heloc-apply.rate.com Open in urlscan Pro
34.102.202.59 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://frmbri.com/c9ATX46Gw-p6PHTlJCn57bKERGdd4EPJjiMsLLzNLpoweEj72zNTXaktveQBshAHjLovPGs4eh3DULG/FfyO
Effective URL:
https://heloc-apply.rate.com/account/heloc/register?affid=160005&transid=42fb0e7b48ed43d5ae85407ddaa6d339&_ef_transaction_id=...
Submission: On November 30 via api (November 30th 2024, 8:09:46 am UTC) from US — Scanned from US

Summary HTTP 129 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 23 IPs in 2 countries across 20 domains to perform 129 HTTP transactions. The main IP is 34.102.202.59, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is heloc-apply.rate.com.
TLS certificate: Issued by R11 on October 12th 2024. Valid for: 3 months.

This is the only time heloc-apply.rate.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	91.223.117.85 91.223.117.85	201909 (INTELI-TE...) (INTELI-TECH-DEVELOPMENT-SRL INTELI TECH DEVELOPMENT SRL)
1 1	2606:4700:303... 2606:4700:3037::6815:7ca	13335 (CLOUDFLAR...) (CLOUDFLARENET)
37	34.102.202.59 34.102.202.59	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	34.98.83.188 34.98.83.188	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2607:f8b0:400... 2607:f8b0:4006:81e::200a	15169 (GOOGLE) (GOOGLE)
1	108.138.128.117 108.138.128.117	16509 (AMAZON-02) (AMAZON-02)
2	172.67.12.227 172.67.12.227	13335 (CLOUDFLAR...) (CLOUDFLARENET)
38	34.160.235.105 34.160.235.105	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8	2600:1f18:24e... 2600:1f18:24e6:b901:72e3:1bfe:b271:96b2	14618 (AMAZON-AES) (AMAZON-AES)
3	2607:f8b0:400... 2607:f8b0:4006:80b::2008	15169 (GOOGLE) (GOOGLE)
3	35.201.112.186 35.201.112.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.173.132.27 18.173.132.27	16509 (AMAZON-02) (AMAZON-02)
1	142.250.80.68 142.250.80.68	15169 (GOOGLE) (GOOGLE)
2	157.240.241.1 157.240.241.1	32934 (FACEBOOK) (FACEBOOK)
2	52.70.25.4 52.70.25.4	14618 (AMAZON-AES) (AMAZON-AES)
2	172.67.172.237 172.67.172.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	52.1.242.241 52.1.242.241	14618 (AMAZON-AES) (AMAZON-AES)
1 1	35.244.154.8 35.244.154.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	142.250.80.35 142.250.80.35	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81e::201b	15169 (GOOGLE) (GOOGLE)
1	13.225.63.14 13.225.63.14	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:81f::200e	15169 (GOOGLE) (GOOGLE)
3	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
2	31.13.71.36 31.13.71.36	32934 (FACEBOOK) (FACEBOOK)
129	23

1 91.223.117.85 (Romania)

ASN201909 (INTELI-TECH-DEVELOPMENT-SRL INTELI TECH DEVELOPMENT SRL, RO)

frmbri.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:7ca (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.blilospute.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 34.102.202.59 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 59.202.102.34.bc.googleusercontent.com

heloc-apply.rate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.83.188 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 188.83.98.34.bc.googleusercontent.com

cdn.figure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81e::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.128.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-117.jfk50.r.cloudfront.net

cdn.plaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.12.227 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.talkjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 34.160.235.105 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 105.235.160.34.bc.googleusercontent.com

www.figure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:1f18:24e6:b901:72e3:1bfe:b271:96b2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

browser-intake-datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80b::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.132.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-132-27.jfk52.r.cloudfront.net

code.upscope.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.68 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.241.1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-lga3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.70.25.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-25-4.compute-1.amazonaws.com

pix.pontiac.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.172.237 (United States)

ASN13335 (CLOUDFLARENET, US)

www.chablivoy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.1.242.241 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-242-241.compute-1.amazonaws.com

beacon.lynx.cognitivlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.154.8 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.35 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81e::201b (United States)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.63.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-14.ewr53.r.cloudfront.net

js.upscope.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81f::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.71.36 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-lga3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	figure.com cdn.figure.com — Cisco Umbrella Rank: 438653 www.figure.com — Cisco Umbrella Rank: 324473	126 KB
37	rate.com heloc-apply.rate.com	7 MB
8	browser-intake-datadoghq.com browser-intake-datadoghq.com — Cisco Umbrella Rank: 542 csp-report.browser-intake-datadoghq.com Failed	1 KB
6	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 2093 rs.fullstory.com — Cisco Umbrella Rank: 2203	87 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 storage.googleapis.com — Cisco Umbrella Rank: 314	70 KB
3	cognitivlabs.com 2 redirects beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1898	1 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	211 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	213 B
2	gstatic.com fonts.gstatic.com	53 KB
2	chablivoy.com www.chablivoy.com — Cisco Umbrella Rank: 611937	21 KB
2	pontiac.media pix.pontiac.media — Cisco Umbrella Rank: 27193	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	82 KB
2	upscope.io code.upscope.io — Cisco Umbrella Rank: 25518 js.upscope.io — Cisco Umbrella Rank: 39148	45 KB
2	talkjs.com cdn.talkjs.com — Cisco Umbrella Rank: 76236	78 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	555 B
1	rlcdn.com 1 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 476	437 B
1	google.com www.google.com — Cisco Umbrella Rank: 3
1	plaid.com cdn.plaid.com — Cisco Umbrella Rank: 15403	48 KB
1	blilospute.com 1 redirects www.blilospute.com — Cisco Umbrella Rank: 479163	1 KB
1	frmbri.com frmbri.com	4 KB
129	20

	Domain	Requested by
38	www.figure.com	heloc-apply.rate.com
37	heloc-apply.rate.com	frmbri.com heloc-apply.rate.com
8	browser-intake-datadoghq.com	heloc-apply.rate.com
4	fonts.googleapis.com	heloc-apply.rate.com
3	rs.fullstory.com	heloc-apply.rate.com edge.fullstory.com
3	beacon.lynx.cognitivlabs.com	2 redirects
3	edge.fullstory.com	heloc-apply.rate.com edge.fullstory.com
3	www.googletagmanager.com	frmbri.com www.googletagmanager.com
3	cdn.figure.com	heloc-apply.rate.com
2	www.facebook.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.chablivoy.com	www.googletagmanager.com heloc-apply.rate.com
2	pix.pontiac.media	www.googletagmanager.com heloc-apply.rate.com
2	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	cdn.talkjs.com	heloc-apply.rate.com
1	www.google-analytics.com	heloc-apply.rate.com
1	js.upscope.io	code.upscope.io
1	storage.googleapis.com
1	idsync.rlcdn.com	1 redirects
1	www.google.com	www.googletagmanager.com
1	code.upscope.io	frmbri.com
1	cdn.plaid.com	heloc-apply.rate.com
1	www.blilospute.com	1 redirects
1	frmbri.com
0	csp-report.browser-intake-datadoghq.com Failed	www.googletagmanager.com heloc-apply.rate.com js.upscope.io
129	25

This site contains links to these domains. Also see Links.

Domain
www.rate.com
www.nmlsconsumeraccess.org

Subject Issuer	Validity	Valid
frmbri.com ZeroSSL ECC Domain Secure Site CA	`2024-10-23` - `2025-01-21`	3 months	crt.sh
heloc-apply.rate.com R11	`2024-10-12` - `2025-01-10`	3 months	crt.sh
*.figure.com Go Daddy Secure Certificate Authority - G2	`2023-11-24` - `2024-12-25`	a year	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
secure.plaid.com DigiCert EV RSA CA G2	`2024-03-12` - `2025-03-11`	a year	crt.sh
talkjs.com E5	`2024-10-25` - `2025-01-23`	3 months	crt.sh
*.browser-intake-datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-14` - `2025-05-17`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
edge.fullstory.com WR3	`2024-10-20` - `2025-01-18`	3 months	crt.sh
upscope.io Amazon RSA 2048 M03	`2024-09-22` - `2025-10-22`	a year	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-09-08` - `2024-12-07`	3 months	crt.sh
*.pontiac.media Amazon RSA 2048 M02	`2024-07-11` - `2025-08-08`	a year	crt.sh
chablivoy.com WE1	`2024-11-03` - `2025-02-01`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
storage.googleapis.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
rs.fullstory.com WR3	`2024-10-22` - `2025-01-20`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://heloc-apply.rate.com/account/heloc/register?affid=160005&transid=42fb0e7b48ed43d5ae85407ddaa6d339&_ef_transaction_id=42fb0e7b48ed43d5ae85407ddaa6d339
Frame ID: 37A37EC446CEB7033EB8FC925846DBF5
Requests: 114 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fheloc-apply.rate.com
Frame ID: 97160890E25141DD9EC63BAFD763316F
Requests: 1 HTTP requests in this frame

Frame: https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub8a555cb7c86a0dc6930b357a476d6449&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=app-name:heloc
Frame ID: F9323BCF08A639849D5BC59450BD5F6E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Guaranteed Rate | Get Started

Page URL History Show full URLs

https://frmbri.com/c9ATX46Gw-p6PHTlJCn57bKERGdd4EPJjiMsLLzNLpoweEj72zNTXaktveQBshAHjLovPGs4eh3D... Page URL
https://www.blilospute.com/B8F5TCBB/JMTJFKL/?sub1=ALDYME3Q2LOV5JYNTZT3HAWYISGBHYNK7WSQ6UHYCMJNSJB5RA%3D... HTTP 302
https://heloc-apply.rate.com/account/heloc/register?affid=160005&transid=42fb0e7b48ed43d5ae85407ddaa6d339... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

129
Requests

91 %
HTTPS

25 %
IPv6

20
Domains

25
Subdomains

23
IPs

2
Countries

7542 kB
Transfer

9434 kB
Size

21
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.rate.com/heloc
Title: Go to homepage

Search URL Search Domain Scan URL

URL: https://www.rate.com/terms
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.rate.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.nmlsconsumeraccess.org/EntityDetails.aspx/COMPANY/2611
Title: NMLS consumer access

Search URL Search Domain Scan URL

URL: https://www.nmlsconsumeraccess.org/
Title: www.nmlsconsumeraccess.org

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://frmbri.com/c9ATX46Gw-p6PHTlJCn57bKERGdd4EPJjiMsLLzNLpoweEj72zNTXaktveQBshAHjLovPGs4eh3DULG/FfyO Page URL
https://www.blilospute.com/B8F5TCBB/JMTJFKL/?sub1=ALDYME3Q2LOV5JYNTZT3HAWYISGBHYNK7WSQ6UHYCMJNSJB5RA%3D%3D%3D%3D%3D%3D&sub2=6747463b390289cdb0140170%3Bmd%3D67483390390289cdb014627e&sub3=71986310-aef2-11ef-bc40-12e935cd9955 HTTP 302
https://heloc-apply.rate.com/account/heloc/register?affid=160005&transid=42fb0e7b48ed43d5ae85407ddaa6d339&_ef_transaction_id=42fb0e7b48ed43d5ae85407ddaa6d339 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70

https://beacon.lynx.cognitivlabs.com/pixel/capture?tags=6cf15fd8-2bc8-45de-aaca-1d6b5316c681&referer=https://www.rate.com/&page_url=https://heloc-apply.rate.com/account/heloc/register&u1=/account/heloc/register HTTP 302
https://beacon.lynx.cognitivlabs.com/pixel/capture?tags=6cf15fd8-2bc8-45de-aaca-1d6b5316c681&referer=https://www.rate.com/&page_url=https://heloc-apply.rate.com/account/heloc/register&u1=/account/heloc/register&rf=1 HTTP 302
https://idsync.rlcdn.com/711906.gif?partner_uid=f9654d49-5c12-449b-b25e-867116e4671d&credir=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%2Fliveramp%2Fdone HTTP 307
https://beacon.lynx.cognitivlabs.com/pixel/liveramp/done

129 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 FfyO
frmbri.com/c9ATX46Gw-p6PHTlJCn57bKERGdd4EPJjiMsLLzNLpoweEj72zNTXaktveQBshAHjLovPGs4eh3DULG/ 4 KB
4 KB 280ms
62ms Document
text/html 91.223.117.85
INTELI-TECH-DEVEL...

General

Check archive.org

Show headers Download Go to

Full URL: https://frmbri.com/c9ATX46Gw-p6PHTlJCn57bKERGdd4EPJjiMsLLzNLpoweEj72zNTXaktveQBshAHjLovPGs4eh3DULG/FfyO
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 91.223.117.85 , Romania, ASN201909 (INTELI-TECH-DEVELOPMENT-SRL INTELI TECH DEVELOPMENT SRL, RO),
Reverse DNS
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000
content-type: text/html; charset=utf-8
date: Sat, 30 Nov 2024 08:09:38 GMT

GET
H2

200

Primary Request register Show response
heloc-apply.rate.com/account/heloc/
Redirect Chain

https://www.blilospute.com/B8F5TCBB/JMTJFKL/?sub1=ALDYME3Q2LOV5JYNTZT3HAWYISGBHYNK7WSQ6UHYCMJNSJB5RA%3D%3D%3D%3D%3D%3D&sub2=6747463b390289cdb0140170%3Bmd%3D67483390390289cdb014627e&sub3=71986310-ae...
https://heloc-apply.rate.com/account/heloc/register?affid=160005&transid=42fb0e7b48ed43d5ae85407ddaa6d339&_ef_transaction_id=42fb0e7b48ed43d5ae85407ddaa6d339

5 KB
7 KB

525ms
71ms

Document
text/html

34.102.202.59
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://heloc-apply.rate.com/account/heloc/register?affid=160005&transid=42fb0e7b48ed43d5ae85407ddaa6d339&_ef_transaction_id=42fb0e7b48ed43d5ae85407ddaa6d339

Requested by

Host: frmbri.com
URL: https://frmbri.com/c9ATX46Gw-p6PHTlJCn57bKERGdd4EPJjiMsLLzNLpoweEj72zNTXaktveQBshAHjLovPGs4eh3DULG/FfyO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.202.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

59.202.102.34.bc.googleusercontent.com

Software

Resource Hash

2845d8daaf026c09c1e5f98fc1ff1c1c1602b1368c1bae0f06b79320aaa93060

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://frmbri.com/c9ATX46Gw-p6PHTlJCn57bKERGdd4EPJjiMsLLzNLpoweEj72zNTXaktveQBshAHjLovPGs4eh3DULG/FfyO
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-security-policy-report-only: default-src https://cdn.plaid.com/ 'self';script-src https://cdn.plaid.com/link/v2/stable/link-initialize.js https://test.figure.com https://figure.com 'unsafe-inline' 'nonce-0tHYj3uLC/Qjcz5BDHsKCw==' 'strict-dynamic' 'self';frame-src https://cdn.plaid.com/ 'self';connect-src https://*.plaid.com/ https://test.figure.com https://www.figure.com https://api.trustpilot.com https://*.fullstory.com 'self' https://browser-intake-datadoghq.com https://api.rollbar.com/api/1/item/ https://cdn.figure.com https://fonts.googleapis.com https://fonts.gstatic.com;font-src https://cdn.figure.com https://fonts.gstatic.com 'self' https://cdn.figure.com/fonts/SharpGroteskMedium21.otf;style-src https://use.fontawesome.com https://fonts.googleapis.com 'self' 'unsafe-inline' https://cdn.figure.com https://fonts.googleapis.com/css2 https://cdn.figure.com/fonts/SharpGroteskMedium21.css;media-src https://cdn.figure.com https://www.datocms-assets.com https://www.googletagmanager.com https://cdn.talkjs.com 'self';img-src https://ad.doubleclick.net https://cdn.figure.com https://storage.googleapis.com https://www.datocms-assets.com https://www.googletagmanager.com https://www.gstatic.com 'self' data: blob:;form-action 'none';manifest-src 'self';object-src 'none';worker-src 'none';report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub8a555cb7c86a0dc6930b357a476d6449&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=app-name:heloc;base-uri 'self';frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Sat, 30 Nov 2024 08:09:39 GMT
origin-agent-cluster: ?1
referrer-policy: strict-origin
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin
via: kong/3.4.2, 1.1 google
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-kong-proxy-latency: 1
x-kong-upstream-latency: 20
x-permitted-cross-domain-policies: none
x-xss-protection: 0

Redirect headers

accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8ea95b3edc96db11-MIA
content-type: text/html; charset=utf-8
date: Sat, 30 Nov 2024 08:09:38 GMT
location: https://heloc-apply.rate.com/account/heloc/register?affid=160005&transid=42fb0e7b48ed43d5ae85407ddaa6d339&_ef_transaction_id=42fb0e7b48ed43d5ae85407ddaa6d339
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m82Z%2BqAu7kvCmzq5aDyhj0IbEBIDCr1RPrIRsvJvc2oAK7souK%2BVrRUn8qaONvRbfDO%2B%2F4k%2BYQlSQwSG1qZKDpW1tvxYrWmu5F4tip%2FWUOCFIQV4Akk5elUMd0SGYC4eCM%2BQZajs778RD8tQp9UahpE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=29526&min_rtt=29473&rtt_var=3539&sent=7&recv=13&lost=0&retrans=0&sent_bytes=4040&recv_bytes=2481&delivery_rate=131523&cwnd=254&unsent_bytes=0&cid=22c15085e8ba6f38&ts=306&x=0"
vary: Origin
x-eflow-request-id: a9cf451f-4a90-46bb-9693-3256ebe531a0

GET
H2 200 SharpGroteskMedium21.otf
cdn.figure.com/fonts/ 96 KB
96 KB 133ms
32ms Font
application/octet-stream 34.98.83.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.figure.com/fonts/SharpGroteskMedium21.otf
Requested by: Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/register?affid=160005&transid=42fb0e7b48ed43d5ae85407ddaa6d339&_ef_transaction_id=42fb0e7b48ed43d5ae85407ddaa6d339
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.83.188 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.83.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 44ce8e208b4ec6dd5fc4639d4df94b720f4dc2f7d6fb512d0b9c2d236b6384ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://heloc-apply.rate.com
Referer: https://heloc-apply.rate.com/

Response headers

x-goog-metageneration: 5
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash: crc32c=Lpo08A==, md5=QNlV3FQiDTuuzFYJhvlJ8g==
etag: "40d955dc54220d3baecc560986f949f2"
age: 95975
x-goog-stored-content-encoding: identity
expires: Sat, 29 Nov 2025 05:30:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 98048
date: Fri, 29 Nov 2024 05:30:04 GMT
last-modified: Mon, 01 May 2023 16:19:07 GMT
content-type: application/octet-stream
x-guploader-uploadid: AFiumC5SnioCsud-1MxqFpVxN8Sm5IzIZb78m7sDPysHG_5SuwkkEE3DsSuxk6fQ8zqAMINTmVo
cache-control: max-age=31622400, public
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1682957947901988
content-length: 98048
server: UploadServer

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
722 B 224ms
82ms Stylesheet
text/css 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Plus+Jakarta+Sans:wght@400;500;600;700;800&display=swap

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/register?affid=160005&transid=42fb0e7b48ed43d5ae85407ddaa6d339&_ef_transaction_id=42fb0e7b48ed43d5ae85407ddaa6d339

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3f6fe4e936de332aea22d2b6e44538ce8e99af9ea7f120799fe4f0c66984aa88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heloc-apply.rate.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 30 Nov 2024 08:09:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 08:09:39 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sat, 30 Nov 2024 08:09:39 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 SharpGroteskMedium21.css
cdn.figure.com/fonts/ 196 B
707 B 130ms
31ms Stylesheet
text/css 34.98.83.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.figure.com/fonts/SharpGroteskMedium21.css
Requested by: Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/register?affid=160005&transid=42fb0e7b48ed43d5ae85407ddaa6d339&_ef_transaction_id=42fb0e7b48ed43d5ae85407ddaa6d339
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.83.188 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.83.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c9613edf945298c94c54051577badfd41a4d656cebcfab79967ce062e26c6fd6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heloc-apply.rate.com/

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Type
x-goog-hash: crc32c=gIMERA==, md5=cGE/YONGpZqLYZSYpf9opA==
etag: "70613f60e346a59a8b619498a5ff68a4"
age: 1096878
x-goog-stored-content-encoding: identity
expires: Mon, 17 Nov 2025 15:28:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 196
date: Sun, 17 Nov 2024 15:28:21 GMT
last-modified: Thu, 18 Apr 2024 17:58:16 GMT
content-type: text/css
x-guploader-uploadid: AFiumC6IxGSPQ8M8U4SNg5czxzJ-ElNwwrJ8-kfhTJVqWwhA8cWoIOdhFK0vv2I1PgC69IXnvw
cache-control: max-age=31622400, public
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1713463096968127
content-length: 196
server: UploadServer

GET
H2 200 index-CWt-PX6t.css
heloc-apply.rate.com/account/heloc/assets/ 101 KB
102 KB 64ms
59ms Stylesheet
text/css 34.102.202.59
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://heloc-apply.rate.com/account/heloc/assets/index-CWt-PX6t.css

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/register?affid=160005&transid=42fb0e7b48ed43d5ae85407ddaa6d339&_ef_transaction_id=42fb0e7b48ed43d5ae85407ddaa6d339

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.202.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

59.202.102.34.bc.googleusercontent.com

Software

Resource Hash

a2e41a2c7be5c471e4ae1f2fad68bbb18a7b7de677cfdaa5207616881558e168

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heloc-apply.rate.com/

Response headers

access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
etag: W/"19447-19369c51d10"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-kong-proxy-latency: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 08:09:39 GMT
content-type: text/css; charset=UTF-8
last-modified: Tue, 26 Nov 2024 18:39:06 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=0
x-dns-prefetch-control: off
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
access-control-allow-credentials: true
referrer-policy: strict-origin
content-security-policy-report-only: default-src https://cdn.plaid.com/ 'self';script-src https://cdn.plaid.com/link/v2/stable/link-initialize.js https://test.figure.com https://figure.com 'unsafe-inline' 'nonce-wcYqzche5zyeXuS/Dx5ASg==' 'strict-dynamic' 'self';frame-src https://cdn.plaid.com/ 'self';connect-src https://*.plaid.com/ https://test.figure.com https://www.figure.com https://api.trustpilot.com https://*.fullstory.com 'self' https://browser-intake-datadoghq.com https://api.rollbar.com/api/1/item/ https://cdn.figure.com https://fonts.googleapis.com https://fonts.gstatic.com;font-src https://cdn.figure.com https://fonts.gstatic.com 'self' https://cdn.figure.com/fonts/SharpGroteskMedium21.otf;style-src https://use.fontawesome.com https://fonts.googleapis.com 'self' 'unsafe-inline' https://cdn.figure.com https://fonts.googleapis.com/css2 https://cdn.figure.com/fonts/SharpGroteskMedium21.css;media-src https://cdn.figure.com https://www.datocms-assets.com https://www.googletagmanager.com https://cdn.talkjs.com 'self';img-src https://ad.doubleclick.net https://cdn.figure.com https://storage.googleapis.com https://www.datocms-assets.com https://www.googletagmanager.com https://www.gstatic.com 'self' data: blob:;form-action 'none';manifest-src 'self';object-src 'none';worker-src 'none';report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub8a555cb7c86a0dc6930b357a476d6449&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=app-name:heloc;base-uri 'self';frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
x-download-options: noopen
via: kong/3.4.2, 1.1 google
accept-ranges: bytes
x-kong-upstream-latency: 4
content-length: 103495
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 vendor-DKjsUhCV.css
heloc-apply.rate.com/account/heloc/assets/ 9 KB
10 KB 58ms
54ms Stylesheet
text/css 34.102.202.59
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://heloc-apply.rate.com/account/heloc/assets/vendor-DKjsUhCV.css

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/register?affid=160005&transid=42fb0e7b48ed43d5ae85407ddaa6d339&_ef_transaction_id=42fb0e7b48ed43d5ae85407ddaa6d339

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.202.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

59.202.102.34.bc.googleusercontent.com

Software

Resource Hash

2e5c86b35b2d4629d036b71f6bd5cc5ededb660a8afd42856064d47e82eeef19

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heloc-apply.rate.com/

Response headers

access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
etag: W/"23b7-19369c51d10"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-kong-proxy-latency: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 08:09:39 GMT
content-type: text/css; charset=UTF-8
last-modified: Tue, 26 Nov 2024 18:39:06 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=0
x-dns-prefetch-control: off
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
access-control-allow-credentials: true
referrer-policy: strict-origin
content-security-policy-report-only: default-src https://cdn.plaid.com/ 'self';script-src https://cdn.plaid.com/link/v2/stable/link-initialize.js https://test.figure.com https://figure.com 'unsafe-inline' 'nonce-Vgi4qydTSPrfoPt7C2RMUA==' 'strict-dynamic' 'self';frame-src https://cdn.plaid.com/ 'self';connect-src https://*.plaid.com/ https://test.figure.com https://www.figure.com https://api.trustpilot.com https://*.fullstory.com 'self' https://browser-intake-datadoghq.com https://api.rollbar.com/api/1/item/ https://cdn.figure.com https://fonts.googleapis.com https://fonts.gstatic.com;font-src https://cdn.figure.com https://fonts.gstatic.com 'self' https://cdn.figure.com/fonts/SharpGroteskMedium21.otf;style-src https://use.fontawesome.com https://fonts.googleapis.com 'self' 'unsafe-inline' https://cdn.figure.com https://fonts.googleapis.com/css2 https://cdn.figure.com/fonts/SharpGroteskMedium21.css;media-src https://cdn.figure.com https://www.datocms-assets.com https://www.googletagmanager.com https://cdn.talkjs.com 'self';img-src https://ad.doubleclick.net https://cdn.figure.com https://storage.googleapis.com https://www.datocms-assets.com https://www.googletagmanager.com https://www.gstatic.com 'self' data: blob:;form-action 'none';manifest-src 'self';object-src 'none';worker-src 'none';report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub8a555cb7c86a0dc6930b357a476d6449&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=app-name:heloc;base-uri 'self';frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
x-download-options: noopen
via: kong/3.4.2, 1.1 google
accept-ranges: bytes
x-kong-upstream-latency: 5
content-length: 9143
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ 157 KB
48 KB 246ms
103ms Script
text/javascript 108.138.128.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/register?affid=160005&transid=42fb0e7b48ed43d5ae85407ddaa6d339&_ef_transaction_id=42fb0e7b48ed43d5ae85407ddaa6d339
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-117.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a62c769bf1659158b958fedc9943a98edb2a9fe1485c6720ace8a637cddc4805

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heloc-apply.rate.com/

Response headers

content-encoding: br
x-amz-version-id: FQNjQgwgSiQuP4bDtxS0wAeXIUgE_uJ7
etag: W/"da98f2b01a78d68e04120493e91773d4"
age: 119
x-cache: Hit from cloudfront
x-amz-cf-id: bDif0sRH061kqVkUz5-2cw9PmijTE_Hu7h856Mxxtdv2nvucNBuQwQ==
date: Sat, 30 Nov 2024 08:07:46 GMT
content-type: text/javascript
vary: accept-encoding
last-modified: Fri, 22 Nov 2024 17:37:46 GMT
x-amz-id-2: XijMn6+lD6oNNI4BWFz95wv6NA3/6G34eXgWRM1sd2jx2eTbp8QZTJmQCIQ3BrTqUTh6a5XPNzA=
x-amz-replication-status: COMPLETED
cache-control: no-cache,must-revalidate,max-age=0
via: 1.1 820b14719bf91dbc846cab9728bc3fe6.cloudfront.net (CloudFront)
x-amz-request-id: 7QW6Z13HQER88DNJ
x-amz-cf-pop: JFK50-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
991 B 220ms
81ms Stylesheet
text/css 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Public+Sans:ital,wght@0,100..900;1,100..900&display=swap

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/register?affid=160005&transid=42fb0e7b48ed43d5ae85407ddaa6d339&_ef_transaction_id=42fb0e7b48ed43d5ae85407ddaa6d339

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5ec00663f747b3e2e32b5a3c356139f364b919fc518663e09b97d55c8cc1f738

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heloc-apply.rate.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 30 Nov 2024 08:09:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 08:09:39 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sat, 30 Nov 2024 07:02:52 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 59 KB
14 KB 225ms
86ms Stylesheet
text/css 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Gothic+A1|Poppins:400,600,700

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/register?affid=160005&transid=42fb0e7b48ed43d5ae85407ddaa6d339&_ef_transaction_id=42fb0e7b48ed43d5ae85407ddaa6d339

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8f91fa4189a03a52c9f0e55a23f6060824977f1094167995de40246a127fbf7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heloc-apply.rate.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 30 Nov 2024 08:09:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 08:09:39 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sat, 30 Nov 2024 08:09:39 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 index-RQWd7KQs.js Show response
heloc-apply.rate.com/account/heloc/assets/ 344 KB
345 KB 132ms
131ms Script
application/javascript 34.102.202.59
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://heloc-apply.rate.com/account/heloc/assets/index-RQWd7KQs.js

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/register?affid=160005&transid=42fb0e7b48ed43d5ae85407ddaa6d339&_ef_transaction_id=42fb0e7b48ed43d5ae85407ddaa6d339

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.202.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

59.202.102.34.bc.googleusercontent.com

Software

Resource Hash

d5bf978dbbd9e9a6f33229934282864c7bd5ba09de7caf57a7993fe624c777d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://heloc-apply.rate.com
Referer: https://heloc-apply.rate.com/

Response headers

access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
etag: W/"55eeb-19369c51d10"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-kong-proxy-latency: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 08:09:39 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 26 Nov 2024 18:39:06 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=0
x-dns-prefetch-control: off
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
access-control-allow-credentials: true
referrer-policy: strict-origin
content-security-policy-report-only: default-src https://cdn.plaid.com/ 'self';script-src https://cdn.plaid.com/link/v2/stable/link-initialize.js https://test.figure.com https://figure.com 'unsafe-inline' 'nonce-e33T4ER6+EjhpMWEaCLxlw==' 'strict-dynamic' 'self';frame-src https://cdn.plaid.com/ 'self';connect-src https://*.plaid.com/ https://test.figure.com https://www.figure.com https://api.trustpilot.com https://*.fullstory.com 'self' https://browser-intake-datadoghq.com https://api.rollbar.com/api/1/item/ https://cdn.figure.com https://fonts.googleapis.com https://fonts.gstatic.com;font-src https://cdn.figure.com https://fonts.gstatic.com 'self' https://cdn.figure.com/fonts/SharpGroteskMedium21.otf;style-src https://use.fontawesome.com https://fonts.googleapis.com 'self' 'unsafe-inline' https://cdn.figure.com https://fonts.googleapis.com/css2 https://cdn.figure.com/fonts/SharpGroteskMedium21.css;media-src https://cdn.figure.com https://www.datocms-assets.com https://www.googletagmanager.com https://cdn.talkjs.com 'self';img-src https://ad.doubleclick.net https://cdn.figure.com https://storage.googleapis.com https://www.datocms-assets.com https://www.googletagmanager.com https://www.gstatic.com 'self' data: blob:;form-action 'none';manifest-src 'self';object-src 'none';worker-src 'none';report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub8a555cb7c86a0dc6930b357a476d6449&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=app-name:heloc;base-uri 'self';frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
x-download-options: noopen
via: kong/3.4.2, 1.1 google
accept-ranges: bytes
access-control-allow-origin: https://heloc-apply.rate.com
content-length: 351979
x-xss-protection: 0
x-kong-upstream-latency: 5
origin-agent-cluster: ?1

GET
H2 200 vendor-B8vnu2Vi.js Show response
heloc-apply.rate.com/account/heloc/assets/ 6 MB
6 MB 122ms
121ms Script
application/javascript 34.102.202.59
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/register?affid=160005&transid=42fb0e7b48ed43d5ae85407ddaa6d339&_ef_transaction_id=42fb0e7b48ed43d5ae85407ddaa6d339

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.202.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

59.202.102.34.bc.googleusercontent.com

Software

Resource Hash

db388884b2daa2f0c572a951912da8d0446d7e3257ea45fbc4ea70126703cfd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://heloc-apply.rate.com
Referer: https://heloc-apply.rate.com/

Response headers

access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
etag: W/"5f4383-19369c51d10"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-kong-proxy-latency: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 08:09:39 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 26 Nov 2024 18:39:06 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=0
x-dns-prefetch-control: off
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
access-control-allow-credentials: true
referrer-policy: strict-origin
content-security-policy-report-only: default-src https://cdn.plaid.com/ 'self';script-src https://cdn.plaid.com/link/v2/stable/link-initialize.js https://test.figure.com https://figure.com 'unsafe-inline' 'nonce-LB29YPZ4bllADdmI4cdc9A==' 'strict-dynamic' 'self';frame-src https://cdn.plaid.com/ 'self';connect-src https://*.plaid.com/ https://test.figure.com https://www.figure.com https://api.trustpilot.com https://*.fullstory.com 'self' https://browser-intake-datadoghq.com https://api.rollbar.com/api/1/item/ https://cdn.figure.com https://fonts.googleapis.com https://fonts.gstatic.com;font-src https://cdn.figure.com https://fonts.gstatic.com 'self' https://cdn.figure.com/fonts/SharpGroteskMedium21.otf;style-src https://use.fontawesome.com https://fonts.googleapis.com 'self' 'unsafe-inline' https://cdn.figure.com https://fonts.googleapis.com/css2 https://cdn.figure.com/fonts/SharpGroteskMedium21.css;media-src https://cdn.figure.com https://www.datocms-assets.com https://www.googletagmanager.com https://cdn.talkjs.com 'self';img-src https://ad.doubleclick.net https://cdn.figure.com https://storage.googleapis.com https://www.datocms-assets.com https://www.googletagmanager.com https://www.gstatic.com 'self' data: blob:;form-action 'none';manifest-src 'self';object-src 'none';worker-src 'none';report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub8a555cb7c86a0dc6930b357a476d6449&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=app-name:heloc;base-uri 'self';frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
x-download-options: noopen
via: kong/3.4.2, 1.1 google
accept-ranges: bytes
access-control-allow-origin: https://heloc-apply.rate.com
content-length: 6243203
x-xss-protection: 0
x-kong-upstream-latency: 3
origin-agent-cluster: ?1

GET
H3 200 talk.js Show response
cdn.talkjs.com/ 212 KB
65 KB 97ms
42ms Script
application/javascript 172.67.12.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.talkjs.com/talk.js
Requested by: Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.12.227 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8916d68ffc33236e339208c3fd32dff34ff057b6fa5c36f3b67f94564a953b7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heloc-apply.rate.com/

Response headers

access-control-expose-headers: DNT,X-CustomHeader,x-talkjs-client-build,x-talkjs-client-date,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: gzip
cf-cache-status: HIT
etag: W/"67482d62-351c3"
age: 179
access-control-allow-methods: GET, PATCH, PUT, POST, OPTIONS
expires: Thu, 01 Jan 1970 00:00:01 GMT
traceparent: 00-4e82f075f1134bdabebde168c1a8d430-816076a5e1aa4747-03
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 30 Nov 2024 08:09:40 GMT
content-type: application/javascript
last-modified: Thu, 28 Nov 2024 08:44:18 GMT
vary: Accept-Encoding
priority: u=3,i=?0
access-control-allow-headers: DNT,X-CustomHeader,x-talkjs-client-build,x-talkjs-client-date,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
x-cache-status: MISS
x-talkjs-node: production-1-6105
cache-control: public, s-maxage=600, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
cf-ray: 8ea95b4d2f2f2593-MIA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 177 KB
40 KB 91ms
90ms Stylesheet
text/css 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Gothic+A1:wght@400;500;700&family=Poppins:wght@700&display=swap

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3489172e0fa97bbb1bfe5803f457886ddc5ffc387129b3d3fd9daadf561d385c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heloc-apply.rate.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 30 Nov 2024 08:09:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 08:09:40 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sat, 30 Nov 2024 08:09:40 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

OPTIONS
H2 200 session
www.figure.com/ft/external/ Frame 0
0 291ms
53ms Preflight 34.160.235.105
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.figure.com/ft/external/session

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.160.235.105 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

105.235.160.34.bc.googleusercontent.com

Software

kong/3.4.2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://heloc-apply.rate.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,name,type,x-accomplishments,x-with-origin,Origin,x-org,x-3pv-access-code,x-datadog-trace-id,x-datadog-parent-id,x-datadog-origin,x-datadog-sampling-priority,x-datadog-sampled,x-recaptcha-token,x-figure-auth,wallet-authorization,x-auth0-application-name,x-managed-user-auth0-application-name,x-managed-user-email,affiliate-org,x-wallet-address,x-member-name,x-membership
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE,OPTIONS,TRACE,CONNECT
access-control-allow-origin: https://heloc-apply.rate.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 30 Nov 2024 08:09:41 GMT
referrer-policy: same-origin
server: kong/3.4.2
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin
via: 1.1 google
x-content-type-options: nosniff
x-kong-response-latency: 1

OPTIONS
H2 200 figureinfo
www.figure.com/identity-broker/customer/secure/api/v3/self/ Frame 0
0 290ms
54ms Preflight 34.160.235.105
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.figure.com/identity-broker/customer/secure/api/v3/self/figureinfo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.160.235.105 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

105.235.160.34.bc.googleusercontent.com

Software

kong/3.4.2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth0-application-name
Access-Control-Request-Method: GET
Origin: https://heloc-apply.rate.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,name,type,x-accomplishments,x-with-origin,Origin,x-org,x-3pv-access-code,x-datadog-trace-id,x-datadog-parent-id,x-datadog-origin,x-datadog-sampling-priority,x-datadog-sampled,x-recaptcha-token,x-figure-auth,wallet-authorization,x-auth0-application-name,x-managed-user-auth0-application-name,x-managed-user-email,affiliate-org,x-wallet-address,x-member-name,x-membership
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE,OPTIONS,TRACE,CONNECT
access-control-allow-origin: https://heloc-apply.rate.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 30 Nov 2024 08:09:41 GMT
referrer-policy: same-origin
server: kong/3.4.2
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin
via: 1.1 google
x-content-type-options: nosniff
x-kong-response-latency: 1

OPTIONS
H2 200 session
www.figure.com/ft/external/ Frame 0
0 287ms
52ms Preflight 34.160.235.105
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.figure.com/ft/external/session

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.160.235.105 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

105.235.160.34.bc.googleusercontent.com

Software

kong/3.4.2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://heloc-apply.rate.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,name,type,x-accomplishments,x-with-origin,Origin,x-org,x-3pv-access-code,x-datadog-trace-id,x-datadog-parent-id,x-datadog-origin,x-datadog-sampling-priority,x-datadog-sampled,x-recaptcha-token,x-figure-auth,wallet-authorization,x-auth0-application-name,x-managed-user-auth0-application-name,x-managed-user-email,affiliate-org,x-wallet-address,x-member-name,x-membership
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE,OPTIONS,TRACE,CONNECT
access-control-allow-origin: https://heloc-apply.rate.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 30 Nov 2024 08:09:41 GMT
referrer-policy: same-origin
server: kong/3.4.2
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin
via: 1.1 google
x-content-type-options: nosniff
x-kong-response-latency: 1

GET
H2 200 wl-info Show response
www.figure.com/processor-underwriting/public/api/v1/ 403 B
459 B 295ms
56ms Fetch
application/json 34.160.235.105
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.figure.com/processor-underwriting/public/api/v1/wl-info?org=GUARANTEED_RATE

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.160.235.105 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

105.235.160.34.bc.googleusercontent.com

Software

Resource Hash

f60955d071f56a93b75cbdd0eca7524ec02b8a601dd41bbd465f1532170dc74f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heloc-apply.rate.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
access-control-allow-credentials: true
x-content-type-options: nosniff
referrer-policy: same-origin
via: kong/3.4.2, 1.1 google
x-kong-upstream-latency: 2
access-control-allow-origin: https://heloc-apply.rate.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-kong-proxy-latency: 1
date: Sat, 30 Nov 2024 08:09:41 GMT
content-type: application/json
vary: Origin

GET
H2 200 metadata Show response
www.figure.com/service-organization-metadata/external/api/v1/organizations/GUARANTEED_RATE/ 2 KB
2 KB 293ms
55ms Fetch
application/json 34.160.235.105
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.figure.com/service-organization-metadata/external/api/v1/organizations/GUARANTEED_RATE/metadata

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.160.235.105 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

105.235.160.34.bc.googleusercontent.com

Software

Resource Hash

501d59f3caabc33cf7670ab16e16f724b4404bdd48e46a4a6b68d006d2dd82bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heloc-apply.rate.com/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
access-control-allow-credentials: true
referrer-policy: no-referrer
x-content-type-options: nosniff
via: kong/3.4.2, 1.1 google
x-kong-upstream-latency: 2
access-control-allow-origin: https://heloc-apply.rate.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1617
x-xss-protection: 1 ; mode=block
date: Sat, 30 Nov 2024 08:09:41 GMT
content-type: application/json
vary: Origin
x-kong-proxy-latency: 1

POST
H3 200 session Show response
www.figure.com/ft/external/ 176 B
197 B 102ms
69ms Fetch
application/json 34.160.235.105
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.figure.com/ft/external/session

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.235.105 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

105.235.160.34.bc.googleusercontent.com

Software

Resource Hash

c71a05db106899592e5ca21efe36ac2ce6848da531dcdb5e2a996e0cb987df73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
Referer: https://heloc-apply.rate.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
access-control-allow-credentials: true
x-content-type-options: nosniff
referrer-policy: same-origin
via: kong/3.4.2, 1.1 google
x-kong-upstream-latency: 18
access-control-allow-origin: https://heloc-apply.rate.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-kong-proxy-latency: 1
date: Sat, 30 Nov 2024 08:09:40 GMT
content-type: application/json
vary: Origin

GET
H3 404 figureinfo Show response
www.figure.com/identity-broker/customer/secure/api/v3/self/ 43 B
60 B 81ms
49ms Fetch
application/json 34.160.235.105
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.figure.com/identity-broker/customer/secure/api/v3/self/figureinfo
Requested by: Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.235.105 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 105.235.160.34.bc.googleusercontent.com
Software: kong/3.4.2 /
Resource Hash: 872aa756337f039f98a71184d37d89d02e209bd59f692cdcc5953f169081629b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
X-Auth0-Application-Name: heloc
Referer: https://heloc-apply.rate.com/

Response headers

access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://heloc-apply.rate.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 08:09:41 GMT
x-kong-response-latency: 0
content-type: application/json
vary: Origin
server: kong/3.4.2

POST
H3 200 session Show response
www.figure.com/ft/external/ 176 B
197 B 106ms
72ms Fetch
application/json 34.160.235.105
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.figure.com/ft/external/session

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.235.105 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

105.235.160.34.bc.googleusercontent.com

Software

Resource Hash

4ef429823d50b16892beafa965af016196ccfa02b66d1f095157feb7a4541ad2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
Referer: https://heloc-apply.rate.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
access-control-allow-credentials: true
x-content-type-options: nosniff
referrer-policy: same-origin
via: kong/3.4.2, 1.1 google
x-kong-upstream-latency: 21
access-control-allow-origin: https://heloc-apply.rate.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-kong-proxy-latency: 1
date: Sat, 30 Nov 2024 08:09:40 GMT
content-type: application/json
vary: Origin

POST
H3 200 session Show response
heloc-apply.rate.com/ft/external/ 176 B
197 B 79ms
77ms Fetch
application/json 34.102.202.59
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://heloc-apply.rate.com/ft/external/session

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.102.202.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

59.202.102.34.bc.googleusercontent.com

Software

Resource Hash

ca583e03a0e5f48f74e31cc5b2aaedb664fea1fec457fad7f820e30909923170

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
Referer: https://heloc-apply.rate.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
access-control-allow-credentials: true
x-content-type-options: nosniff
referrer-policy: same-origin
via: kong/3.4.2, 1.1 google
x-kong-upstream-latency: 28
access-control-allow-origin: https://heloc-apply.rate.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-kong-proxy-latency: 1
date: Sat, 30 Nov 2024 08:09:40 GMT
content-type: application/json
vary: Origin

GET
H3 206 5e83cb28291edefe5f467e9b31453b97.mp3
cdn.talkjs.com/__assets/ 12 KB
13 KB 42ms
41ms Media
audio/mpeg 172.67.12.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.talkjs.com/__assets/5e83cb28291edefe5f467e9b31453b97.mp3
Requested by: Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/register?affid=160005&transid=42fb0e7b48ed43d5ae85407ddaa6d339&_ef_transaction_id=42fb0e7b48ed43d5ae85407ddaa6d339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.12.227 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f39b8368d883d351157f527bc6ce0f505177383e886d2a48b4098ffabb8ac1b5

Request headers

Referer: https://heloc-apply.rate.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

cf-cache-status: HIT
etag: "6744606d-3194"
age: 6724
traceparent
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 30 Nov 2024 08:09:40 GMT
content-type: audio/mpeg
last-modified: Mon, 25 Nov 2024 11:33:01 GMT
vary: Accept-Encoding
priority: u=3,i
x-cache-status: HIT
x-talkjs-node: <CACHE>
Content-Range: bytes 0-12691/12692
cf-ray: 8ea95b4ee81b2593-MIA
Content-Length: 12692
server: cloudflare

POST
H3 200 session Show response
heloc-apply.rate.com/ft/external/ 179 B
200 B 53ms
52ms Fetch
application/json 34.102.202.59
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://heloc-apply.rate.com/ft/external/session

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.102.202.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

59.202.102.34.bc.googleusercontent.com

Software

Resource Hash

8ce391bf17b4149fdc0317d9f8d3684d81e8a88aefa792e553f2a5579ec56434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
Referer: https://heloc-apply.rate.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
access-control-allow-credentials: true
x-content-type-options: nosniff
referrer-policy: same-origin
via: kong/3.4.2, 1.1 google
x-kong-upstream-latency: 3
access-control-allow-origin: https://heloc-apply.rate.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-kong-proxy-latency: 2
date: Sat, 30 Nov 2024 08:09:40 GMT
content-type: application/json
vary: Origin

POST
H2 202 rum Show response
browser-intake-datadoghq.com/api/v2/ 53 B
287 B 304ms
173ms Fetch
application/json 2600:1f18:24e6:b901:72e3:1bfe:b271:96b2
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.11.0%2Capi%3Afetch%2Cenv%3Aproduction%2Cservice%3Afrontend-heloc&dd-api-key=pub12f76571c55a1c6efcc45166d57d29b6&dd-evp-origin-version=5.11.0&dd-evp-origin=browser&dd-request-id=57f16d0c-08ea-438c-b3b4-4513f6dde972&batch_time=1732954181042

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:24e6:b901:72e3:1bfe:b271:96b2 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

78973965db696c0cb51a8d64633afc81109ed09dcde6fa422092b702989feb71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://heloc-apply.rate.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
content-length: 53
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
date: Sat, 30 Nov 2024 08:09:41 GMT
content-type: application/json
dd-request-id: 57f16d0c-08ea-438c-b3b4-4513f6dde972

GET
H3 200 favicon-32x32.png
heloc-apply.rate.com/rate-favicons/ 6 KB
3 KB 53ms
52ms Other
text/html 34.102.202.59
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://heloc-apply.rate.com/rate-favicons/favicon-32x32.png

Protocol

Security

QUIC, , AES_128_GCM

Server

34.102.202.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

59.202.102.34.bc.googleusercontent.com

Software

nginx/1.27.2 /

Resource Hash

0943a75bec00f4c5e5fbfd988b0e7d7a2dc3a2960a0029a8f782e580392da482

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heloc-apply.rate.com/

Response headers

access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
content-encoding: gzip
etag: W/"67466171-16f8"
x-content-type-options: nosniff
x-kong-proxy-latency: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 08:09:41 GMT
content-type: text/html; charset=UTF-8
last-modified: Wed, 27 Nov 2024 00:01:53 GMT
vary: Origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
access-control-allow-credentials: true
referrer-policy: same-origin
via: kong/3.4.2, 1.1 google
x-kong-upstream-latency: 2
server: nginx/1.27.2

POST
H3 200 feature Show response
heloc-apply.rate.com/service-optimize/external/api/v1/ 89 B
110 B 79ms
78ms Fetch
application/json 34.102.202.59
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://heloc-apply.rate.com/service-optimize/external/api/v1/feature

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.102.202.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

59.202.102.34.bc.googleusercontent.com

Software

Resource Hash

35aaaafa3378cf4ee387a9a8179ee2de66f1be28827ef938819c9bda9303d1ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
Referer: https://heloc-apply.rate.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
access-control-allow-credentials: true
x-content-type-options: nosniff
referrer-policy: same-origin
via: kong/3.4.2, 1.1 google
x-kong-upstream-latency: 28
access-control-allow-origin: https://heloc-apply.rate.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-kong-proxy-latency: 1
date: Sat, 30 Nov 2024 08:09:41 GMT
content-type: application/json
vary: Origin

GET
H2 200 base-favicon.png
cdn.figure.com/apps/frontend-private-label/rate/ 4 KB
4 KB 92ms
91ms Other
image/png 34.98.83.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.figure.com/apps/frontend-private-label/rate/base-favicon.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.83.188 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.83.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 2a66bf6feb31567d3580654a43fd477091358f9cf939f31929de05f2067f99f1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heloc-apply.rate.com/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Type
x-goog-hash: crc32c=hQ7SFQ==, md5=ZhZVOddiw8ZsVVj2iT2caw==
etag: "66165539d762c3c66c5558f6893d9c6b"
age: 0
x-goog-stored-content-encoding: identity
expires: Sat, 30 Nov 2024 09:09:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 3600
date: Sat, 30 Nov 2024 08:09:41 GMT
last-modified: Wed, 20 Nov 2024 23:31:34 GMT
content-type: image/png
x-guploader-uploadid: AFiumC7FvvonJx_4rlMmuxuVBFX6KdWAJu24nSyXfDmignt6xZ4Da3_yiaNYZG3Z2TFAk_E0XnSFa0bRrw
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1729286437727120
content-length: 3600
server: UploadServer

GET
H3 200 favicon-16x16.png
heloc-apply.rate.com/rate-favicons/ 6 KB
3 KB 52ms
51ms Other
text/html 34.102.202.59
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://heloc-apply.rate.com/rate-favicons/favicon-16x16.png

Protocol

Security

QUIC, , AES_128_GCM

Server

34.102.202.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

59.202.102.34.bc.googleusercontent.com

Software

nginx/1.27.2 /

Resource Hash

0943a75bec00f4c5e5fbfd988b0e7d7a2dc3a2960a0029a8f782e580392da482

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heloc-apply.rate.com/

Response headers

access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
content-encoding: gzip
etag: W/"67466171-16f8"
x-content-type-options: nosniff
x-kong-proxy-latency: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 08:09:41 GMT
content-type: text/html; charset=UTF-8
last-modified: Wed, 27 Nov 2024 00:01:53 GMT
vary: Origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
access-control-allow-credentials: true
referrer-policy: same-origin
via: kong/3.4.2, 1.1 google
x-kong-upstream-latency: 2
server: nginx/1.27.2

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 289 KB
101 KB 224ms
85ms Script
application/javascript 2607:f8b0:4006:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N94BQ4BG

Requested by

Host: frmbri.com
URL: https://frmbri.com/c9ATX46Gw-p6PHTlJCn57bKERGdd4EPJjiMsLLzNLpoweEj72zNTXaktveQBshAHjLovPGs4eh3DULG/FfyO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e6f364531f9c2d00185e9e1d5b285b86185db9fa919c0df5a3a4e665a85b2bbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heloc-apply.rate.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sat, 30 Nov 2024 08:09:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 08:09:41 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 30 Nov 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 102635
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 apple-icon-57x57.png
heloc-apply.rate.com/rate-favicons/ 6 KB
3 KB 51ms
50ms Other
text/html 34.102.202.59
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://heloc-apply.rate.com/rate-favicons/apple-icon-57x57.png

Protocol

Security

QUIC, , AES_128_GCM

Server

34.102.202.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

59.202.102.34.bc.googleusercontent.com

Software

nginx/1.27.2 /

Resource Hash

0943a75bec00f4c5e5fbfd988b0e7d7a2dc3a2960a0029a8f782e580392da482

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heloc-apply.rate.com/

Response headers

access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
content-encoding: gzip
etag: W/"67466171-16f8"
x-content-type-options: nosniff
x-kong-proxy-latency: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 08:09:41 GMT
content-type: text/html; charset=UTF-8
last-modified: Wed, 27 Nov 2024 00:01:53 GMT
vary: Origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
access-control-allow-credentials: true
referrer-policy: same-origin
via: kong/3.4.2, 1.1 google
x-kong-upstream-latency: 1
server: nginx/1.27.2

GET
H3 200 apple-icon-60x60.png
heloc-apply.rate.com/rate-favicons/ 6 KB
3 KB 50ms
50ms Other
text/html 34.102.202.59
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://heloc-apply.rate.com/rate-favicons/apple-icon-60x60.png

Protocol

Security

QUIC, , AES_128_GCM

Server

34.102.202.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

59.202.102.34.bc.googleusercontent.com

Software

nginx/1.27.2 /

Resource Hash

0943a75bec00f4c5e5fbfd988b0e7d7a2dc3a2960a0029a8f782e580392da482

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heloc-apply.rate.com/

Response headers

access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
content-encoding: gzip
etag: W/"67466171-16f8"
x-content-type-options: nosniff
x-kong-proxy-latency: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 08:09:41 GMT
content-type: text/html; charset=UTF-8
last-modified: Wed, 27 Nov 2024 00:01:53 GMT
vary: Origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
access-control-allow-credentials: true
referrer-policy: same-origin
via: kong/3.4.2, 1.1 google
x-kong-upstream-latency: 1
server: nginx/1.27.2

POST
H3 200 event Show response
www.figure.com/ft/external/ 181 B
202 B 57ms
55ms Fetch
application/json 34.160.235.105
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.figure.com/ft/external/event

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.235.105 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

105.235.160.34.bc.googleusercontent.com

Software

Resource Hash

1e25dc52513da3194db1e7ec67452b3876b0c9bd074df1214b0f441ec9bf4c03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
Referer: https://heloc-apply.rate.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
access-control-allow-credentials: true
x-content-type-options: nosniff
referrer-policy: same-origin
via: kong/3.4.2, 1.1 google
x-kong-upstream-latency: 8
access-control-allow-origin: https://heloc-apply.rate.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-kong-proxy-latency: 1
date: Sat, 30 Nov 2024 08:09:40 GMT
content-type: application/json
vary: Origin

OPTIONS
H2 200 event
www.figure.com/ft/external/ Frame 0
0 52ms
51ms Preflight 34.160.235.105
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.figure.com/ft/external/event

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.160.235.105 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

105.235.160.34.bc.googleusercontent.com

Software

kong/3.4.2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://heloc-apply.rate.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,name,type,x-accomplishments,x-with-origin,Origin,x-org,x-3pv-access-code,x-datadog-trace-id,x-datadog-parent-id,x-datadog-origin,x-datadog-sampling-priority,x-datadog-sampled,x-recaptcha-token,x-figure-auth,wallet-authorization,x-auth0-application-name,x-managed-user-auth0-application-name,x-managed-user-email,affiliate-org,x-wallet-address,x-member-name,x-membership
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE,OPTIONS,TRACE,CONNECT
access-control-allow-origin: https://heloc-apply.rate.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 30 Nov 2024 08:09:41 GMT
referrer-policy: same-origin
server: kong/3.4.2
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin
via: 1.1 google
x-content-type-options: nosniff
x-kong-response-latency: 1

POST
H3 200 session Show response
www.figure.com/ft/external/ 179 B
200 B 52ms
51ms Fetch
application/json 34.160.235.105
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.figure.com/ft/external/session

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.235.105 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

105.235.160.34.bc.googleusercontent.com

Software

Resource Hash

b00b73465c2a3a40e9609961353cb2fc36f86fec5b1b9e112c3b103eb930755d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
Referer: https://heloc-apply.rate.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
access-control-allow-credentials: true
x-content-type-options: nosniff
referrer-policy: same-origin
via: kong/3.4.2, 1.1 google
x-kong-upstream-latency: 3
access-control-allow-origin: https://heloc-apply.rate.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-kong-proxy-latency: 1
date: Sat, 30 Nov 2024 08:09:40 GMT
content-type: application/json
vary: Origin

GET
H3 200 apple-icon-72x72.png
heloc-apply.rate.com/rate-favicons/ 6 KB
3 KB 50ms
49ms Other
text/html 34.102.202.59
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://heloc-apply.rate.com/rate-favicons/apple-icon-72x72.png

Protocol

Security

QUIC, , AES_128_GCM

Server

34.102.202.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

59.202.102.34.bc.googleusercontent.com

Software

nginx/1.27.2 /

Resource Hash

0943a75bec00f4c5e5fbfd988b0e7d7a2dc3a2960a0029a8f782e580392da482

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heloc-apply.rate.com/

Response headers

access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
content-encoding: gzip
etag: W/"67466171-16f8"
x-content-type-options: nosniff
x-kong-proxy-latency: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 08:09:41 GMT
content-type: text/html; charset=UTF-8
last-modified: Wed, 27 Nov 2024 00:01:53 GMT
vary: Origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
access-control-allow-credentials: true
referrer-policy: same-origin
via: kong/3.4.2, 1.1 google
x-kong-upstream-latency: 1
server: nginx/1.27.2

POST
H3 200 features Show response
www.figure.com/service-optimize/external/api/v1/ 10 KB
10 KB 106ms
105ms Fetch
application/json 34.160.235.105
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.figure.com/service-optimize/external/api/v1/features

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.235.105 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

105.235.160.34.bc.googleusercontent.com

Software

Resource Hash

fcf571aa21bb322b2e3275810e634ab52e401683b2c259b9e4644e810d199506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
Referer: https://heloc-apply.rate.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
access-control-allow-credentials: true
x-content-type-options: nosniff
referrer-policy: same-origin
via: kong/3.4.2, 1.1 google
x-kong-upstream-latency: 55
access-control-allow-origin: https://heloc-apply.rate.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-kong-proxy-latency: 1
date: Sat, 30 Nov 2024 08:09:41 GMT
content-type: application/json
vary: Origin

OPTIONS
H3 200 features
www.figure.com/service-optimize/external/api/v1/ Frame 0
0 51ms
50ms Preflight 34.160.235.105
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.figure.com/service-optimize/external/api/v1/features

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.235.105 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

105.235.160.34.bc.googleusercontent.com

Software

kong/3.4.2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://heloc-apply.rate.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,name,type,x-accomplishments,x-with-origin,Origin,x-org,x-3pv-access-code,x-datadog-trace-id,x-datadog-parent-id,x-datadog-origin,x-datadog-sampling-priority,x-datadog-sampled,x-recaptcha-token,x-figure-auth,wallet-authorization,x-auth0-application-name,x-managed-user-auth0-application-name,x-managed-user-email,affiliate-org,x-wallet-address,x-member-name,x-membership
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE,OPTIONS,TRACE,CONNECT
access-control-allow-origin: https://heloc-apply.rate.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 30 Nov 2024 08:09:41 GMT
referrer-policy: same-origin
server: kong/3.4.2
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin
via: 1.1 google
x-content-type-options: nosniff
x-kong-response-latency: 1

GET
H3 200 apple-icon-76x76.png
heloc-apply.rate.com/rate-favicons/ 6 KB
3 KB 51ms
51ms Other
text/html 34.102.202.59
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://heloc-apply.rate.com/rate-favicons/apple-icon-76x76.png

Protocol

Security

QUIC, , AES_128_GCM

Server

34.102.202.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

59.202.102.34.bc.googleusercontent.com

Software

nginx/1.27.2 /

Resource Hash

0943a75bec00f4c5e5fbfd988b0e7d7a2dc3a2960a0029a8f782e580392da482

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heloc-apply.rate.com/

Response headers

access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
content-encoding: gzip
etag: W/"67466171-16f8"
x-content-type-options: nosniff
x-kong-proxy-latency: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 08:09:41 GMT
content-type: text/html; charset=UTF-8
last-modified: Wed, 27 Nov 2024 00:01:53 GMT
vary: Origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
access-control-allow-credentials: true
referrer-policy: same-origin
via: kong/3.4.2, 1.1 google
x-kong-upstream-latency: 1
server: nginx/1.27.2

POST
H2 202 rum Show response
browser-intake-datadoghq.com/api/v2/ 53 B
113 B 95ms
90ms Fetch
application/json 2600:1f18:24e6:b901:72e3:1bfe:b271:96b2
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.11.0%2Capi%3Afetch%2Cenv%3Aproduction%2Cservice%3Afrontend-heloc&dd-api-key=pub12f76571c55a1c6efcc45166d57d29b6&dd-evp-origin-version=5.11.0&dd-evp-origin=browser&dd-request-id=4d373a86-525f-444f-b0e7-fec2cb1f8358&batch_time=1732954181469

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:24e6:b901:72e3:1bfe:b271:96b2 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

24dfee1dfb128e6db9b01f439a2397ecf492acda895c52954f201e117fca57d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://heloc-apply.rate.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
content-length: 53
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
date: Sat, 30 Nov 2024 08:09:41 GMT
content-type: application/json
dd-request-id: 4d373a86-525f-444f-b0e7-fec2cb1f8358

GET
H3 200 favicon-96x96.png
heloc-apply.rate.com/rate-favicons/ 6 KB
3 KB 51ms
50ms Other
text/html 34.102.202.59
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://heloc-apply.rate.com/rate-favicons/favicon-96x96.png

Protocol

Security

QUIC, , AES_128_GCM

Server

34.102.202.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

59.202.102.34.bc.googleusercontent.com

Software

nginx/1.27.2 /

Resource Hash

0943a75bec00f4c5e5fbfd988b0e7d7a2dc3a2960a0029a8f782e580392da482

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heloc-apply.rate.com/

Response headers

access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
content-encoding: gzip
etag: W/"67466171-16f8"
x-content-type-options: nosniff
x-kong-proxy-latency: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 08:09:41 GMT
content-type: text/html; charset=UTF-8
last-modified: Wed, 27 Nov 2024 00:01:53 GMT
vary: Origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
access-control-allow-credentials: true
referrer-policy: same-origin
via: kong/3.4.2, 1.1 google
x-kong-upstream-latency: 1
server: nginx/1.27.2

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 286 KB
78 KB 150ms
33ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 8ee3657560b1a271d276a415951fe1e5451e258da97a10c639e6b9aba2f28e1b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://heloc-apply.rate.com
Referer: https://heloc-apply.rate.com/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: br
x-goog-hash: crc32c=ZmBNIA==, md5=0Vgo23dc3Qpu85CjYQ6d0Q==
etag: "d15828db775cdd0a6ef390a3610e9dd1"
age: 33
x-goog-stored-content-encoding: br
expires: Sat, 30 Nov 2024 09:09:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 79132
date: Sat, 30 Nov 2024 08:09:08 GMT
last-modified: Thu, 14 Nov 2024 14:06:07 GMT
content-type: application/javascript
vary: Accept-Encoding
x-guploader-uploadid: AFiumC7gmHwyAdrZ1L3EQU1zJcUkJWY8px-v8-qQ0ysKTL6Av499MTjZkQXYhwGB-LiHLJZnhSQ
cache-control: public, max-age=3600,no-transform
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1731593167065982
content-length: 79132
server: UploadServer

POST
H3 200 session Show response
www.figure.com/ft/external/ 179 B
200 B 52ms
51ms Fetch
application/json 34.160.235.105
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.figure.com/ft/external/session

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.235.105 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

105.235.160.34.bc.googleusercontent.com

Software

Resource Hash

b00b73465c2a3a40e9609961353cb2fc36f86fec5b1b9e112c3b103eb930755d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
Referer: https://heloc-apply.rate.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
access-control-allow-credentials: true
x-content-type-options: nosniff
referrer-policy: same-origin
via: kong/3.4.2, 1.1 google
x-kong-upstream-latency: 3
access-control-allow-origin: https://heloc-apply.rate.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-kong-proxy-latency: 0
date: Sat, 30 Nov 2024 08:09:40 GMT
content-type: application/json
vary: Origin

GET
H3 404 figureinfo Show response
www.figure.com/identity-broker/customer/secure/api/v3/self/ 43 B
60 B 49ms
49ms Fetch
application/json 34.160.235.105
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.figure.com/identity-broker/customer/secure/api/v3/self/figureinfo
Requested by: Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.235.105 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 105.235.160.34.bc.googleusercontent.com
Software: kong/3.4.2 /
Resource Hash: b93faa563e708b81d5b7e73e74530e9380f5c459d1aec792db4f8d12d982639a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
X-Auth0-Application-Name: heloc
Referer: https://heloc-apply.rate.com/

Response headers

access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://heloc-apply.rate.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 08:09:41 GMT
x-kong-response-latency: 0
content-type: application/json
vary: Origin
server: kong/3.4.2

POST
H3 200 session Show response
www.figure.com/ft/external/ 179 B
200 B 52ms
52ms Fetch
application/json 34.160.235.105
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.figure.com/ft/external/session

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.235.105 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

105.235.160.34.bc.googleusercontent.com

Software

Resource Hash

b00b73465c2a3a40e9609961353cb2fc36f86fec5b1b9e112c3b103eb930755d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
Referer: https://heloc-apply.rate.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
access-control-allow-credentials: true
x-content-type-options: nosniff
referrer-policy: same-origin
via: kong/3.4.2, 1.1 google
x-kong-upstream-latency: 2
access-control-allow-origin: https://heloc-apply.rate.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-kong-proxy-latency: 1
date: Sat, 30 Nov 2024 08:09:40 GMT
content-type: application/json
vary: Origin

GET
H2 200 wTx6yitcMq.js Show response
code.upscope.io/ 1 KB
958 B 226ms
75ms Script
application/javascript 18.173.132.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://code.upscope.io/wTx6yitcMq.js
Requested by: Host: frmbri.com
URL: https://frmbri.com/c9ATX46Gw-p6PHTlJCn57bKERGdd4EPJjiMsLLzNLpoweEj72zNTXaktveQBshAHjLovPGs4eh3DULG/FfyO
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.132.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-132-27.jfk52.r.cloudfront.net
Software: /
Resource Hash: 52df33b782bffc61cd3792e8c3e66ab580b5c622bdee64f650dd3ac905c07588

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heloc-apply.rate.com/

Response headers

cache-control: max-age=60,public
content-encoding: gzip
via: 1.1 050d3e345e03ee19c1b095050789e432.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-id: _LaI3337vd2ZPABlb-Qw9hdQmIFJm5ZNHSzKHzxIScnKkBe_KrIOcA==
date: Sat, 30 Nov 2024 08:09:41 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
x-amz-cf-pop: JFK52-P2

GET
H3 200 register-DM1nuf8O.js Show response
heloc-apply.rate.com/account/heloc/assets/ 88 KB
88 KB 78ms
77ms Script
application/javascript 34.102.202.59
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://heloc-apply.rate.com/account/heloc/assets/register-DM1nuf8O.js

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.102.202.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

59.202.102.34.bc.googleusercontent.com

Software

Resource Hash

3c7ba912d7b848f39521b46bf2a53aa20bf50e989e56db1232499b95b642f730

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://heloc-apply.rate.com
Referer

Response headers

access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
etag: W/"15ee5-19369c51d10"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-kong-proxy-latency: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 08:09:41 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 26 Nov 2024 18:39:06 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=0
x-dns-prefetch-control: off
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
access-control-allow-credentials: true
referrer-policy: strict-origin
content-security-policy-report-only: default-src https://cdn.plaid.com/ 'self';script-src https://cdn.plaid.com/link/v2/stable/link-initialize.js https://test.figure.com https://figure.com 'unsafe-inline' 'nonce-gnkRjdT/b3loLRcJHv4Q8A==' 'strict-dynamic' 'self';frame-src https://cdn.plaid.com/ 'self';connect-src https://*.plaid.com/ https://test.figure.com https://www.figure.com https://api.trustpilot.com https://*.fullstory.com 'self' https://browser-intake-datadoghq.com https://api.rollbar.com/api/1/item/ https://cdn.figure.com https://fonts.googleapis.com https://fonts.gstatic.com;font-src https://cdn.figure.com https://fonts.gstatic.com 'self' https://cdn.figure.com/fonts/SharpGroteskMedium21.otf;style-src https://use.fontawesome.com https://fonts.googleapis.com 'self' 'unsafe-inline' https://cdn.figure.com https://fonts.googleapis.com/css2 https://cdn.figure.com/fonts/SharpGroteskMedium21.css;media-src https://cdn.figure.com https://www.datocms-assets.com https://www.googletagmanager.com https://cdn.talkjs.com 'self';img-src https://ad.doubleclick.net https://cdn.figure.com https://storage.googleapis.com https://www.datocms-assets.com https://www.googletagmanager.com https://www.gstatic.com 'self' data: blob:;form-action 'none';manifest-src 'self';object-src 'none';worker-src 'none';report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub8a555cb7c86a0dc6930b357a476d6449&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=app-name:heloc;base-uri 'self';frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
x-download-options: noopen
via: kong/3.4.2, 1.1 google
accept-ranges: bytes
access-control-allow-origin: https://heloc-apply.rate.com
content-length: 89829
x-xss-protection: 0
x-kong-upstream-latency: 14
origin-agent-cluster: ?1

GET
H3 200 use-get-consent-types-DuVhXPpL.js Show response
heloc-apply.rate.com/account/heloc/assets/ 325 B
360 B 64ms
62ms Script
application/javascript 34.102.202.59
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://heloc-apply.rate.com/account/heloc/assets/use-get-consent-types-DuVhXPpL.js

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.102.202.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

59.202.102.34.bc.googleusercontent.com

Software

Resource Hash

5717e4afc92b6ef6a9634ae14cfebdbd74047329822c070e4f9fa9106fc90daf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://heloc-apply.rate.com
Referer

Response headers

access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
etag: W/"145-19369c51d10"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-kong-proxy-latency: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 08:09:41 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 26 Nov 2024 18:39:06 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=0
x-dns-prefetch-control: off
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
access-control-allow-credentials: true
referrer-policy: strict-origin
content-security-policy-report-only: default-src https://cdn.plaid.com/ 'self';script-src https://cdn.plaid.com/link/v2/stable/link-initialize.js https://test.figure.com https://figure.com 'unsafe-inline' 'nonce-YjywpxGaUTTefhuviP8NoQ==' 'strict-dynamic' 'self';frame-src https://cdn.plaid.com/ 'self';connect-src https://*.plaid.com/ https://test.figure.com https://www.figure.com https://api.trustpilot.com https://*.fullstory.com 'self' https://browser-intake-datadoghq.com https://api.rollbar.com/api/1/item/ https://cdn.figure.com https://fonts.googleapis.com https://fonts.gstatic.com;font-src https://cdn.figure.com https://fonts.gstatic.com 'self' https://cdn.figure.com/fonts/SharpGroteskMedium21.otf;style-src https://use.fontawesome.com https://fonts.googleapis.com 'self' 'unsafe-inline' https://cdn.figure.com https://fonts.googleapis.com/css2 https://cdn.figure.com/fonts/SharpGroteskMedium21.css;media-src https://cdn.figure.com https://www.datocms-assets.com https://www.googletagmanager.com https://cdn.talkjs.com 'self';img-src https://ad.doubleclick.net https://cdn.figure.com https://storage.googleapis.com https://www.datocms-assets.com https://www.googletagmanager.com https://www.gstatic.com 'self' data: blob:;form-action 'none';manifest-src 'self';object-src 'none';worker-src 'none';report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub8a555cb7c86a0dc6930b357a476d6449&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=app-name:heloc;base-uri 'self';frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
x-download-options: noopen
via: kong/3.4.2, 1.1 google
accept-ranges: bytes
access-control-allow-origin: https://heloc-apply.rate.com
content-length: 325
x-xss-protection: 0
x-kong-upstream-latency: 12
origin-agent-cluster: ?1

GET
H3 200 consent-enums-CpBjFeCY.js Show response
heloc-apply.rate.com/account/heloc/assets/ 859 B
894 B 76ms
73ms Script
application/javascript 34.102.202.59
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://heloc-apply.rate.com/account/heloc/assets/consent-enums-CpBjFeCY.js

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.102.202.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

59.202.102.34.bc.googleusercontent.com

Software

Resource Hash

3f1ffb67ef889511c1e04faea88dd21a9f9a9b3e3f77ca62ebb09d77a68cfe4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://heloc-apply.rate.com
Referer

Response headers

access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
etag: W/"35b-19369c51d10"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-kong-proxy-latency: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 08:09:41 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 26 Nov 2024 18:39:06 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=0
x-dns-prefetch-control: off
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
access-control-allow-credentials: true
referrer-policy: strict-origin
content-security-policy-report-only: default-src https://cdn.plaid.com/ 'self';script-src https://cdn.plaid.com/link/v2/stable/link-initialize.js https://test.figure.com https://figure.com 'unsafe-inline' 'nonce-WLHTxWDvoP+c7xyRRPqHKQ==' 'strict-dynamic' 'self';frame-src https://cdn.plaid.com/ 'self';connect-src https://*.plaid.com/ https://test.figure.com https://www.figure.com https://api.trustpilot.com https://*.fullstory.com 'self' https://browser-intake-datadoghq.com https://api.rollbar.com/api/1/item/ https://cdn.figure.com https://fonts.googleapis.com https://fonts.gstatic.com;font-src https://cdn.figure.com https://fonts.gstatic.com 'self' https://cdn.figure.com/fonts/SharpGroteskMedium21.otf;style-src https://use.fontawesome.com https://fonts.googleapis.com 'self' 'unsafe-inline' https://cdn.figure.com https://fonts.googleapis.com/css2 https://cdn.figure.com/fonts/SharpGroteskMedium21.css;media-src https://cdn.figure.com https://www.datocms-assets.com https://www.googletagmanager.com https://cdn.talkjs.com 'self';img-src https://ad.doubleclick.net https://cdn.figure.com https://storage.googleapis.com https://www.datocms-assets.com https://www.googletagmanager.com https://www.gstatic.com 'self' data: blob:;form-action 'none';manifest-src 'self';object-src 'none';worker-src 'none';report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub8a555cb7c86a0dc6930b357a476d6449&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=app-name:heloc;base-uri 'self';frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
x-download-options: noopen
via: kong/3.4.2, 1.1 google
accept-ranges: bytes
access-control-allow-origin: https://heloc-apply.rate.com
content-length: 859
x-xss-protection: 0
x-kong-upstream-latency: 13
origin-agent-cluster: ?1

GET
H3 200 use-get-profile-consents-C2ue8que.js Show response
heloc-apply.rate.com/account/heloc/assets/ 272 B
307 B 74ms
72ms Script
application/javascript 34.102.202.59
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://heloc-apply.rate.com/account/heloc/assets/use-get-profile-consents-C2ue8que.js

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.102.202.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

59.202.102.34.bc.googleusercontent.com

Software

Resource Hash

a7cdf1922b75222b5eeb8f72c0ef8fe7523fd145092bbc3ccf7836f7f00334bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://heloc-apply.rate.com
Referer

Response headers

access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
etag: W/"110-19369c51d10"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-kong-proxy-latency: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 08:09:41 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 26 Nov 2024 18:39:06 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=0
x-dns-prefetch-control: off
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
access-control-allow-credentials: true
referrer-policy: strict-origin
content-security-policy-report-only: default-src https://cdn.plaid.com/ 'self';script-src https://cdn.plaid.com/link/v2/stable/link-initialize.js https://test.figure.com https://figure.com 'unsafe-inline' 'nonce-gaW5Fr+B75iFXXMtIO+glw==' 'strict-dynamic' 'self';frame-src https://cdn.plaid.com/ 'self';connect-src https://*.plaid.com/ https://test.figure.com https://www.figure.com https://api.trustpilot.com https://*.fullstory.com 'self' https://browser-intake-datadoghq.com https://api.rollbar.com/api/1/item/ https://cdn.figure.com https://fonts.googleapis.com https://fonts.gstatic.com;font-src https://cdn.figure.com https://fonts.gstatic.com 'self' https://cdn.figure.com/fonts/SharpGroteskMedium21.otf;style-src https://use.fontawesome.com https://fonts.googleapis.com 'self' 'unsafe-inline' https://cdn.figure.com https://fonts.googleapis.com/css2 https://cdn.figure.com/fonts/SharpGroteskMedium21.css;media-src https://cdn.figure.com https://www.datocms-assets.com https://www.googletagmanager.com https://cdn.talkjs.com 'self';img-src https://ad.doubleclick.net https://cdn.figure.com https://storage.googleapis.com https://www.datocms-assets.com https://www.googletagmanager.com https://www.gstatic.com 'self' data: blob:;form-action 'none';manifest-src 'self';object-src 'none';worker-src 'none';report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub8a555cb7c86a0dc6930b357a476d6449&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=app-name:heloc;base-uri 'self';frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
x-download-options: noopen
via: kong/3.4.2, 1.1 google
accept-ranges: bytes
access-control-allow-origin: https://heloc-apply.rate.com
content-length: 272
x-xss-protection: 0
x-kong-upstream-latency: 9
origin-agent-cluster: ?1

GET
H3 200 use-sms-consent-_Vz4Jq5-.js Show response
heloc-apply.rate.com/account/heloc/assets/ 3 KB
3 KB 94ms
91ms Script
application/javascript 34.102.202.59
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://heloc-apply.rate.com/account/heloc/assets/use-sms-consent-_Vz4Jq5-.js

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.102.202.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

59.202.102.34.bc.googleusercontent.com

Software

Resource Hash

c926ddfe67b0ddd25b422cf0b85c6f5c498d3280a4898280e212a0ae810c65c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://heloc-apply.rate.com
Referer

Response headers

access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
etag: W/"bbd-19369c51d10"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-kong-proxy-latency: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 08:09:41 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 26 Nov 2024 18:39:06 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=0
x-dns-prefetch-control: off
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
access-control-allow-credentials: true
referrer-policy: strict-origin
content-security-policy-report-only: default-src https://cdn.plaid.com/ 'self';script-src https://cdn.plaid.com/link/v2/stable/link-initialize.js https://test.figure.com https://figure.com 'unsafe-inline' 'nonce-u+eckGJUaMh9PLpMJSywXw==' 'strict-dynamic' 'self';frame-src https://cdn.plaid.com/ 'self';connect-src https://*.plaid.com/ https://test.figure.com https://www.figure.com https://api.trustpilot.com https://*.fullstory.com 'self' https://browser-intake-datadoghq.com https://api.rollbar.com/api/1/item/ https://cdn.figure.com https://fonts.googleapis.com https://fonts.gstatic.com;font-src https://cdn.figure.com https://fonts.gstatic.com 'self' https://cdn.figure.com/fonts/SharpGroteskMedium21.otf;style-src https://use.fontawesome.com https://fonts.googleapis.com 'self' 'unsafe-inline' https://cdn.figure.com https://fonts.googleapis.com/css2 https://cdn.figure.com/fonts/SharpGroteskMedium21.css;media-src https://cdn.figure.com https://www.datocms-assets.com https://www.googletagmanager.com https://cdn.talkjs.com 'self';img-src https://ad.doubleclick.net https://cdn.figure.com https://storage.googleapis.com https://www.datocms-assets.com https://www.googletagmanager.com https://www.gstatic.com 'self' data: blob:;form-action 'none';manifest-src 'self';object-src 'none';worker-src 'none';report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub8a555cb7c86a0dc6930b357a476d6449&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=app-name:heloc;base-uri 'self';frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
x-download-options: noopen
via: kong/3.4.2, 1.1 google
accept-ranges: bytes
access-control-allow-origin: https://heloc-apply.rate.com
content-length: 3005
x-xss-protection: 0
x-kong-upstream-latency: 10
origin-agent-cluster: ?1

GET
H3 200 section-fieldset-Cu3NA7ze.js Show response
heloc-apply.rate.com/account/heloc/assets/ 1 KB
1 KB 88ms
85ms Script
application/javascript 34.102.202.59
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://heloc-apply.rate.com/account/heloc/assets/section-fieldset-Cu3NA7ze.js

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.102.202.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

59.202.102.34.bc.googleusercontent.com

Software

Resource Hash

e0de62f40bbea1d6f71594ff7e78e8e022cf3806e0a89edca280c8cb1e49b9c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://heloc-apply.rate.com
Referer

Response headers

access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
etag: W/"4e9-19369c51d10"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-kong-proxy-latency: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 08:09:41 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 26 Nov 2024 18:39:06 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=0
x-dns-prefetch-control: off
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
access-control-allow-credentials: true
referrer-policy: strict-origin
content-security-policy-report-only: default-src https://cdn.plaid.com/ 'self';script-src https://cdn.plaid.com/link/v2/stable/link-initialize.js https://test.figure.com https://figure.com 'unsafe-inline' 'nonce-BqHu2mYiKsB/+0+Po1rehQ==' 'strict-dynamic' 'self';frame-src https://cdn.plaid.com/ 'self';connect-src https://*.plaid.com/ https://test.figure.com https://www.figure.com https://api.trustpilot.com https://*.fullstory.com 'self' https://browser-intake-datadoghq.com https://api.rollbar.com/api/1/item/ https://cdn.figure.com https://fonts.googleapis.com https://fonts.gstatic.com;font-src https://cdn.figure.com https://fonts.gstatic.com 'self' https://cdn.figure.com/fonts/SharpGroteskMedium21.otf;style-src https://use.fontawesome.com https://fonts.googleapis.com 'self' 'unsafe-inline' https://cdn.figure.com https://fonts.googleapis.com/css2 https://cdn.figure.com/fonts/SharpGroteskMedium21.css;media-src https://cdn.figure.com https://www.datocms-assets.com https://www.googletagmanager.com https://cdn.talkjs.com 'self';img-src https://ad.doubleclick.net https://cdn.figure.com https://storage.googleapis.com https://www.datocms-assets.com https://www.googletagmanager.com https://www.gstatic.com 'self' data: blob:;form-action 'none';manifest-src 'self';object-src 'none';worker-src 'none';report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub8a555cb7c86a0dc6930b357a476d6449&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=app-name:heloc;base-uri 'self';frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
x-download-options: noopen
via: kong/3.4.2, 1.1 google
accept-ranges: bytes
access-control-allow-origin: https://heloc-apply.rate.com
content-length: 1257
x-xss-protection: 0
x-kong-upstream-latency: 10
origin-agent-cluster: ?1

GET
H3 200 stack-Bajie7cf.js Show response
heloc-apply.rate.com/account/heloc/assets/ 1 KB
1 KB 61ms
59ms Script
application/javascript 34.102.202.59
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://heloc-apply.rate.com/account/heloc/assets/stack-Bajie7cf.js

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.102.202.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

59.202.102.34.bc.googleusercontent.com

Software

Resource Hash

a5c22eece63c333b76cb9d8e07a6f7d60f9a40c8844053102288e48ae7b025a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://heloc-apply.rate.com
Referer

Response headers

access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
etag: W/"44a-19369c51d10"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-kong-proxy-latency: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 08:09:41 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 26 Nov 2024 18:39:06 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=0
x-dns-prefetch-control: off
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
access-control-allow-credentials: true
referrer-policy: strict-origin
content-security-policy-report-only: default-src https://cdn.plaid.com/ 'self';script-src https://cdn.plaid.com/link/v2/stable/link-initialize.js https://test.figure.com https://figure.com 'unsafe-inline' 'nonce-rb8h4w6eRYgjwqZyYfDX6w==' 'strict-dynamic' 'self';frame-src https://cdn.plaid.com/ 'self';connect-src https://*.plaid.com/ https://test.figure.com https://www.figure.com https://api.trustpilot.com https://*.fullstory.com 'self' https://browser-intake-datadoghq.com https://api.rollbar.com/api/1/item/ https://cdn.figure.com https://fonts.googleapis.com https://fonts.gstatic.com;font-src https://cdn.figure.com https://fonts.gstatic.com 'self' https://cdn.figure.com/fonts/SharpGroteskMedium21.otf;style-src https://use.fontawesome.com https://fonts.googleapis.com 'self' 'unsafe-inline' https://cdn.figure.com https://fonts.googleapis.com/css2 https://cdn.figure.com/fonts/SharpGroteskMedium21.css;media-src https://cdn.figure.com https://www.datocms-assets.com https://www.googletagmanager.com https://cdn.talkjs.com 'self';img-src https://ad.doubleclick.net https://cdn.figure.com https://storage.googleapis.com https://www.datocms-assets.com https://www.googletagmanager.com https://www.gstatic.com 'self' data: blob:;form-action 'none';manifest-src 'self';object-src 'none';worker-src 'none';report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub8a555cb7c86a0dc6930b357a476d6449&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=app-name:heloc;base-uri 'self';frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
x-download-options: noopen
via: kong/3.4.2, 1.1 google
accept-ranges: bytes
access-control-allow-origin: https://heloc-apply.rate.com
content-length: 1098
x-xss-protection: 0
x-kong-upstream-latency: 8
origin-agent-cluster: ?1

GET
H3 200 progress-bar-CaONHhiL.js Show response
heloc-apply.rate.com/account/heloc/assets/ 2 KB
2 KB 96ms
94ms Script
application/javascript 34.102.202.59
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://heloc-apply.rate.com/account/heloc/assets/progress-bar-CaONHhiL.js

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.102.202.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

59.202.102.34.bc.googleusercontent.com

Software

Resource Hash

d6bac105161fd802d619ed3a808da0574be32418650ebf515bcae32e07ec9047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://heloc-apply.rate.com
Referer

Response headers

access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
etag: W/"6dc-19369c51d10"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-kong-proxy-latency: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 08:09:41 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 26 Nov 2024 18:39:06 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=0
x-dns-prefetch-control: off
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
access-control-allow-credentials: true
referrer-policy: strict-origin
content-security-policy-report-only: default-src https://cdn.plaid.com/ 'self';script-src https://cdn.plaid.com/link/v2/stable/link-initialize.js https://test.figure.com https://figure.com 'unsafe-inline' 'nonce-eydYYv2nCwTQoJebJR0iQg==' 'strict-dynamic' 'self';frame-src https://cdn.plaid.com/ 'self';connect-src https://*.plaid.com/ https://test.figure.com https://www.figure.com https://api.trustpilot.com https://*.fullstory.com 'self' https://browser-intake-datadoghq.com https://api.rollbar.com/api/1/item/ https://cdn.figure.com https://fonts.googleapis.com https://fonts.gstatic.com;font-src https://cdn.figure.com https://fonts.gstatic.com 'self' https://cdn.figure.com/fonts/SharpGroteskMedium21.otf;style-src https://use.fontawesome.com https://fonts.googleapis.com 'self' 'unsafe-inline' https://cdn.figure.com https://fonts.googleapis.com/css2 https://cdn.figure.com/fonts/SharpGroteskMedium21.css;media-src https://cdn.figure.com https://www.datocms-assets.com https://www.googletagmanager.com https://cdn.talkjs.com 'self';img-src https://ad.doubleclick.net https://cdn.figure.com https://storage.googleapis.com https://www.datocms-assets.com https://www.googletagmanager.com https://www.gstatic.com 'self' data: blob:;form-action 'none';manifest-src 'self';object-src 'none';worker-src 'none';report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub8a555cb7c86a0dc6930b357a476d6449&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=app-name:heloc;base-uri 'self';frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
x-download-options: noopen
via: kong/3.4.2, 1.1 google
accept-ranges: bytes
access-control-allow-origin: https://heloc-apply.rate.com
content-length: 1756
x-xss-protection: 0
x-kong-upstream-latency: 8
origin-agent-cluster: ?1

GET
H3 200 floating-label-input-CTskmnid.js Show response
heloc-apply.rate.com/account/heloc/assets/ 409 B
458 B 100ms
98ms Script
application/javascript 34.102.202.59
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://heloc-apply.rate.com/account/heloc/assets/floating-label-input-CTskmnid.js

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.102.202.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

59.202.102.34.bc.googleusercontent.com

Software

Resource Hash

0c21805341b014eca380642219c88f23897a45f4ed7935fdee6870e40aeb4dec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://heloc-apply.rate.com
Referer

Response headers

access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
etag: W/"199-19369c51d10"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-kong-proxy-latency: 5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 08:09:41 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 26 Nov 2024 18:39:06 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=0
x-dns-prefetch-control: off
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
access-control-allow-credentials: true
referrer-policy: strict-origin
content-security-policy-report-only: default-src https://cdn.plaid.com/ 'self';script-src https://cdn.plaid.com/link/v2/stable/link-initialize.js https://test.figure.com https://figure.com 'unsafe-inline' 'nonce-xA08rS4k8P5QZT/+1sSELA==' 'strict-dynamic' 'self';frame-src https://cdn.plaid.com/ 'self';connect-src https://*.plaid.com/ https://test.figure.com https://www.figure.com https://api.trustpilot.com https://*.fullstory.com 'self' https://browser-intake-datadoghq.com https://api.rollbar.com/api/1/item/ https://cdn.figure.com https://fonts.googleapis.com https://fonts.gstatic.com;font-src https://cdn.figure.com https://fonts.gstatic.com 'self' https://cdn.figure.com/fonts/SharpGroteskMedium21.otf;style-src https://use.fontawesome.com https://fonts.googleapis.com 'self' 'unsafe-inline' https://cdn.figure.com https://fonts.googleapis.com/css2 https://cdn.figure.com/fonts/SharpGroteskMedium21.css;media-src https://cdn.figure.com https://www.datocms-assets.com https://www.googletagmanager.com https://cdn.talkjs.com 'self';img-src https://ad.doubleclick.net https://cdn.figure.com https://storage.googleapis.com https://www.datocms-assets.com https://www.googletagmanager.com https://www.gstatic.com 'self' data: blob:;form-action 'none';manifest-src 'self';object-src 'none';worker-src 'none';report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub8a555cb7c86a0dc6930b357a476d6449&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=app-name:heloc;base-uri 'self';frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
x-download-options: noopen
via: kong/3.4.2, 1.1 google
accept-ranges: bytes
access-control-allow-origin: https://heloc-apply.rate.com
content-length: 409
x-xss-protection: 0
x-kong-upstream-latency: 10
origin-agent-cluster: ?1

GET
H3 200 floating-label-styles-vi7H5Kkr.js Show response
heloc-apply.rate.com/account/heloc/assets/ 3 KB
3 KB 90ms
88ms Script
application/javascript 34.102.202.59
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://heloc-apply.rate.com/account/heloc/assets/floating-label-styles-vi7H5Kkr.js

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.102.202.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

59.202.102.34.bc.googleusercontent.com

Software

Resource Hash

adf57410203038c8de44893d027f3cc53b3bca84015c2867d696fa216017c595

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://heloc-apply.rate.com
Referer

Response headers

access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
etag: W/"c51-19369c51d10"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-kong-proxy-latency: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 08:09:41 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 26 Nov 2024 18:39:06 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=0
x-dns-prefetch-control: off
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
access-control-allow-credentials: true
referrer-policy: strict-origin
content-security-policy-report-only: default-src https://cdn.plaid.com/ 'self';script-src https://cdn.plaid.com/link/v2/stable/link-initialize.js https://test.figure.com https://figure.com 'unsafe-inline' 'nonce-0BSlIPJkIu9adF/734En2A==' 'strict-dynamic' 'self';frame-src https://cdn.plaid.com/ 'self';connect-src https://*.plaid.com/ https://test.figure.com https://www.figure.com https://api.trustpilot.com https://*.fullstory.com 'self' https://browser-intake-datadoghq.com https://api.rollbar.com/api/1/item/ https://cdn.figure.com https://fonts.googleapis.com https://fonts.gstatic.com;font-src https://cdn.figure.com https://fonts.gstatic.com 'self' https://cdn.figure.com/fonts/SharpGroteskMedium21.otf;style-src https://use.fontawesome.com https://fonts.googleapis.com 'self' 'unsafe-inline' https://cdn.figure.com https://fonts.googleapis.com/css2 https://cdn.figure.com/fonts/SharpGroteskMedium21.css;media-src https://cdn.figure.com https://www.datocms-assets.com https://www.googletagmanager.com https://cdn.talkjs.com 'self';img-src https://ad.doubleclick.net https://cdn.figure.com https://storage.googleapis.com https://www.datocms-assets.com https://www.googletagmanager.com https://www.gstatic.com 'self' data: blob:;form-action 'none';manifest-src 'self';object-src 'none';worker-src 'none';report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub8a555cb7c86a0dc6930b357a476d6449&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=app-name:heloc;base-uri 'self';frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
x-download-options: noopen
via: kong/3.4.2, 1.1 google
accept-ranges: bytes
access-control-allow-origin: https://heloc-apply.rate.com
content-length: 3153
x-xss-protection: 0
x-kong-upstream-latency: 8
origin-agent-cluster: ?1

GET
H3 200 date-TS_ghny4.js Show response
heloc-apply.rate.com/account/heloc/assets/ 463 B
498 B 63ms
61ms Script
application/javascript 34.102.202.59
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://heloc-apply.rate.com/account/heloc/assets/date-TS_ghny4.js

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.102.202.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

59.202.102.34.bc.googleusercontent.com

Software

Resource Hash

0ea8609a49f324dc8ecae14e529ad9e810e4929decbe2dec1f02f2c13dbca71b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://heloc-apply.rate.com
Referer

Response headers

access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
etag: W/"1cf-19369c51d10"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-kong-proxy-latency: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 08:09:41 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 26 Nov 2024 18:39:06 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=0
x-dns-prefetch-control: off
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
access-control-allow-credentials: true
referrer-policy: strict-origin
content-security-policy-report-only: default-src https://cdn.plaid.com/ 'self';script-src https://cdn.plaid.com/link/v2/stable/link-initialize.js https://test.figure.com https://figure.com 'unsafe-inline' 'nonce-gAgf+t3GgqkE7HkAt5VV0w==' 'strict-dynamic' 'self';frame-src https://cdn.plaid.com/ 'self';connect-src https://*.plaid.com/ https://test.figure.com https://www.figure.com https://api.trustpilot.com https://*.fullstory.com 'self' https://browser-intake-datadoghq.com https://api.rollbar.com/api/1/item/ https://cdn.figure.com https://fonts.googleapis.com https://fonts.gstatic.com;font-src https://cdn.figure.com https://fonts.gstatic.com 'self' https://cdn.figure.com/fonts/SharpGroteskMedium21.otf;style-src https://use.fontawesome.com https://fonts.googleapis.com 'self' 'unsafe-inline' https://cdn.figure.com https://fonts.googleapis.com/css2 https://cdn.figure.com/fonts/SharpGroteskMedium21.css;media-src https://cdn.figure.com https://www.datocms-assets.com https://www.googletagmanager.com https://cdn.talkjs.com 'self';img-src https://ad.doubleclick.net https://cdn.figure.com https://storage.googleapis.com https://www.datocms-assets.com https://www.googletagmanager.com https://www.gstatic.com 'self' data: blob:;form-action 'none';manifest-src 'self';object-src 'none';worker-src 'none';report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub8a555cb7c86a0dc6930b357a476d6449&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=app-name:heloc;base-uri 'self';frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
x-download-options: noopen
via: kong/3.4.2, 1.1 google
accept-ranges: bytes
access-control-allow-origin: https://heloc-apply.rate.com
content-length: 463
x-xss-protection: 0
x-kong-upstream-latency: 8
origin-agent-cluster: ?1

GET
H3 200 is-eighteen-7DcuaUAc.js Show response
heloc-apply.rate.com/account/heloc/assets/ 326 B
369 B 93ms
91ms Script
application/javascript 34.102.202.59
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://heloc-apply.rate.com/account/heloc/assets/is-eighteen-7DcuaUAc.js

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.102.202.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

59.202.102.34.bc.googleusercontent.com

Software

Resource Hash

b81184aea719489f0510b9d88ee71f576064f4995fe95463d01a3536d70ea412

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://heloc-apply.rate.com
Referer

Response headers

access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
etag: W/"146-19369c51d10"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-kong-proxy-latency: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 08:09:41 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 26 Nov 2024 18:39:06 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=0
x-dns-prefetch-control: off
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
access-control-allow-credentials: true
referrer-policy: strict-origin
content-security-policy-report-only: default-src https://cdn.plaid.com/ 'self';script-src https://cdn.plaid.com/link/v2/stable/link-initialize.js https://test.figure.com https://figure.com 'unsafe-inline' 'nonce-w3rR0OLX45ixnYAuEoMQjw==' 'strict-dynamic' 'self';frame-src https://cdn.plaid.com/ 'self';connect-src https://*.plaid.com/ https://test.figure.com https://www.figure.com https://api.trustpilot.com https://*.fullstory.com 'self' https://browser-intake-datadoghq.com https://api.rollbar.com/api/1/item/ https://cdn.figure.com https://fonts.googleapis.com https://fonts.gstatic.com;font-src https://cdn.figure.com https://fonts.gstatic.com 'self' https://cdn.figure.com/fonts/SharpGroteskMedium21.otf;style-src https://use.fontawesome.com https://fonts.googleapis.com 'self' 'unsafe-inline' https://cdn.figure.com https://fonts.googleapis.com/css2 https://cdn.figure.com/fonts/SharpGroteskMedium21.css;media-src https://cdn.figure.com https://www.datocms-assets.com https://www.googletagmanager.com https://cdn.talkjs.com 'self';img-src https://ad.doubleclick.net https://cdn.figure.com https://storage.googleapis.com https://www.datocms-assets.com https://www.googletagmanager.com https://www.gstatic.com 'self' data: blob:;form-action 'none';manifest-src 'self';object-src 'none';worker-src 'none';report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub8a555cb7c86a0dc6930b357a476d6449&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=app-name:heloc;base-uri 'self';frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
x-download-options: noopen
via: kong/3.4.2, 1.1 google
accept-ranges: bytes
access-control-allow-origin: https://heloc-apply.rate.com
content-length: 326
x-xss-protection: 0
x-kong-upstream-latency: 9
origin-agent-cluster: ?1

GET
H3 200 format-date-asb6YoxG.js Show response
heloc-apply.rate.com/account/heloc/assets/ 453 B
492 B 91ms
89ms Script
application/javascript 34.102.202.59
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://heloc-apply.rate.com/account/heloc/assets/format-date-asb6YoxG.js

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.102.202.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

59.202.102.34.bc.googleusercontent.com

Software

Resource Hash

c478b3046f5826a6828945e8fb1eb776e20901cf78a4b4f940e26d092c742fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://heloc-apply.rate.com
Referer

Response headers

access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
etag: W/"1c5-19369c51d10"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-kong-proxy-latency: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 08:09:41 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 26 Nov 2024 18:39:06 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=0
x-dns-prefetch-control: off
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
access-control-allow-credentials: true
referrer-policy: strict-origin
content-security-policy-report-only: default-src https://cdn.plaid.com/ 'self';script-src https://cdn.plaid.com/link/v2/stable/link-initialize.js https://test.figure.com https://figure.com 'unsafe-inline' 'nonce-MCF97Wvf0FTgZzDqUko1YA==' 'strict-dynamic' 'self';frame-src https://cdn.plaid.com/ 'self';connect-src https://*.plaid.com/ https://test.figure.com https://www.figure.com https://api.trustpilot.com https://*.fullstory.com 'self' https://browser-intake-datadoghq.com https://api.rollbar.com/api/1/item/ https://cdn.figure.com https://fonts.googleapis.com https://fonts.gstatic.com;font-src https://cdn.figure.com https://fonts.gstatic.com 'self' https://cdn.figure.com/fonts/SharpGroteskMedium21.otf;style-src https://use.fontawesome.com https://fonts.googleapis.com 'self' 'unsafe-inline' https://cdn.figure.com https://fonts.googleapis.com/css2 https://cdn.figure.com/fonts/SharpGroteskMedium21.css;media-src https://cdn.figure.com https://www.datocms-assets.com https://www.googletagmanager.com https://cdn.talkjs.com 'self';img-src https://ad.doubleclick.net https://cdn.figure.com https://storage.googleapis.com https://www.datocms-assets.com https://www.googletagmanager.com https://www.gstatic.com 'self' data: blob:;form-action 'none';manifest-src 'self';object-src 'none';worker-src 'none';report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub8a555cb7c86a0dc6930b357a476d6449&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=app-name:heloc;base-uri 'self';frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
x-download-options: noopen
via: kong/3.4.2, 1.1 google
accept-ranges: bytes
access-control-allow-origin: https://heloc-apply.rate.com
content-length: 453
x-xss-protection: 0
x-kong-upstream-latency: 7
origin-agent-cluster: ?1

GET
H3 200 sms-consent-checkbox-Diiiulk6.js Show response
heloc-apply.rate.com/account/heloc/assets/ 970 B
1012 B 92ms
91ms Script
application/javascript 34.102.202.59
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://heloc-apply.rate.com/account/heloc/assets/sms-consent-checkbox-Diiiulk6.js

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.102.202.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

59.202.102.34.bc.googleusercontent.com

Software

Resource Hash

eb58eda2924fd165ee9ba6f8623ca3c089dcbe1db9ae0c484b7581b9fcba125c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://heloc-apply.rate.com
Referer

Response headers

access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
etag: W/"3ca-19369c51d10"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-kong-proxy-latency: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 08:09:41 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 26 Nov 2024 18:39:06 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=0
x-dns-prefetch-control: off
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
access-control-allow-credentials: true
referrer-policy: strict-origin
content-security-policy-report-only: default-src https://cdn.plaid.com/ 'self';script-src https://cdn.plaid.com/link/v2/stable/link-initialize.js https://test.figure.com https://figure.com 'unsafe-inline' 'nonce-BTtLbpXuts+b8znVQuKWlw==' 'strict-dynamic' 'self';frame-src https://cdn.plaid.com/ 'self';connect-src https://*.plaid.com/ https://test.figure.com https://www.figure.com https://api.trustpilot.com https://*.fullstory.com 'self' https://browser-intake-datadoghq.com https://api.rollbar.com/api/1/item/ https://cdn.figure.com https://fonts.googleapis.com https://fonts.gstatic.com;font-src https://cdn.figure.com https://fonts.gstatic.com 'self' https://cdn.figure.com/fonts/SharpGroteskMedium21.otf;style-src https://use.fontawesome.com https://fonts.googleapis.com 'self' 'unsafe-inline' https://cdn.figure.com https://fonts.googleapis.com/css2 https://cdn.figure.com/fonts/SharpGroteskMedium21.css;media-src https://cdn.figure.com https://www.datocms-assets.com https://www.googletagmanager.com https://cdn.talkjs.com 'self';img-src https://ad.doubleclick.net https://cdn.figure.com https://storage.googleapis.com https://www.datocms-assets.com https://www.googletagmanager.com https://www.gstatic.com 'self' data: blob:;form-action 'none';manifest-src 'self';object-src 'none';worker-src 'none';report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub8a555cb7c86a0dc6930b357a476d6449&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=app-name:heloc;base-uri 'self';frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
x-download-options: noopen
via: kong/3.4.2, 1.1 google
accept-ranges: bytes
access-control-allow-origin: https://heloc-apply.rate.com
content-length: 970
x-xss-protection: 0
x-kong-upstream-latency: 4
origin-agent-cluster: ?1

GET
H3 200 use-heloc-modal-sYjDR5Ni.js Show response
heloc-apply.rate.com/account/heloc/assets/ 404 B
448 B 93ms
92ms Script
application/javascript 34.102.202.59
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://heloc-apply.rate.com/account/heloc/assets/use-heloc-modal-sYjDR5Ni.js

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.102.202.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

59.202.102.34.bc.googleusercontent.com

Software

Resource Hash

90a9fb472efd3030249e36fb6ddfc39cf5718a96871e72908b09989adfe3d2eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://heloc-apply.rate.com
Referer

Response headers

access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
etag: W/"194-19369c51d10"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-kong-proxy-latency: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 08:09:41 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 26 Nov 2024 18:39:06 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=0
x-dns-prefetch-control: off
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
access-control-allow-credentials: true
referrer-policy: strict-origin
content-security-policy-report-only: default-src https://cdn.plaid.com/ 'self';script-src https://cdn.plaid.com/link/v2/stable/link-initialize.js https://test.figure.com https://figure.com 'unsafe-inline' 'nonce-ongqG5rAy3wqLqqmbLkJvg==' 'strict-dynamic' 'self';frame-src https://cdn.plaid.com/ 'self';connect-src https://*.plaid.com/ https://test.figure.com https://www.figure.com https://api.trustpilot.com https://*.fullstory.com 'self' https://browser-intake-datadoghq.com https://api.rollbar.com/api/1/item/ https://cdn.figure.com https://fonts.googleapis.com https://fonts.gstatic.com;font-src https://cdn.figure.com https://fonts.gstatic.com 'self' https://cdn.figure.com/fonts/SharpGroteskMedium21.otf;style-src https://use.fontawesome.com https://fonts.googleapis.com 'self' 'unsafe-inline' https://cdn.figure.com https://fonts.googleapis.com/css2 https://cdn.figure.com/fonts/SharpGroteskMedium21.css;media-src https://cdn.figure.com https://www.datocms-assets.com https://www.googletagmanager.com https://cdn.talkjs.com 'self';img-src https://ad.doubleclick.net https://cdn.figure.com https://storage.googleapis.com https://www.datocms-assets.com https://www.googletagmanager.com https://www.gstatic.com 'self' data: blob:;form-action 'none';manifest-src 'self';object-src 'none';worker-src 'none';report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub8a555cb7c86a0dc6930b357a476d6449&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=app-name:heloc;base-uri 'self';frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
x-download-options: noopen
via: kong/3.4.2, 1.1 google
accept-ranges: bytes
access-control-allow-origin: https://heloc-apply.rate.com
content-length: 404
x-xss-protection: 0
x-kong-upstream-latency: 8
origin-agent-cluster: ?1

GET
H3 200 guaranteed-rate-logo-dark-B2WW7s0I.svg
heloc-apply.rate.com/account/heloc/assets/ 14 KB
14 KB 123ms
123ms Image
image/svg+xml 34.102.202.59
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heloc-apply.rate.com/account/heloc/assets/guaranteed-rate-logo-dark-B2WW7s0I.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

34.102.202.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

59.202.102.34.bc.googleusercontent.com

Software

Resource Hash

e014609bea483f76c9562129f5dbd7e1107884ec1a8b47474d53860816fdcfed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heloc-apply.rate.com/

Response headers

access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
etag: W/"3699-19369c51d10"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-kong-proxy-latency: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 08:09:41 GMT
content-type: image/svg+xml
last-modified: Tue, 26 Nov 2024 18:39:06 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=0
x-dns-prefetch-control: off
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
access-control-allow-credentials: true
referrer-policy: strict-origin
content-security-policy-report-only: default-src https://cdn.plaid.com/ 'self';script-src https://cdn.plaid.com/link/v2/stable/link-initialize.js https://test.figure.com https://figure.com 'unsafe-inline' 'nonce-X8AVG0zTEE/SbrcEsued2Q==' 'strict-dynamic' 'self';frame-src https://cdn.plaid.com/ 'self';connect-src https://*.plaid.com/ https://test.figure.com https://www.figure.com https://api.trustpilot.com https://*.fullstory.com 'self' https://browser-intake-datadoghq.com https://api.rollbar.com/api/1/item/ https://cdn.figure.com https://fonts.googleapis.com https://fonts.gstatic.com;font-src https://cdn.figure.com https://fonts.gstatic.com 'self' https://cdn.figure.com/fonts/SharpGroteskMedium21.otf;style-src https://use.fontawesome.com https://fonts.googleapis.com 'self' 'unsafe-inline' https://cdn.figure.com https://fonts.googleapis.com/css2 https://cdn.figure.com/fonts/SharpGroteskMedium21.css;media-src https://cdn.figure.com https://www.datocms-assets.com https://www.googletagmanager.com https://cdn.talkjs.com 'self';img-src https://ad.doubleclick.net https://cdn.figure.com https://storage.googleapis.com https://www.datocms-assets.com https://www.googletagmanager.com https://www.gstatic.com 'self' data: blob:;form-action 'none';manifest-src 'self';object-src 'none';worker-src 'none';report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub8a555cb7c86a0dc6930b357a476d6449&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=app-name:heloc;base-uri 'self';frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
x-download-options: noopen
via: kong/3.4.2, 1.1 google
accept-ranges: bytes
x-kong-upstream-latency: 6
content-length: 13977
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 apple-icon-114x114.png
heloc-apply.rate.com/rate-favicons/ 6 KB
3 KB 73ms
72ms Other
text/html 34.102.202.59
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://heloc-apply.rate.com/rate-favicons/apple-icon-114x114.png

Protocol

Security

QUIC, , AES_128_GCM

Server

34.102.202.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

59.202.102.34.bc.googleusercontent.com

Software

nginx/1.27.2 /

Resource Hash

0943a75bec00f4c5e5fbfd988b0e7d7a2dc3a2960a0029a8f782e580392da482

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heloc-apply.rate.com/

Response headers

access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
content-encoding: gzip
etag: W/"67466171-16f8"
x-content-type-options: nosniff
x-kong-proxy-latency: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 08:09:41 GMT
content-type: text/html; charset=UTF-8
last-modified: Wed, 27 Nov 2024 00:01:53 GMT
vary: Origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
access-control-allow-credentials: true
referrer-policy: same-origin
via: kong/3.4.2, 1.1 google
x-kong-upstream-latency: 1
server: nginx/1.27.2

POST logs
csp-report.browser-intake-datadoghq.com/api/v2/ 0
0

POST
H3 200 collect
www.google.com/ccm/ 0
0 207ms
79ms Ping
text/plain 142.250.80.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dr=frmbri.com&dl=https%3A%2F%2Fheloc-apply.rate.com%2Faccount%2Fheloc%2Fregister&scrsrc=www.googletagmanager.com&frm=0&rnd=1385316589.1732954182&auid=264930169.1732954182&npa=0&gtm=45He4bk0v9187051943za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1732954181627&tfd=3354&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N94BQ4BG
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.80.68 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s35-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heloc-apply.rate.com/

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 334 KB
110 KB 95ms
93ms Script
application/javascript 2607:f8b0:4006:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FHZ0P94BBY&l=dataLayer&cx=c&gtm=45He4bk0v9187051943za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N94BQ4BG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c008c8f73be7e9fc50edb210bdfd48285989087e697cd66c82efb48af4b2ebce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heloc-apply.rate.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 30 Nov 2024 08:09:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 08:09:41 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 112155
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 133ms
66ms Script
application/x-javascript 157.240.241.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N94BQ4BG

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-lga3.fbcdn.net

Software

Resource Hash

527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-EMXnNMXJ' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heloc-apply.rate.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 08:09:41 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-EMXnNMXJ' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=59, rtx=0, c=23, mss=1232, tbw=4450, tp=9, tpl=0, uplat=2, ullat=-1
pragma: public
x-fb-debug: m7GfUoMRByP9YodAcYwry92pK79ZuURYM6KhEwiLSS6Ue5WqPNZT9+C5wGJ6pxbigyJ+V6UnVa9gT/ZT/A/YIQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62107
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 js-pixel Show response
pix.pontiac.media/ 2 KB
2 KB 192ms
60ms Script
application/javascript 52.70.25.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pix.pontiac.media/js-pixel?id=879&type=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N94BQ4BG
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.25.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-25-4.compute-1.amazonaws.com
Software: akka-http/10.2.10 /
Resource Hash: a5f389ea04a09243125f9cd086886dbb40c581ddbbba39edb1de1e7b1835dc57

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heloc-apply.rate.com/

Response headers

access-control-allow-origin: *
content-length: 2418
date: Sat, 30 Nov 2024 08:09:41 GMT
content-type: application/javascript; charset=UTF-8
server: akka-http/10.2.10

GET
H3 200 everflow.js Show response
www.chablivoy.com/scripts/sdk/ 60 KB
20 KB 131ms
43ms Script
text/javascript 172.67.172.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.chablivoy.com/scripts/sdk/everflow.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N94BQ4BG
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.172.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80cd69ccec7fb17ef27d0ba3e477f07f9026821b875977b2f27eabd8eb9dd832

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heloc-apply.rate.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 11839
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cy9h47DXSaWV2d8BUvD24Hwtl6MPelN9wFJt6NXgZQ2VEhIA8uM%2F4gVOcskKi8DdMm1vPXdSFSiUO84Ywm%2BdYOXwAO5kih%2Bst6tjeGUsDftJZ4Qq4xFjyY%2Bupu08KoKwUXWmVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-eflow-request-id: 511d3cab-a995-4903-832f-331d91dcab10
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=30701&min_rtt=30690&rtt_var=11531&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4122&recv_bytes=4247&delivery_rate=99601&cwnd=12000&unsent_bytes=0&cid=9fa7bec2614cb0a5&ts=50&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 30 Nov 2024 08:09:41 GMT
content-type: text/javascript
vary: Origin, Accept-Encoding
last-modified: Sat, 30 Nov 2024 04:52:22 GMT
priority: u=3,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
cf-ray: 8ea95b53da7009ca-MIA
server: cloudflare

POST logs
csp-report.browser-intake-datadoghq.com/api/v2/ 0
0

GET
H/1.1

200
OK

done
beacon.lynx.cognitivlabs.com/pixel/liveramp/
Redirect Chain

https://beacon.lynx.cognitivlabs.com/pixel/capture?tags=6cf15fd8-2bc8-45de-aaca-1d6b5316c681&referer=https://www.rate.com/&page_url=https://heloc-apply.rate.com/account/heloc/register&u1=/account/h...
https://beacon.lynx.cognitivlabs.com/pixel/capture?tags=6cf15fd8-2bc8-45de-aaca-1d6b5316c681&referer=https://www.rate.com/&page_url=https://heloc-apply.rate.com/account/heloc/register&u1=/account/h...
https://idsync.rlcdn.com/711906.gif?partner_uid=f9654d49-5c12-449b-b25e-867116e4671d&credir=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%2Fliveramp%2Fdone
https://beacon.lynx.cognitivlabs.com/pixel/liveramp/done

42 B
365 B

60ms
58ms

Image
image/gif

52.1.242.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.lynx.cognitivlabs.com/pixel/liveramp/done
Protocol: HTTP/1.1
Server: 52.1.242.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-242-241.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heloc-apply.rate.com/

Response headers

Content-Length: 42
Date: Sat, 30 Nov 2024 08:09:42 GMT
Content-Type: image/gif
Connection: keep-alive
Server: Kestrel

Redirect headers

cache-control: no-cache, no-store
timing-allow-origin: *
location: https://beacon.lynx.cognitivlabs.com/pixel/liveramp/done
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 0
date: Sat, 30 Nov 2024 08:09:42 GMT

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4bj0/ Frame 9716 0
0 189ms
63ms Document
text/html 2607:f8b0:4006:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fheloc-apply.rate.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N94BQ4BG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 102708
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Fri, 29 Nov 2024 03:37:53 GMT
expires: Sat, 29 Nov 2025 03:37:53 GMT
last-modified: Tue, 19 Nov 2024 10:38:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ijwRs572Xtc6ZYQws9YVwnNGfJ4.woff2
fonts.gstatic.com/s/publicsans/v18/ 26 KB
26 KB 141ms
61ms Font
font/woff2 142.250.80.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/publicsans/v18/ijwRs572Xtc6ZYQws9YVwnNGfJ4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Public+Sans:ital,wght@0,100..900;1,100..900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.35 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f3.1e100.net

Software

sffe /

Resource Hash

5ed4d31c988e73b258894244f209069ebe77dc7e564861954b21198b6de90d68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://heloc-apply.rate.com
Referer: https://fonts.googleapis.com/

Response headers

age: 76899
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 29 Nov 2025 10:48:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 10:48:02 GMT
last-modified: Thu, 26 Sep 2024 23:19:20 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 26832
x-xss-protection: 0
server: sffe

POST
H3 200 decision Show response
www.figure.com/service-optimize/external/api/v2/ 167 B
188 B 75ms
73ms Fetch
application/json 34.160.235.105
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.figure.com/service-optimize/external/api/v2/decision

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.235.105 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

105.235.160.34.bc.googleusercontent.com

Software

Resource Hash

4f8386fffaa66b9d63594e9f59406de7683c80c3c3807d5d362bd80550f8e111

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
Referer: https://heloc-apply.rate.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
access-control-allow-credentials: true
x-content-type-options: nosniff
referrer-policy: same-origin
via: kong/3.4.2, 1.1 google
x-kong-upstream-latency: 25
access-control-allow-origin: https://heloc-apply.rate.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-kong-proxy-latency: 1
date: Sat, 30 Nov 2024 08:09:41 GMT
content-type: application/json
vary: Origin

POST
H2 202 rum Show response
browser-intake-datadoghq.com/api/v2/ 53 B
112 B 77ms
71ms Fetch
application/json 2600:1f18:24e6:b901:72e3:1bfe:b271:96b2
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.11.0%2Capi%3Afetch%2Cenv%3Aproduction%2Cservice%3Afrontend-heloc&dd-api-key=pub12f76571c55a1c6efcc45166d57d29b6&dd-evp-origin-version=5.11.0&dd-evp-origin=browser&dd-request-id=abba488b-d21d-4bbf-8aee-e8b491407c30&batch_time=1732954181689

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:24e6:b901:72e3:1bfe:b271:96b2 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

6a67f7319689edd29058b75e7352e05a7cc17b8e31f6d10e90677094ac9d9e87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://heloc-apply.rate.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
content-length: 53
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
date: Sat, 30 Nov 2024 08:09:41 GMT
content-type: application/json
dd-request-id: abba488b-d21d-4bbf-8aee-e8b491407c30

POST
H3 200 decision Show response
www.figure.com/service-optimize/external/api/v2/ 483 B
504 B 77ms
75ms Fetch
application/json 34.160.235.105
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.figure.com/service-optimize/external/api/v2/decision

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.235.105 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

105.235.160.34.bc.googleusercontent.com

Software

Resource Hash

f42460e88819120829998b1bce4593fbba76e36528a2499021a6909624223139

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
Referer: https://heloc-apply.rate.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
access-control-allow-credentials: true
x-content-type-options: nosniff
referrer-policy: same-origin
via: kong/3.4.2, 1.1 google
x-kong-upstream-latency: 26
access-control-allow-origin: https://heloc-apply.rate.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-kong-proxy-latency: 1
date: Sat, 30 Nov 2024 08:09:41 GMT
content-type: application/json
vary: Origin

OPTIONS
H3 200 decision
www.figure.com/service-optimize/external/api/v2/ Frame 0
0 53ms
52ms Preflight 34.160.235.105
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.figure.com/service-optimize/external/api/v2/decision

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.235.105 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

105.235.160.34.bc.googleusercontent.com

Software

kong/3.4.2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://heloc-apply.rate.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,name,type,x-accomplishments,x-with-origin,Origin,x-org,x-3pv-access-code,x-datadog-trace-id,x-datadog-parent-id,x-datadog-origin,x-datadog-sampling-priority,x-datadog-sampled,x-recaptcha-token,x-figure-auth,wallet-authorization,x-auth0-application-name,x-managed-user-auth0-application-name,x-managed-user-email,affiliate-org,x-wallet-address,x-member-name,x-membership
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE,OPTIONS,TRACE,CONNECT
access-control-allow-origin: https://heloc-apply.rate.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 30 Nov 2024 08:09:41 GMT
referrer-policy: same-origin
server: kong/3.4.2
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin
via: 1.1 google
x-content-type-options: nosniff
x-kong-response-latency: 0

OPTIONS
H3 200 decision
www.figure.com/service-optimize/external/api/v2/ Frame 0
0 51ms
50ms Preflight 34.160.235.105
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.figure.com/service-optimize/external/api/v2/decision

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.235.105 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

105.235.160.34.bc.googleusercontent.com

Software

kong/3.4.2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://heloc-apply.rate.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,name,type,x-accomplishments,x-with-origin,Origin,x-org,x-3pv-access-code,x-datadog-trace-id,x-datadog-parent-id,x-datadog-origin,x-datadog-sampling-priority,x-datadog-sampled,x-recaptcha-token,x-figure-auth,wallet-authorization,x-auth0-application-name,x-managed-user-auth0-application-name,x-managed-user-email,affiliate-org,x-wallet-address,x-member-name,x-membership
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE,OPTIONS,TRACE,CONNECT
access-control-allow-origin: https://heloc-apply.rate.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 30 Nov 2024 08:09:41 GMT
referrer-policy: same-origin
server: kong/3.4.2
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin
via: 1.1 google
x-content-type-options: nosniff
x-kong-response-latency: 0

POST logs
csp-report.browser-intake-datadoghq.com/api/v2/ Frame F932 0
0

GET
H3 200 apple-icon-120x120.png
heloc-apply.rate.com/rate-favicons/ 6 KB
3 KB 49ms
49ms Other
text/html 34.102.202.59
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://heloc-apply.rate.com/rate-favicons/apple-icon-120x120.png

Protocol

Security

QUIC, , AES_128_GCM

Server

34.102.202.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

59.202.102.34.bc.googleusercontent.com

Software

nginx/1.27.2 /

Resource Hash

0943a75bec00f4c5e5fbfd988b0e7d7a2dc3a2960a0029a8f782e580392da482

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heloc-apply.rate.com/

Response headers

access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
content-encoding: gzip
etag: W/"67466171-16f8"
x-content-type-options: nosniff
x-kong-proxy-latency: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 08:09:41 GMT
content-type: text/html; charset=UTF-8
last-modified: Wed, 27 Nov 2024 00:01:53 GMT
vary: Origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
access-control-allow-credentials: true
referrer-policy: same-origin
via: kong/3.4.2, 1.1 google
x-kong-upstream-latency: 1
server: nginx/1.27.2

GET
H2 200 logo.svg
storage.googleapis.com/figure-cdn-production/apps/frontend-private-label/rate/ 14 KB
14 KB 244ms
101ms Image
image/svg+xml 2607:f8b0:4006:81e::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/figure-cdn-production/apps/frontend-private-label/rate/logo.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81e::201b , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e014609bea483f76c9562129f5dbd7e1107884ec1a8b47474d53860816fdcfed

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heloc-apply.rate.com/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Type
x-goog-hash: crc32c=DbBMag==, md5=2vJqFDBMOLbUTW7v0dSLFQ==
etag: "daf26a14304c38b6d44d6eefd1d48b15"
age: 0
x-goog-stored-content-encoding: identity
expires: Sat, 30 Nov 2024 09:09:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 13977
date: Sat, 30 Nov 2024 08:09:41 GMT
last-modified: Wed, 20 Nov 2024 23:31:34 GMT
content-type: image/svg+xml
x-guploader-uploadid: AFiumC7cse09lTksahq5LoQPiqvn66WIwAQXzXpkfQUnesW7j6SAr2K47Z_FKnQcU58jXGiYzRo
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1731620782684510
content-length: 13977
server: UploadServer

GET
H2 200 web Show response
edge.fullstory.com/s/settings/14DPH6/v1/ 96 KB
6 KB 79ms
78ms XHR
application/json 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/settings/14DPH6/v1/web
Requested by: Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b01f4b899a6294c71848e07c31c11cfe7bbb8434e30ef29161bbcafd950e2850

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heloc-apply.rate.com/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=GMXI0A==, md5=8kTIaFPKYkKVphANwUlYsQ==
etag: "f244c86853ca624295a6100dc14958b1"
age: 0
x-goog-stored-content-encoding: gzip
expires: Sat, 30 Nov 2024 08:24:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 5527
date: Sat, 30 Nov 2024 08:09:41 GMT
last-modified: Sat, 30 Nov 2024 08:08:54 GMT
content-type: application/json
x-guploader-uploadid: AFiumC7el7_yO7amNHl3F7wfrBoyIDmZrCWieGGVPKvVzOr9IA5BaJJxYWsdj22RE_q9Hk5Siw
cache-control: public,max-age=900,no-transform
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1731593634493400
content-length: 5527
server: UploadServer

POST
H2 202 rum Show response
browser-intake-datadoghq.com/api/v2/ 53 B
112 B 78ms
73ms Fetch
application/json 2600:1f18:24e6:b901:72e3:1bfe:b271:96b2
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.11.0%2Capi%3Afetch%2Cenv%3Aproduction%2Cservice%3Afrontend-heloc&dd-api-key=pub12f76571c55a1c6efcc45166d57d29b6&dd-evp-origin-version=5.11.0&dd-evp-origin=browser&dd-request-id=c5becb72-1173-49a3-abbf-16ec55f51282&batch_time=1732954181817

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:24e6:b901:72e3:1bfe:b271:96b2 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

f3afee3511a3b816f2547e01ef954e8affadda7b7d382ae445716e42d68be387

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://heloc-apply.rate.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
content-length: 53
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
date: Sat, 30 Nov 2024 08:09:41 GMT
content-type: application/json
dd-request-id: c5becb72-1173-49a3-abbf-16ec55f51282

GET
H3 200 apple-icon-144x144.png
heloc-apply.rate.com/rate-favicons/ 6 KB
3 KB 50ms
50ms Other
text/html 34.102.202.59
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://heloc-apply.rate.com/rate-favicons/apple-icon-144x144.png

Protocol

Security

QUIC, , AES_128_GCM

Server

34.102.202.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

59.202.102.34.bc.googleusercontent.com

Software

nginx/1.27.2 /

Resource Hash

0943a75bec00f4c5e5fbfd988b0e7d7a2dc3a2960a0029a8f782e580392da482

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heloc-apply.rate.com/

Response headers

access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
content-encoding: gzip
etag: W/"67466171-16f8"
x-content-type-options: nosniff
x-kong-proxy-latency: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 08:09:41 GMT
content-type: text/html; charset=UTF-8
last-modified: Wed, 27 Nov 2024 00:01:53 GMT
vary: Origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
access-control-allow-credentials: true
referrer-policy: same-origin
via: kong/3.4.2, 1.1 google
x-kong-upstream-latency: 1
server: nginx/1.27.2

GET
H2 200 upscope-2024.11.12.es6.js Show response
js.upscope.io/ 152 KB
44 KB 250ms
70ms Script
text/javascript 13.225.63.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.upscope.io/upscope-2024.11.12.es6.js
Requested by: Host: code.upscope.io
URL: https://code.upscope.io/wTx6yitcMq.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-63-14.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b5369b297ff51309954b081b749bd0d4cacda91de06fe2fa46173ff987b42ebd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heloc-apply.rate.com/

Response headers

cache-control: max-age=864000,public
content-encoding: gzip
etag: W/"b71a57df753dd3cb0250113ba761e975"
age: 32
via: 1.1 8ab0aef6448b5ee7c8ac1a76da988556.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 6rRqoree2oKNATZW9KWjRtHqY1QZTIyITUNMiCbTj5pB5fg7WwDfsg==
date: Sat, 30 Nov 2024 08:09:10 GMT
content-type: text/javascript
last-modified: Wed, 27 Nov 2024 17:55:42 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C1
vary: Accept-Encoding

POST logs
csp-report.browser-intake-datadoghq.com/api/v2/ 0
0

POST
H2 204 collect Show response
www.google-analytics.com/g/ 0
555 B 234ms
76ms Fetch
text/plain 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-FHZ0P94BBY&gtm=45je4bk0v9189148966z89187051943za200zb9187051943&_p=1732954181217&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1387015481.1732954182&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732954181&sct=1&seg=0&dl=https%3A%2F%2Fheloc-apply.rate.com%2Faccount%2Fheloc%2Fregister%3Faffid%3D160005%26transid%3D42fb0e7b48ed43d5ae85407ddaa6d339%26_ef_transaction_id%3D42fb0e7b48ed43d5ae85407ddaa6d339&dr=https%3A%2F%2Ffrmbri.com%2F&dt=Guaranteed%20Rate%20%7C%20Get%20Started&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3598
Requested by: Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heloc-apply.rate.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://heloc-apply.rate.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 08:09:42 GMT
content-type: text/plain
server: Golfe2

OPTIONS
H3 200 OPS_PHONE
www.figure.com/service-operating-hours/external/api/v1/hours/ Frame 0
0 57ms
56ms Preflight 34.160.235.105
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.figure.com/service-operating-hours/external/api/v1/hours/OPS_PHONE?display=true

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.235.105 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

105.235.160.34.bc.googleusercontent.com

Software

kong/3.4.2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-org
Access-Control-Request-Method: GET
Origin: https://heloc-apply.rate.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,name,type,x-accomplishments,x-with-origin,Origin,x-org,x-3pv-access-code,x-datadog-trace-id,x-datadog-parent-id,x-datadog-origin,x-datadog-sampling-priority,x-datadog-sampled,x-recaptcha-token,x-figure-auth,wallet-authorization,x-auth0-application-name,x-managed-user-auth0-application-name,x-managed-user-email,affiliate-org,x-wallet-address,x-member-name,x-membership
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE,OPTIONS,TRACE,CONNECT
access-control-allow-origin: https://heloc-apply.rate.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 30 Nov 2024 08:09:41 GMT
referrer-policy: same-origin
server: kong/3.4.2
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin
via: 1.1 google
x-content-type-options: nosniff
x-kong-response-latency: 1

OPTIONS
H3 200 states-eligibility
www.figure.com/service-application/external/api/v2/heloc/ Frame 0
0 52ms
52ms Preflight 34.160.235.105
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.figure.com/service-application/external/api/v2/heloc/states-eligibility?orgCode=GUARANTEED_RATE

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.235.105 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

105.235.160.34.bc.googleusercontent.com

Software

kong/3.4.2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: GET
Origin: https://heloc-apply.rate.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,name,type,x-accomplishments,x-with-origin,Origin,x-org,x-3pv-access-code,x-datadog-trace-id,x-datadog-parent-id,x-datadog-origin,x-datadog-sampling-priority,x-datadog-sampled,x-recaptcha-token,x-figure-auth,wallet-authorization,x-auth0-application-name,x-managed-user-auth0-application-name,x-managed-user-email,affiliate-org,x-wallet-address,x-member-name,x-membership
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE,OPTIONS,TRACE,CONNECT
access-control-allow-origin: https://heloc-apply.rate.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 30 Nov 2024 08:09:41 GMT
referrer-policy: same-origin
server: kong/3.4.2
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin
via: 1.1 google
x-content-type-options: nosniff
x-kong-response-latency: 0

OPTIONS
H3 200 zip-eligibility
www.figure.com/service-application/external/api/v1/heloc/ Frame 0
0 55ms
54ms Preflight 34.160.235.105
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.figure.com/service-application/external/api/v1/heloc/zip-eligibility?orgCode=GUARANTEED_RATE

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.235.105 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

105.235.160.34.bc.googleusercontent.com

Software

kong/3.4.2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: GET
Origin: https://heloc-apply.rate.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,name,type,x-accomplishments,x-with-origin,Origin,x-org,x-3pv-access-code,x-datadog-trace-id,x-datadog-parent-id,x-datadog-origin,x-datadog-sampling-priority,x-datadog-sampled,x-recaptcha-token,x-figure-auth,wallet-authorization,x-auth0-application-name,x-managed-user-auth0-application-name,x-managed-user-email,affiliate-org,x-wallet-address,x-member-name,x-membership
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE,OPTIONS,TRACE,CONNECT
access-control-allow-origin: https://heloc-apply.rate.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 30 Nov 2024 08:09:41 GMT
referrer-policy: same-origin
server: kong/3.4.2
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin
via: 1.1 google
x-content-type-options: nosniff
x-kong-response-latency: 0

OPTIONS
H3 200 all
www.figure.com/service-application/api/v1/application/heloc/ Frame 0
0 53ms
52ms Preflight 34.160.235.105
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.figure.com/service-application/api/v1/application/heloc/all

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.235.105 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

105.235.160.34.bc.googleusercontent.com

Software

kong/3.4.2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: GET
Origin: https://heloc-apply.rate.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,name,type,x-accomplishments,x-with-origin,Origin,x-org,x-3pv-access-code,x-datadog-trace-id,x-datadog-parent-id,x-datadog-origin,x-datadog-sampling-priority,x-datadog-sampled,x-recaptcha-token,x-figure-auth,wallet-authorization,x-auth0-application-name,x-managed-user-auth0-application-name,x-managed-user-email,affiliate-org,x-wallet-address,x-member-name,x-membership
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE,OPTIONS,TRACE,CONNECT
access-control-allow-origin: https://heloc-apply.rate.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 30 Nov 2024 08:09:41 GMT
referrer-policy: same-origin
server: kong/3.4.2
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin
via: 1.1 google
x-content-type-options: nosniff
x-kong-response-latency: 0

GET
H3 404 figureinfo Show response
www.figure.com/identity-broker/customer/secure/api/v3/self/ 43 B
60 B 48ms
47ms Fetch
application/json 34.160.235.105
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.figure.com/identity-broker/customer/secure/api/v3/self/figureinfo
Requested by: Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.235.105 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 105.235.160.34.bc.googleusercontent.com
Software: kong/3.4.2 /
Resource Hash: 1af15eb875ee508910a7d9cf3b7c5ee74baa0fd5b59c419c384b8f71aa9017e5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
X-Auth0-Application-Name: heloc
Referer: https://heloc-apply.rate.com/

Response headers

access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://heloc-apply.rate.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 08:09:41 GMT
x-kong-response-latency: 0
content-type: application/json
vary: Origin
server: kong/3.4.2

GET
H3 200 metadata Show response
www.figure.com/service-organization-metadata/external/api/v1/organizations/GUARANTEED_RATE/ 2 KB
2 KB 51ms
51ms Fetch
application/json 34.160.235.105
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.figure.com/service-organization-metadata/external/api/v1/organizations/GUARANTEED_RATE/metadata

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.235.105 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

105.235.160.34.bc.googleusercontent.com

Software

Resource Hash

501d59f3caabc33cf7670ab16e16f724b4404bdd48e46a4a6b68d006d2dd82bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heloc-apply.rate.com/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
access-control-allow-credentials: true
referrer-policy: no-referrer
x-content-type-options: nosniff
via: kong/3.4.2, 1.1 google
x-kong-upstream-latency: 2
access-control-allow-origin: https://heloc-apply.rate.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1617
x-xss-protection: 1 ; mode=block
date: Sat, 30 Nov 2024 08:09:41 GMT
content-type: application/json
vary: Origin
x-kong-proxy-latency: 0

GET
H3 200 metadata Show response
www.figure.com/service-organization-metadata/external/api/v1/organizations/GUARANTEED_RATE/ 2 KB
2 KB 105ms
54ms Fetch
application/json 34.160.235.105
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.figure.com/service-organization-metadata/external/api/v1/organizations/GUARANTEED_RATE/metadata

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.235.105 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

105.235.160.34.bc.googleusercontent.com

Software

Resource Hash

501d59f3caabc33cf7670ab16e16f724b4404bdd48e46a4a6b68d006d2dd82bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heloc-apply.rate.com/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
access-control-allow-credentials: true
referrer-policy: no-referrer
x-content-type-options: nosniff
via: kong/3.4.2, 1.1 google
x-kong-upstream-latency: 2
access-control-allow-origin: https://heloc-apply.rate.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1617
x-xss-protection: 1 ; mode=block
date: Sat, 30 Nov 2024 08:09:41 GMT
content-type: application/json
vary: Origin
x-kong-proxy-latency: 1

GET
H3 200 state-licenses Show response
www.figure.com/service-application/external/api/v1/heloc/ 5 KB
5 KB 52ms
52ms Fetch
application/json 34.160.235.105
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.figure.com/service-application/external/api/v1/heloc/state-licenses?orgCode=GUARANTEED_RATE

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.235.105 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

105.235.160.34.bc.googleusercontent.com

Software

Resource Hash

ecbb0717cfc4359ae664aa887774f998e84296297a51082d75d2aa1bc6ba584c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heloc-apply.rate.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
access-control-allow-credentials: true
x-content-type-options: nosniff
referrer-policy: same-origin
via: kong/3.4.2, 1.1 google
x-kong-upstream-latency: 3
access-control-allow-origin: https://heloc-apply.rate.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-kong-proxy-latency: 0
date: Sat, 30 Nov 2024 08:09:41 GMT
content-type: application/json
vary: Origin

GET
H3 200 OPS_PHONE Show response
www.figure.com/service-operating-hours/external/api/v1/hours/ 1 KB
1 KB 64ms
62ms Fetch
application/json 34.160.235.105
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.figure.com/service-operating-hours/external/api/v1/hours/OPS_PHONE?display=true

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.235.105 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

105.235.160.34.bc.googleusercontent.com

Software

Resource Hash

04214e1cbfc74eac2a0b02e9ba44d8ab2967292de621a6a93c668a39a8783c94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
x-org: GUARANTEED_RATE
Referer: https://heloc-apply.rate.com/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
access-control-allow-credentials: true
referrer-policy: no-referrer
x-content-type-options: nosniff
via: kong/3.4.2, 1.1 google
x-kong-upstream-latency: 9
access-control-allow-origin: https://heloc-apply.rate.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1244
x-xss-protection: 0
date: Sat, 30 Nov 2024 08:09:41 GMT
content-type: application/json
vary: Origin
x-kong-proxy-latency: 0

GET
H3 200 states-eligibility Show response
www.figure.com/service-application/external/api/v2/heloc/ 231 B
252 B 63ms
59ms Fetch
application/json 34.160.235.105
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.figure.com/service-application/external/api/v2/heloc/states-eligibility?orgCode=GUARANTEED_RATE

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.235.105 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

105.235.160.34.bc.googleusercontent.com

Software

Resource Hash

c241c1ec1e5b5bdc86dbb99931a10ced1489d47e5b169a8ada287336822c8072

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Authorization
Referer: https://heloc-apply.rate.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
access-control-allow-credentials: true
x-content-type-options: nosniff
referrer-policy: same-origin
via: kong/3.4.2, 1.1 google
x-kong-upstream-latency: 6
access-control-allow-origin: https://heloc-apply.rate.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-kong-proxy-latency: 0
date: Sat, 30 Nov 2024 08:09:41 GMT
content-type: application/json
vary: Origin

GET
H3 200 zip-eligibility Show response
www.figure.com/service-application/external/api/v1/heloc/ 2 B
22 B 65ms
64ms Fetch
application/json 34.160.235.105
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.figure.com/service-application/external/api/v1/heloc/zip-eligibility?orgCode=GUARANTEED_RATE

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.235.105 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

105.235.160.34.bc.googleusercontent.com

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Authorization
Referer: https://heloc-apply.rate.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
access-control-allow-credentials: true
x-content-type-options: nosniff
referrer-policy: same-origin
via: kong/3.4.2, 1.1 google
x-kong-upstream-latency: 13
access-control-allow-origin: https://heloc-apply.rate.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-kong-proxy-latency: 0
date: Sat, 30 Nov 2024 08:09:41 GMT
content-type: application/json
vary: Origin

GET
H3 401 all Show response
www.figure.com/service-application/api/v1/application/heloc/ 29 B
47 B 62ms
59ms Fetch
application/json 34.160.235.105
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.figure.com/service-application/api/v1/application/heloc/all
Requested by: Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.235.105 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 105.235.160.34.bc.googleusercontent.com
Software: kong/3.4.2 /
Resource Hash: 1640fd455a67c6eab8e66e311676d6ff925ef4fd693c785373a575e53e394b09

Request headers

Authorization
Referer: https://heloc-apply.rate.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://heloc-apply.rate.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
date: Sat, 30 Nov 2024 08:09:42 GMT
x-kong-response-latency: 0
content-type: application/json; charset=utf-8
vary: Origin
server: kong/3.4.2

GET
H3 200 SMS Show response
www.figure.com/service-comms-prefs/external/api/v1/consent/prompt/ 928 B
952 B 66ms
66ms XHR
application/json 34.160.235.105
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.figure.com/service-comms-prefs/external/api/v1/consent/prompt/SMS

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.235.105 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

105.235.160.34.bc.googleusercontent.com

Software

Resource Hash

9228a0f93d4f6e2c6bf7063588b8c4e6deb2399ae5dfa36c71e6d611426acf28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

X-With-Origin: https://heloc-apply.rate.com
Referer: https://heloc-apply.rate.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
x-org: GUARANTEED_RATE

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
access-control-allow-credentials: true
x-content-type-options: nosniff
referrer-policy: same-origin
via: kong/3.4.2, 1.1 google
x-kong-upstream-latency: 16
access-control-allow-origin: https://heloc-apply.rate.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-kong-proxy-latency: 0
date: Sat, 30 Nov 2024 08:09:42 GMT
content-type: application/json
vary: Origin

OPTIONS
H3 200 SMS
www.figure.com/service-comms-prefs/external/api/v1/consent/prompt/ Frame 0
0 50ms
50ms Preflight 34.160.235.105
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.figure.com/service-comms-prefs/external/api/v1/consent/prompt/SMS

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.235.105 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

105.235.160.34.bc.googleusercontent.com

Software

kong/3.4.2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-org,x-with-origin
Access-Control-Request-Method: GET
Origin: https://heloc-apply.rate.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,name,type,x-accomplishments,x-with-origin,Origin,x-org,x-3pv-access-code,x-datadog-trace-id,x-datadog-parent-id,x-datadog-origin,x-datadog-sampling-priority,x-datadog-sampled,x-recaptcha-token,x-figure-auth,wallet-authorization,x-auth0-application-name,x-managed-user-auth0-application-name,x-managed-user-email,affiliate-org,x-wallet-address,x-member-name,x-membership
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE,OPTIONS,TRACE,CONNECT
access-control-allow-origin: https://heloc-apply.rate.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 30 Nov 2024 08:09:41 GMT
referrer-policy: same-origin
server: kong/3.4.2
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin
via: 1.1 google
x-content-type-options: nosniff
x-kong-response-latency: 0

POST logs
csp-report.browser-intake-datadoghq.com/api/v2/ 0
0

POST
H2 200 referrer Show response
pix.pontiac.media/ 0
81 B 181ms
61ms XHR
text/plain 52.70.25.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pix.pontiac.media/referrer
Requested by: Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.25.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-25-4.compute-1.amazonaws.com
Software: akka-http/10.2.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://heloc-apply.rate.com/

Response headers

access-control-allow-origin: *
content-length: 0
date: Sat, 30 Nov 2024 08:09:42 GMT
server: akka-http/10.2.10

GET
H3 200 291170618061825 Show response
connect.facebook.net/signals/config/ 106 KB
21 KB 245ms
244ms Script
application/x-javascript 157.240.241.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/291170618061825?v=2.9.176&r=stable&domain=heloc-apply.rate.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-lga3.fbcdn.net

Software

Resource Hash

8d2bcdfc215a58b27e471fed0508bdbef5f529fd8d9d3af68e4cc315d04fa0ce

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-OIwJKrud' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heloc-apply.rate.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 08:09:42 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-OIwJKrud' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=61, rtx=0, c=77, mss=1232, tbw=70870, tp=67, tpl=0, uplat=183, ullat=0
pragma: public
x-fb-debug: SulWB4BbUGrBGWDtePCw+lacDUPCLWhPsMJO3z8htyFuPDwWIe45PJ/sxA0BPcR0S2JjCky8zPDls00kxgDN2Q==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 LDIoaomQNQcsA88c7O9yZ4KMCoOg4Ko20yw.woff2
fonts.gstatic.com/s/plusjakartasans/v8/ 27 KB
27 KB 63ms
60ms Font
font/woff2 142.250.80.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/plusjakartasans/v8/LDIoaomQNQcsA88c7O9yZ4KMCoOg4Ko20yw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Plus+Jakarta+Sans:wght@400;500;600;700;800&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.35 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f3.1e100.net

Software

sffe /

Resource Hash

1262bff0591c36094d058ab102b84ce34eb1e547e8ff00557bf8d55449e58e40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://heloc-apply.rate.com
Referer: https://fonts.googleapis.com/

Response headers

age: 131141
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 28 Nov 2025 19:44:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 19:44:01 GMT
last-modified: Thu, 22 Jun 2023 14:14:33 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27444
x-xss-protection: 0
server: sffe

GET
H3 200 apple-icon-152x152.png
heloc-apply.rate.com/rate-favicons/ 6 KB
3 KB 51ms
50ms Other
text/html 34.102.202.59
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://heloc-apply.rate.com/rate-favicons/apple-icon-152x152.png

Protocol

Security

QUIC, , AES_128_GCM

Server

34.102.202.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

59.202.102.34.bc.googleusercontent.com

Software

nginx/1.27.2 /

Resource Hash

0943a75bec00f4c5e5fbfd988b0e7d7a2dc3a2960a0029a8f782e580392da482

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heloc-apply.rate.com/

Response headers

access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
content-encoding: gzip
etag: W/"67466171-16f8"
x-content-type-options: nosniff
x-kong-proxy-latency: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 08:09:42 GMT
content-type: text/html; charset=UTF-8
last-modified: Wed, 27 Nov 2024 00:01:53 GMT
vary: Origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
access-control-allow-credentials: true
referrer-policy: same-origin
via: kong/3.4.2, 1.1 google
x-kong-upstream-latency: 1
server: nginx/1.27.2

GET
H3 200 guaranteed-rate-logo-dark-B2WW7s0I.svg
heloc-apply.rate.com/account/heloc/assets/ 14 KB
44 B 55ms
54ms Image
image/svg+xml 34.102.202.59
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heloc-apply.rate.com/account/heloc/assets/guaranteed-rate-logo-dark-B2WW7s0I.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

34.102.202.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

59.202.102.34.bc.googleusercontent.com

Software

Resource Hash

e014609bea483f76c9562129f5dbd7e1107884ec1a8b47474d53860816fdcfed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heloc-apply.rate.com/

Response headers

access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
etag: W/"3699-19369c51d10"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-kong-proxy-latency: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 08:09:42 GMT
last-modified: Tue, 26 Nov 2024 18:39:06 GMT
vary: Origin
content-type: image/svg+xml
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=0
x-dns-prefetch-control: off
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
access-control-allow-credentials: true
referrer-policy: strict-origin
x-download-options: noopen
via: kong/3.4.2, 1.1 google
content-security-policy-report-only: default-src https://cdn.plaid.com/ 'self';script-src https://cdn.plaid.com/link/v2/stable/link-initialize.js https://test.figure.com https://figure.com 'unsafe-inline' 'nonce-R3G5WvCuFOWhAUwioqrYEg==' 'strict-dynamic' 'self';frame-src https://cdn.plaid.com/ 'self';connect-src https://*.plaid.com/ https://test.figure.com https://www.figure.com https://api.trustpilot.com https://*.fullstory.com 'self' https://browser-intake-datadoghq.com https://api.rollbar.com/api/1/item/ https://cdn.figure.com https://fonts.googleapis.com https://fonts.gstatic.com;font-src https://cdn.figure.com https://fonts.gstatic.com 'self' https://cdn.figure.com/fonts/SharpGroteskMedium21.otf;style-src https://use.fontawesome.com https://fonts.googleapis.com 'self' 'unsafe-inline' https://cdn.figure.com https://fonts.googleapis.com/css2 https://cdn.figure.com/fonts/SharpGroteskMedium21.css;media-src https://cdn.figure.com https://www.datocms-assets.com https://www.googletagmanager.com https://cdn.talkjs.com 'self';img-src https://ad.doubleclick.net https://cdn.figure.com https://storage.googleapis.com https://www.datocms-assets.com https://www.googletagmanager.com https://www.gstatic.com 'self' data: blob:;form-action 'none';manifest-src 'self';object-src 'none';worker-src 'none';report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub8a555cb7c86a0dc6930b357a476d6449&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=app-name:heloc;base-uri 'self';frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
accept-ranges: bytes
x-kong-upstream-latency: 3
content-length: 13977
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 202 rum Show response
browser-intake-datadoghq.com/api/v2/ 53 B
113 B 116ms
109ms Fetch
application/json 2600:1f18:24e6:b901:72e3:1bfe:b271:96b2
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.11.0%2Capi%3Afetch%2Cenv%3Aproduction%2Cservice%3Afrontend-heloc&dd-api-key=pub12f76571c55a1c6efcc45166d57d29b6&dd-evp-origin-version=5.11.0&dd-evp-origin=browser&dd-request-id=473007ce-f11f-4ad2-b616-dd249ee2db6a&batch_time=1732954182084

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:24e6:b901:72e3:1bfe:b271:96b2 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

485bd74deb4d9e297d46b8d96f06382c7ba4186326ebe454dd98dbcac7e5db47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://heloc-apply.rate.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
content-length: 53
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
date: Sat, 30 Nov 2024 08:09:42 GMT
content-type: application/json
dd-request-id: 473007ce-f11f-4ad2-b616-dd249ee2db6a

POST
H2 200 page Show response
rs.fullstory.com/rec/ 1 KB
857 B 255ms
147ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/page
Requested by: Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: c4f88c5a0fbeb816fe209064132209801c3e56ce5933e00767479452092f317f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://heloc-apply.rate.com/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://heloc-apply.rate.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 673
date: Sat, 30 Nov 2024 08:09:42 GMT
content-type: application/json; charset=utf-8

POST
H2 202 rum Show response
browser-intake-datadoghq.com/api/v2/ 53 B
112 B 122ms
116ms Fetch
application/json 2600:1f18:24e6:b901:72e3:1bfe:b271:96b2
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.11.0%2Capi%3Afetch%2Cenv%3Aproduction%2Cservice%3Afrontend-heloc&dd-api-key=pub12f76571c55a1c6efcc45166d57d29b6&dd-evp-origin-version=5.11.0&dd-evp-origin=browser&dd-request-id=23e9a972-5cfc-46bc-ae51-5a37d7644450&batch_time=1732954182149

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:24e6:b901:72e3:1bfe:b271:96b2 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

73f22e1e44a9c2d2d30f04824226dd4575b750981f377c5fa0140d07cf1ea710

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://heloc-apply.rate.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
content-length: 53
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
date: Sat, 30 Nov 2024 08:09:42 GMT
content-type: application/json
dd-request-id: 23e9a972-5cfc-46bc-ae51-5a37d7644450

GET
H3 200 apple-icon-180x180.png
heloc-apply.rate.com/rate-favicons/ 6 KB
3 KB 54ms
53ms Other
text/html 34.102.202.59
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://heloc-apply.rate.com/rate-favicons/apple-icon-180x180.png

Protocol

Security

QUIC, , AES_128_GCM

Server

34.102.202.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

59.202.102.34.bc.googleusercontent.com

Software

nginx/1.27.2 /

Resource Hash

0943a75bec00f4c5e5fbfd988b0e7d7a2dc3a2960a0029a8f782e580392da482

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heloc-apply.rate.com/

Response headers

access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
content-encoding: gzip
etag: W/"67466171-16f8"
x-content-type-options: nosniff
x-kong-proxy-latency: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 08:09:42 GMT
content-type: text/html; charset=UTF-8
last-modified: Wed, 27 Nov 2024 00:01:53 GMT
vary: Origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
access-control-allow-credentials: true
referrer-policy: same-origin
via: kong/3.4.2, 1.1 google
x-kong-upstream-latency: 1
server: nginx/1.27.2

POST logs
csp-report.browser-intake-datadoghq.com/api/v2/ 0
0

GET
H3 404 figureinfo Show response
www.figure.com/identity-broker/customer/secure/api/v3/self/ 43 B
60 B 48ms
48ms Fetch
application/json 34.160.235.105
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.figure.com/identity-broker/customer/secure/api/v3/self/figureinfo
Requested by: Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.235.105 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 105.235.160.34.bc.googleusercontent.com
Software: kong/3.4.2 /
Resource Hash: 9b6d71b5272816e8d983b0535944807b1bb867ae8c6f15ac712eb25d90aa5bf7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
X-Auth0-Application-Name: heloc
Referer: https://heloc-apply.rate.com/

Response headers

access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://heloc-apply.rate.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 08:09:42 GMT
x-kong-response-latency: 0
content-type: application/json
vary: Origin
server: kong/3.4.2

POST logs
csp-report.browser-intake-datadoghq.com/api/v2/ 0
0

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 144ms
60ms Image
text/plain 31.13.71.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=291170618061825&ev=PageView&dl=https%3A%2F%2Fheloc-apply.rate.com&rl=https%3A%2F%2Ffrmbri.com&if=false&ts=1732954182458&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4124&fbp=fb.1.1732954182454.657587506496446882&cs_est=true&pm=1&hrl=e3241f&ler=other&cdl=API_unavailable&it=1732954181986&coo=false&tm=1&cs_cc=1&cas=9490831944278598%2C8683592841688784%2C28113304391590088%2C9054849127876679%2C8282770388481956%2C8228316767233436%2C8312034408914059%2C8034842426629256%2C8247276088635900%2C7702633719820295%2C7901821376531098%2C7601226503330438%2C8112081898821044%2C7506208052755990%2C5144904455594745%2C3157052587673508%2C1808262655906938&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-lga3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heloc-apply.rate.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=58, rtx=0, c=23, mss=1232, tbw=4499, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sat, 30 Nov 2024 08:09:42 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

POST logs
csp-report.browser-intake-datadoghq.com/api/v2/ 0
0

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
194 B 366ms
283ms Image
image/png 31.13.71.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=291170618061825&ev=PageView&dl=https%3A%2F%2Fheloc-apply.rate.com&rl=https%3A%2F%2Ffrmbri.com&if=false&ts=1732954182458&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4124&fbp=fb.1.1732954182454.657587506496446882&cs_est=true&pm=1&hrl=e3241f&ler=other&cdl=API_unavailable&it=1732954181986&coo=false&tm=1&cs_cc=1&cas=9490831944278598%2C8683592841688784%2C28113304391590088%2C9054849127876679%2C8282770388481956%2C8228316767233436%2C8312034408914059%2C8034842426629256%2C8247276088635900%2C7702633719820295%2C7901821376531098%2C7601226503330438%2C8112081898821044%2C7506208052755990%2C5144904455594745%2C3157052587673508%2C1808262655906938&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-lga3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heloc-apply.rate.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7442981539180540466"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xd9b6ce76c8d2b9f7","source_keys":["1"]}],"aggregatable_values":{"1":10922},"aggregatable_source_registration_time":"exclude","filters":{"3":["25827098433605490"]},"debug_reporting":true,"debug_key":"1297519621038070943"}
date: Sat, 30 Nov 2024 08:09:42 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: UK5T5hQ9RLutwimvFg7vbwny9E8i74vvgDKQaE+aAdFcdJ23wdFs/om1XgyUxnJQjvuL2UOkt4pNcUo7r5Ykfw==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7442981539180540466", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=58, rtx=0, c=23, mss=1232, tbw=4867, tp=13, tpl=0, uplat=222, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 integrations Show response
rs.fullstory.com/rec/ 3 KB
3 KB 82ms
81ms Script
text/javascript 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/integrations?OrgId=14DPH6&isInFrame=false&isNative=false
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: f2cd8c1f224de496524c3d6362250eae0c0b4d1d90e2f68ae1fb0ea67cf03138

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heloc-apply.rate.com/

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 08:09:42 GMT
content-type: text/javascript; charset=utf-8
cross-origin-resource-policy: cross-origin

POST logs
csp-report.browser-intake-datadoghq.com/api/v2/ 0
0

GET
H3 200 click Show response
www.chablivoy.com/sdk/ 91 B
1 KB 247ms
247ms Fetch
application/json 172.67.172.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.chablivoy.com/sdk/click?effp=a00fb9de1c889a0049d346451faf7768&sec_ch_ua_platform=&sec_ch_ua_platform_version=&sec_ch_ua_model=&_ef_transaction_id=42fb0e7b48ed43d5ae85407ddaa6d339&oid=&affid=160005&__cc=&async=json&__qp=affid%7Ctransid%7C_ef_transaction_id&__rf=https%3A%2F%2Ffrmbri.com%2F
Requested by: Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.172.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79cc438c949b756c29fe48f859719c6ce2879e27b85a56198f0cb4f84ea3fd53

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heloc-apply.rate.com/

Response headers

content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MFtfHGSDtRJ0rbD%2FYu73kd8Z1F1tgkZzXFKpFdncDGxlXEKUr8CnNcfvbQrpF4PkzoR1GO2o2mpVaETvPSwGcMduKxCM8UR9CRYVAuCvqCd0ktIHvea2%2BQVoiopEdNo7fsi1Cw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-eflow-request-id: eafc696b-f859-4e9e-9963-4fb3f1ba5219
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37819&min_rtt=30690&rtt_var=5086&sent=32&recv=20&lost=0&retrans=0&sent_bytes=24682&recv_bytes=5275&delivery_rate=293932&cwnd=21300&unsent_bytes=0&cid=9fa7bec2614cb0a5&ts=1030&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 30 Nov 2024 08:09:42 GMT
content-type: application/json; charset=utf-8
vary: Origin
priority: u=1,i
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
access-control-allow-credentials: true
cf-ray: 8ea95b58bc5d09ca-MIA
access-control-allow-origin: https://heloc-apply.rate.com
server: cloudflare

POST
H2 202 rum Show response
browser-intake-datadoghq.com/api/v2/ 53 B
112 B 103ms
98ms Fetch
application/json 2600:1f18:24e6:b901:72e3:1bfe:b271:96b2
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.11.0%2Capi%3Afetch%2Cenv%3Aproduction%2Cservice%3Afrontend-heloc&dd-api-key=pub12f76571c55a1c6efcc45166d57d29b6&dd-evp-origin-version=5.11.0&dd-evp-origin=browser&dd-request-id=8e06ee15-b834-48b4-9036-e88fd7b6eb0b&batch_time=1732954182586

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:24e6:b901:72e3:1bfe:b271:96b2 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a1d5e3178a81ba644411d209ba36c7c1e0cee2778fb41dd0c9fc79105f39436e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://heloc-apply.rate.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
content-length: 53
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
date: Sat, 30 Nov 2024 08:09:42 GMT
content-type: application/json
dd-request-id: 8e06ee15-b834-48b4-9036-e88fd7b6eb0b

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ Frame F932 286 KB
0 0ms
0ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 8ee3657560b1a271d276a415951fe1e5451e258da97a10c639e6b9aba2f28e1b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://heloc-apply.rate.com
Referer

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: br
x-goog-hash: crc32c=ZmBNIA==, md5=0Vgo23dc3Qpu85CjYQ6d0Q==
etag: "d15828db775cdd0a6ef390a3610e9dd1"
age: 33
x-goog-stored-content-encoding: br
expires: Sat, 30 Nov 2024 09:09:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 79132
date: Sat, 30 Nov 2024 08:09:08 GMT
last-modified: Thu, 14 Nov 2024 14:06:07 GMT
content-type: application/javascript
vary: Accept-Encoding
x-guploader-uploadid: AFiumC7gmHwyAdrZ1L3EQU1zJcUkJWY8px-v8-qQ0ysKTL6Av499MTjZkQXYhwGB-LiHLJZnhSQ
cache-control: public, max-age=3600,no-transform
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1731593167065982
content-length: 79132
server: UploadServer

GET
H3 401 all Show response
www.figure.com/service-application/api/v1/application/heloc/ 29 B
47 B 49ms
49ms Fetch
application/json 34.160.235.105
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.figure.com/service-application/api/v1/application/heloc/all
Requested by: Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.235.105 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 105.235.160.34.bc.googleusercontent.com
Software: kong/3.4.2 /
Resource Hash: 1640fd455a67c6eab8e66e311676d6ff925ef4fd693c785373a575e53e394b09

Request headers

Authorization
Referer: https://heloc-apply.rate.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://heloc-apply.rate.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
date: Sat, 30 Nov 2024 08:09:43 GMT
x-kong-response-latency: 1
content-type: application/json; charset=utf-8
vary: Origin
server: kong/3.4.2

GET
H3 404 figureinfo Show response
www.figure.com/identity-broker/customer/secure/api/v3/self/ 43 B
60 B 47ms
47ms Fetch
application/json 34.160.235.105
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.figure.com/identity-broker/customer/secure/api/v3/self/figureinfo
Requested by: Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.235.105 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 105.235.160.34.bc.googleusercontent.com
Software: kong/3.4.2 /
Resource Hash: 51a1e2e6602547a91cf7425f6b1f641270dbc9891afbe1c828ead5ee14a17025

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
X-Auth0-Application-Name: heloc
Referer: https://heloc-apply.rate.com/

Response headers

access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://heloc-apply.rate.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 08:09:44 GMT
x-kong-response-latency: 1
content-type: application/json
vary: Origin
server: kong/3.4.2

POST
H3 200 v2 Show response
rs.fullstory.com/rec/bundle/ 29 B
43 B 171ms
107ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle/v2?OrgId=14DPH6&UserId=f0443220-c45c-4c64-be72-5bdf78162f39&SessionId=da376bcd-546d-44b8-9d02-865537bb1b11&PageId=61e7003e-379d-46ad-91b7-940960ba8ffc&Seq=1&ClientTime=1732954185130&CompiledVersion=aa37b0048e92b9fe820404ebb566a04d7c8aba36&PageStart=1732954182468&PrevBundleTime=0&LastActivity=2305&IsNewSession=true&ContentEncoding=gzip
Requested by: Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: aa383c3dda1452989c0fe75ba5235e5bec5a87988f2acefbb230baf8aa8aaa2c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://heloc-apply.rate.com/

Response headers

via: 1.1 google
access-control-allow-origin: https://heloc-apply.rate.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
date: Sat, 30 Nov 2024 08:09:45 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true

GET
H3 401 all Show response
www.figure.com/service-application/api/v1/application/heloc/ 29 B
47 B 48ms
48ms Fetch
application/json 34.160.235.105
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.figure.com/service-application/api/v1/application/heloc/all
Requested by: Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.235.105 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 105.235.160.34.bc.googleusercontent.com
Software: kong/3.4.2 /
Resource Hash: 1640fd455a67c6eab8e66e311676d6ff925ef4fd693c785373a575e53e394b09

Request headers

Authorization
Referer: https://heloc-apply.rate.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub,x-eid
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://heloc-apply.rate.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
date: Sat, 30 Nov 2024 08:09:45 GMT
x-kong-response-latency: 1
content-type: application/json; charset=utf-8
vary: Origin
server: kong/3.4.2

POST
H2 202 rum Show response
browser-intake-datadoghq.com/api/v2/ 53 B
135 B 147ms
142ms Fetch
application/json 2600:1f18:24e6:b901:72e3:1bfe:b271:96b2
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.11.0%2Capi%3Afetch%2Cenv%3Aproduction%2Cservice%3Afrontend-heloc&dd-api-key=pub12f76571c55a1c6efcc45166d57d29b6&dd-evp-origin-version=5.11.0&dd-evp-origin=browser&dd-request-id=ced5ee9c-8287-4b10-82ba-7bdb7d7ad7d4&batch_time=1732954185310

Requested by

Host: heloc-apply.rate.com
URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:24e6:b901:72e3:1bfe:b271:96b2 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

b91d833d4d2a23544f40b6058e10086e917b7e3c6df8227caf86443cfcce215b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://heloc-apply.rate.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
content-length: 53
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
date: Sat, 30 Nov 2024 08:09:45 GMT
content-type: application/json
dd-request-id: ced5ee9c-8287-4b10-82ba-7bdb7d7ad7d4

POST logs
csp-report.browser-intake-datadoghq.com/api/v2/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: csp-report.browser-intake-datadoghq.com
URL: https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub8a555cb7c86a0dc6930b357a476d6449&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=app-name:heloc

Domain: csp-report.browser-intake-datadoghq.com
URL: https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub8a555cb7c86a0dc6930b357a476d6449&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=app-name:heloc

Domain: csp-report.browser-intake-datadoghq.com
URL: https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub8a555cb7c86a0dc6930b357a476d6449&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=app-name:heloc

Domain: csp-report.browser-intake-datadoghq.com
URL: https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub8a555cb7c86a0dc6930b357a476d6449&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=app-name:heloc

Domain: csp-report.browser-intake-datadoghq.com
URL: https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub8a555cb7c86a0dc6930b357a476d6449&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=app-name:heloc

Domain: csp-report.browser-intake-datadoghq.com
URL: https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub8a555cb7c86a0dc6930b357a476d6449&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=app-name:heloc

Domain: csp-report.browser-intake-datadoghq.com
URL: https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub8a555cb7c86a0dc6930b357a476d6449&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=app-name:heloc

Domain: csp-report.browser-intake-datadoghq.com
URL: https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub8a555cb7c86a0dc6930b357a476d6449&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=app-name:heloc

Domain: csp-report.browser-intake-datadoghq.com
URL: https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub8a555cb7c86a0dc6930b357a476d6449&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=app-name:heloc

Domain: csp-report.browser-intake-datadoghq.com
URL: https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub8a555cb7c86a0dc6930b357a476d6449&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=app-name:heloc

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.blilospute.com/	1970-01-21 01:24:00	Name: uniqueClick_JMTJFKL Value: a68ab7a4-926e-42c8-83c2-28ea725f8576:1732954178
www.blilospute.com/	1970-01-21 03:32:10	Name: transaction_id Value: 42fb0e7b48ed43d5ae85407ddaa6d339
.rate.com/	1970-01-21 03:32:10	Name: _gcl_au Value: 1.1.264930169.1732954182
.rate.com/	1970-01-21 10:58:34	Name: _ga Value: GA1.1.1387015481.1732954182
beacon.lynx.cognitivlabs.com/	1970-01-21 10:08:10	Name: UID Value: f9654d49-5c12-449b-b25e-867116e4671d
.rate.com/	1970-01-21 10:58:34	Name: _ga_FHZ0P94BBY Value: GS1.1.1732954181.1.0.1732954181.0.0.0
.rlcdn.com/	1970-01-21 10:08:10	Name: rlas3 Value: haWTYW83DxJjqVmtoz8mx8EyhMseUoCErYiqYrypo5w=
.rlcdn.com/	1970-01-21 02:48:58	Name: pxrc Value: CMaQq7oGEgYI5bkrEAA=
beacon.lynx.cognitivlabs.com/	1970-01-21 10:08:10	Name: ss Value: mmAb4lgM9IjBkoEh89Z3al6bQoKyvvUPKJH4M2nDfJwSNXKIXb3%2BcZgHMbPFOg7tJeGVcqDmtesj7WPLvRR4Hw%3D%3D
.rate.com/	1970-01-21 02:05:46	Name: _upscope__region Value: InVzLWVhc3Qi
.rate.com/	1970-01-21 03:32:10	Name: _fbp Value: fb.1.1732954182454.657587506496446882
.rate.com/	1970-01-21 01:22:35	Name: fs_lua Value: 1.1732954182132
.rate.com/	1970-01-21 10:08:10	Name: fs_uid Value: #14DPH6#f0443220-c45c-4c64-be72-5bdf78162f39:da376bcd-546d-44b8-9d02-865537bb1b11:1732954182132::1#/1764490183
www.chablivoy.com/	1970-01-21 01:24:00	Name: uniqueClick Value: 21218a78-4e5f-47e4-bfe3-9d0722e8cb66:1732954182
www.chablivoy.com/	1970-01-21 03:32:10	Name: transaction_id Value: 42fb0e7b48ed43d5ae85407ddaa6d339
heloc-apply.rate.com/	1970-01-21 02:05:46	Name: ef_witness Value: 1
heloc-apply.rate.com/	1970-01-21 02:05:46	Name: ef_affid Value: 160005
heloc-apply.rate.com/	1970-01-21 02:05:46	Name: ef_tid_c_o_8849 Value: 42fb0e7b48ed43d5ae85407ddaa6d339
heloc-apply.rate.com/	1970-01-21 02:05:46	Name: ef_tid_c_a_3629 Value: 42fb0e7b48ed43d5ae85407ddaa6d339
.rate.com/	1970-01-21 02:05:46	Name: _upscope__shortId Value: Ik5HS0NQU0s3MFhKQ1RSU1pCIg==
heloc-apply.rate.com/	1970-01-21 01:22:35	Name: _dd_s Value: rum=2&id=85ad49b6-06f4-436a-b918-7121f4507c30&created=1732954180699&expire=1732955080699

36 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://heloc-apply.rate.com/account/heloc/register?affid=160005&transid=42fb0e7b48ed43d5ae85407ddaa6d339&_ef_transaction_id=42fb0e7b48ed43d5ae85407ddaa6d339 Message: The Content Security Policy directive 'upgrade-insecure-requests' is ignored when delivered in a report-only policy.
network	error	URL: https://www.figure.com/identity-broker/customer/secure/api/v3/self/figureinfo Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.figure.com/identity-broker/customer/secure/api/v3/self/figureinfo Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-N94BQ4BG(Line 114) Message: [Report Only] Refused to connect to 'https://www.google.com/ccm/collect?en=page_view&dr=frmbri.com&dl=https%3A%2F%2Fheloc-apply.rate.com%2Faccount%2Fheloc%2Fregister&scrsrc=www.googletagmanager.com&frm=0&rnd=1385316589.1732954182&auid=264930169.1732954182&npa=0&gtm=45He4bk0v9187051943za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1732954181627&tfd=3354&apve=1' because it violates the following Content Security Policy directive: "connect-src https://.plaid.com/ https://test.figure.com https://www.figure.com https://api.trustpilot.com https://.fullstory.com 'self' https://browser-intake-datadoghq.com https://api.rollbar.com/api/1/item/ https://cdn.figure.com https://fonts.googleapis.com https://fonts.gstatic.com".
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-N94BQ4BG(Line 114) Message: [Report Only] Refused to connect to 'https://www.google.com/ccm/collect?en=page_view&dr=frmbri.com&dl=https%3A%2F%2Fheloc-apply.rate.com%2Faccount%2Fheloc%2Fregister&scrsrc=www.googletagmanager.com&frm=0&rnd=1385316589.1732954182&auid=264930169.1732954182&npa=0&gtm=45He4bk0v9187051943za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1732954181627&tfd=3354&apve=1' because it violates the following Content Security Policy directive: "connect-src https://.plaid.com/ https://test.figure.com https://www.figure.com https://api.trustpilot.com https://.fullstory.com 'self' https://browser-intake-datadoghq.com https://api.rollbar.com/api/1/item/ https://cdn.figure.com https://fonts.googleapis.com https://fonts.gstatic.com".
security	error	URL: https://heloc-apply.rate.com/account/heloc/register?affid=160005&transid=42fb0e7b48ed43d5ae85407ddaa6d339&_ef_transaction_id=42fb0e7b48ed43d5ae85407ddaa6d339 Message: [Report Only] Refused to load the image 'https://beacon.lynx.cognitivlabs.com/pixel/capture?tags=6cf15fd8-2bc8-45de-aaca-1d6b5316c681&referer=https://www.rate.com/&page_url=https://heloc-apply.rate.com/account/heloc/register&u1=/account/heloc/register' because it violates the following Content Security Policy directive: "img-src https://ad.doubleclick.net https://cdn.figure.com https://storage.googleapis.com https://www.datocms-assets.com https://www.googletagmanager.com https://www.gstatic.com 'self' data: blob:".
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-N94BQ4BG(Line 111) Message: The Content Security Policy directive 'upgrade-insecure-requests' is ignored when delivered in a report-only policy.
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-N94BQ4BG(Line 111) Message: The Content Security Policy directive 'upgrade-insecure-requests' is ignored when delivered in a report-only policy.
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-N94BQ4BG(Line 432) Message: The Content Security Policy directive 'upgrade-insecure-requests' is ignored when delivered in a report-only policy.
security	error	URL: https://www.googletagmanager.com/ Message: [Report Only] Refused to frame 'https://www.googletagmanager.com/' because it violates the following Content Security Policy directive: "frame-src 'self' https://cdn.plaid.com/".
security	error	URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js(Line 307) Message: [Report Only] Refused to connect to 'https://www.google-analytics.com/g/collect?v=2&tid=G-FHZ0P94BBY&gtm=45je4bk0v9189148966z89187051943za200zb9187051943&_p=1732954181217&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1387015481.1732954182&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732954181&sct=1&seg=0&dl=https%3A%2F%2Fheloc-apply.rate.com%2Faccount%2Fheloc%2Fregister%3Faffid%3D160005%26transid%3D42fb0e7b48ed43d5ae85407ddaa6d339%26_ef_transaction_id%3D42fb0e7b48ed43d5ae85407ddaa6d339&dr=https%3A%2F%2Ffrmbri.com%2F&dt=Guaranteed%20Rate%20%7C%20Get%20Started&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3598' because it violates the following Content Security Policy directive: "connect-src https://.plaid.com/ https://test.figure.com https://www.figure.com https://api.trustpilot.com https://.fullstory.com 'self' https://browser-intake-datadoghq.com https://api.rollbar.com/api/1/item/ https://cdn.figure.com https://fonts.googleapis.com https://fonts.gstatic.com".
security	error	URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js(Line 307) Message: [Report Only] Refused to connect to 'https://www.google-analytics.com/g/collect?v=2&tid=G-FHZ0P94BBY&gtm=45je4bk0v9189148966z89187051943za200zb9187051943&_p=1732954181217&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1387015481.1732954182&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732954181&sct=1&seg=0&dl=https%3A%2F%2Fheloc-apply.rate.com%2Faccount%2Fheloc%2Fregister%3Faffid%3D160005%26transid%3D42fb0e7b48ed43d5ae85407ddaa6d339%26_ef_transaction_id%3D42fb0e7b48ed43d5ae85407ddaa6d339&dr=https%3A%2F%2Ffrmbri.com%2F&dt=Guaranteed%20Rate%20%7C%20Get%20Started&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3598' because it violates the following Content Security Policy directive: "connect-src https://.plaid.com/ https://test.figure.com https://www.figure.com https://api.trustpilot.com https://.fullstory.com 'self' https://browser-intake-datadoghq.com https://api.rollbar.com/api/1/item/ https://cdn.figure.com https://fonts.googleapis.com https://fonts.gstatic.com".
security	error	URL: https://heloc-apply.rate.com/account/heloc/register?affid=160005&transid=42fb0e7b48ed43d5ae85407ddaa6d339&_ef_transaction_id=42fb0e7b48ed43d5ae85407ddaa6d339 Message: [Report Only] Refused to load the image 'https://beacon.lynx.cognitivlabs.com/pixel/capture?tags=6cf15fd8-2bc8-45de-aaca-1d6b5316c681&referer=https://www.rate.com/&page_url=https://heloc-apply.rate.com/account/heloc/register&u1=/account/heloc/register&rf=1' because it violates the following Content Security Policy directive: "img-src https://ad.doubleclick.net https://cdn.figure.com https://storage.googleapis.com https://www.datocms-assets.com https://www.googletagmanager.com https://www.gstatic.com 'self' data: blob:".
security	error	URL: https://www.googletagmanager.com/ Message: [Report Only] Refused to frame 'https://www.googletagmanager.com/' because it violates the following Content Security Policy directive: "frame-src 'self' https://cdn.plaid.com/".
security	error	URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js(Line 307) Message: [Report Only] Refused to connect to 'https://pix.pontiac.media/referrer' because it violates the following Content Security Policy directive: "connect-src https://.plaid.com/ https://test.figure.com https://www.figure.com https://api.trustpilot.com https://.fullstory.com 'self' https://browser-intake-datadoghq.com https://api.rollbar.com/api/1/item/ https://cdn.figure.com https://fonts.googleapis.com https://fonts.gstatic.com".
security	error	URL: https://heloc-apply.rate.com/account/heloc/register?affid=160005&transid=42fb0e7b48ed43d5ae85407ddaa6d339&_ef_transaction_id=42fb0e7b48ed43d5ae85407ddaa6d339 Message: [Report Only] Refused to load the image 'https://idsync.rlcdn.com/711906.gif?partner_uid=f9654d49-5c12-449b-b25e-867116e4671d&credir=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%2Fliveramp%2Fdone' because it violates the following Content Security Policy directive: "img-src https://ad.doubleclick.net https://cdn.figure.com https://storage.googleapis.com https://www.datocms-assets.com https://www.googletagmanager.com https://www.gstatic.com 'self' data: blob:".
network	error	URL: https://www.figure.com/identity-broker/customer/secure/api/v3/self/figureinfo Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.figure.com/service-application/api/v1/application/heloc/all Message: Failed to load resource: the server responded with a status of 401 ()
security	error	URL: https://heloc-apply.rate.com/account/heloc/register?affid=160005&transid=42fb0e7b48ed43d5ae85407ddaa6d339&_ef_transaction_id=42fb0e7b48ed43d5ae85407ddaa6d339 Message: [Report Only] Refused to load the image 'https://beacon.lynx.cognitivlabs.com/pixel/liveramp/done' because it violates the following Content Security Policy directive: "img-src https://ad.doubleclick.net https://cdn.figure.com https://storage.googleapis.com https://www.datocms-assets.com https://www.googletagmanager.com https://www.gstatic.com 'self' data: blob:".
security	error	URL: https://js.upscope.io/upscope-2024.11.12.es6.js Message: [Report Only] Refused to connect to 'wss://data--us-east.upscope.io/session?apiKey=wTx6yitcMq&version=2024.11.12' because it violates the following Content Security Policy directive: "connect-src https://.plaid.com/ https://test.figure.com https://www.figure.com https://api.trustpilot.com https://.fullstory.com 'self' https://browser-intake-datadoghq.com https://api.rollbar.com/api/1/item/ https://cdn.figure.com https://fonts.googleapis.com https://fonts.gstatic.com".
rendering	warning	URL: https://heloc-apply.rate.com/account/heloc/register?affid=160005&transid=42fb0e7b48ed43d5ae85407ddaa6d339&_ef_transaction_id=42fb0e7b48ed43d5ae85407ddaa6d339 Message: [GroupMarkerNotSet(crbug.com/242999)!:A0D08D01C4210000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://heloc-apply.rate.com/account/heloc/register?affid=160005&transid=42fb0e7b48ed43d5ae85407ddaa6d339&_ef_transaction_id=42fb0e7b48ed43d5ae85407ddaa6d339 Message: [GroupMarkerNotSet(crbug.com/242999)!:A0408D01C4210000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://heloc-apply.rate.com/account/heloc/register?affid=160005&transid=42fb0e7b48ed43d5ae85407ddaa6d339&_ef_transaction_id=42fb0e7b48ed43d5ae85407ddaa6d339 Message: [GroupMarkerNotSet(crbug.com/242999)!:A0301D00C4210000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://heloc-apply.rate.com/account/heloc/register?affid=160005&transid=42fb0e7b48ed43d5ae85407ddaa6d339&_ef_transaction_id=42fb0e7b48ed43d5ae85407ddaa6d339 Message: [GroupMarkerNotSet(crbug.com/242999)!:A0901D00C4210000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
security	error	URL: https://heloc-apply.rate.com/account/heloc/register?affid=160005&transid=42fb0e7b48ed43d5ae85407ddaa6d339&_ef_transaction_id=42fb0e7b48ed43d5ae85407ddaa6d339 Message: [Report Only] Refused to load the image 'https://www.facebook.com/tr/?id=291170618061825&ev=PageView&dl=https%3A%2F%2Fheloc-apply.rate.com&rl=https%3A%2F%2Ffrmbri.com&if=false&ts=1732954182458&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4124&fbp=fb.1.1732954182454.657587506496446882&cs_est=true&pm=1&hrl=e3241f&ler=other&cdl=API_unavailable&it=1732954181986&coo=false&tm=1&cs_cc=1&cas=9490831944278598%2C8683592841688784%2C28113304391590088%2C9054849127876679%2C8282770388481956%2C8228316767233436%2C8312034408914059%2C8034842426629256%2C8247276088635900%2C7702633719820295%2C7901821376531098%2C7601226503330438%2C8112081898821044%2C7506208052755990%2C5144904455594745%2C3157052587673508%2C1808262655906938&rqm=GET' because it violates the following Content Security Policy directive: "img-src https://ad.doubleclick.net https://cdn.figure.com https://storage.googleapis.com https://www.datocms-assets.com https://www.googletagmanager.com https://www.gstatic.com 'self' data: blob:".
security	error	URL: https://heloc-apply.rate.com/account/heloc/register?affid=160005&transid=42fb0e7b48ed43d5ae85407ddaa6d339&_ef_transaction_id=42fb0e7b48ed43d5ae85407ddaa6d339 Message: [Report Only] Refused to load the image 'https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=291170618061825&ev=PageView&dl=https%3A%2F%2Fheloc-apply.rate.com&rl=https%3A%2F%2Ffrmbri.com&if=false&ts=1732954182458&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4124&fbp=fb.1.1732954182454.657587506496446882&cs_est=true&pm=1&hrl=e3241f&ler=other&cdl=API_unavailable&it=1732954181986&coo=false&tm=1&cs_cc=1&cas=9490831944278598%2C8683592841688784%2C28113304391590088%2C9054849127876679%2C8282770388481956%2C8228316767233436%2C8312034408914059%2C8034842426629256%2C8247276088635900%2C7702633719820295%2C7901821376531098%2C7601226503330438%2C8112081898821044%2C7506208052755990%2C5144904455594745%2C3157052587673508%2C1808262655906938&rqm=FGET' because it violates the following Content Security Policy directive: "img-src https://ad.doubleclick.net https://cdn.figure.com https://storage.googleapis.com https://www.datocms-assets.com https://www.googletagmanager.com https://www.gstatic.com 'self' data: blob:".
network	error	URL: https://www.figure.com/identity-broker/customer/secure/api/v3/self/figureinfo Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js(Line 307) Message: [Report Only] Refused to connect to 'https://www.chablivoy.com/sdk/click?effp=a00fb9de1c889a0049d346451faf7768&sec_ch_ua_platform=&sec_ch_ua_platform_version=&sec_ch_ua_model=&_ef_transaction_id=42fb0e7b48ed43d5ae85407ddaa6d339&oid=&affid=160005&__cc=&async=json&__qp=affid%7Ctransid%7C_ef_transaction_id&__rf=https%3A%2F%2Ffrmbri.com%2F' because it violates the following Content Security Policy directive: "connect-src https://.plaid.com/ https://test.figure.com https://www.figure.com https://api.trustpilot.com https://.fullstory.com 'self' https://browser-intake-datadoghq.com https://api.rollbar.com/api/1/item/ https://cdn.figure.com https://fonts.googleapis.com https://fonts.gstatic.com".
security	error	URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js(Line 307) Message: [Report Only] Refused to connect to 'https://www.chablivoy.com/sdk/click?effp=a00fb9de1c889a0049d346451faf7768&sec_ch_ua_platform=&sec_ch_ua_platform_version=&sec_ch_ua_model=&_ef_transaction_id=42fb0e7b48ed43d5ae85407ddaa6d339&oid=&affid=160005&__cc=&async=json&__qp=affid%7Ctransid%7C_ef_transaction_id&__rf=https%3A%2F%2Ffrmbri.com%2F' because it violates the following Content Security Policy directive: "connect-src https://.plaid.com/ https://test.figure.com https://www.figure.com https://api.trustpilot.com https://.fullstory.com 'self' https://browser-intake-datadoghq.com https://api.rollbar.com/api/1/item/ https://cdn.figure.com https://fonts.googleapis.com https://fonts.gstatic.com".
network	error	URL: https://www.figure.com/service-application/api/v1/application/heloc/all Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://www.figure.com/identity-broker/customer/secure/api/v3/self/figureinfo Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.figure.com/service-application/api/v1/application/heloc/all Message: Failed to load resource: the server responded with a status of 401 ()
security	error	URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js(Line 307) Message: [Report Only] Refused to connect to 'https://www.google-analytics.com/g/collect?v=2&tid=G-FHZ0P94BBY&gtm=45je4bk0v9189148966za200zb9187051943&_p=1732954181217&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1387015481.1732954182&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1732954181&sct=1&seg=0&dl=https%3A%2F%2Fheloc-apply.rate.com%2Faccount%2Fheloc%2Fregister%3Faffid%3D160005%26transid%3D42fb0e7b48ed43d5ae85407ddaa6d339%26_ef_transaction_id%3D42fb0e7b48ed43d5ae85407ddaa6d339&dr=https%3A%2F%2Ffrmbri.com%2F&dt=Guaranteed%20Rate%20%7C%20Get%20Started&en=scroll&epn.percent_scrolled=90&_et=26&tfd=8631' because it violates the following Content Security Policy directive: "connect-src https://.plaid.com/ https://test.figure.com https://www.figure.com https://api.trustpilot.com https://.fullstory.com 'self' https://browser-intake-datadoghq.com https://api.rollbar.com/api/1/item/ https://cdn.figure.com https://fonts.googleapis.com https://fonts.gstatic.com".
security	error	URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js(Line 307) Message: [Report Only] Refused to connect to 'https://www.google-analytics.com/g/collect?v=2&tid=G-FHZ0P94BBY&gtm=45je4bk0v9189148966za200zb9187051943&_p=1732954181217&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1387015481.1732954182&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1732954181&sct=1&seg=0&dl=https%3A%2F%2Fheloc-apply.rate.com%2Faccount%2Fheloc%2Fregister%3Faffid%3D160005%26transid%3D42fb0e7b48ed43d5ae85407ddaa6d339%26_ef_transaction_id%3D42fb0e7b48ed43d5ae85407ddaa6d339&dr=https%3A%2F%2Ffrmbri.com%2F&dt=Guaranteed%20Rate%20%7C%20Get%20Started&en=scroll&epn.percent_scrolled=90&_et=26&tfd=8631' because it violates the following Content Security Policy directive: "connect-src https://.plaid.com/ https://test.figure.com https://www.figure.com https://api.trustpilot.com https://.fullstory.com 'self' https://browser-intake-datadoghq.com https://api.rollbar.com/api/1/item/ https://cdn.figure.com https://fonts.googleapis.com https://fonts.gstatic.com".
security	error	URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js(Line 307) Message: [Report Only] Refused to connect to 'https://www.google-analytics.com/g/collect?v=2&tid=G-FHZ0P94BBY&gtm=45je4bk0v9189148966za200zb9187051943&_p=1732954181217&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1387015481.1732954182&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=3&sid=1732954181&sct=1&seg=0&dl=https%3A%2F%2Fheloc-apply.rate.com%2Faccount%2Fheloc%2Fregister%3Faffid%3D160005%26transid%3D42fb0e7b48ed43d5ae85407ddaa6d339%26_ef_transaction_id%3D42fb0e7b48ed43d5ae85407ddaa6d339&dr=https%3A%2F%2Ffrmbri.com%2F&dt=Guaranteed%20Rate%20%7C%20Get%20Started&en=user_engagement&_et=5091&tfd=8729' because it violates the following Content Security Policy directive: "connect-src https://.plaid.com/ https://test.figure.com https://www.figure.com https://api.trustpilot.com https://.fullstory.com 'self' https://browser-intake-datadoghq.com https://api.rollbar.com/api/1/item/ https://cdn.figure.com https://fonts.googleapis.com https://fonts.gstatic.com".
security	error	URL: https://heloc-apply.rate.com/account/heloc/assets/vendor-B8vnu2Vi.js(Line 307) Message: [Report Only] Refused to connect to 'https://www.google-analytics.com/g/collect?v=2&tid=G-FHZ0P94BBY&gtm=45je4bk0v9189148966za200zb9187051943&_p=1732954181217&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1387015481.1732954182&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=3&sid=1732954181&sct=1&seg=0&dl=https%3A%2F%2Fheloc-apply.rate.com%2Faccount%2Fheloc%2Fregister%3Faffid%3D160005%26transid%3D42fb0e7b48ed43d5ae85407ddaa6d339%26_ef_transaction_id%3D42fb0e7b48ed43d5ae85407ddaa6d339&dr=https%3A%2F%2Ffrmbri.com%2F&dt=Guaranteed%20Rate%20%7C%20Get%20Started&en=user_engagement&_et=5091&tfd=8729' because it violates the following Content Security Policy directive: "connect-src https://.plaid.com/ https://test.figure.com https://www.figure.com https://api.trustpilot.com https://.fullstory.com 'self' https://browser-intake-datadoghq.com https://api.rollbar.com/api/1/item/ https://cdn.figure.com https://fonts.googleapis.com https://fonts.gstatic.com".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beacon.lynx.cognitivlabs.com
browser-intake-datadoghq.com
cdn.figure.com
cdn.plaid.com
cdn.talkjs.com
code.upscope.io
connect.facebook.net
csp-report.browser-intake-datadoghq.com
edge.fullstory.com
fonts.googleapis.com
fonts.gstatic.com
frmbri.com
heloc-apply.rate.com
idsync.rlcdn.com
js.upscope.io
pix.pontiac.media
rs.fullstory.com
storage.googleapis.com
www.blilospute.com
www.chablivoy.com
www.facebook.com
www.figure.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
csp-report.browser-intake-datadoghq.com
108.138.128.117
13.225.63.14
142.250.80.35
142.250.80.68
157.240.241.1
172.67.12.227
172.67.172.237
18.173.132.27
2600:1f18:24e6:b901:72e3:1bfe:b271:96b2
2606:4700:3037::6815:7ca
2607:f8b0:4006:80b::2008
2607:f8b0:4006:81e::200a
2607:f8b0:4006:81e::201b
2607:f8b0:4006:81f::200e
31.13.71.36
34.102.202.59
34.160.235.105
34.98.83.188
35.186.194.58
35.201.112.186
35.244.154.8
52.1.242.241
52.70.25.4
91.223.117.85
04214e1cbfc74eac2a0b02e9ba44d8ab2967292de621a6a93c668a39a8783c94
0943a75bec00f4c5e5fbfd988b0e7d7a2dc3a2960a0029a8f782e580392da482
0c21805341b014eca380642219c88f23897a45f4ed7935fdee6870e40aeb4dec
0ea8609a49f324dc8ecae14e529ad9e810e4929decbe2dec1f02f2c13dbca71b
1262bff0591c36094d058ab102b84ce34eb1e547e8ff00557bf8d55449e58e40
1640fd455a67c6eab8e66e311676d6ff925ef4fd693c785373a575e53e394b09
1af15eb875ee508910a7d9cf3b7c5ee74baa0fd5b59c419c384b8f71aa9017e5
1e25dc52513da3194db1e7ec67452b3876b0c9bd074df1214b0f441ec9bf4c03
24dfee1dfb128e6db9b01f439a2397ecf492acda895c52954f201e117fca57d8
2845d8daaf026c09c1e5f98fc1ff1c1c1602b1368c1bae0f06b79320aaa93060
2a66bf6feb31567d3580654a43fd477091358f9cf939f31929de05f2067f99f1
2e5c86b35b2d4629d036b71f6bd5cc5ededb660a8afd42856064d47e82eeef19
3489172e0fa97bbb1bfe5803f457886ddc5ffc387129b3d3fd9daadf561d385c
35aaaafa3378cf4ee387a9a8179ee2de66f1be28827ef938819c9bda9303d1ec
3c7ba912d7b848f39521b46bf2a53aa20bf50e989e56db1232499b95b642f730
3f1ffb67ef889511c1e04faea88dd21a9f9a9b3e3f77ca62ebb09d77a68cfe4e
3f6fe4e936de332aea22d2b6e44538ce8e99af9ea7f120799fe4f0c66984aa88
44ce8e208b4ec6dd5fc4639d4df94b720f4dc2f7d6fb512d0b9c2d236b6384ce
485bd74deb4d9e297d46b8d96f06382c7ba4186326ebe454dd98dbcac7e5db47
4ef429823d50b16892beafa965af016196ccfa02b66d1f095157feb7a4541ad2
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f8386fffaa66b9d63594e9f59406de7683c80c3c3807d5d362bd80550f8e111
501d59f3caabc33cf7670ab16e16f724b4404bdd48e46a4a6b68d006d2dd82bb
51a1e2e6602547a91cf7425f6b1f641270dbc9891afbe1c828ead5ee14a17025
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
52df33b782bffc61cd3792e8c3e66ab580b5c622bdee64f650dd3ac905c07588
5717e4afc92b6ef6a9634ae14cfebdbd74047329822c070e4f9fa9106fc90daf
5ec00663f747b3e2e32b5a3c356139f364b919fc518663e09b97d55c8cc1f738
5ed4d31c988e73b258894244f209069ebe77dc7e564861954b21198b6de90d68
6a67f7319689edd29058b75e7352e05a7cc17b8e31f6d10e90677094ac9d9e87
73f22e1e44a9c2d2d30f04824226dd4575b750981f377c5fa0140d07cf1ea710
78973965db696c0cb51a8d64633afc81109ed09dcde6fa422092b702989feb71
79cc438c949b756c29fe48f859719c6ce2879e27b85a56198f0cb4f84ea3fd53
80cd69ccec7fb17ef27d0ba3e477f07f9026821b875977b2f27eabd8eb9dd832
872aa756337f039f98a71184d37d89d02e209bd59f692cdcc5953f169081629b
8ce391bf17b4149fdc0317d9f8d3684d81e8a88aefa792e553f2a5579ec56434
8d2bcdfc215a58b27e471fed0508bdbef5f529fd8d9d3af68e4cc315d04fa0ce
8ee3657560b1a271d276a415951fe1e5451e258da97a10c639e6b9aba2f28e1b
8f91fa4189a03a52c9f0e55a23f6060824977f1094167995de40246a127fbf7e
90a9fb472efd3030249e36fb6ddfc39cf5718a96871e72908b09989adfe3d2eb
9228a0f93d4f6e2c6bf7063588b8c4e6deb2399ae5dfa36c71e6d611426acf28
9b6d71b5272816e8d983b0535944807b1bb867ae8c6f15ac712eb25d90aa5bf7
a1d5e3178a81ba644411d209ba36c7c1e0cee2778fb41dd0c9fc79105f39436e
a2e41a2c7be5c471e4ae1f2fad68bbb18a7b7de677cfdaa5207616881558e168
a5c22eece63c333b76cb9d8e07a6f7d60f9a40c8844053102288e48ae7b025a9
a5f389ea04a09243125f9cd086886dbb40c581ddbbba39edb1de1e7b1835dc57
a62c769bf1659158b958fedc9943a98edb2a9fe1485c6720ace8a637cddc4805
a7cdf1922b75222b5eeb8f72c0ef8fe7523fd145092bbc3ccf7836f7f00334bc
aa383c3dda1452989c0fe75ba5235e5bec5a87988f2acefbb230baf8aa8aaa2c
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
adf57410203038c8de44893d027f3cc53b3bca84015c2867d696fa216017c595
b00b73465c2a3a40e9609961353cb2fc36f86fec5b1b9e112c3b103eb930755d
b01f4b899a6294c71848e07c31c11cfe7bbb8434e30ef29161bbcafd950e2850
b5369b297ff51309954b081b749bd0d4cacda91de06fe2fa46173ff987b42ebd
b81184aea719489f0510b9d88ee71f576064f4995fe95463d01a3536d70ea412
b91d833d4d2a23544f40b6058e10086e917b7e3c6df8227caf86443cfcce215b
b93faa563e708b81d5b7e73e74530e9380f5c459d1aec792db4f8d12d982639a
c008c8f73be7e9fc50edb210bdfd48285989087e697cd66c82efb48af4b2ebce
c241c1ec1e5b5bdc86dbb99931a10ced1489d47e5b169a8ada287336822c8072
c478b3046f5826a6828945e8fb1eb776e20901cf78a4b4f940e26d092c742fc4
c4f88c5a0fbeb816fe209064132209801c3e56ce5933e00767479452092f317f
c71a05db106899592e5ca21efe36ac2ce6848da531dcdb5e2a996e0cb987df73
c8916d68ffc33236e339208c3fd32dff34ff057b6fa5c36f3b67f94564a953b7
c926ddfe67b0ddd25b422cf0b85c6f5c498d3280a4898280e212a0ae810c65c4
c9613edf945298c94c54051577badfd41a4d656cebcfab79967ce062e26c6fd6
ca583e03a0e5f48f74e31cc5b2aaedb664fea1fec457fad7f820e30909923170
d5bf978dbbd9e9a6f33229934282864c7bd5ba09de7caf57a7993fe624c777d9
d6bac105161fd802d619ed3a808da0574be32418650ebf515bcae32e07ec9047
db388884b2daa2f0c572a951912da8d0446d7e3257ea45fbc4ea70126703cfd9
e014609bea483f76c9562129f5dbd7e1107884ec1a8b47474d53860816fdcfed
e0de62f40bbea1d6f71594ff7e78e8e022cf3806e0a89edca280c8cb1e49b9c3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6f364531f9c2d00185e9e1d5b285b86185db9fa919c0df5a3a4e665a85b2bbc
eb58eda2924fd165ee9ba6f8623ca3c089dcbe1db9ae0c484b7581b9fcba125c
ecbb0717cfc4359ae664aa887774f998e84296297a51082d75d2aa1bc6ba584c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2cd8c1f224de496524c3d6362250eae0c0b4d1d90e2f68ae1fb0ea67cf03138
f39b8368d883d351157f527bc6ce0f505177383e886d2a48b4098ffabb8ac1b5
f3afee3511a3b816f2547e01ef954e8affadda7b7d382ae445716e42d68be387
f42460e88819120829998b1bce4593fbba76e36528a2499021a6909624223139
f60955d071f56a93b75cbdd0eca7524ec02b8a601dd41bbd465f1532170dc74f
fcf571aa21bb322b2e3275810e634ab52e401683b2c259b9e4644e810d199506

heloc-apply.rate.com Open in urlscan Pro 34.102.202.59 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

129 Requests

91 %HTTPS

25 %IPv6

20 Domains

25 Subdomains

23 IPs

2 Countries

7542 kBTransfer

9434 kBSize

21 Cookies

5 Outgoing links

Page URL History

Redirected requests

129 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

heloc-apply.rate.com Open in urlscan Pro
34.102.202.59 Public Scan

Screenshot
Live screenshot

Full Image

129
Requests

91 %
HTTPS

25 %
IPv6

20
Domains

25
Subdomains

23
IPs

2
Countries

7542 kB
Transfer

9434 kB
Size

21
Cookies

129 HTTP transactions
0 data transactions