: Sun, 20 Oct 2024 13:17:36 GMT
server: UploadServer
strict-transport-security: max-age=31536000; includeSubDomains
timing-allow-origin: https://z1.le.liveperson.net, https://va.le.liveperson.net, https://z2.le.liveperson.net, https://lo.le.liveperson.net, https://am.le.liveperson.net, https://z3.le.liveperson.net, https://sy.le.liveperson.net, https://me.le.liveperson.net, https://vz-care-dev.liveengage.verizon.com, https://vz-care-qa.liveengage.verizon.com, https://vz-care.liveengage.verizon.com
via: 1.1 google
x-content-type-options: nosniff
x-goog-generation: 1729430256442261
x-goog-hash: crc32c=KlhQzg== md5=bKsN5C5ryS+u3DZ/8oCZxA==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 48665
x-guploader-uploadid: AFIdbgSuvD0SJ2fZCQvL3L_gvG53pyEdH9vt_Ui9WYUKT_05nRtPatQlAfGsyeawrAh8x-yWSpGrLgo

GET
H2 200 desktopEmbedded.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.40.1-release_1497670326/ 1 MB
255 KB 166ms
165ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.40.1-release_1497670326/desktopEmbedded.js?version=10.40.1-release_1497670326

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/60208595/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

120.154.120.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

e461d7db8b2e5f1134cf65a81cb67266012efca717f4a345ff82d565308b780c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=jrB2QA==, md5=X5yyJArsNw3PSzi8AYtKLA==
content-encoding: br
age: 1400
x-content-type-options: nosniff
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 1112334
date: Fri, 17 Jan 2025 19:46:42 GMT
last-modified: Sun, 20 Oct 2024 13:15:07 GMT
content-type: application/javascript
vary: Accept-Encoding
x-guploader-uploadid: AFIdbgSRTr4GtxfbDPGAq4nGK5Itk6E4pzDTnEybu5kBBNVrE3_kTqv-pPozUPfPRN5hul3_DB3l3to
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public,max-age=31536000
timing-allow-origin: https://z1.le.liveperson.net, https://va.le.liveperson.net, https://z2.le.liveperson.net, https://lo.le.liveperson.net, https://am.le.liveperson.net, https://z3.le.liveperson.net, https://sy.le.liveperson.net, https://me.le.liveperson.net, https://vz-care-dev.liveengage.verizon.com, https://vz-care-qa.liveengage.verizon.com, https://vz-care.liveengage.verizon.com
x-goog-storage-class: MULTI_REGIONAL
via: 1.1 google
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1729430107436925
content-length: 260296
server: UploadServer

GET
H/1.1 200
OK config Show response
lending.regions.com/ 873 B
1 KB 206ms
206ms XHR
application/json 205.255.102.33
REGIONS-ASN-1

General

Check archive.org

Show headers Download Go to

Full URL

https://lending.regions.com/config

Requested by

Host: lending.regions.com
URL: https://lending.regions.com/app/buying-and-refinancing/polyfills.7d90e27069d2ad6ded0d.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

205.255.102.33 , United States, ASN10801 (REGIONS-ASN-1, US),

Reverse DNS

offertracker.regions.com

Software

Resource Hash

f222f7a35db0f82e901fd8a4212bcd22b2869277cc17c0f35931cc32fe4e198c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Response headers

ntCoent-Length: 873
Strict-Transport-Security: max-age=31536000
Cache-Control: private
Content-Encoding: gzip
Content-Security-Policy-Report-Only: default-src 'none'; script-src 'strict-dynamic' https: http: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.cloudflare.com *.googleapis.com *.dot.gov *.teads.tv *.bing.com *.demdex.net *.boomtrain.com; img-src * data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src https://fonts.gstatic.com;frame-src *.doubleclick.net *.rfihub.com *.teads.tv *.demdex.net *.boomtrain.com *.lpsnmedia.net;object-src 'none';base-uri 'self';form-action 'self'
X-Content-Type-Options: nosniff
Content-Length: 327
Date: Fri, 17 Jan 2025 20:10:01 GMT
Content-Type: application/json; charset=utf-8
X-Frame-Options: SAMEORIGIN

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/regions/mortgage-prod/ 29 KB
9 KB 764ms
185ms Script
application/javascript 65.9.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/regions/mortgage-prod/Bootstrap.js
Requested by: Host: lending.regions.com
URL: https://lending.regions.com/app/buying-and-refinancing/main.d1eb36ae7a1d9c9ea61e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-103.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: dee0c804c8e6afea7a3411063405f64bb22ac56ae4d7a96dd7d98d4957748efb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

content-encoding: br
x-amz-version-id: 0U45KA56vXwc9DhJnu2iMHCecmmTNNcK
etag: W/"409b5b9628c2ca556d3ac86e1ff2dc20"
age: 292485
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: -7YdQTmnyh6Z3M_wVECclu2hQwVbRj_mtcPakxSW7Y9tYQR3jM8YkA==
date: Tue, 14 Jan 2025 10:55:19 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding, Origin
last-modified: Mon, 30 Jan 2023 20:13:26 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=300
via: 1.1 6165dcc1fdf84ac65e8204c05709f1ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK 6.8e99bd362dba21a3f78d.js Show response
lending.regions.com/app/buying-and-refinancing/ 8 KB
3 KB 365ms
365ms Script
application/javascript 205.255.102.33
REGIONS-ASN-1

General

Check archive.org

Show headers Download Go to

Full URL

https://lending.regions.com/app/buying-and-refinancing/6.8e99bd362dba21a3f78d.js

Requested by

Host: lending.regions.com
URL: https://lending.regions.com/app/buying-and-refinancing/runtime.224a49ef2d70a1fa6cd2.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

205.255.102.33 , United States, ASN10801 (REGIONS-ASN-1, US),

Reverse DNS

offertracker.regions.com

Software

Resource Hash

93d70e09903b397f54f1bac2d969240f6d79556c1478046d259f0c4aff2487d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: "1db501f26a32b5c"
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: default-src 'none'; script-src 'strict-dynamic' https: http: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.cloudflare.com *.googleapis.com *.dot.gov *.teads.tv *.bing.com *.demdex.net *.boomtrain.com; img-src * data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src https://fonts.gstatic.com;frame-src *.doubleclick.net *.rfihub.com *.teads.tv *.demdex.net *.boomtrain.com *.lpsnmedia.net;object-src 'none';base-uri 'self';form-action 'self'
Content-Length: 2540
Date: Fri, 17 Jan 2025 20:10:01 GMT
Content-Type: application/javascript
Last-Modified: Mon, 16 Dec 2024 19:01:06 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK regions-logo.png
lending.regions.com/app/buying-and-refinancing/assets/images/ 4 KB
5 KB 342ms
342ms Image
image/png 205.255.102.33
REGIONS-ASN-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lending.regions.com/app/buying-and-refinancing/assets/images/regions-logo.png

Requested by

Host: lending.regions.com
URL: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

205.255.102.33 , United States, ASN10801 (REGIONS-ASN-1, US),

Reverse DNS

offertracker.regions.com

Software

Resource Hash

745896c11b2084f525ac7bff25ea122745dc5792449312c02d1e9650db6f8a98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "1db501f26a33aab"
Age: 1
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Via: NS-CACHE-10.0: 31, NS-CACHE-10.0: 35
Content-Security-Policy-Report-Only: default-src 'none'; script-src 'strict-dynamic' https: http: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.cloudflare.com *.googleapis.com *.dot.gov *.teads.tv *.bing.com *.demdex.net *.boomtrain.com; img-src * data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src https://fonts.gstatic.com;frame-src *.doubleclick.net *.rfihub.com *.teads.tv *.demdex.net *.boomtrain.com *.lpsnmedia.net;object-src 'none';base-uri 'self';form-action 'self'
Content-Length: 4011
Date: Fri, 17 Jan 2025 20:10:02 GMT
Content-Type: image/png
Last-Modified: Mon, 16 Dec 2024 19:01:06 GMT
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK load-spin.gif
lending.regions.com/app/buying-and-refinancing/assets/images/ 94 KB
0 0ms
0ms Image
image/gif 205.255.102.33
REGIONS-ASN-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lending.regions.com/app/buying-and-refinancing/assets/images/load-spin.gif

Requested by

Host: lending.regions.com
URL: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

205.255.102.33 , United States, ASN10801 (REGIONS-ASN-1, US),

Reverse DNS

offertracker.regions.com

Software

Resource Hash

2dda53773f7314c330389e74000b62aa82509da1b6d39998ab4e391ef0484613

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Response headers

ETag: "1db501f26a24d7f"
Age: 3
X-Content-Type-Options: nosniff
Via: NS-CACHE-10.0: 35
Content-Security-Policy-Report-Only: default-src 'none'; script-src 'strict-dynamic' https: http: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.cloudflare.com *.googleapis.com *.dot.gov *.teads.tv *.bing.com *.demdex.net *.boomtrain.com; img-src * data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src https://fonts.gstatic.com;frame-src *.doubleclick.net *.rfihub.com *.teads.tv *.demdex.net *.boomtrain.com *.lpsnmedia.net;object-src 'none';base-uri 'self';form-action 'self'
Content-Length: 96383
Date: Fri, 17 Jan 2025 20:09:55 GMT
Content-Type: image/gif
Last-Modified: Mon, 16 Dec 2024 19:01:06 GMT
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK load-complete.gif
lending.regions.com/app/buying-and-refinancing/assets/images/ 48 KB
0 1ms
1ms Image
image/gif 205.255.102.33
REGIONS-ASN-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lending.regions.com/app/buying-and-refinancing/assets/images/load-complete.gif

Requested by

Host: lending.regions.com
URL: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

205.255.102.33 , United States, ASN10801 (REGIONS-ASN-1, US),

Reverse DNS

offertracker.regions.com

Software

Resource Hash

53a3ef651c5ef807495ceb1a0eff69088e35965034d73f1aea57b3fb316a921d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Response headers

ETag: "1db501f26a38b23"
Age: 1
X-Content-Type-Options: nosniff
Via: NS-CACHE-10.0: 31, NS-CACHE-10.0: 35
Content-Security-Policy-Report-Only: default-src 'none'; script-src 'strict-dynamic' https: http: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.cloudflare.com *.googleapis.com *.dot.gov *.teads.tv *.bing.com *.demdex.net *.boomtrain.com; img-src * data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src https://fonts.gstatic.com;frame-src *.doubleclick.net *.rfihub.com *.teads.tv *.demdex.net *.boomtrain.com *.lpsnmedia.net;object-src 'none';base-uri 'self';form-action 'self'
Content-Length: 48675
Date: Fri, 17 Jan 2025 20:09:57 GMT
Content-Type: image/gif
Last-Modified: Mon, 16 Dec 2024 19:01:06 GMT
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK equal-housing-lender.png
lending.regions.com/app/buying-and-refinancing/assets/images/ 8 KB
9 KB 295ms
295ms Image
image/png 205.255.102.33
REGIONS-ASN-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lending.regions.com/app/buying-and-refinancing/assets/images/equal-housing-lender.png

Requested by

Host: lending.regions.com
URL: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

205.255.102.33 , United States, ASN10801 (REGIONS-ASN-1, US),

Reverse DNS

offertracker.regions.com

Software

Resource Hash

83e7646db8f8b03f956022eb6a9d364a6fd7840d0ade1f2afcea1127fb129e25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "1db501f26a31571"
Age: 1
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Via: NS-CACHE-10.0: 31, NS-CACHE-10.0: 35
Content-Security-Policy-Report-Only: default-src 'none'; script-src 'strict-dynamic' https: http: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.cloudflare.com *.googleapis.com *.dot.gov *.teads.tv *.bing.com *.demdex.net *.boomtrain.com; img-src * data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src https://fonts.gstatic.com;frame-src *.doubleclick.net *.rfihub.com *.teads.tv *.demdex.net *.boomtrain.com *.lpsnmedia.net;object-src 'none';base-uri 'self';form-action 'self'
Content-Length: 8305
Date: Fri, 17 Jan 2025 20:10:02 GMT
Content-Type: image/png
Last-Modified: Mon, 16 Dec 2024 19:01:06 GMT
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK member-fdic.png
lending.regions.com/app/buying-and-refinancing/assets/images/ 11 KB
12 KB 1894ms
1894ms Image
image/png 205.255.102.33
REGIONS-ASN-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lending.regions.com/app/buying-and-refinancing/assets/images/member-fdic.png

Requested by

Host: lending.regions.com
URL: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

205.255.102.33 , United States, ASN10801 (REGIONS-ASN-1, US),

Reverse DNS

offertracker.regions.com

Software

Resource Hash

9948f63dd63c223247465529c8b335b96346d409c6823894066afb69b2bc374f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "1db501f26a31813"
Age: 1
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Via: NS-CACHE-10.0: 31, NS-CACHE-10.0: 35
Content-Security-Policy-Report-Only: default-src 'none'; script-src 'strict-dynamic' https: http: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.cloudflare.com *.googleapis.com *.dot.gov *.teads.tv *.bing.com *.demdex.net *.boomtrain.com; img-src * data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src https://fonts.gstatic.com;frame-src *.doubleclick.net *.rfihub.com *.teads.tv *.demdex.net *.boomtrain.com *.lpsnmedia.net;object-src 'none';base-uri 'self';form-action 'self'
Content-Length: 11539
Date: Fri, 17 Jan 2025 20:10:02 GMT
Content-Type: image/png
Last-Modified: Mon, 16 Dec 2024 19:01:06 GMT
X-Frame-Options: SAMEORIGIN

GET
H2 200 60208595 Show response
va.v.liveperson.net/api/js/ 236 B
1 KB 955ms
419ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.v.liveperson.net/api/js/60208595?&cb=lpCb31783x45958&t=sp&ts=1737144600488&pid=6486346371&tid=8354299318&pt=Regions%20-%20Buying%20And%20Refinancing&u=https%3A%2F%2Flending.regions.com%2Fapp%2Fbuying-and-refinancing%2Fwelcome%3Ftype%3D1%26mlo%3Dbarbaravila&df=0&os=2&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/60208595/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.v.liveperson.net

Software

ws /

Resource Hash

6373713216f6b485727b90d9f8f1a84cbef7a9357f8bfaf78eab097553ec6ad4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PATCH
date: Fri, 17 Jan 2025 20:10:03 GMT
content-type: application/javascript
server: ws
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
14 KB 118ms
118ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://lending.regions.com
Referer: https://fonts.googleapis.com/

Response headers

age: 354199
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 13 Jan 2026 17:46:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 13 Jan 2025 17:46:44 GMT
last-modified: Thu, 01 Jun 2023 22:52:58 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14780
x-xss-protection: 0
server: sffe

POST
H/1.1 200
OK barbaravila Show response
lending.regions.com/api/locator/officer/website/ 24 KB
13 KB 343ms
341ms XHR
application/json 205.255.102.33
REGIONS-ASN-1

General

Check archive.org

Show headers Download Go to

Full URL

https://lending.regions.com/api/locator/officer/website/barbaravila

Requested by

Host: lending.regions.com
URL: https://lending.regions.com/app/buying-and-refinancing/polyfills.7d90e27069d2ad6ded0d.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

205.255.102.33 , United States, ASN10801 (REGIONS-ASN-1, US),

Reverse DNS

offertracker.regions.com

Software

Resource Hash

8263cff9e1b4472523eefdb634675ea8f742e391c03c7a3bbf2ce3ccf449a382

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Content-Type: application/json

Response headers

ntCoent-Length: 24135
Strict-Transport-Security: max-age=31536000
Cache-Control: private
Content-Encoding: gzip
Content-Security-Policy-Report-Only: default-src 'none'; script-src 'strict-dynamic' https: http: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.cloudflare.com *.googleapis.com *.dot.gov *.teads.tv *.bing.com *.demdex.net *.boomtrain.com; img-src * data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src https://fonts.gstatic.com;frame-src *.doubleclick.net *.rfihub.com *.teads.tv *.demdex.net *.boomtrain.com *.lpsnmedia.net;object-src 'none';base-uri 'self';form-action 'self'
X-Content-Type-Options: nosniff
Content-Length: 12076
Date: Fri, 17 Jan 2025 20:10:01 GMT
Content-Type: application/json; charset=utf-8
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK icn-money.svg
lending.regions.com/app/buying-and-refinancing/assets/images/ 4 KB
3 KB 217ms
216ms Image
image/svg+xml 205.255.102.33
REGIONS-ASN-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lending.regions.com/app/buying-and-refinancing/assets/images/icn-money.svg

Requested by

Host: lending.regions.com
URL: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

205.255.102.33 , United States, ASN10801 (REGIONS-ASN-1, US),

Reverse DNS

offertracker.regions.com

Software

Resource Hash

62dd6abfa6bc94b024c68bfdde1edb86464ae46d7675b429c86d6639a8d45abb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: private
Content-Encoding: gzip
ETag: "1db501f26a324e5"
Age: 1
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Via: NS-CACHE-10.0: 31, NS-CACHE-10.0: 35
Cteonnt-Length: 4581
Content-Security-Policy-Report-Only: default-src 'none'; script-src 'strict-dynamic' https: http: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.cloudflare.com *.googleapis.com *.dot.gov *.teads.tv *.bing.com *.demdex.net *.boomtrain.com; img-src * data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src https://fonts.gstatic.com;frame-src *.doubleclick.net *.rfihub.com *.teads.tv *.demdex.net *.boomtrain.com *.lpsnmedia.net;object-src 'none';base-uri 'self';form-action 'self'
Content-Length: 1648
Date: Fri, 17 Jan 2025 20:10:03 GMT
Content-Type: image/svg+xml
Last-Modified: Mon, 16 Dec 2024 19:01:06 GMT
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK icn-document.svg
lending.regions.com/app/buying-and-refinancing/assets/images/ 2 KB
2 KB 206ms
205ms Image
image/svg+xml 205.255.102.33
REGIONS-ASN-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lending.regions.com/app/buying-and-refinancing/assets/images/icn-document.svg

Requested by

Host: lending.regions.com
URL: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

205.255.102.33 , United States, ASN10801 (REGIONS-ASN-1, US),

Reverse DNS

offertracker.regions.com

Software

Resource Hash

454999dc04a71c49dbc6dfdcc50c94979aff6c2c7ddbeb03bfcb9690e3bccb6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: private
Content-Encoding: gzip
ETag: "1db501f26a33267"
Age: 1
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Via: NS-CACHE-10.0: 31, NS-CACHE-10.0: 35
Content-Security-Policy-Report-Only: default-src 'none'; script-src 'strict-dynamic' https: http: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.cloudflare.com *.googleapis.com *.dot.gov *.teads.tv *.bing.com *.demdex.net *.boomtrain.com; img-src * data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src https://fonts.gstatic.com;frame-src *.doubleclick.net *.rfihub.com *.teads.tv *.demdex.net *.boomtrain.com *.lpsnmedia.net;object-src 'none';base-uri 'self';form-action 'self'
Cteonnt-Length: 1895
Content-Length: 743
Date: Fri, 17 Jan 2025 20:10:03 GMT
Content-Type: image/svg+xml
Last-Modified: Mon, 16 Dec 2024 19:01:06 GMT
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK icn-id.svg
lending.regions.com/app/buying-and-refinancing/assets/images/ 3 KB
2 KB 269ms
269ms Image
image/svg+xml 205.255.102.33
REGIONS-ASN-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lending.regions.com/app/buying-and-refinancing/assets/images/icn-id.svg

Requested by

Host: lending.regions.com
URL: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

205.255.102.33 , United States, ASN10801 (REGIONS-ASN-1, US),

Reverse DNS

offertracker.regions.com

Software

Resource Hash

92843deade1639f1831e5ea7ff76d570a5d0deb76813d977c05a756bca7a6b16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: private
Content-Encoding: gzip
ETag: "1db501f26a33fc0"
Age: 1
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Via: NS-CACHE-10.0: 31, NS-CACHE-10.0: 35
Content-Security-Policy-Report-Only: default-src 'none'; script-src 'strict-dynamic' https: http: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.cloudflare.com *.googleapis.com *.dot.gov *.teads.tv *.bing.com *.demdex.net *.boomtrain.com; img-src * data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src https://fonts.gstatic.com;frame-src *.doubleclick.net *.rfihub.com *.teads.tv *.demdex.net *.boomtrain.com *.lpsnmedia.net;object-src 'none';base-uri 'self';form-action 'self'
Cteonnt-Length: 2752
Content-Length: 981
Date: Fri, 17 Jan 2025 20:10:03 GMT
Content-Type: image/svg+xml
Last-Modified: Mon, 16 Dec 2024 19:01:06 GMT
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK avatar-MLO.png
lending.regions.com/app/buying-and-refinancing/assets/images/ 16 KB
16 KB 217ms
216ms Image
image/png 205.255.102.33
REGIONS-ASN-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lending.regions.com/app/buying-and-refinancing/assets/images/avatar-MLO.png

Requested by

Host: lending.regions.com
URL: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

205.255.102.33 , United States, ASN10801 (REGIONS-ASN-1, US),

Reverse DNS

offertracker.regions.com

Software

Resource Hash

7379250565ec7a4918d8c88a895ef079ad9fe906a0cd8637c2a3298084a0414f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "1db501f26a30b72"
Age: 1
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Via: NS-CACHE-10.0: 31, NS-CACHE-10.0: 35
Content-Security-Policy-Report-Only: default-src 'none'; script-src 'strict-dynamic' https: http: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.cloudflare.com *.googleapis.com *.dot.gov *.teads.tv *.bing.com *.demdex.net *.boomtrain.com; img-src * data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src https://fonts.gstatic.com;frame-src *.doubleclick.net *.rfihub.com *.teads.tv *.demdex.net *.boomtrain.com *.lpsnmedia.net;object-src 'none';base-uri 'self';form-action 'self'
Content-Length: 15986
Date: Fri, 17 Jan 2025 20:10:03 GMT
Content-Type: image/png
Last-Modified: Mon, 16 Dec 2024 19:01:06 GMT
X-Frame-Options: SAMEORIGIN

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/regions/mortgage-prod/ 290 B
633 B 172ms
172ms Script
text/javascript 65.9.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/regions/mortgage-prod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/regions/mortgage-prod/code/&publishedOn=Mon%20Jan%2030%2020:13:24%20GMT%202023&ClientID=1202&PageID=https%3A%2F%2Flending.regions.com%2Fapp%2Fbuying-and-refinancing%2Fwelcome%3Ftype%3D1%26mlo%3Dbarbaravila
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/regions/mortgage-prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-103.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: a32dec4b66f8ca30347979e79f06130920d32d9103ed75ea6452d6a4435b4908

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

cache-control: no-cache, no-store
via: 1.1 6165dcc1fdf84ac65e8204c05709f1ca.cloudfront.net (CloudFront)
expires: Fri, 17 Jan 2025 20:10:02 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
content-length: 290
x-amz-cf-id: AyXl41MgI5AS5FraGuGkzRRoxlYca6KegrnKxW8Pqpz3pmJ1hXNoDQ==
date: Fri, 17 Jan 2025 20:10:03 GMT
content-type: text/javascript
x-amz-cf-pop: FRA56-C1
server: CloudFront
vary: Origin

GET
DATA 200
OK truncated
/ 17 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10a83a8c2bb4ec36faef5623b96456dd4f629140352f08afbf4f9d45f7dc7159

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpeg

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
14 KB 120ms
120ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://lending.regions.com
Referer: https://fonts.googleapis.com/

Response headers

age: 286676
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 14 Jan 2026 12:32:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 14 Jan 2025 12:32:07 GMT
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14712
x-xss-protection: 0
server: sffe

GET
H3 200 5f8647e9fcbb528c0a2e445cec533c41.js Show response
nexus.ensighten.com/regions/mortgage-prod/code/ 172 KB
54 KB 146ms
146ms Script
application/javascript 65.9.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/regions/mortgage-prod/code/5f8647e9fcbb528c0a2e445cec533c41.js?conditionId0=423026
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/regions/mortgage-prod/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 65.9.66.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-103.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 23daa461883fc5ce297996a9320bffcaa6e5b010ab84d5877a09a315359d12ff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

content-encoding: br
x-amz-version-id: Ng9jz77FIRJWpQ2IGjz7hjalSRIFB5uD
age: 292443
etag: W/"5b5fd9ecd49b71180eb403434b0fa328"
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: SpxwbtXYFWK8kXz6S5sYTeSt2sfAdYYeFze9iIYHwLSzJlDorpSbhA==
date: Tue, 14 Jan 2025 10:56:01 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding, Origin
last-modified: Mon, 30 Jan 2023 20:13:26 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=315360000
via: 1.1 106758604a7f1ae0fa6678cd3d828d62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H2 200 60208595 Show response
va.v.liveperson.net/api/js/ 111 B
915 B 208ms
208ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.v.liveperson.net/api/js/60208595?sid=fd4HsqLAQUOn3mhK6FLV0A&cb=lpCb20730x33282&t=pl&ts=1737144602933&pid=6486346371&tid=8354299318&vid=I0ZDU1MTk5ZmM2YmQyZDg1

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/60208595/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.v.liveperson.net

Software

ws /

Resource Hash

8b916263b171d8155a896989b3f8fe9f2757f799b142cfd019f073cdd6cd4364

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PATCH
date: Fri, 17 Jan 2025 20:10:03 GMT
content-type: application/javascript
server: ws
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 bat.js Show response
bat.bing.com/ 50 KB
15 KB 646ms
277ms Script
application/javascript 150.171.28.10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/regions/mortgage-prod/code/5f8647e9fcbb528c0a2e445cec533c41.js?conditionId0=423026

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

150.171.28.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: gzip
etag: "028e0691d20db1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9A432D0629A740B1B0B796B47457C1FC Ref B: LTSEDGE1607 Ref C: 2025-01-17T20:10:04Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14570
date: Fri, 17 Jan 2025 20:10:04 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 22:47:44 GMT
vary: Accept-Encoding

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 240 KB
61 KB 640ms
110ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/regions/mortgage-prod/code/5f8647e9fcbb528c0a2e445cec533c41.js?conditionId0=423026

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

a02acce44f2c6df068972d20e54f5b2632f994db79a2ed7f907fd378033411ef

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-Qe4HR1NX' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 17 Jan 2025 20:10:04 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-Qe4HR1NX' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=108, rtx=0, c=23, mss=1232, tbw=5763, tp=11, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: NboP+MEsHH/vCroq6p3rHfK5GhEeaiKG6E3/gSB7XcyJCI9cDfWYSDhO4gTxMLR/VzB/2amiL3J7DVKk0qAHEg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62391
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 302 KB
104 KB 645ms
310ms Script
application/javascript 142.250.186.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1013536406&l=regionsDataLayer

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/regions/mortgage-prod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

ed8fc4f59918f41c42d790b768215f83039de863a201c1a0ed39db1a334d1253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 17 Jan 2025 20:10:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 17 Jan 2025 20:10:04 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 17 Jan 2025 18:44:51 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 105438
x-xss-protection: 0
server: Google Tag Manager

GET
H2

200

welcome
9100576.fls.doubleclick.net/activityi;dc_pre=CMzB0_jH_YoDFYfvEQgdr9gZ2A;src=9100576;type=start;u2=buying-and-refinancing;u9=/ Frame E13E
Redirect Chain

https://9100576.fls.doubleclick.net/activityi;src=9100576;type=start;u2=buying-and-refinancing;u9=/welcome?type=1&mlo=barbaravila;u10=null;u11=undefined;u12=null;u13=null;cat=regio000;dc_lat=;dc_rd...
https://9100576.fls.doubleclick.net/activityi;dc_pre=CMzB0_jH_YoDFYfvEQgdr9gZ2A;src=9100576;type=start;u2=buying-and-refinancing;u9=/welcome?type=1&mlo=barbaravila;u10=null;u11=undefined;u12=null;u...

0
0

472ms
472ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9100576.fls.doubleclick.net/activityi;dc_pre=CMzB0_jH_YoDFYfvEQgdr9gZ2A;src=9100576;type=start;u2=buying-and-refinancing;u9=/welcome?type=1&mlo=barbaravila;u10=null;u11=undefined;u12=null;u13=null;cat=regio000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=0;ord=4131736344627.779

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/regions/mortgage-prod/code/5f8647e9fcbb528c0a2e445cec533c41.js?conditionId0=423026

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lending.regions.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 290
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Jan 2025 20:10:05 GMT
expires: Fri, 17 Jan 2025 20:10:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Jan 2025 20:10:04 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9100576.fls.doubleclick.net/activityi;dc_pre=CMzB0_jH_YoDFYfvEQgdr9gZ2A;src=9100576;type=start;u2=buying-and-refinancing;u9=/welcome?type=1&mlo=barbaravila;u10=null;u11=undefined;u12=null;u13=null;cat=regio000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=0;ord=4131736344627.779
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 15 KB
6 KB 855ms
526ms Script
application/javascript 18.172.103.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/regions/mortgage-prod/Bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.103.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-103-101.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bb19cc9bb9e4e0f0237ee1f0c213487452c77e6f9fa6fa9edcb87f4de9f0c21a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

Transfer-Encoding: chunked
Vary: accept-encoding
Content-Encoding: gzip
ETag: W/"dd635a85604f92ec6b3a600d010dd4e3"
Age: 28941
Connection: keep-alive
Via: 1.1 58e9d1f8f21a3575fa58a14f7f39c636.cloudfront.net (CloudFront)
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: rwuVNQaV_mUBJRcJmGBK-woA1Fn7x-gxpfFDolnLvle4ykHjn9Od1A==
Date: Fri, 17 Jan 2025 12:07:44 GMT
Content-Type: application/javascript
Last-Modified: Sun, 12 Jan 2025 12:06:57 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P8
x-amz-server-side-encryption: AES256

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 489ms
176ms Script
application/javascript 91.228.74.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/regions/mortgage-prod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.166 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 1a348b534e8a564459688fd0583aa1e018a107b6c224bb43a3a1c25aa53c647f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

cache-control: private, max-age=604800
content-encoding: gzip
etag: "bBg4Fg3dLUEmkKIA6FaCzg=="
expires: Fri, 24 Jan 2025 20:10:04 GMT
accept-ranges: bytes
date: Fri, 17 Jan 2025 20:10:04 GMT
content-type: application/javascript
vary: Accept-Encoding

GET
H2 200 sync Show response
live.rezync.com/ 2 KB
3 KB 946ms
617ms Script
text/javascript 65.9.66.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=2f522f2cbc0fecebadd20f961aabdb13&k=regions-bank-pixel-8219&zmpID=regions-bank&cache_buster=1548080639310813&PageUrl=/welcome?type=1&mlo=barbaravila
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/regions/mortgage-prod/code/5f8647e9fcbb528c0a2e445cec533c41.js?conditionId0=423026
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-36.fra56.r.cloudfront.net
Software: lighttpd/1.4.69 /
Resource Hash: 0a9dba4c3493eaeb7d832e3325b6acd989bfa88d9564c147c81867b3225cb287

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

via: 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 2041
x-amz-cf-id: ohkLcGUbEgHlFC958tXv8qFD_yWILFdJ9YiKbo5dfGxvCKxEykPxQA==
date: Fri, 17 Jan 2025 20:10:04 GMT
content-type: text/javascript
vary: Cookie
server: lighttpd/1.4.69
x-amz-cf-pop: FRA56-C1

GET
H/1.1 200
OK teads-fellow.js Show response
p.teads.tv/ 20 KB
7 KB 1035ms
214ms Script
application/javascript 23.52.181.90
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p.teads.tv/teads-fellow.js
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/regions/mortgage-prod/Bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.181.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-181-90.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: d31092d3e3fb5841aa82e6ce084ebd1f8d28b9dff5c3befb179f87180db551c0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

x-amz-id-2: JpDoCyUzyxRUXzglQCayqfpjVShtrkW7/WzMHTOMZeQq2INA5JfkEqgb8HufOjwwCfE/2iXA/NfgteM6HLNYag==
Vary: Accept-Encoding
Cache-Control: max-age=127
Content-Encoding: gzip
ETag: "9650ae217757b954d97bb5310c215cc0"
Connection: keep-alive
x-amz-request-id: 3GZZJ5R6TAHHAB4Y
Accept-Ranges: bytes
Content-Length: 6615
Date: Fri, 17 Jan 2025 20:10:05 GMT
Last-Modified: Thu, 16 Jan 2025 16:02:56 GMT
Content-Type: application/javascript
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 44911 Show response
cdn.bttrack.com/universal/ 4 KB
4 KB 791ms
199ms Script
application/javascript 2.16.241.19
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bttrack.com/universal/44911
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/regions/mortgage-prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.241.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-16-241-19.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a096fbd5c3f1c170bff91b2c0befaab5d113c2f8b29f2b2e39dae3ecbbf7c01f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

cache-control: private, max-age=900
content-length: 3950
x-servername: assets03-iad
date: Fri, 17 Jan 2025 20:10:04 GMT
content-type: application/javascript; charset=utf-8

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ 43 B
508 B 585ms
297ms Image
image/gif 54.171.122.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10175658&he=start&auid=regio0

Requested by

Host: lending.regions.com
URL: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.171.122.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-122-26.eu-west-1.compute.amazonaws.com

Software

ATS/9.1.10.144 /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
cache-control: no-cache, no-store, private, must-revalidate
pragma: no-cache
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-content-type-options: nosniff
via: http/1.1 traffic_server (ApacheTrafficServer/9.1.10.144)
expires: Fri, 17 Jan 2025 20:10:04 GMT
accept-ranges: bytes
referrer-policy: strict-origin-when-cross-origin
content-length: 43
date: Fri, 17 Jan 2025 20:10:04 GMT
content-type: image/gif
server: ATS/9.1.10.144
x-frame-options: DENY

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ 43 B
77 B 586ms
299ms Image
image/gif 54.171.122.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10175921&he=start&auid=type=start;u2=buying-and-refinancing;u9=/welcome?type=1&mlo=barbaravila;u10=null;u11=undefined;u12=null;u13=null;cat=regio000

Requested by

Host: lending.regions.com
URL: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.171.122.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-122-26.eu-west-1.compute.amazonaws.com

Software

ATS/9.1.10.144 /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
cache-control: no-cache, no-store, private, must-revalidate
pragma: no-cache
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-content-type-options: nosniff
via: http/1.1 traffic_server (ApacheTrafficServer/9.1.10.144)
expires: Fri, 17 Jan 2025 20:10:04 GMT
accept-ranges: bytes
referrer-policy: strict-origin-when-cross-origin
content-length: 43
date: Fri, 17 Jan 2025 20:10:04 GMT
content-type: image/gif
server: ATS/9.1.10.144
x-frame-options: DENY

GET
H2 200 /
dc.ads.linkedin.com/collect/ 43 B
748 B 872ms
532ms Image
image/gif 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dc.ads.linkedin.com/collect/?pid=681506&fmt=gif
Requested by: Host: lending.regions.com
URL: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lor1-x
content-encoding: gzip
x-msedge-ref: Ref A: AF17A6BD35964D2FA9C4E14427CD097E Ref B: LTSEDGE0914 Ref C: 2025-01-17T20:10:05Z
x-li-fabric: prod-lor1
x-li-uuid: AAYr7H8hAaaaTe/vbfVSGA==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 65
date: Fri, 17 Jan 2025 20:10:05 GMT
content-type: image/gif
vary: Accept-Encoding

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
765 B 608ms
285ms Image
image/gif 2.19.224.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613483917557&noscript=1

Requested by

Host: lending.regions.com
URL: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.184 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-184.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

x-pinterest-rid-128bit: 6d1da784acd00e51446b224dd25cf32e
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=604800
date: Fri, 17 Jan 2025 20:10:05 GMT
content-type: image/gif
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-cdn: akamai
referrer-policy: origin
pinterest-version: c6d93c90acd322a1dee0b065e0bc57a25fe4715f
access-control-allow-origin: *
content-length: 35
akamai-grn: 0.39d53e17.1737144605.73c3ee4
x-pinterest-rid: 4930071934724272

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
395 B 731ms
433ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o1rxt&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0

Requested by

Host: lending.regions.com
URL: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

strict-transport-security: max-age=631138519
x-transaction-id: 74b2736d5b4a21d2
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 3efed16e7c149dcdeba14f523c4fefc8e4e687ed00560ef8c5cb05846b3be75f
x-response-time: 189
content-length: 43
date: Fri, 17 Jan 2025 20:10:05 GMT
perf: 7402827104
content-type: image/gif;charset=utf-8
server: tsa_f

GET
H2 200 adsct
t.co/i/ 43 B
630 B 693ms
378ms Image
image/gif 172.66.0.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o1rxt&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0

Requested by

Host: lending.regions.com
URL: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.227 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

strict-transport-security: max-age=0
x-transaction-id: 6b79a9e6dfbaffef
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 015f71adfa5ebe07bf497679dce83d39244720e1804e1783b9bed70b8dcf2e44
cf-cache-status: DYNAMIC
cf-ray: 9038fc96cc4460f9-LHR
x-response-time: 199
content-length: 43
date: Fri, 17 Jan 2025 20:10:05 GMT
content-type: image/gif;charset=utf-8
perf: 7402827104
server: cloudflare tsa_f

GET
H2 200 activity;xsp=4958803;ord=9938142782679032
pubads.g.doubleclick.net/ 42 B
440 B 864ms
252ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;xsp=4958803;ord=9938142782679032?

Requested by

Host: lending.regions.com
URL: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 42
date: Fri, 17 Jan 2025 20:10:05 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 pixie
ib.adnxs.com/ 42 B
228 B 538ms
222ms Image
image/gif 185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/pixie?pi=8d5f389a-2c0c-4c6f-bc78-444ec3a0890e&e=PageView&script=0
Requested by: Host: lending.regions.com
URL: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software: nginx/1.23.4 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 42
date: Fri, 17 Jan 2025 20:10:05 GMT
content-type: image/gif
server: nginx/1.23.4
x-proxy-origin: 185.159.158.107; 185.159.158.107; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

GET
H2 200 pxre.php
pxl.jivox.com/tags/conv/ 43 B
286 B 1102ms
652ms Image
image/gif 100.24.183.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pxl.jivox.com/tags/conv/pxre.php?px=66019ae59da3d4&cOpt=buying-and-refinancing|/welcome?type=1&mlo=barbaravila|null||null|null&rev=0&us_privacy=true
Requested by: Host: lending.regions.com
URL: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.24.183.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-24-183-77.compute-1.amazonaws.com
Software: Jetty(9.4.39.v20210325) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
pragma: no-cache
access-control-allow-origin: *
content-length: 43
p3p: CP='IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA'
date: Fri, 17 Jan 2025 20:10:05 GMT
content-type: image/gif
server: Jetty(9.4.39.v20210325)

GET
H2 200 pxrc.php
pxl.jivox.com/tags/re/ 43 B
452 B 1080ms
651ms Image
image/gif 100.24.183.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pxl.jivox.com/tags/re/pxrc.php?px=36047d7c441cd7&ret=img&cData=buying-and-refinancing&px_76047d84e0072e=/welcome?type=1&mlo=barbaravila&px_36047d87d635df=null&us_privacy=
Requested by: Host: lending.regions.com
URL: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.24.183.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-24-183-77.compute-1.amazonaws.com
Software: Jetty(9.4.39.v20210325) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: *
content-length: 43
p3p: CP='IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA'
date: Fri, 17 Jan 2025 20:10:05 GMT
content-type: image/gif
server: Jetty(9.4.39.v20210325)
access-control-allow-headers: content-type

GET
H3 204 e.gif
nexus.ensighten.com/error/ 0
218 B 129ms
129ms Image
text/plain 65.9.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nexus.ensighten.com/error/e.gif?msg=Cannot%20read%20properties%20of%20undefined%20(reading%20%27resolve%27)&lnn=-1&fn=&cid=1202&client=regions&publishPath=mortgage-prod&rid=-1&did=-1&errorName=TypeError
Requested by: Host: lending.regions.com
URL: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 65.9.66.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-103.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

cache-control: no-cache, no-store
age: 10965
via: 1.1 106758604a7f1ae0fa6678cd3d828d62.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: TFQo9qrabVJRmst5tfYMGcUETz4CixR6VwUfEZcdMF_ZELUuSPeM7A==
date: Fri, 17 Jan 2025 17:07:19 GMT
x-amz-cf-pop: FRA56-C1
server: CloudFront

GET
H2

200

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&d_nsid=0&ts=1737144604230
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&d_nsid=0&ts=1737144604230

4 KB
2 KB

225ms
225ms

XHR
application/json

34.248.62.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&d_nsid=0&ts=1737144604230

Requested by

Host: lending.regions.com
URL: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Protocol

Server

34.248.62.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-248-62-168.eu-west-1.compute.amazonaws.com

Software

Resource Hash

5b9c67ae7e60ef143c4731bcf5dc657606d5e4dd4b6c91ca12194828425eda6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs: dcs-prod-irl1-2-v069-0e7746f31.edge-irl1.demdex.com 4 ms
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
x-tid: WoIZ/EvURac=
expires: Thu, 01 Jan 1970 00:00:00 UTC
access-control-allow-origin: https://lending.regions.com
content-length: 1282
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Fri, 17 Jan 2025 20:10:04 GMT
content-type: application/json;charset=utf-8
vary: Origin

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
location: https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&d_nsid=0&ts=1737144604230
dcs: dcs-prod-irl1-1-v069-0cc011f6c.edge-irl1.demdex.com 0 ms
pragma: no-cache
access-control-allow-credentials: true
x-tid: O87eSdguTsg=
expires: Thu, 01 Jan 1970 00:00:00 UTC
access-control-allow-origin: https://lending.regions.com
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Fri, 17 Jan 2025 20:10:04 GMT
vary: Origin

GET
H2 200 rules-p-AMy7w2y7nzRg3.js Show response
rules.quantcount.com/ 222 B
704 B 552ms
221ms Script
application/javascript 18.66.102.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-AMy7w2y7nzRg3.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.102.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-57.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0b05aa0628fbe20e5842c7782041141ea89bdd714245c5c352283266e6eb4aa1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

etag: "91338acd9f357367ba2e127f42326aed"
age: 2657
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: sel_PRW4DlPZrnfCm3BNjYseDPcI0_l9S1kyk7bjaMK4E_E2EjTHEQ==
date: Fri, 17 Jan 2025 19:40:38 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 13 Oct 2022 22:22:02 GMT
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 222
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 pixel;r=1665620652;labels=_fp.event.PageView;event=refresh;rf=3;a=p-AMy7w2y7nzRg3;url=https%3A%2F%2Flending.regions.com%2Fapp%2Fbuying-and-refinancing%2Fwelcome%3Ftype%3D1%26mlo%3Dbarbaravila;ns=0;...
pixel.quantserve.com/ 35 B
518 B 144ms
123ms Image
image/gif 91.228.74.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1665620652;labels=_fp.event.PageView;event=refresh;rf=3;a=p-AMy7w2y7nzRg3;url=https%3A%2F%2Flending.regions.com%2Fapp%2Fbuying-and-refinancing%2Fwelcome%3Ftype%3D1%26mlo%3Dbarbaravila;ns=0;ce=1;qjs=1;qv=b20766c7-20250107122429;ref=;dst=0;et=1737144604679;tzo=0;ogl=;ses=f44f82cd-d075-472d-8f38-36aff9f7f542;d=regions.com;uht=2;fpan=1;fpa=P0-1808433470-1737144604681;pbc=;gdpr=0;mdl=

Requested by

Host: lending.regions.com
URL: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.166 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

strict-transport-security: max-age=86400
cache-control: private, no-cache, no-store, proxy-revalidate
pragma: no-cache
expires: Fri, 04 Aug 1978 12:00:00 GMT
content-length: 35
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
date: Fri, 17 Jan 2025 20:10:05 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"filters":[{"label":["YSA7yGTOzwNEmvjBdNjlSQ=="],"pcode":["p-AMy7w2y7nzRg3"]}],"trigger_data":"1"}]}
content-type: image/gif

GET
H2 200 21011282.js Show response
bat.bing.com/p/action/ 364 B
410 B 130ms
130ms Script
application/javascript 150.171.28.10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/21011282.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

150.171.28.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

cce2184ec089babc70ded47b8474c543f6a5ff013e4bfd9dbae8689489bb13ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 60ACF46235E3427FA7DA389E4E83BDB3 Ref B: LTSEDGE1607 Ref C: 2025-01-17T20:10:04Z
x-cache: CONFIG_NOCACHE
date: Fri, 17 Jan 2025 20:10:04 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H3 200 499108531775714 Show response
connect.facebook.net/signals/config/ 97 KB
19 KB 288ms
288ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/499108531775714?v=2.9.180&r=stable&domain=lending.regions.com&hme=1b2b48fb279bc2e2881583cc2153b57f55e340ed882b2c5394167c8bc992d930&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C174%2C177%2C189%2C185%2C186%2C188%2C29%2C101%2C53%2C77%2C187%2C169%2C172%2C182%2C183%2C190%2C132%2C41%2C192%2C193%2C34%2C144%2C15%2C50%2C198%2C197%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C170%2C173%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

0223505a0e2985ff2003a3ec424bb083f80f8080aa50ca557f6d481c81c871b4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-AGNXTLQH' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 17 Jan 2025 20:10:05 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-AGNXTLQH' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=116, rtx=4, c=77, mss=1232, tbw=76835, tp=71, tpl=4, uplat=178, ullat=0
pragma: public
x-fb-debug: 5p2CxOGfV6OWsKBa/+DnrF0ORlV9tzyoT99ijpwBcefFjKgFam1xu05DuzsMUmZnfXRmyYSr/5LSYjCoGjAUsQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 dest5.html
regions.demdex.net/ Frame E73E 0
0 867ms
543ms Document
text/html 54.78.18.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://regions.demdex.net/dest5.html?d_nsid=undefined

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/regions/mortgage-prod/code/5f8647e9fcbb528c0a2e445cec533c41.js?conditionId0=423026

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.78.18.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-78-18-81.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://lending.regions.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Fri, 17 Jan 2025 20:10:05 GMT
dcs: dcs-prod-irl1-1-v069-04eb0b1b4.edge-irl1.demdex.com 1 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Thu, 16 Jan 2025 13:48:47 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: TODsOgGeTkI=

GET
H2 200 id Show response
smetrics.regions.com/ 48 B
460 B 1757ms
320ms XHR
application/x-javascript 63.140.62.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.regions.com/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&mid=07205793256708857004600297111515689372&ts=1737144605037

Requested by

Host: lending.regions.com
URL: https://lending.regions.com/app/buying-and-refinancing/polyfills.7d90e27069d2ad6ded0d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-17.data.adobedc.net

Software

jag /

Resource Hash

10650a495f4e9a8d246b011342b621ad1c749ebd8f88fda085b6d59438498a44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://lending.regions.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://lending.regions.com
p3p: CP="This is not a P3P policy"
content-length: 48
date: Fri, 17 Jan 2025 20:10:06 GMT
x-xss-protection: 1; mode=block
content-type: application/x-javascript;charset=utf-8
vary: Origin
server: jag

GET
H2

200

ibs:dpid=411&dpuuid=Z4q5HQAAAIRzCwN-
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=01479712411743869854024592722816086513
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Z4q5HQAAAIRzCwN-

42 B
715 B

119ms
118ms

Image
image/gif

34.248.62.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Z4q5HQAAAIRzCwN-

Requested by

Host: lending.regions.com
URL: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Protocol

Server

34.248.62.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-248-62-168.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs: dcs-prod-irl1-1-v069-02411d802.edge-irl1.demdex.com 2 ms
content-encoding: gzip
pragma: no-cache
x-content-type-options: nosniff
x-tid: QAys7lXCR9I=
expires: Thu, 01 Jan 1970 00:00:00 UTC
content-length: 59
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Fri, 17 Jan 2025 20:10:05 GMT
content-type: image/gif

Redirect headers

Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Z4q5HQAAAIRzCwN-
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Length: 0
Date: Fri, 17 Jan 2025 20:10:05 GMT
Connection: keep-alive
Server: AMO-cookiemap/1.1

GET
H2 204 0
bat.bing.com/action/ 0
284 B 113ms
113ms Image
text/plain 150.171.28.10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=21011282&Ver=2&mid=69475d06-9814-43ff-99c2-454c37554cbe&bo=1&sid=0a99fcc0d50f11ef8a43fd13b8eb49b9&vid=0a9a0b10d50f11ef9b400324888a7494&vids=1&msclkid=N&pi=918639831&lg=is-IS&sw=1600&sh=1200&sc=24&tl=Regions%20-%20Buying%20And%20Refinancing&p=https%3A%2F%2Flending.regions.com%2Fapp%2Fbuying-and-refinancing%2Fwelcome%3Ftype%3D1%26mlo%3Dbarbaravila&r=&lt=8798&evt=pageLoad&sv=1&cdb=AQAQ&rn=296189

Requested by

Host: lending.regions.com
URL: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

150.171.28.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3B823DA466C846BE896D85C6E3ED7011 Ref B: LTSEDGE1607 Ref C: 2025-01-17T20:10:05Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Fri, 17 Jan 2025 20:10:04 GMT

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ 19 KB
6 KB 1946ms
522ms Script
application/x-javascript 143.204.215.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: lending.regions.com
URL: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-42.fra53.r.cloudfront.net
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

x-amz-cf-id: A1qRsQ1k-KDa1Nm8zB8pLKmmmgGwAZaW18yh8bFCIpXYi2o3mTtoAQ==
cache-control: public, max-age=3600
content-encoding: gzip
age: 1642
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
expires: Fri, 17 Jan 2025 20:42:45 GMT
x-cache: Hit from cloudfront
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 6162
date: Fri, 17 Jan 2025 19:42:45 GMT
content-type: application/x-javascript
last-modified: Fri, 17 Jan 2025 19:42:35 GMT
server: Jetty(9.4.51.v20230217)
x-amz-cf-pop: FRA53-C1

GET
H/1.1 200
OK p13n.min.js Show response
cdn.boomtrain.com/p13n/regions-bank/ 94 KB
30 KB 557ms
221ms Script
application/javascript 18.172.112.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.boomtrain.com/p13n/regions-bank/p13n.min.js
Requested by: Host: lending.regions.com
URL: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-123.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 29aa069d4cd667a89a8790f133d5495b2f805526b5d3fa22cf35d2c11093b45d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

Content-Encoding: gzip
x-amz-version-id: 1ZRWDsF63Co8Nyj4XqEvxGUGmjBJwYBg
ETag: W/"44caa5094ca2fff1d14c7b6e7a433b59"
Age: 2656
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: WB2fwGyoFlvxR0mdJt4P1VcUlCxzN6C3EPoIDR1LdcYNUZqWlhHSWQ==
Date: Fri, 17 Jan 2025 19:40:40 GMT
Content-Type: application/javascript
Vary: accept-encoding
Last-Modified: Fri, 10 Jan 2025 16:20:26 GMT
Transfer-Encoding: chunked
Cache-Control: public, max-age=3600
Connection: keep-alive
Via: 1.1 0e49b385c2bbe9db0820bc1551bde98a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P8
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 270 KB
95 KB 374ms
374ms Script
application/javascript 142.250.186.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-959581806&l=regionsDataLayer&cx=c&gtm=45be51g0v867528959za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1013536406&l=regionsDataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

1200d05ce1062812a8593a8251e52b0f1c644ad7f826440d752d806612e2a677

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 17 Jan 2025 20:10:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 17 Jan 2025 20:10:05 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 17 Jan 2025 18:44:51 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 97549
x-xss-protection: 0
server: Google Tag Manager

POST
H3 200 collect
www.google.com/ccm/ 0
0 366ms
127ms Ping
text/plain 142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Flending.regions.com%2Fapp%2Fbuying-and-refinancing%2Fwelcome&scrsrc=www.googletagmanager.com&frm=0&rnd=1242297919.1737144605&dt=Regions%20-%20Buying%20And%20Refinancing&auid=622684318.1737144605&navt=n&npa=1&gtm=45be51g0v867528959za200&gcd=13l3lPl2l1l1&dma_cps=syphamo&dma=1&tag_exp=102067555~102067808~102081485~102123607&tft=1737144605117&tfd=11384&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1013536406&l=regionsDataLayer
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/51g0/ Frame 5B89 0
0 445ms
156ms Document
text/html 142.250.186.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/51g0/sw_iframe.html?origin=https%3A%2F%2Flending.regions.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1013536406&l=regionsDataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f8.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 66765
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Jan 2025 01:37:20 GMT
expires: Sat, 17 Jan 2026 01:37:20 GMT
last-modified: Thu, 16 Jan 2025 10:38:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/1013536406/ 6 KB
3 KB 278ms
131ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1013536406/?random=1737144605125&cv=11&fst=1737144605125&bg=ffffff&guid=ON&async=1&gtm=45be51g0v867528959za200&gcd=13l3lPl2l1l1&dma_cps=syphamo&dma=1&tag_exp=102067555~102067808~102081485~102123607&u_w=1600&u_h=1200&url=https%3A%2F%2Flending.regions.com%2Fapp%2Fbuying-and-refinancing%2Fwelcome%3Ftype%3D1%26mlo%3Dbarbaravila&label=F0kQCIWIgqYBEJatpeMD&hn=www.googleadservices.com&frm=0&tiba=Regions%20-%20Buying%20And%20Refinancing&gtm_ee=1&npa=1&pscdl=noapi&auid=622684318.1737144605&ec_mode=a&fdr=CA&capi=1&data=event%3Dconversion%3Bd%3Dtype%5C%3Dstart%5C%3Bu2%5C%3Dbuying-and-refinancing%5C%3Bu9%5C%3D%2Fwelcome%3Ftype%5C%3D1%26mlo%5C%3Dbarbaravila%5C%3Bu10%5C%3Dnull%5C%3Bu11%5C%3Dundefined%5C%3Bu12%5C%3Dnull%5C%3Bu13%5C%3Dnull%5C%3Bcat%5C%3Dregio000&em=tv.1~em.j85NOk_LGR4G3tUu89G2AcAPV8fSmn94OsLwlalDays&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1013536406&l=regionsDataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ad06eb2cc2457e78d2331f1051b04201365c219eece042b1b444cada34ba1e72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 2719
date: Fri, 17 Jan 2025 20:10:05 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H/1.1 200
OK advertiser Show response
cm.teads.tv/v2/ 134 B
578 B 536ms
225ms Fetch
application/json 23.32.185.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.teads.tv/v2/advertiser?referer=https%3A%2F%2Flending.regions.com%2Fapp%2Fbuying-and-refinancing%2Fwelcome%3Ftype%3D1%26mlo%3Dbarbaravila&buyer_pixel_id=5995
Requested by: Host: lending.regions.com
URL: https://lending.regions.com/app/buying-and-refinancing/polyfills.7d90e27069d2ad6ded0d.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0bd75e42f5b5b254ab00444b8203c13a780cf6131c52dff848afced3a19d6653

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Connection: keep-alive
Access-Control-Allow-Credentials: true
Observe-Browsing-Topics: ?1
Expires: Fri, 17 Jan 2025 20:10:05 GMT
Access-Control-Allow-Origin: https://lending.regions.com
Content-Length: 134
Date: Fri, 17 Jan 2025 20:10:05 GMT
Content-Type: application/json; charset=utf-8

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 280ms
116ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=499108531775714&ev=PageView&dl=https%3A%2F%2Flending.regions.com&rl=&if=false&ts=1737144605343&sw=1600&sh=1200&v=2.9.180&r=stable&ec=0&o=12316&fbp=fb.1.1737144605342.63523602826861739&pm=1&hrl=f8e65f&ler=empty&cdl=API_unavailable&it=1737144605024&coo=false&cs_cc=1&ccs=243911445130142&cas=8114041028606421%2C7493572420724720%2C7108672985909289%2C7155609721231542%2C7664771343544285%2C25189880237323932%2C7564080773651778%2C7555353334587843%2C8307614929297051&rqm=GET

Requested by

Host: lending.regions.com
URL: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=110, rtx=0, c=23, mss=1232, tbw=4576, tp=11, tpl=0, uplat=2, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 17 Jan 2025 20:10:05 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
193 B 460ms
349ms Image
image/png 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=499108531775714&ev=PageView&dl=https%3A%2F%2Flending.regions.com&rl=&if=false&ts=1737144605343&sw=1600&sh=1200&v=2.9.180&r=stable&ec=0&o=12316&fbp=fb.1.1737144605342.63523602826861739&pm=1&hrl=f8e65f&ler=empty&cdl=API_unavailable&it=1737144605024&coo=false&cs_cc=1&ccs=243911445130142&cas=8114041028606421%2C7493572420724720%2C7108672985909289%2C7155609721231542%2C7664771343544285%2C25189880237323932%2C7564080773651778%2C7555353334587843%2C8307614929297051&rqm=FGET

Requested by

Host: lending.regions.com
URL: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net blob: data: 'self' 'nonce-rnVHRu38' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7460979267299681950"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xceb35fea482d9df3","source_keys":["1"]}],"aggregatable_values":{"1":10922},"aggregatable_source_registration_time":"exclude","filters":{"3":["7139331382750768"]},"debug_reporting":true,"debug_key":"604810885782443299"}
date: Fri, 17 Jan 2025 20:10:06 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: ktHyaE3ln5jAmmw01ZnjrfvE3SnLboNS0oMsvPXYmHgYqMJgHQDtlVXwhpgZyHQK/a1av5ltq7IWVgVdfQ7jAw==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7460979267299681950", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net blob: data: 'self' 'nonce-rnVHRu38' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=113, rtx=0, c=24, mss=1232, tbw=8144, tp=18, tpl=0, uplat=232, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 215ms
117ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=499108531775714&ev=Lead&dl=https%3A%2F%2Flending.regions.com&rl=&if=false&ts=1737144605345&sw=1600&sh=1200&v=2.9.180&r=stable&ec=1&o=12316&fbp=fb.1.1737144605342.63523602826861739&pm=1&hrl=d13577&ler=empty&cdl=API_unavailable&it=1737144605024&coo=false&cs_cc=1&ccs=611083386888933&cas=8369478213111626%2C7987915901337390%2C8067928453276055%2C27505117925745772%2C8234726463308689%2C6090439554416108%2C27588057340793290%2C8810508398962552%2C6225362440889279%2C8121778361272129%2C9283086775098862%2C8280031908752280%2C6034083253385253%2C8307614929297051&rqm=GET

Requested by

Host: lending.regions.com
URL: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=110, rtx=0, c=23, mss=1232, tbw=4576, tp=11, tpl=0, uplat=1, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 17 Jan 2025 20:10:05 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
196 B 237ms
237ms Image
image/png 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=499108531775714&ev=Lead&dl=https%3A%2F%2Flending.regions.com&rl=&if=false&ts=1737144605345&sw=1600&sh=1200&v=2.9.180&r=stable&ec=1&o=12316&fbp=fb.1.1737144605342.63523602826861739&pm=1&hrl=d13577&ler=empty&cdl=API_unavailable&it=1737144605024&coo=false&cs_cc=1&ccs=611083386888933&cas=8369478213111626%2C7987915901337390%2C8067928453276055%2C27505117925745772%2C8234726463308689%2C6090439554416108%2C27588057340793290%2C8810508398962552%2C6225362440889279%2C8121778361272129%2C9283086775098862%2C8280031908752280%2C6034083253385253%2C8307614929297051&rqm=FGET

Requested by

Host: lending.regions.com
URL: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net blob: data: 'self' 'nonce-PwNSFmFW' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7460979267560386742"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xf67ed2679f9b83eb","source_keys":["1"]}],"aggregatable_values":{"1":10922},"aggregatable_source_registration_time":"exclude","filters":{"3":["5835976073160266"]},"debug_reporting":true,"debug_key":"4013758965932835545"}
date: Fri, 17 Jan 2025 20:10:05 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: gXX8DqCpTPCE2cQQ5xMbUxr0Kw/4rgTYgj73fkLwzF847V+nWyc/UcdNz/HgsmzAmwKrXWoMdzh1O7u1STAtkQ==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7460979267560386742", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net blob: data: 'self' 'nonce-PwNSFmFW' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=113, rtx=0, c=24, mss=1232, tbw=5088, tp=15, tpl=0, uplat=122, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 track
t.teads.tv/ 23 B
0 713ms
363ms Fetch
image/gif 184.27.97.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t.teads.tv/track?action=browser-topics&env=js-web&tag_version=7.1.0_649d06d&provider=tag&buyer_pixel_id=5995&referer=https%3A%2F%2Flending.regions.com%2Fapp%2Fbuying-and-refinancing%2Fwelcome%3Ftype%3D1%26mlo%3Dbarbaravila&user_session_id=bc93b12b-f8e7-432b-9907-a55703ecd424
Requested by: Host: lending.regions.com
URL: https://lending.regions.com/app/buying-and-refinancing/polyfills.7d90e27069d2ad6ded0d.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.27.97.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-27-97-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
observe-browsing-topics: ?1
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://lending.regions.com
content-length: 23
date: Fri, 17 Jan 2025 20:10:06 GMT
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
134 B 603ms
364ms Image
image/gif 184.27.97.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=pageView&env=js-web&tag_version=7.1.0_649d06d&provider=tag&buyer_pixel_id=5995&referer=https%3A%2F%2Flending.regions.com%2Fapp%2Fbuying-and-refinancing%2Fwelcome%3Ftype%3D1%26mlo%3Dbarbaravila&user_session_id=bc93b12b-f8e7-432b-9907-a55703ecd424
Requested by: Host: lending.regions.com
URL: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.27.97.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-27-97-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
date: Fri, 17 Jan 2025 20:10:06 GMT
content-type: image/gif

GET
H2

200

/
www.google.es/pagead/1p-conversion/1013536406/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1013536406/?random=1099536631&cv=11&fst=1737144605125&bg=ffffff&guid=ON&async=1&gtm=45be51g0v867528959za200&gcd=13l3lPl2l1l1&dma_cps...
https://www.google.com/pagead/1p-conversion/1013536406/?random=1099536631&cv=11&fst=1737144605125&bg=ffffff&guid=ON&async=1&gtm=45be51g0v867528959za200&gcd=13l3lPl2l1l1&dma_cps=syphamo&dma=1&tag_ex...
https://www.google.es/pagead/1p-conversion/1013536406/?random=1099536631&cv=11&fst=1737144605125&bg=ffffff&guid=ON&async=1&gtm=45be51g0v867528959za200&gcd=13l3lPl2l1l1&dma_cps=syphamo&dma=1&tag_exp...

42 B
455 B

697ms
250ms

Image
image/gif

142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.es/pagead/1p-conversion/1013536406/?random=1099536631&cv=11&fst=1737144605125&bg=ffffff&guid=ON&async=1&gtm=45be51g0v867528959za200&gcd=13l3lPl2l1l1&dma_cps=syphamo&dma=1&tag_exp=102067555~102067808~102081485~102123607&u_w=1600&u_h=1200&url=https%3A%2F%2Flending.regions.com%2Fapp%2Fbuying-and-refinancing%2Fwelcome%3Ftype%3D1%26mlo%3Dbarbaravila&label=F0kQCIWIgqYBEJatpeMD&hn=www.googleadservices.com&frm=0&tiba=Regions%20-%20Buying%20And%20Refinancing&gtm_ee=1&npa=1&pscdl=noapi&auid=622684318.1737144605&ec_mode=a&fdr=CA&capi=1&data=event%3Dconversion%3Bd%3Dtype%5C%3Dstart%5C%3Bu2%5C%3Dbuying-and-refinancing%5C%3Bu9%5C%3D%2Fwelcome%3Ftype%5C%3D1%26mlo%5C%3Dbarbaravila%5C%3Bu10%5C%3Dnull%5C%3Bu11%5C%3Dundefined%5C%3Bu12%5C%3Dnull%5C%3Bu13%5C%3Dnull%5C%3Bcat%5C%3Dregio000&em=tv.1~em.j85NOk_LGR4G3tUu89G2AcAPV8fSmn94OsLwlalDays&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQIIkMmxAgjTxbECCOvMsQJKFXRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIiteY-cf9igMVcMtEBx2t-xeXMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL2xlbmRpbmcucmVnaW9ucy5jb20vQldDaEFJZ0p5b3ZBWVF2TkNVckw2RDdzczNFaTBBRVBrSjNSUEFvOVIwdlF3R0ZTQ2kwQXNlOGQ5emFldnRmWUZ6RmpNU3hUSUpiUkhFQ3dKV0cwclRLS1k&is_vtc=1&cid=CAQSKQCa7L7d6VQRBNwDVVfbEDuULRpZ0w7FjLIETULIwYFhafUEHACBxbEz&random=955113373&ipr=y

Requested by

Host: lending.regions.com
URL: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Protocol

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 17 Jan 2025 20:10:07 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://www.google.es/pagead/1p-conversion/1013536406/?random=1099536631&cv=11&fst=1737144605125&bg=ffffff&guid=ON&async=1&gtm=45be51g0v867528959za200&gcd=13l3lPl2l1l1&dma_cps=syphamo&dma=1&tag_exp=102067555~102067808~102081485~102123607&u_w=1600&u_h=1200&url=https%3A%2F%2Flending.regions.com%2Fapp%2Fbuying-and-refinancing%2Fwelcome%3Ftype%3D1%26mlo%3Dbarbaravila&label=F0kQCIWIgqYBEJatpeMD&hn=www.googleadservices.com&frm=0&tiba=Regions%20-%20Buying%20And%20Refinancing&gtm_ee=1&npa=1&pscdl=noapi&auid=622684318.1737144605&ec_mode=a&fdr=CA&capi=1&data=event%3Dconversion%3Bd%3Dtype%5C%3Dstart%5C%3Bu2%5C%3Dbuying-and-refinancing%5C%3Bu9%5C%3D%2Fwelcome%3Ftype%5C%3D1%26mlo%5C%3Dbarbaravila%5C%3Bu10%5C%3Dnull%5C%3Bu11%5C%3Dundefined%5C%3Bu12%5C%3Dnull%5C%3Bu13%5C%3Dnull%5C%3Bcat%5C%3Dregio000&em=tv.1~em.j85NOk_LGR4G3tUu89G2AcAPV8fSmn94OsLwlalDays&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQIIkMmxAgjTxbECCOvMsQJKFXRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIiteY-cf9igMVcMtEBx2t-xeXMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL2xlbmRpbmcucmVnaW9ucy5jb20vQldDaEFJZ0p5b3ZBWVF2TkNVckw2RDdzczNFaTBBRVBrSjNSUEFvOVIwdlF3R0ZTQ2kwQXNlOGQ5emFldnRmWUZ6RmpNU3hUSUpiUkhFQ3dKV0cwclRLS1k&is_vtc=1&cid=CAQSKQCa7L7d6VQRBNwDVVfbEDuULRpZ0w7FjLIETULIwYFhafUEHACBxbEz&random=955113373&ipr=y
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 17 Jan 2025 20:10:06 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H/1.1 200
OK resolve Show response
people.api.boomtrain.com/identify/ 146 B
461 B 937ms
203ms XHR
application/json 52.72.185.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e30sImV4dGVybmFsX2lkcyI6eyJ6eW5jIjoiNWFkODkwMGMtMjA0OC00MTA4LWE2YWUtNGI4ZjM5ZTg3ZGQzOjE3MzcxNDQ2MDQuODgzNjc0In19&site_id=regions-bank
Requested by: Host: lending.regions.com
URL: https://lending.regions.com/app/buying-and-refinancing/polyfills.7d90e27069d2ad6ded0d.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.185.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-185-114.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e47e5f4e1e7330190c6d68a23ce504c8e31e8df995dd7a7046faf226ccff5a74

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

Connection: keep-alive
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Origin: *
Content-Length: 146
Date: Fri, 17 Jan 2025 20:10:06 GMT
Content-Type: application/json
Server: nginx
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Authorization,x-app-id

GET
H3 200 trace Show response
www.cloudflare.com/cdn-cgi/ 313 B
417 B 220ms
103ms XHR
text/plain 104.16.124.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cloudflare.com/cdn-cgi/trace

Requested by

Host: lending.regions.com
URL: https://lending.regions.com/app/buying-and-refinancing/polyfills.7d90e27069d2ad6ded0d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.124.96 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec0345cdb22e87d348d093ef1bd1dbf4b0a1a09681656ee849c207d3f63decc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

cache-control: no-cache
content-encoding: gzip
x-content-type-options: nosniff
cf-ray: 9038fca18bc89547-LHR
expires: Thu, 01 Jan 1970 00:00:01 GMT
access-control-allow-origin: *
date: Fri, 17 Jan 2025 20:10:06 GMT
content-type: text/plain
server: cloudflare
x-frame-options: DENY

GET
H2 200 s67437296940393 Show response
smetrics.regions.com/b/ss/regionsbankprod/10/JS-2.22.3/ 4 KB
4 KB 307ms
306ms Script
application/x-javascript 63.140.62.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.regions.com/b/ss/regionsbankprod/10/JS-2.22.3/s67437296940393?AQB=1&ndh=1&pf=1&callback=s_c_il[0].doPostbacks&et=1&t=17%2F0%2F2025%2020%3A10%3A6%205%200&d.&nsid=0&jsonv=1&.d&mid=07205793256708857004600297111515689372&aamlh=6&ce=UTF-8&ns=regions&cdp=2&pageName=lnd%7Cmortgage%7Cbuying%20and%20refinancing%7Cwelcome&g=https%3A%2F%2Flending.regions.com%2Fapp%2Fbuying-and-refinancing%2Fwelcome%3Ftype%3D1%26mlo%3Dbarbaravila&c.&apl=4.0&getPreviousValue=3.0&getPercentPageViewed=5.0&manageVars=3.0&.c&cc=USD&ch=mortgage&server=lending.regions.com&events=event501%2CscAdd%2Cevent1&products=mortgage%3Bbuying%20and%20refinancing&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=D%3Dv1&v1=lnd&h1=D%3Dv1&h2=D%3Dch&c3=D%3DpageName&v3=D%3DpageName&h3=buying%20and%20refinancing%7Cwelcome&c4=D%3Dg&v4=D%3Dg&c6=D%3Dv6&v6=en&c7=D%3Dv7&v7=desktop%20layout%7C1600x1200&c8=D%3Dv8&c9=D%3Dv9&v9=%7C&v10=https%3A%2F%2Flending.regions.com%2Fapp%2Fbuying-and-refinancing%2Fwelcome&v12=D%3Dmid&v18=anonymous&c19=D%3DpageName&c21=start&c23=D%3Dv10&v68=22.4.3%7C2.22.3%7C4.4.0%7C20221209&c75=D%3Dv68&v81=new%20customer&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&AQE=1

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/regions/mortgage-prod/code/5f8647e9fcbb528c0a2e445cec533c41.js?conditionId0=423026

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-17.data.adobedc.net

Software

jag /

Resource Hash

9283dd2196e153d8e94be906ea9e118fc7fdfd302fe27d3d39e6612b96d1404e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/

Response headers

x-aam-tid: rZPZhGyMRSU=
etag: 3730489637551996928-4618582696066368003
x-content-type-options: nosniff
expires: Thu, 16 Jan 2025 20:10:06 GMT
p3p: CP="This is not a P3P policy"
date: Fri, 17 Jan 2025 20:10:06 GMT
last-modified: Sat, 18 Jan 2025 20:10:06 GMT
vary: *
content-type: application/x-javascript;charset=utf-8
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
dcs: dcs-prod-irl1-1-v069-01fd0f237.edge-irl1.demdex.com 5 ms
pragma: no-cache
access-control-allow-origin: *
content-length: 3752
x-xss-protection: 1; mode=block
server: jag

GET
H/1.1 200
OK ca.html
20839218p.rfihub.com/ Frame D371 0
0 1709ms
681ms Document
text/html 193.0.160.131
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20839218p.rfihub.com/ca.html?ver=9&rb=46121&ca=20839218&cust1=https%3A%2F%2Flending.regions.com%2F&userid=5ad8900c-2048-4108-a6ae-4b8f39e87dd3%3A1737144604.883674&pe=https%3A%2F%2Flending.regions.com%2Fapp%2Fbuying-and-refinancing%2Fwelcome%3Ftype%3D1%26mlo%3Dbarbaravila&pf=&ra=7692557638320698
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.0.160.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash

Request headers

Referer: https://lending.regions.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache
Content-Length: 4881
Content-Type: text/html;charset=utf-8
Date: Fri, 17 Jan 2025 20:10:08 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H2 200 up
insight.adsrvr.org/track/ Frame F8BA 0
0 767ms
216ms Document
text/html 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=u4lrxod&ref=https%3A%2F%2Flending.regions.com%2Fapp%2Fbuying-and-refinancing%2Fwelcome%3Ftype%3D1%26mlo%3Dbarbaravila&upid=3e7kzj5&upv=1.1.0&paapi=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Referer: https://lending.regions.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-length: 0
content-type: text/html
date: Fri, 17 Jan 2025 20:10:09 GMT
server: Kestrel

GET
H2 200 up
insight.adsrvr.org/track/ Frame C101 0
0 765ms
216ms Document
text/html 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=pkkjyal&ref=https%3A%2F%2Flending.regions.com%2Fapp%2Fbuying-and-refinancing%2Fwelcome%3Ftype%3D1%26mlo%3Dbarbaravila&upid=xzxny28&upv=1.1.0&paapi=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Referer: https://lending.regions.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-length: 0
content-type: text/html
date: Fri, 17 Jan 2025 20:10:09 GMT
server: Kestrel

GET
H/1.1 200
OK favicon.ico
lending.regions.com/app/buying-and-refinancing/ 3 KB
4 KB 770ms
770ms Other
image/x-icon 205.255.102.33
REGIONS-ASN-1

General

Check archive.org

Show headers Download Go to

Full URL

https://lending.regions.com/app/buying-and-refinancing/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

205.255.102.33 , United States, ASN10801 (REGIONS-ASN-1, US),

Reverse DNS

offertracker.regions.com

Software

Resource Hash

f51d5e6454326b4c4af313f023c469e69e86078b027538b3413326aa77e7a1af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "1db501f26a339be"
Age: 1
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Via: NS-CACHE-10.0: 31, NS-CACHE-10.0: 35
Content-Security-Policy-Report-Only: default-src 'none'; script-src 'strict-dynamic' https: http: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.cloudflare.com *.googleapis.com *.dot.gov *.teads.tv *.bing.com *.demdex.net *.boomtrain.com; img-src * data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src https://fonts.gstatic.com;frame-src *.doubleclick.net *.rfihub.com *.teads.tv *.demdex.net *.boomtrain.com *.lpsnmedia.net;object-src 'none';base-uri 'self';form-action 'self'
Content-Length: 3262
Date: Fri, 17 Jan 2025 20:10:09 GMT
Content-Type: image/x-icon
Last-Modified: Mon, 16 Dec 2024 19:01:06 GMT
X-Frame-Options: SAMEORIGIN

Verdicts & Comments Add Verdict or Comment

138 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

62 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
lending.regions.com/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: eicPbXd7g-vIYqhTjIFOnFFxPN5EYbAOUUo5OG46DbVKKdn2VhaEOlkuBiHLQWMw2RKa_ayeJsXYGfBriP013zRm6fY1
lending.regions.com/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: OHoXyQ58ghFs26RDjPyR5-6CMhJOTxgDhvtm3YAfdwmumyXfWWUgg3TgUQjPt4dO6Rx7Mqj_FDnzR8QKbeNYW6b7oaw1
lending.regions.com/	1969-12-31 23:59:59	Name: NSC_MFOEJOH.SFHJPOT.DPN-FYU-80_mc Value: 4bb3a3d8e9e89e55c9844aba7b8f2855641e25a37f867073498a2c914949f8d2ab9ce5b5
lending.regions.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: jpb0yc2xnkspiv0n4v5mbhup
.regions.com/	1970-01-21 11:18:00	Name: LPVID Value: I0ZDU1MTk5ZmM2YmQyZDg1
.regions.com/	1969-12-31 23:59:59	Name: LPSID-60208595 Value: fd4HsqLAQUOn3mhK6FLV0A
.regions.com/	1969-12-31 23:59:59	Name: s_prod Value: mortgage%3Bbuying%20and%20refinancing
.demdex.net/	1970-01-21 06:51:36	Name: demdex Value: 01479712411743869854024592722816086513
.regions.com/	1969-12-31 23:59:59	Name: AMCVS_DB9639725BD2FC5B0A495C65%40AdobeOrg Value: 1
.rezync.com/	1970-01-21 06:51:07	Name: zync-uuid Value: 5ad8900c-2048-4108-a6ae-4b8f39e87dd3:1737144604.883674
.regions.com/	1970-01-21 02:33:51	Name: _uetsid Value: 0a99fcc0d50f11ef8a43fd13b8eb49b9
.regions.com/	1970-01-21 11:54:00	Name: _uetvid Value: 0a9a0b10d50f11ef9b400324888a7494
.regions.com/	1970-01-21 04:42:00	Name: _gcl_au Value: 1.1.622684318.1737144605
.doubleclick.net/	1970-01-21 06:51:36	Name: receive-cookie-deprecation Value: 1
.bing.com/	1970-01-21 11:54:00	Name: MUID Value: 2713882056DE672D31049D5757E666B0
.quantserve.com/	1970-01-21 12:02:39	Name: mc Value: 678ab91d-3e328-b9338-7146f
.regions.com/	1970-01-21 11:56:53	Name: __qca Value: P0-1808433470-1737144604681
.pinterest.com/	1970-01-21 11:18:00	Name: ar_debug Value: 1
.ct.pinterest.com/	1970-01-21 11:18:00	Name: _pinterest_ct_ua Value: "TWc9PSZmNTFnL0VZbmxsMTlnL2tLZW4yU3hXWStEQUVXQTR6ZGE3UzluR2s3OE9uSEZReGMyOFpVUVNwUWxiNk1xbThQN0V4YlB4WExrZzZ5a1lTQ2FFZU5GTnNWL2l1S1VqN1pBQ2RHOWM2N3BpYz0mUWR6Q1ZiUTJ1Wkd6WVVSeENFbE1QR2hDazd3PQ=="
.regions.com/	1970-01-21 04:42:00	Name: _fbp Value: fb.1.1737144605342.63523602826861739
.twitter.com/	1970-01-21 12:08:24	Name: personalization_id Value: "v1_GFwamZbVVRE970wSiJcL+A=="
.t.co/	1970-01-21 12:08:24	Name: muc_ads Value: bc868fa8-1a48-4c60-9975-123a586b9bf1
.t.co/	1970-01-21 02:32:26	Name: __cf_bm Value: Aesx0fTKGGIHJBSJCJ68YViQ6bbkgl.W0AO6HWuJONY-1737144605-1.0.1.1-8gB0qT.kV1TBOwa4Yl48XrxAPCYKzYhcHeBYXjgDD8w4TjeIEFtHc7OtTrJ5tmQgfrhj7kxmxKvUy5tuuboe2Q
.linkedin.com/	1970-01-21 11:18:00	Name: bcookie Value: "v=2&c05e3c6f-9caf-4bf0-848d-70e235eb529f"
.linkedin.com/	1970-01-21 06:51:36	Name: li_gc Value: MTswOzE3MzcxNDQ2MDU7MjswMjEKBQMv3G2fLOflD6mQK2rjiN2mJyIopYFur4wO6xQ5Ug==
.linkedin.com/	1970-01-21 02:33:51	Name: lidc Value: "b=OGST03:s=O:r=O:a=O:p=O:g=3441:u=1:x=1:i=1737144605:t=1737231005:v=2:sig=AQHS_VV6dnU6iYOqBjZJ3cin5ZJjgyru"
.regions.com/	1970-01-21 02:32:26	Name: tfpsi Value: bc93b12b-f8e7-432b-9907-a55703ecd424
.dpm.demdex.net/	1970-01-21 06:51:36	Name: dpm Value: 01479712411743869854024592722816086513
.regions.com/	1970-01-21 02:32:28	Name: _bts Value: b92ceb8c-43ec-40a7-e11b-54792277d942
.jivox.com/	1970-01-21 04:42:00	Name: jvxsync Value: uAaBJvvY8Lmo
.doubleclick.net/	1970-01-21 11:54:00	Name: IDE Value: AHWqTUmlow931OMmL4QtpDq7pUDqFIZ0qh0VWgtZbijvNOCZrZN2Kv3sYnUBw-Gx
.regions.com/	1970-01-21 12:08:24	Name: s_ecid Value: MCMID%7C07205793256708857004600297111515689372
.regions.com/	1970-01-21 11:18:00	Name: s_lang Value: en
.regions.com/	1970-01-21 02:32:26	Name: gpv_pn Value: lnd%7Cmortgage%7Cbuying%20and%20refinancing%7Cwelcome
.regions.com/	1969-12-31 23:59:59	Name: s_ips Value: 1200
.regions.com/	1969-12-31 23:59:59	Name: s_tp Value: 1200
.regions.com/	1969-12-31 23:59:59	Name: s_ppv Value: lnd%257Cmortgage%257Cbuying%2520and%2520refinancing%257Cwelcome%2C100%2C100%2C1200%2C1%2C1
.regions.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.regions.com/	1970-01-21 12:08:24	Name: AMCV_DB9639725BD2FC5B0A495C65%40AdobeOrg Value: 1585540135%7CMCMID%7C07205793256708857004600297111515689372%7CMCAAMLH-1737749405%7C6%7CMCAAMB-1737749405%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1737151806s%7CNONE%7CMCSYNCSOP%7C411-20113%7CMCAID%7CNONE%7CvVersion%7C4.4.0
.c.bing.com/	1970-01-21 02:42:29	Name: MR Value: 0
.regions.com/	1970-01-21 11:18:00	Name: _bti Value: %7B%22app_id%22%3A%22regions-bank%22%2C%22bsin%22%3A%22l7NSNgnOQH7Lw4iqHG%2BfNF8ZgOU0HICLzdbDsdInCxazOh3sclJXgG4Zl9ELu%2FkJpFArYW%2BpTNghIYzMGpEhAw%3D%3D%22%2C%22is_identified%22%3Afalse%7D
.regions.com/	1970-01-21 11:18:00	Name: s_country Value: http%2F3
.quantserve.com/	1970-01-21 04:42:00	Name: sp Value: CgkIjd0BEgMQsg4=
.regions.com/	1970-01-21 03:15:36	Name: aam_rosie Value: ID%3D18812895
.lending.regions.com/	1970-01-21 03:15:36	Name: aam_uuid Value: 01479712411743869854024592722816086513
.agkn.com/	1970-01-21 11:18:00	Name: ab Value: 0001%3A6HdZZDL%2F%2F7CKw%2B9W4HOZvEdsPknBSppX
.demdex.net/	1970-01-21 06:51:36	Name: dextp Value: 21-1-1737144605917\|992-1-1737144606018\|1175-1-1737144606118\|1957-1-1737144606219\|57282-1-1737144606320\|73426-1-1737144606420\|121998-1-1737144606521\|144230-1-1737144606621\|144231-1-1737144606722\|144232-1-1737144606822\|144233-1-1737144606922\|144234-1-1737144607024\|144235-1-1737144607125\|144236-1-1737144607225\|144237-1-1737144607326
.rfihub.com/	1970-01-21 11:54:00	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MTI2NjM3NjIwNja0NDUwNRbiM9T1KTYJqQgySAyvdPYCAPD8W90lAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MTI2NjM3NjIwNja0NDUwNRbiM9T1KTYJqQgySAyvdPYCAPD8W90lAAAA
.media.net/	1970-01-21 11:18:00	Name: visitor-id Value: 3801462094573969000V10
.media.net/	1970-01-21 11:16:34	Name: data-rk Value: 5142336732033195053~~3
.casalemedia.com/	1970-01-21 11:18:00	Name: CMID Value: Z4q5IbmqPz0AACqvAD5EsQAA
.casalemedia.com/	1970-01-21 04:42:00	Name: CMPS Value: 4349
.casalemedia.com/	1970-01-21 04:42:00	Name: CMPRO Value: 4349
.adnxs.com/	1970-01-21 12:08:24	Name: receive-cookie-deprecation Value: 1
.eyeota.net/	1970-01-21 02:32:25	Name: SERVERID Value: 19553~DM
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_wXBwRGAMAgEwI_t4ICccLEblFhIKs_uOuKu5lD95FJQYEqpqCl4-fuYzG5_LD0NCMVJeiQ2Ipb7WjkAAAA
.rfihub.com/	1970-01-21 11:54:00	Name: eud Value: H4sIAAAAAAAA_13OsQ0CMQwFUIGgQlSpGCLIvpjYZptAjoEoU15JmfJGYARKSkagojthl09f_t9ttUdOjEQZRAfuzrPz0_nj_HWe1tYP5-7zjfXrz0qqfev-21nfQz6VKgpwjQOQREKQWHIZI13klnQUrjWdlyM6iqTM1MJShICCk_M72KF2sP4B550KeUkBAAA
.bidswitch.net/	1970-01-21 11:18:00	Name: tuuid Value: 270c15c1-221b-4620-a72c-dac491bb8815
.bidswitch.net/	1970-01-21 11:18:00	Name: c Value: 1737144610
.bidswitch.net/	1970-01-21 11:18:00	Name: tuuid_lu Value: 1737144610
live.rezync.com/	1970-01-21 06:51:36	Name: sd-session-id Value: .eJwVzEEOgyAQQNG7zFqagRlg5DKGyjQhrbQR3dR499rlT17-AdNH1yU3bRukbd11gPlVr-qQDuj1u-gTEnjLjihEckhkR4-e4Byga-_13aZa_iYXGRFn45DFsEUxOWQ1fJcHjSqxFEo2UrTMAfkmcg0Zzh963SUy.Z4q5Ig.P-p7iZbOXV8sqbH_M3UNkULL3Ks

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila(Line 12) Message: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'strict-dynamic' https: http: 'unsafe-inline' 'unsafe-eval'". Either the 'unsafe-inline' keyword, a hash ('sha256-+ixy18tHltsriTy8Eszdt85JXZgy8bRszqL24trNbrg='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila(Line 26) Message: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'strict-dynamic' https: http: 'unsafe-inline' 'unsafe-eval'". Either the 'unsafe-inline' keyword, a hash ('sha256-LbpXZYWRgKNCIMFEjNa5sF7gXTlCtQBn7cojbznsluI='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila(Line 201) Message: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'strict-dynamic' https: http: 'unsafe-inline' 'unsafe-eval'". Either the 'unsafe-inline' keyword, a hash ('sha256-JGVPRfsuAYiFrptxdEjvVWnNbumN15FDhLDqwuVqBNY='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila Message: [Report Only] Refused to load the script 'https://lending.regions.com/app/buying-and-refinancing/runtime.224a49ef2d70a1fa6cd2.js' because it violates the following Content Security Policy directive: "script-src 'strict-dynamic' https: http: 'unsafe-inline' 'unsafe-eval'". Note that 'strict-dynamic' is present, so host-based allowlisting is disabled. Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila Message: [Report Only] Refused to load the script 'https://lending.regions.com/app/buying-and-refinancing/polyfills.7d90e27069d2ad6ded0d.js' because it violates the following Content Security Policy directive: "script-src 'strict-dynamic' https: http: 'unsafe-inline' 'unsafe-eval'". Note that 'strict-dynamic' is present, so host-based allowlisting is disabled. Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://lending.regions.com/app/buying-and-refinancing/welcome?type=1&mlo=barbaravila Message: [Report Only] Refused to load the script 'https://lending.regions.com/app/buying-and-refinancing/main.d1eb36ae7a1d9c9ea61e.js' because it violates the following Content Security Policy directive: "script-src 'strict-dynamic' https: http: 'unsafe-inline' 'unsafe-eval'". Note that 'strict-dynamic' is present, so host-based allowlisting is disabled. Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://lending.regions.com/app/buying-and-refinancing/polyfills.7d90e27069d2ad6ded0d.js Message: [Report Only] Refused to connect to 'https://smetrics.regions.com/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&mid=07205793256708857004600297111515689372&ts=1737144605037' because it violates the following Content Security Policy directive: "connect-src 'self' .cloudflare.com .googleapis.com .dot.gov .teads.tv .bing.com .demdex.net *.boomtrain.com".
security	error	URL: https://www.googletagmanager.com/gtag/js?id=AW-1013536406&l=regionsDataLayer(Line 145) Message: [Report Only] Refused to connect to 'https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Flending.regions.com%2Fapp%2Fbuying-and-refinancing%2Fwelcome&scrsrc=www.googletagmanager.com&frm=0&rnd=1242297919.1737144605&dt=Regions%20-%20Buying%20And%20Refinancing&auid=622684318.1737144605&navt=n&npa=1&gtm=45be51g0v867528959za200&gcd=13l3lPl2l1l1&dma_cps=syphamo&dma=1&tag_exp=102067555~102067808~102081485~102123607&tft=1737144605117&tfd=11384&apve=1' because it violates the following Content Security Policy directive: "connect-src 'self' .cloudflare.com .googleapis.com .dot.gov .teads.tv .bing.com .demdex.net *.boomtrain.com".
security	error	URL: https://www.googletagmanager.com/gtag/js?id=AW-1013536406&l=regionsDataLayer(Line 145) Message: [Report Only] Refused to connect to 'https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Flending.regions.com%2Fapp%2Fbuying-and-refinancing%2Fwelcome&scrsrc=www.googletagmanager.com&frm=0&rnd=1242297919.1737144605&dt=Regions%20-%20Buying%20And%20Refinancing&auid=622684318.1737144605&navt=n&npa=1&gtm=45be51g0v867528959za200&gcd=13l3lPl2l1l1&dma_cps=syphamo&dma=1&tag_exp=102067555~102067808~102081485~102123607&tft=1737144605117&tfd=11384&apve=1' because it violates the following Content Security Policy directive: "connect-src 'self' .cloudflare.com .googleapis.com .dot.gov .teads.tv .bing.com .demdex.net *.boomtrain.com".
security	error	URL: https://www.googletagmanager.com/ Message: [Report Only] Refused to frame 'https://www.googletagmanager.com/' because it violates the following Content Security Policy directive: "frame-src .doubleclick.net .rfihub.com .teads.tv .demdex.net .boomtrain.com .lpsnmedia.net".
security	error	URL: https://www.googletagmanager.com/ Message: [Report Only] Refused to frame 'https://www.googletagmanager.com/' because it violates the following Content Security Policy directive: "frame-src .doubleclick.net .rfihub.com .teads.tv .demdex.net .boomtrain.com .lpsnmedia.net".
security	error	URL: https://js.adsrvr.org/ Message: [Report Only] Refused to frame 'https://insight.adsrvr.org/' because it violates the following Content Security Policy directive: "frame-src .doubleclick.net .rfihub.com .teads.tv .demdex.net .boomtrain.com .lpsnmedia.net".
security	error	URL: https://js.adsrvr.org/ Message: [Report Only] Refused to frame 'https://insight.adsrvr.org/' because it violates the following Content Security Policy directive: "frame-src .doubleclick.net .rfihub.com .teads.tv .demdex.net .boomtrain.com .lpsnmedia.net".
security	error	URL: https://js.adsrvr.org/ Message: [Report Only] Refused to frame 'https://insight.adsrvr.org/' because it violates the following Content Security Policy directive: "frame-src .doubleclick.net .rfihub.com .teads.tv .demdex.net .boomtrain.com .lpsnmedia.net".
security	error	URL: https://js.adsrvr.org/ Message: [Report Only] Refused to frame 'https://insight.adsrvr.org/' because it violates the following Content Security Policy directive: "frame-src .doubleclick.net .rfihub.com .teads.tv .demdex.net .boomtrain.com .lpsnmedia.net".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20839218p.rfihub.com
9100576.fls.doubleclick.net
accdn.lpsnmedia.net
analytics.twitter.com
bat.bing.com
c1.rfihub.net
cdn.boomtrain.com
cdn.bttrack.com
cm.everesttech.net
cm.teads.tv
connect.facebook.net
ct.pinterest.com
dc.ads.linkedin.com
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
insight.adsrvr.org
js.adsrvr.org
lending.regions.com
live.rezync.com
lpcdn.lpsnmedia.net
lptag.liveperson.net
nexus.ensighten.com
p.teads.tv
people.api.boomtrain.com
pixel.quantserve.com
pubads.g.doubleclick.net
pxl.jivox.com
regions.demdex.net
rules.quantcount.com
secure.quantserve.com
smetrics.regions.com
sp.analytics.yahoo.com
t.co
t.teads.tv
va.v.liveperson.net
www.cloudflare.com
www.facebook.com
www.google.com
www.google.es
www.googleadservices.com
www.googletagmanager.com
100.24.183.77
104.16.124.96
104.244.42.131
13.107.42.14
142.250.181.227
142.250.185.100
142.250.185.130
142.250.185.170
142.250.185.98
142.250.186.166
142.250.186.168
142.250.186.67
143.204.215.42
150.171.28.10
157.240.0.6
157.240.253.35
172.217.16.194
172.66.0.227
178.249.97.23
178.249.97.99
18.172.103.101
18.172.112.123
18.66.102.57
184.27.97.112
185.89.210.122
193.0.160.131
2.16.241.19
2.19.224.184
205.255.102.33
208.89.12.87
23.32.185.35
23.52.181.90
3.33.220.150
34.120.154.120
34.248.62.168
52.72.185.114
54.171.122.26
54.75.135.140
54.78.18.81
63.140.62.17
65.9.66.103
65.9.66.36
91.228.74.166
0223505a0e2985ff2003a3ec424bb083f80f8080aa50ca557f6d481c81c871b4
0a9dba4c3493eaeb7d832e3325b6acd989bfa88d9564c147c81867b3225cb287
0b05aa0628fbe20e5842c7782041141ea89bdd714245c5c352283266e6eb4aa1
0bd75e42f5b5b254ab00444b8203c13a780cf6131c52dff848afced3a19d6653
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10650a495f4e9a8d246b011342b621ad1c749ebd8f88fda085b6d59438498a44
10a83a8c2bb4ec36faef5623b96456dd4f629140352f08afbf4f9d45f7dc7159
1200d05ce1062812a8593a8251e52b0f1c644ad7f826440d752d806612e2a677
1a348b534e8a564459688fd0583aa1e018a107b6c224bb43a3a1c25aa53c647f
23daa461883fc5ce297996a9320bffcaa6e5b010ab84d5877a09a315359d12ff
2823fbfa7b9256867e21af1ecbfbb98583c8ef0e0b495f6f01d862ef58e3d93d
29aa069d4cd667a89a8790f133d5495b2f805526b5d3fa22cf35d2c11093b45d
2b9a9ef085652321e219bc54c4f729428e8860b466d458b8d9a0bbf4651951f6
2dda53773f7314c330389e74000b62aa82509da1b6d39998ab4e391ef0484613
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
450c59e1fcbd592165171263b00b1289a75b4d043844fd6b0a530829e736b4e3
454999dc04a71c49dbc6dfdcc50c94979aff6c2c7ddbeb03bfcb9690e3bccb6b
4c826eec381a7d0ae26b359fa388d34baf55d0eff3d4598e50262108c002401b
53a3ef651c5ef807495ceb1a0eff69088e35965034d73f1aea57b3fb316a921d
55cb4df4b517a838340cdff1e9c871e2fb97ea1ff0b36490f8f8ba588619083a
57cfe33dfb7599ad22879b96b7260b88c77544f52df91f738bfe2a5a7ba58d30
5b9c67ae7e60ef143c4731bcf5dc657606d5e4dd4b6c91ca12194828425eda6c
62dd6abfa6bc94b024c68bfdde1edb86464ae46d7675b429c86d6639a8d45abb
6373713216f6b485727b90d9f8f1a84cbef7a9357f8bfaf78eab097553ec6ad4
7379250565ec7a4918d8c88a895ef079ad9fe906a0cd8637c2a3298084a0414f
745896c11b2084f525ac7bff25ea122745dc5792449312c02d1e9650db6f8a98
7512390eaafb395b16777479525c03c581cc7002c39fb2cf532f34a502312218
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
7fcbc5d3c3265e7038e929c1cff2495764dd435c770852863eb46b9791c49524
8263cff9e1b4472523eefdb634675ea8f742e391c03c7a3bbf2ce3ccf449a382
83e7646db8f8b03f956022eb6a9d364a6fd7840d0ade1f2afcea1127fb129e25
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b916263b171d8155a896989b3f8fe9f2757f799b142cfd019f073cdd6cd4364
9283dd2196e153d8e94be906ea9e118fc7fdfd302fe27d3d39e6612b96d1404e
92843deade1639f1831e5ea7ff76d570a5d0deb76813d977c05a756bca7a6b16
93d70e09903b397f54f1bac2d969240f6d79556c1478046d259f0c4aff2487d5
9948f63dd63c223247465529c8b335b96346d409c6823894066afb69b2bc374f
9a8d16cf69b04f17bf869fdc4b81588cde13c410f37e079820b54e1baed4bac7
a02acce44f2c6df068972d20e54f5b2632f994db79a2ed7f907fd378033411ef
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a096fbd5c3f1c170bff91b2c0befaab5d113c2f8b29f2b2e39dae3ecbbf7c01f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a32dec4b66f8ca30347979e79f06130920d32d9103ed75ea6452d6a4435b4908
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad06eb2cc2457e78d2331f1051b04201365c219eece042b1b444cada34ba1e72
b54ab91c712446c73cfcbb25280dbdb9c9857f80c258e0772ff619996ea1d270
bb19cc9bb9e4e0f0237ee1f0c213487452c77e6f9fa6fa9edcb87f4de9f0c21a
c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8
cce2184ec089babc70ded47b8474c543f6a5ff013e4bfd9dbae8689489bb13ba
d31092d3e3fb5841aa82e6ce084ebd1f8d28b9dff5c3befb179f87180db551c0
dd0e0a0eee136e7f3c5205890b1943128c56c498e17bd0fca7eefda599be961c
dd101610bfdd5074e44f8db73ae061dfbd46c7b6a7c860171e525088e85b6474
dee0c804c8e6afea7a3411063405f64bb22ac56ae4d7a96dd7d98d4957748efb
e02d163a5eff47c455197a6f5e87d1c2fa9bc0c0e1c4c662a8d2c778851cdbed
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e461d7db8b2e5f1134cf65a81cb67266012efca717f4a345ff82d565308b780c
e47e5f4e1e7330190c6d68a23ce504c8e31e8df995dd7a7046faf226ccff5a74
ec0345cdb22e87d348d093ef1bd1dbf4b0a1a09681656ee849c207d3f63decc7
ed8fc4f59918f41c42d790b768215f83039de863a201c1a0ed39db1a334d1253
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f222f7a35db0f82e901fd8a4212bcd22b2869277cc17c0f35931cc32fe4e198c
f51d5e6454326b4c4af313f023c469e69e86078b027538b3413326aa77e7a1af

lending.regions.com Open in urlscan Pro 205.255.102.33 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

87 Requests

97 %HTTPS

0 %IPv6

33 Domains

44 Subdomains

42 IPs

5 Countries

1862 kBTransfer

6361 kBSize

62 Cookies

8 Outgoing links

Redirected requests

87 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

lending.regions.com Open in urlscan Pro
205.255.102.33 Public Scan

Screenshot
Live screenshot

Full Image

87
Requests

97 %
HTTPS

0 %
IPv6

33
Domains

44
Subdomains

42
IPs

5
Countries

1862 kB
Transfer

6361 kB
Size

62
Cookies

87 HTTP transactions
1 data transactions