www.zionsbank.com Open in urlscan Pro
45.60.233.5 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
Effective URL:
https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
Submission: On September 16 via api (September 16th 2024, 8:58:27 am UTC) from US — Scanned from DE

Summary HTTP 80 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 16 domains to perform 80 HTTP transactions. The main IP is 45.60.233.5, located in United States and belongs to INCAPSULA, US. The main domain is www.zionsbank.com. The Cisco Umbrella rank of the primary domain is 312011.
TLS certificate: Issued by Entrust Certification Authority - L1K on February 23rd 2024. Valid for: a year.

This is the only time www.zionsbank.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
24	45.60.233.5 45.60.233.5	19551 (INCAPSULA) (INCAPSULA)
9	2a02:26f0:350... 2a02:26f0:3500:58e::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:10:... 2606:4700:10::ac43:1b98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
3	52.31.141.178 52.31.141.178	16509 (AMAZON-02) (AMAZON-02)
7	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2600:9000:272... 2600:9000:2724:cc00:17:4c3f:1b80:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	34.251.32.89 34.251.32.89	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:272... 2600:9000:2724:ce00:0:99b9:cd80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:272... 2600:9000:2724:dc00:17:4c3f:1b80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	63.140.62.17 63.140.62.17	16509 (AMAZON-02) (AMAZON-02)
8	18.159.33.125 18.159.33.125	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
6	2620:1ec:33:1... 2620:1ec:33:1::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	52.3.14.134 52.3.14.134	14618 (AMAZON-AES) (AMAZON-AES)
80	18

24 45.60.233.5 (United States)

ASN19551 (INCAPSULA, US)

www.zionsbank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:26f0:3500:58e::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:1b98 (United States)

ASN13335 (CLOUDFLARENET, US)

customer.cludo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.31.141.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-141-178.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zionsbancorp.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2724:cc00:17:4c3f:1b80:93a1 (United States)

ASN16509 (AMAZON-02, US)

api.glia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.32.89 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-32-89.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2724:ce00:0:99b9:cd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

libs.salemove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2724:dc00:17:4c3f:1b80:93a1 (United States)

ASN16509 (AMAZON-02, US)

api.salemove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.62.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-17.data.adobedc.net

zionsbancorp.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.159.33.125 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-33-125.eu-central-1.compute.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:33:1::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.3.14.134 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-14-134.compute-1.amazonaws.com

client-logger.salemove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	zionsbank.com www.zionsbank.com — Cisco Umbrella Rank: 312011	2 MB
9	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 452	91 KB
8	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 2778	10 KB
7	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 2968	133 KB
6	bing.com bat.bing.com — Cisco Umbrella Rank: 361	15 KB
6	salemove.com libs.salemove.com — Cisco Umbrella Rank: 18992 api.salemove.com — Cisco Umbrella Rank: 17595 client-logger.salemove.com — Cisco Umbrella Rank: 13838	427 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 256 zionsbancorp.demdex.net — Cisco Umbrella Rank: 193395	2 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 74	13 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	3 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 43	197 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 178	76 KB
2	omtrdc.net zionsbancorp.sc.omtrdc.net — Cisco Umbrella Rank: 180254	463 B
2	glia.com api.glia.com — Cisco Umbrella Rank: 15117	30 KB
2	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 460	81 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1463	503 B
1	cludo.com customer.cludo.com — Cisco Umbrella Rank: 15870	48 KB
80	16

	Domain	Requested by
24	www.zionsbank.com	www.zionsbank.com
9	assets.adobedtm.com	www.zionsbank.com assets.adobedtm.com
8	tags.srv.stackadapt.com	www.zionsbank.com tags.srv.stackadapt.com
7	dev.visualwebsiteoptimizer.com	www.zionsbank.com dev.visualwebsiteoptimizer.com
6	bat.bing.com	www.zionsbank.com bat.bing.com
4	libs.salemove.com	api.glia.com libs.salemove.com www.zionsbank.com
2	www.youtube.com	assets.adobedtm.com www.youtube.com
2	www.facebook.com	www.zionsbank.com
2	www.googletagmanager.com	assets.adobedtm.com www.googletagmanager.com
2	connect.facebook.net	www.zionsbank.com connect.facebook.net
2	zionsbancorp.sc.omtrdc.net	www.zionsbank.com
2	api.glia.com	assets.adobedtm.com api.glia.com
2	dpm.demdex.net	assets.adobedtm.com www.zionsbank.com
2	maps.googleapis.com	www.zionsbank.com
1	client-logger.salemove.com	libs.salemove.com
1	api.salemove.com	www.zionsbank.com
1	cm.everesttech.net	1 redirects
1	zionsbancorp.demdex.net	assets.adobedtm.com
1	customer.cludo.com	www.zionsbank.com
80	19

This site contains links to these domains. Also see Links.

Domain
digital.zionsbank.com
zb.loanadministration.com
usa.visa.com
zionsbancorporation.com
www.facebook.com
twitter.com
www.linkedin.com
www.instagram.com
www.youtube.com

Subject Issuer	Validity	Valid
www.zionsbank.com Entrust Certification Authority - L1K	`2024-02-23` - `2025-03-23`	a year	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-09` - `2025-08-09`	a year	crt.sh
customer.cludo.com WE1	`2024-08-26` - `2024-11-24`	3 months	crt.sh
upload.video.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2024-06-29` - `2025-07-31`	a year	crt.sh
*.glia.com Amazon RSA 2048 M02	`2024-05-17` - `2025-06-14`	a year	crt.sh
*.sc.omtrdc.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-07` - `2025-03-09`	a year	crt.sh
*.srv.stackadapt.com Amazon RSA 2048 M02	`2024-08-09` - `2025-09-07`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-06-25` - `2024-09-23`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
*.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
Frame ID: 8BB6E20CCA8BF495BFDBC0EE519F5577
Requests: 80 HTTP requests in this frame

Frame: https://zionsbancorp.demdex.net/dest5.html?d_nsid=0
Frame ID: 825A3E7537F605F6E72C296E076D4BBA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

404 Error Page

Page URL History Show full URLs

http://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan// HTTP 307
https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan// Page URL

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc\.clientlibs/

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

VWO (Analytics) Expand

Overall confidence: 100%
Detected patterns

dev\.visualwebsiteoptimizer\.com/?([\d.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

80
Requests

96 %
HTTPS

61 %
IPv6

16
Domains

19
Subdomains

18
IPs

3
Countries

2737 kB
Transfer

7245 kB
Size

45
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://digital.zionsbank.com/
Title: Treasury Gateway

Search URL Search Domain Scan URL

URL: https://zb.loanadministration.com/
Title: Personal Mortgage

Search URL Search Domain Scan URL

URL: https://usa.visa.com/pay-with-visa/checkout.html
Title: Click to Pay

Search URL Search Domain Scan URL

URL: https://zionsbancorporation.com/corporate-responsibility/community-reinvestment-act/default.aspx
Title: Community Reinvestment Act

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ZionsBank
Title: Visit our Facebook Page

Search URL Search Domain Scan URL

URL: https://twitter.com/zionsbank
Title: View our tweets

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/zions-bank
Title: Visit our LinkedIn Page

Search URL Search Domain Scan URL

URL: https://www.instagram.com/zionsbank/
Title: View our Instagram posts

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/ZIONSBANK
Title: Watch our YouTube videos

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan// HTTP 307
https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan// Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://cm.everesttech.net/cm/dd?d_uuid=26447657991448362001203319936929438638 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZufzLgAAAGtg_AO-

80 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request / Show response
www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
Redirect Chain

http://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//

402 KB
54 KB

801ms
512ms

Document
text/html

45.60.233.5
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.60.233.5 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

1db657f4d32c323004aa76f9f2390918c3543d39ff4c2672d2f0469a45c810de

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://.zionsbank.com https://.omtrdc.net https://.demdex.net https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.google.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.twilio.com wss://.twilio.com https://.googlesyndication.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://.adobedtm.com https://.doubleclick.net https://connect.facebook.net https://.googletagmanager.com https://.googleadservices.com https://.googleapis.com https://.gstatic.com https://.google.com http://.zionsbank.com https://.zionsbank.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://.linkedin.com https://.bufferapp.com https://.pinterest.com https://.reddit.com https://googleads.g.doubleclick.net https://.pages05.net https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://.doubleclick.net https://.gstatic.com https://.online-metrix.net https://.omtrdc.net https://.demdex.net https://.everesttech.net https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://.issuu.com https://.doubleclick.net https://.demdex.net https://.visa.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.pages05.net https://.brightcove.net https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=8640000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://.zionsbank.com https://.omtrdc.net https://.demdex.net https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.google.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.twilio.com wss://.twilio.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://.adobedtm.com https://.doubleclick.net https://connect.facebook.net https://.googletagmanager.com https://.googleadservices.com https://.googleapis.com https://.gstatic.com https://.google.com http://.zionsbank.com https://.zionsbank.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://.linkedin.com https://.bufferapp.com https://.pinterest.com https://.reddit.com https://googleads.g.doubleclick.net https://.pages05.net https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://.doubleclick.net https://.gstatic.com https://.online-metrix.net https://.omtrdc.net https://.demdex.net https://.everesttech.net https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://.issuu.com https://.doubleclick.net https://.demdex.net https://.visa.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.pages05.net https://.brightcove.net https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, CSRF-Token, Accept-Encoding
access-control-allow-methods: GET,POST
access-control-allow-origin: https://www.zionsbank.com
access-control-max-age: 1000
cache-control: max-age=0
content-encoding: gzip
content-security-policy: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.googlesyndication.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
content-type: text/html;charset=utf-8
date: Mon, 16 Sep 2024 08:58:21 GMT
expires: Mon, 16 Sep 2024 08:58:21 GMT
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=8640000;includeSubDomains;preload
vary: Host,Accept-Encoding,User-Agent
x-cdn: Imperva
x-content-security-policy: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-iinfo: 12-474665-474693 NNNN CT(84 187 0) RT(1726477100193 170) q(0 0 3 0) r(4 4) U24
x-permitted-cross-domain-policies: none
x-webkit-csp: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content

Redirect headers

Location: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 keepe-spende-is-Macb-Ile-day-they-a-false-know-a Show response
www.zionsbank.com/ 233 KB
77 KB 189ms
188ms Script
text/javascript 45.60.233.5
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zionsbank.com/keepe-spende-is-Macb-Ile-day-they-a-false-know-a
Requested by: Host: www.zionsbank.com
URL: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.60.233.5 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: bon /
Resource Hash: 52e9280a9f47b8afb1a9adb658119801d05464d9641297ff5219da4ecd2df0b0

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 08:58:21 GMT
content-encoding: gzip
server: bon
x-cdn: Imperva
content-type: text/javascript
access-control-allow-origin: *
x-iinfo: 12-474665-474757 NNNN CT(19 11 0) RT(1726477100193 800) q(0 0 1 -1) r(1 1)
cache-control: max-age=300
server-timing: bon, total;dur=13.485239
content-length: 78736

GET
H2 200 clientlib-dependencies.min.83b53dbeb98ee89075f64b3c8c2d7cfb.css
www.zionsbank.com/etc.clientlibs/zbna-genesis-project/clientlibs/ 14 KB
14 KB 290ms
289ms Stylesheet
text/css 45.60.233.5
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zionsbank.com/etc.clientlibs/zbna-genesis-project/clientlibs/clientlib-dependencies.min.83b53dbeb98ee89075f64b3c8c2d7cfb.css

Requested by

Host: www.zionsbank.com
URL: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.60.233.5 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

81f1d413b0a3966b23188ce87fdd3c25059f8c548b2f9603b1eabd2df9938ae2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://.zionsbank.com https://.omtrdc.net https://.demdex.net https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.google.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.twilio.com wss://.twilio.com https://.googlesyndication.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://.adobedtm.com https://.doubleclick.net https://connect.facebook.net https://.googletagmanager.com https://.googleadservices.com https://.googleapis.com https://.gstatic.com https://.google.com http://.zionsbank.com https://.zionsbank.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://.linkedin.com https://.bufferapp.com https://.pinterest.com https://.reddit.com https://googleads.g.doubleclick.net https://.pages05.net https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://.doubleclick.net https://.gstatic.com https://.online-metrix.net https://.omtrdc.net https://.demdex.net https://.everesttech.net https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://.issuu.com https://.doubleclick.net https://.demdex.net https://.visa.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.pages05.net https://.brightcove.net https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=8640000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://.zionsbank.com https://.omtrdc.net https://.demdex.net https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.google.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.twilio.com wss://.twilio.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://.adobedtm.com https://.doubleclick.net https://connect.facebook.net https://.googletagmanager.com https://.googleadservices.com https://.googleapis.com https://.gstatic.com https://.google.com http://.zionsbank.com https://.zionsbank.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://.linkedin.com https://.bufferapp.com https://.pinterest.com https://.reddit.com https://googleads.g.doubleclick.net https://.pages05.net https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://.doubleclick.net https://.gstatic.com https://.online-metrix.net https://.omtrdc.net https://.demdex.net https://.everesttech.net https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://.issuu.com https://.doubleclick.net https://.demdex.net https://.visa.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.pages05.net https://.brightcove.net https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-content-security-policy: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
date: Mon, 16 Sep 2024 08:58:21 GMT
content-security-policy: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.googlesyndication.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=8640000;includeSubDomains;preload
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-cdn: Imperva
x-iinfo: 12-474665-474747 NNNY CT(86 186 0) RT(1726477100193 775) q(0 0 0 -1) r(1 1) U24
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 22 Aug 2024 20:11:40 GMT
x-frame-options: SAMEORIGIN
access-control-max-age: 1000
access-control-allow-methods: GET,POST
vary: Host,Accept-Encoding,User-Agent
access-control-allow-origin: https://www.zionsbank.com
content-type: text/css;charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, CSRF-Token, Accept-Encoding
x-webkit-csp: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
expires: Tue, 16 Sep 2025 08:58:21 GMT

GET
H2 200 clientlib-base.min.b104a4a85c21511ada13e2c6e7552d37.css
www.zionsbank.com/etc.clientlibs/zbna-genesis-project/clientlibs/ 29 B
9 KB 291ms
290ms Stylesheet
text/css 45.60.233.5
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zionsbank.com/etc.clientlibs/zbna-genesis-project/clientlibs/clientlib-base.min.b104a4a85c21511ada13e2c6e7552d37.css

Requested by

Host: www.zionsbank.com
URL: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.60.233.5 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

34a8d4f240f1b7a01d0472d5367e1bc57e17f70a12a91aae37dcac3b33b24732

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://.zionsbank.com https://.omtrdc.net https://.demdex.net https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.google.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.twilio.com wss://.twilio.com https://.googlesyndication.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://.adobedtm.com https://.doubleclick.net https://connect.facebook.net https://.googletagmanager.com https://.googleadservices.com https://.googleapis.com https://.gstatic.com https://.google.com http://.zionsbank.com https://.zionsbank.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://.linkedin.com https://.bufferapp.com https://.pinterest.com https://.reddit.com https://googleads.g.doubleclick.net https://.pages05.net https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://.doubleclick.net https://.gstatic.com https://.online-metrix.net https://.omtrdc.net https://.demdex.net https://.everesttech.net https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://.issuu.com https://.doubleclick.net https://.demdex.net https://.visa.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.pages05.net https://.brightcove.net https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=8640000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://.zionsbank.com https://.omtrdc.net https://.demdex.net https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.google.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.twilio.com wss://.twilio.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://.adobedtm.com https://.doubleclick.net https://connect.facebook.net https://.googletagmanager.com https://.googleadservices.com https://.googleapis.com https://.gstatic.com https://.google.com http://.zionsbank.com https://.zionsbank.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://.linkedin.com https://.bufferapp.com https://.pinterest.com https://.reddit.com https://googleads.g.doubleclick.net https://.pages05.net https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://.doubleclick.net https://.gstatic.com https://.online-metrix.net https://.omtrdc.net https://.demdex.net https://.everesttech.net https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://.issuu.com https://.doubleclick.net https://.demdex.net https://.visa.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.pages05.net https://.brightcove.net https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-content-security-policy: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
date: Mon, 16 Sep 2024 08:58:21 GMT
content-security-policy: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.googlesyndication.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=8640000;includeSubDomains;preload
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-cdn: Imperva
x-iinfo: 12-474665-474751 NNNY CT(85 184 0) RT(1726477100193 781) q(0 0 0 -1) r(1 1) U24
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 22 Aug 2024 20:11:40 GMT
x-frame-options: SAMEORIGIN
access-control-max-age: 1000
access-control-allow-methods: GET,POST
vary: Host,User-Agent,Accept-Encoding
access-control-allow-origin: https://www.zionsbank.com
content-type: text/css;charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, CSRF-Token, Accept-Encoding
x-webkit-csp: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
expires: Tue, 16 Sep 2025 08:58:21 GMT

GET
H2 200 clientlib-theme-zfnb.min.78256b9f5f3667e4bbda8ad4423bd7c5.css
www.zionsbank.com/etc.clientlibs/zbna-genesis-project/clientlibs/ 827 KB
162 KB 292ms
292ms Stylesheet
text/css 45.60.233.5
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zionsbank.com/etc.clientlibs/zbna-genesis-project/clientlibs/clientlib-theme-zfnb.min.78256b9f5f3667e4bbda8ad4423bd7c5.css

Requested by

Host: www.zionsbank.com
URL: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.60.233.5 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3611fef7024f6f151f4696cbc4e8b1bb2bd2a4a8c9d7793d09a244868b1b9276

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://.zionsbank.com https://.omtrdc.net https://.demdex.net https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.google.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.twilio.com wss://.twilio.com https://.googlesyndication.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://.adobedtm.com https://.doubleclick.net https://connect.facebook.net https://.googletagmanager.com https://.googleadservices.com https://.googleapis.com https://.gstatic.com https://.google.com http://.zionsbank.com https://.zionsbank.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://.linkedin.com https://.bufferapp.com https://.pinterest.com https://.reddit.com https://googleads.g.doubleclick.net https://.pages05.net https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://.doubleclick.net https://.gstatic.com https://.online-metrix.net https://.omtrdc.net https://.demdex.net https://.everesttech.net https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://.issuu.com https://.doubleclick.net https://.demdex.net https://.visa.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.pages05.net https://.brightcove.net https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=8640000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://.zionsbank.com https://.omtrdc.net https://.demdex.net https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.google.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.twilio.com wss://.twilio.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://.adobedtm.com https://.doubleclick.net https://connect.facebook.net https://.googletagmanager.com https://.googleadservices.com https://.googleapis.com https://.gstatic.com https://.google.com http://.zionsbank.com https://.zionsbank.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://.linkedin.com https://.bufferapp.com https://.pinterest.com https://.reddit.com https://googleads.g.doubleclick.net https://.pages05.net https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://.doubleclick.net https://.gstatic.com https://.online-metrix.net https://.omtrdc.net https://.demdex.net https://.everesttech.net https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://.issuu.com https://.doubleclick.net https://.demdex.net https://.visa.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.pages05.net https://.brightcove.net https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-content-security-policy: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
date: Mon, 16 Sep 2024 08:58:21 GMT
content-security-policy: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.googlesyndication.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=8640000;includeSubDomains;preload
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-cdn: Imperva
x-iinfo: 12-474665-474754 NNNY CT(84 184 0) RT(1726477100193 788) q(0 0 0 -1) r(1 1) U24
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 29 Aug 2024 20:06:15 GMT
x-frame-options: SAMEORIGIN
access-control-max-age: 1000
access-control-allow-methods: GET,POST
vary: Host,Accept-Encoding,User-Agent
access-control-allow-origin: https://www.zionsbank.com
content-type: text/css;charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, CSRF-Token, Accept-Encoding
x-webkit-csp: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
expires: Tue, 16 Sep 2025 08:58:21 GMT

GET
H2 200 launch-565392c5c754.min.js Show response
assets.adobedtm.com/f03976e3c291/1169b9ef5511/ 254 KB
68 KB 122ms
37ms Script
application/x-javascript 2a02:26f0:3500:58e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/f03976e3c291/1169b9ef5511/launch-565392c5c754.min.js
Requested by: Host: www.zionsbank.com
URL: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 976ba375fd58531594f57a4546e3f36bfc83148b96b76e62b317c466a445eb25

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 08:58:21 GMT
content-encoding: gzip
last-modified: Thu, 05 Sep 2024 20:10:56 GMT
server: AkamaiNetStorage
etag: "818f9f7d8a4330f98e37751277a59f81:1725567056.372346"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.zionsbank.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 69618
expires: Mon, 16 Sep 2024 09:58:21 GMT

GET
H2 200 personalchecking-meganav-experiencefragment.jpeg
www.zionsbank.com/content/experience-fragments/zbna/atlas/structure/header/atlas/checking-header-promo/zfnb/_jcr_content/root/cta_copy_copy_1411028863/image.coreimg.jpeg/1636500741126/ 39 KB
49 KB 276ms
276ms Image
image/jpeg 45.60.233.5
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zionsbank.com/content/experience-fragments/zbna/atlas/structure/header/atlas/checking-header-promo/zfnb/_jcr_content/root/cta_copy_copy_1411028863/image.coreimg.jpeg/1636500741126/personalchecking-meganav-experiencefragment.jpeg

Requested by

Host: www.zionsbank.com
URL: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.60.233.5 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

32707cec1ea6e26a901aba39fda2e14e6f8bf98bbc75970de13eeef540cf5fb1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://.zionsbank.com https://.omtrdc.net https://.demdex.net https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.google.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.twilio.com wss://.twilio.com https://.googlesyndication.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://.adobedtm.com https://.doubleclick.net https://connect.facebook.net https://.googletagmanager.com https://.googleadservices.com https://.googleapis.com https://.gstatic.com https://.google.com http://.zionsbank.com https://.zionsbank.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://.linkedin.com https://.bufferapp.com https://.pinterest.com https://.reddit.com https://googleads.g.doubleclick.net https://.pages05.net https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://.doubleclick.net https://.gstatic.com https://.online-metrix.net https://.omtrdc.net https://.demdex.net https://.everesttech.net https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://.issuu.com https://.doubleclick.net https://.demdex.net https://.visa.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.pages05.net https://.brightcove.net https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=8640000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://.zionsbank.com https://.omtrdc.net https://.demdex.net https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.google.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.twilio.com wss://.twilio.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://.adobedtm.com https://.doubleclick.net https://connect.facebook.net https://.googletagmanager.com https://.googleadservices.com https://.googleapis.com https://.gstatic.com https://.google.com http://.zionsbank.com https://.zionsbank.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://.linkedin.com https://.bufferapp.com https://.pinterest.com https://.reddit.com https://googleads.g.doubleclick.net https://.pages05.net https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://.doubleclick.net https://.gstatic.com https://.online-metrix.net https://.omtrdc.net https://.demdex.net https://.everesttech.net https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://.issuu.com https://.doubleclick.net https://.demdex.net https://.visa.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.pages05.net https://.brightcove.net https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-content-security-policy: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
date: Mon, 16 Sep 2024 08:58:21 GMT
content-security-policy: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.googlesyndication.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=8640000;includeSubDomains;preload
x-permitted-cross-domain-policies: none
x-cdn: Imperva
x-iinfo: 12-474665-474760 NNNY CT(81 175 0) RT(1726477100193 808) q(0 0 0 -1) r(1 1) U24
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 22 Aug 2024 20:12:19 GMT
x-frame-options: SAMEORIGIN
access-control-max-age: 1000
access-control-allow-methods: GET,POST
vary: Host
access-control-allow-origin: https://www.zionsbank.com
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, CSRF-Token, Accept-Encoding
x-webkit-csp: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
expires: Tue, 16 Sep 2025 08:58:21 GMT

GET
H2 200 business-complete-marketing.jpeg
www.zionsbank.com/content/experience-fragments/zbna/atlas/structure/header/atlas/savings-exp/zfnb/_jcr_content/root/cta_copy/image.coreimg.jpeg/1681237772948/ 79 KB
89 KB 275ms
274ms Image
image/jpeg 45.60.233.5
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zionsbank.com/content/experience-fragments/zbna/atlas/structure/header/atlas/savings-exp/zfnb/_jcr_content/root/cta_copy/image.coreimg.jpeg/1681237772948/business-complete-marketing.jpeg

Requested by

Host: www.zionsbank.com
URL: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.60.233.5 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

8b2b46802959dd06e74f1032a458794262d7da46be4395cbac2ea3b107479c8e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://.zionsbank.com https://.omtrdc.net https://.demdex.net https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.google.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.twilio.com wss://.twilio.com https://.googlesyndication.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://.adobedtm.com https://.doubleclick.net https://connect.facebook.net https://.googletagmanager.com https://.googleadservices.com https://.googleapis.com https://.gstatic.com https://.google.com http://.zionsbank.com https://.zionsbank.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://.linkedin.com https://.bufferapp.com https://.pinterest.com https://.reddit.com https://googleads.g.doubleclick.net https://.pages05.net https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://.doubleclick.net https://.gstatic.com https://.online-metrix.net https://.omtrdc.net https://.demdex.net https://.everesttech.net https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://.issuu.com https://.doubleclick.net https://.demdex.net https://.visa.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.pages05.net https://.brightcove.net https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=8640000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://.zionsbank.com https://.omtrdc.net https://.demdex.net https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.google.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.twilio.com wss://.twilio.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://.adobedtm.com https://.doubleclick.net https://connect.facebook.net https://.googletagmanager.com https://.googleadservices.com https://.googleapis.com https://.gstatic.com https://.google.com http://.zionsbank.com https://.zionsbank.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://.linkedin.com https://.bufferapp.com https://.pinterest.com https://.reddit.com https://googleads.g.doubleclick.net https://.pages05.net https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://.doubleclick.net https://.gstatic.com https://.online-metrix.net https://.omtrdc.net https://.demdex.net https://.everesttech.net https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://.issuu.com https://.doubleclick.net https://.demdex.net https://.visa.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.pages05.net https://.brightcove.net https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-content-security-policy: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
date: Mon, 16 Sep 2024 08:58:21 GMT
content-security-policy: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.googlesyndication.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=8640000;includeSubDomains;preload
x-permitted-cross-domain-policies: none
x-cdn: Imperva
x-iinfo: 12-474665-474693 PNNN RT(1726477100193 815) q(0 0 0 -1) r(1 1) U24
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 22 Aug 2024 20:12:20 GMT
x-frame-options: SAMEORIGIN
access-control-max-age: 1000
access-control-allow-methods: GET,POST
vary: Host
access-control-allow-origin: https://www.zionsbank.com
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, CSRF-Token, Accept-Encoding
x-webkit-csp: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
expires: Tue, 16 Sep 2025 08:58:21 GMT

GET
H2 200 loanslinecreditmeganavpromo-dreamvacation.jpeg
www.zionsbank.com/content/experience-fragments/zbna/atlas/structure/header/atlas/loan-and-lines-of-credit-promo/zfnb/_jcr_content/root/cta_copy_copy/image.coreimg.jpeg/1665504177827/ 88 KB
97 KB 534ms
534ms Image
image/jpeg 45.60.233.5
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zionsbank.com/content/experience-fragments/zbna/atlas/structure/header/atlas/loan-and-lines-of-credit-promo/zfnb/_jcr_content/root/cta_copy_copy/image.coreimg.jpeg/1665504177827/loanslinecreditmeganavpromo-dreamvacation.jpeg

Requested by

Host: www.zionsbank.com
URL: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.60.233.5 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

5abace525d6e352c1bbfe8f6160299315a53243d0287b5105a0609b59493f56b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://.zionsbank.com https://.omtrdc.net https://.demdex.net https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.google.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.twilio.com wss://.twilio.com https://.googlesyndication.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://.adobedtm.com https://.doubleclick.net https://connect.facebook.net https://.googletagmanager.com https://.googleadservices.com https://.googleapis.com https://.gstatic.com https://.google.com http://.zionsbank.com https://.zionsbank.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://.linkedin.com https://.bufferapp.com https://.pinterest.com https://.reddit.com https://googleads.g.doubleclick.net https://.pages05.net https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://.doubleclick.net https://.gstatic.com https://.online-metrix.net https://.omtrdc.net https://.demdex.net https://.everesttech.net https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://.issuu.com https://.doubleclick.net https://.demdex.net https://.visa.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.pages05.net https://.brightcove.net https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=8640000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://.zionsbank.com https://.omtrdc.net https://.demdex.net https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.google.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.twilio.com wss://.twilio.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://.adobedtm.com https://.doubleclick.net https://connect.facebook.net https://.googletagmanager.com https://.googleadservices.com https://.googleapis.com https://.gstatic.com https://.google.com http://.zionsbank.com https://.zionsbank.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://.linkedin.com https://.bufferapp.com https://.pinterest.com https://.reddit.com https://googleads.g.doubleclick.net https://.pages05.net https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://.doubleclick.net https://.gstatic.com https://.online-metrix.net https://.omtrdc.net https://.demdex.net https://.everesttech.net https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://.issuu.com https://.doubleclick.net https://.demdex.net https://.visa.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.pages05.net https://.brightcove.net https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-content-security-policy: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
date: Mon, 16 Sep 2024 08:58:22 GMT
content-security-policy: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.googlesyndication.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=8640000;includeSubDomains;preload
x-permitted-cross-domain-policies: none
x-cdn: Imperva
x-iinfo: 12-474665-474770 NNNN CT(85 85 0) RT(1726477100193 823) q(0 0 2 -1) r(3 4) U24
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 22 Aug 2024 20:12:20 GMT
x-frame-options: SAMEORIGIN
access-control-max-age: 1000
access-control-allow-methods: GET,POST
vary: Host
access-control-allow-origin: https://www.zionsbank.com
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, CSRF-Token, Accept-Encoding
x-webkit-csp: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
expires: Tue, 16 Sep 2025 08:58:22 GMT

GET
H2 200 jumboloanmeganavpromo-missionhomepool.jpeg
www.zionsbank.com/content/experience-fragments/zbna/atlas/structure/header/atlas/home_loans_promo/zfnb/_jcr_content/root/cta_copy_copy/image.coreimg.jpeg/1665092988215/ 69 KB
78 KB 339ms
339ms Image
image/jpeg 45.60.233.5
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zionsbank.com/content/experience-fragments/zbna/atlas/structure/header/atlas/home_loans_promo/zfnb/_jcr_content/root/cta_copy_copy/image.coreimg.jpeg/1665092988215/jumboloanmeganavpromo-missionhomepool.jpeg

Requested by

Host: www.zionsbank.com
URL: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.60.233.5 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

c9bf4d44a09f933dc53ac996dd1ce4acfef8d40dfd2e2a340b8f46c263e64f73

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://.zionsbank.com https://.omtrdc.net https://.demdex.net https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.google.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.twilio.com wss://.twilio.com https://.googlesyndication.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://.adobedtm.com https://.doubleclick.net https://connect.facebook.net https://.googletagmanager.com https://.googleadservices.com https://.googleapis.com https://.gstatic.com https://.google.com http://.zionsbank.com https://.zionsbank.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://.linkedin.com https://.bufferapp.com https://.pinterest.com https://.reddit.com https://googleads.g.doubleclick.net https://.pages05.net https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://.doubleclick.net https://.gstatic.com https://.online-metrix.net https://.omtrdc.net https://.demdex.net https://.everesttech.net https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://.issuu.com https://.doubleclick.net https://.demdex.net https://.visa.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.pages05.net https://.brightcove.net https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=8640000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://.zionsbank.com https://.omtrdc.net https://.demdex.net https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.google.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.twilio.com wss://.twilio.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://.adobedtm.com https://.doubleclick.net https://connect.facebook.net https://.googletagmanager.com https://.googleadservices.com https://.googleapis.com https://.gstatic.com https://.google.com http://.zionsbank.com https://.zionsbank.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://.linkedin.com https://.bufferapp.com https://.pinterest.com https://.reddit.com https://googleads.g.doubleclick.net https://.pages05.net https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://.doubleclick.net https://.gstatic.com https://.online-metrix.net https://.omtrdc.net https://.demdex.net https://.everesttech.net https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://.issuu.com https://.doubleclick.net https://.demdex.net https://.visa.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.pages05.net https://.brightcove.net https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-content-security-policy: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
date: Mon, 16 Sep 2024 08:58:21 GMT
content-security-policy: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.googlesyndication.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=8640000;includeSubDomains;preload
x-permitted-cross-domain-policies: none
x-cdn: Imperva
x-iinfo: 12-474665-474751 PNNy RT(1726477100193 826) q(0 1 1 -1) r(2 2) U24
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 22 Aug 2024 20:12:20 GMT
x-frame-options: SAMEORIGIN
access-control-max-age: 1000
access-control-allow-methods: GET,POST
vary: Host
access-control-allow-origin: https://www.zionsbank.com
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, CSRF-Token, Accept-Encoding
x-webkit-csp: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
expires: Tue, 16 Sep 2025 08:58:21 GMT

GET
H2 200 creditcardsmeganavpromo-womancreditcardlaptop.jpeg
www.zionsbank.com/content/experience-fragments/zbna/atlas/structure/header/atlas/credit-cards-promo/zfnb/_jcr_content/root/cta_copy_copy_copy_c/image.coreimg.jpeg/1665094111177/ 52 KB
61 KB 382ms
382ms Image
image/jpeg 45.60.233.5
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zionsbank.com/content/experience-fragments/zbna/atlas/structure/header/atlas/credit-cards-promo/zfnb/_jcr_content/root/cta_copy_copy_copy_c/image.coreimg.jpeg/1665094111177/creditcardsmeganavpromo-womancreditcardlaptop.jpeg

Requested by

Host: www.zionsbank.com
URL: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.60.233.5 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

6030a443a46d7e8de2cc2efba123fd201076c1a1a4581c141363178d206a9fa0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://.zionsbank.com https://.omtrdc.net https://.demdex.net https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.google.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.twilio.com wss://.twilio.com https://.googlesyndication.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://.adobedtm.com https://.doubleclick.net https://connect.facebook.net https://.googletagmanager.com https://.googleadservices.com https://.googleapis.com https://.gstatic.com https://.google.com http://.zionsbank.com https://.zionsbank.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://.linkedin.com https://.bufferapp.com https://.pinterest.com https://.reddit.com https://googleads.g.doubleclick.net https://.pages05.net https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://.doubleclick.net https://.gstatic.com https://.online-metrix.net https://.omtrdc.net https://.demdex.net https://.everesttech.net https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://.issuu.com https://.doubleclick.net https://.demdex.net https://.visa.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.pages05.net https://.brightcove.net https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=8640000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://.zionsbank.com https://.omtrdc.net https://.demdex.net https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.google.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.twilio.com wss://.twilio.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://.adobedtm.com https://.doubleclick.net https://connect.facebook.net https://.googletagmanager.com https://.googleadservices.com https://.googleapis.com https://.gstatic.com https://.google.com http://.zionsbank.com https://.zionsbank.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://.linkedin.com https://.bufferapp.com https://.pinterest.com https://.reddit.com https://googleads.g.doubleclick.net https://.pages05.net https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://.doubleclick.net https://.gstatic.com https://.online-metrix.net https://.omtrdc.net https://.demdex.net https://.everesttech.net https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://.issuu.com https://.doubleclick.net https://.demdex.net https://.visa.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.pages05.net https://.brightcove.net https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-content-security-policy: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
date: Mon, 16 Sep 2024 08:58:21 GMT
content-security-policy: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.googlesyndication.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=8640000;includeSubDomains;preload
x-permitted-cross-domain-policies: none
x-cdn: Imperva
x-iinfo: 12-474665-474747 PNNy RT(1726477100193 829) q(0 1 1 -1) r(2 2) U24
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 22 Aug 2024 20:12:20 GMT
x-frame-options: SAMEORIGIN
access-control-max-age: 1000
access-control-allow-methods: GET,POST
vary: Host
access-control-allow-origin: https://www.zionsbank.com
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, CSRF-Token, Accept-Encoding
x-webkit-csp: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
expires: Tue, 16 Sep 2025 08:58:21 GMT

GET
H2 200 zellemeganavpromo-grouppayingdinner.jpeg
www.zionsbank.com/content/experience-fragments/zbna/atlas/structure/header/atlas/digital-banking/zfnb/_jcr_content/root/cta_copy_copy_copy_c/image.coreimg.jpeg/1670266270221/ 52 KB
62 KB 595ms
595ms Image
image/jpeg 45.60.233.5
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zionsbank.com/content/experience-fragments/zbna/atlas/structure/header/atlas/digital-banking/zfnb/_jcr_content/root/cta_copy_copy_copy_c/image.coreimg.jpeg/1670266270221/zellemeganavpromo-grouppayingdinner.jpeg

Requested by

Host: www.zionsbank.com
URL: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.60.233.5 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d276346bb2b73fe8c0ce628ed53e9d09b132db0f91c1433b3e70c40ca7b45262

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://.zionsbank.com https://.omtrdc.net https://.demdex.net https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.google.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.twilio.com wss://.twilio.com https://.googlesyndication.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://.adobedtm.com https://.doubleclick.net https://connect.facebook.net https://.googletagmanager.com https://.googleadservices.com https://.googleapis.com https://.gstatic.com https://.google.com http://.zionsbank.com https://.zionsbank.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://.linkedin.com https://.bufferapp.com https://.pinterest.com https://.reddit.com https://googleads.g.doubleclick.net https://.pages05.net https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://.doubleclick.net https://.gstatic.com https://.online-metrix.net https://.omtrdc.net https://.demdex.net https://.everesttech.net https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://.issuu.com https://.doubleclick.net https://.demdex.net https://.visa.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.pages05.net https://.brightcove.net https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=8640000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://.zionsbank.com https://.omtrdc.net https://.demdex.net https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.google.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.twilio.com wss://.twilio.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://.adobedtm.com https://.doubleclick.net https://connect.facebook.net https://.googletagmanager.com https://.googleadservices.com https://.googleapis.com https://.gstatic.com https://.google.com http://.zionsbank.com https://.zionsbank.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://.linkedin.com https://.bufferapp.com https://.pinterest.com https://.reddit.com https://googleads.g.doubleclick.net https://.pages05.net https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://.doubleclick.net https://.gstatic.com https://.online-metrix.net https://.omtrdc.net https://.demdex.net https://.everesttech.net https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://.issuu.com https://.doubleclick.net https://.demdex.net https://.visa.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.pages05.net https://.brightcove.net https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-content-security-policy: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
date: Mon, 16 Sep 2024 08:58:22 GMT
content-security-policy: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.googlesyndication.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=8640000;includeSubDomains;preload
x-permitted-cross-domain-policies: none
x-cdn: Imperva
x-iinfo: 12-474665-474754 PNNy RT(1726477100193 850) q(0 4 4 -1) r(5 5) U24
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 22 Aug 2024 20:12:20 GMT
x-frame-options: SAMEORIGIN
access-control-max-age: 1000
access-control-allow-methods: GET,POST
vary: Host
access-control-allow-origin: https://www.zionsbank.com
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, CSRF-Token, Accept-Encoding
x-webkit-csp: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
expires: Tue, 16 Sep 2025 08:58:22 GMT

GET
H2 200 personaldirectconnect-categorypagehero-womanlaptop-small.jpeg
www.zionsbank.com/personal/errors/404/_jcr_content/root/container-main/container-content/four-zero-four-error/image.coreimg.jpeg/1679006971194/ 193 KB
203 KB 511ms
509ms Image
image/jpeg 45.60.233.5
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zionsbank.com/personal/errors/404/_jcr_content/root/container-main/container-content/four-zero-four-error/image.coreimg.jpeg/1679006971194/personaldirectconnect-categorypagehero-womanlaptop-small.jpeg

Requested by

Host: www.zionsbank.com
URL: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.60.233.5 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

58296e8115fdd9df3a2174baed5491c43c9e6de1d2610bc61e94b61b45778db7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://.zionsbank.com https://.omtrdc.net https://.demdex.net https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.google.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.twilio.com wss://.twilio.com https://.googlesyndication.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://.adobedtm.com https://.doubleclick.net https://connect.facebook.net https://.googletagmanager.com https://.googleadservices.com https://.googleapis.com https://.gstatic.com https://.google.com http://.zionsbank.com https://.zionsbank.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://.linkedin.com https://.bufferapp.com https://.pinterest.com https://.reddit.com https://googleads.g.doubleclick.net https://.pages05.net https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://.doubleclick.net https://.gstatic.com https://.online-metrix.net https://.omtrdc.net https://.demdex.net https://.everesttech.net https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://.issuu.com https://.doubleclick.net https://.demdex.net https://.visa.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.pages05.net https://.brightcove.net https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=8640000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://.zionsbank.com https://.omtrdc.net https://.demdex.net https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.google.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.twilio.com wss://.twilio.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://.adobedtm.com https://.doubleclick.net https://connect.facebook.net https://.googletagmanager.com https://.googleadservices.com https://.googleapis.com https://.gstatic.com https://.google.com http://.zionsbank.com https://.zionsbank.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://.linkedin.com https://.bufferapp.com https://.pinterest.com https://.reddit.com https://googleads.g.doubleclick.net https://.pages05.net https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://.doubleclick.net https://.gstatic.com https://.online-metrix.net https://.omtrdc.net https://.demdex.net https://.everesttech.net https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://.issuu.com https://.doubleclick.net https://.demdex.net https://.visa.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.pages05.net https://.brightcove.net https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-content-security-policy: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
date: Mon, 16 Sep 2024 08:58:22 GMT
content-security-policy: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.googlesyndication.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=8640000;includeSubDomains;preload
x-permitted-cross-domain-policies: none
x-cdn: Imperva
x-iinfo: 12-474665-474747 PNNy RT(1726477100193 936) q(0 3 3 -1) r(4 4) U24
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 14 Sep 2024 14:14:40 GMT
x-frame-options: SAMEORIGIN
access-control-max-age: 1000
access-control-allow-methods: GET,POST
vary: Host
access-control-allow-origin: https://www.zionsbank.com
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, CSRF-Token, Accept-Encoding
x-webkit-csp: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
expires: Tue, 16 Sep 2025 08:58:22 GMT

GET
H2 200 clientlib-dependencies.min.d2f6150e49d7af13d06bee9b2b69237e.js Show response
www.zionsbank.com/etc.clientlibs/zbna-genesis-project/clientlibs/ 606 KB
192 KB 327ms
325ms Script
application/javascript 45.60.233.5
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zionsbank.com/etc.clientlibs/zbna-genesis-project/clientlibs/clientlib-dependencies.min.d2f6150e49d7af13d06bee9b2b69237e.js

Requested by

Host: www.zionsbank.com
URL: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.60.233.5 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d973c1373112e20334fec56f544d0c7386e02c06a9c4bd7a1564afec2e4bdb44

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://.zionsbank.com https://.omtrdc.net https://.demdex.net https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.google.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.twilio.com wss://.twilio.com https://.googlesyndication.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://.adobedtm.com https://.doubleclick.net https://connect.facebook.net https://.googletagmanager.com https://.googleadservices.com https://.googleapis.com https://.gstatic.com https://.google.com http://.zionsbank.com https://.zionsbank.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://.linkedin.com https://.bufferapp.com https://.pinterest.com https://.reddit.com https://googleads.g.doubleclick.net https://.pages05.net https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://.doubleclick.net https://.gstatic.com https://.online-metrix.net https://.omtrdc.net https://.demdex.net https://.everesttech.net https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://.issuu.com https://.doubleclick.net https://.demdex.net https://.visa.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.pages05.net https://.brightcove.net https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=8640000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://.zionsbank.com https://.omtrdc.net https://.demdex.net https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.google.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.twilio.com wss://.twilio.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://.adobedtm.com https://.doubleclick.net https://connect.facebook.net https://.googletagmanager.com https://.googleadservices.com https://.googleapis.com https://.gstatic.com https://.google.com http://.zionsbank.com https://.zionsbank.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://.linkedin.com https://.bufferapp.com https://.pinterest.com https://.reddit.com https://googleads.g.doubleclick.net https://.pages05.net https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://.doubleclick.net https://.gstatic.com https://.online-metrix.net https://.omtrdc.net https://.demdex.net https://.everesttech.net https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://.issuu.com https://.doubleclick.net https://.demdex.net https://.visa.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.pages05.net https://.brightcove.net https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-content-security-policy: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
date: Mon, 16 Sep 2024 08:58:22 GMT
content-security-policy: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.googlesyndication.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=8640000;includeSubDomains;preload
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-cdn: Imperva
x-iinfo: 12-474665-474760 PNYy RT(1726477100193 941) q(0 1 1 -1) r(2 2) U24
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 22 Aug 2024 20:11:40 GMT
x-frame-options: SAMEORIGIN
access-control-max-age: 1000
access-control-allow-methods: GET,POST
vary: Host,Accept-Encoding,User-Agent
access-control-allow-origin: https://www.zionsbank.com
content-type: application/javascript;charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, CSRF-Token, Accept-Encoding
x-webkit-csp: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
expires: Tue, 16 Sep 2025 08:58:22 GMT

GET
H2 200 jquery-capslockstate-1.2.1.min.9ca8db05066724bf6f83502fa811d437.js Show response
www.zionsbank.com/etc.clientlibs/zbna-genesis-project/clientlibs/vendor/ 2 KB
10 KB 371ms
369ms Script
application/javascript 45.60.233.5
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zionsbank.com/etc.clientlibs/zbna-genesis-project/clientlibs/vendor/jquery-capslockstate-1.2.1.min.9ca8db05066724bf6f83502fa811d437.js

Requested by

Host: www.zionsbank.com
URL: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.60.233.5 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3b3a634718b3b97945f8dc98726a805b22915b41bc19ca6331bf011b399f8339

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://.zionsbank.com https://.omtrdc.net https://.demdex.net https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.google.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.twilio.com wss://.twilio.com https://.googlesyndication.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://.adobedtm.com https://.doubleclick.net https://connect.facebook.net https://.googletagmanager.com https://.googleadservices.com https://.googleapis.com https://.gstatic.com https://.google.com http://.zionsbank.com https://.zionsbank.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://.linkedin.com https://.bufferapp.com https://.pinterest.com https://.reddit.com https://googleads.g.doubleclick.net https://.pages05.net https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://.doubleclick.net https://.gstatic.com https://.online-metrix.net https://.omtrdc.net https://.demdex.net https://.everesttech.net https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://.issuu.com https://.doubleclick.net https://.demdex.net https://.visa.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.pages05.net https://.brightcove.net https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=8640000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://.zionsbank.com https://.omtrdc.net https://.demdex.net https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.google.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.twilio.com wss://.twilio.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://.adobedtm.com https://.doubleclick.net https://connect.facebook.net https://.googletagmanager.com https://.googleadservices.com https://.googleapis.com https://.gstatic.com https://.google.com http://.zionsbank.com https://.zionsbank.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://.linkedin.com https://.bufferapp.com https://.pinterest.com https://.reddit.com https://googleads.g.doubleclick.net https://.pages05.net https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://.doubleclick.net https://.gstatic.com https://.online-metrix.net https://.omtrdc.net https://.demdex.net https://.everesttech.net https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://.issuu.com https://.doubleclick.net https://.demdex.net https://.visa.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.pages05.net https://.brightcove.net https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-content-security-policy: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
date: Mon, 16 Sep 2024 08:58:22 GMT
content-security-policy: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.googlesyndication.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=8640000;includeSubDomains;preload
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-cdn: Imperva
x-iinfo: 12-474665-474693 PNYN RT(1726477100193 943) q(0 2 2 -1) r(3 3) U24
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 22 Aug 2024 20:11:40 GMT
x-frame-options: SAMEORIGIN
access-control-max-age: 1000
access-control-allow-methods: GET,POST
vary: Host,Accept-Encoding,User-Agent
access-control-allow-origin: https://www.zionsbank.com
content-type: application/javascript;charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, CSRF-Token, Accept-Encoding
x-webkit-csp: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
expires: Tue, 16 Sep 2025 08:58:22 GMT

GET
H2 200 handlebars-4.7.7.min.ec9e6b6f936f22743664eef3e57673da.js Show response
www.zionsbank.com/etc.clientlibs/zbna-genesis-project/clientlibs/vendor/ 78 KB
33 KB 467ms
466ms Script
application/javascript 45.60.233.5
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zionsbank.com/etc.clientlibs/zbna-genesis-project/clientlibs/vendor/handlebars-4.7.7.min.ec9e6b6f936f22743664eef3e57673da.js

Requested by

Host: www.zionsbank.com
URL: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.60.233.5 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

882918765ff26ff068a3188689dea861427ddb2d25755ad2604225b6eb3c45bc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://.zionsbank.com https://.omtrdc.net https://.demdex.net https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.google.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.twilio.com wss://.twilio.com https://.googlesyndication.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://.adobedtm.com https://.doubleclick.net https://connect.facebook.net https://.googletagmanager.com https://.googleadservices.com https://.googleapis.com https://.gstatic.com https://.google.com http://.zionsbank.com https://.zionsbank.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://.linkedin.com https://.bufferapp.com https://.pinterest.com https://.reddit.com https://googleads.g.doubleclick.net https://.pages05.net https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://.doubleclick.net https://.gstatic.com https://.online-metrix.net https://.omtrdc.net https://.demdex.net https://.everesttech.net https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://.issuu.com https://.doubleclick.net https://.demdex.net https://.visa.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.pages05.net https://.brightcove.net https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=8640000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://.zionsbank.com https://.omtrdc.net https://.demdex.net https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.google.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.twilio.com wss://.twilio.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://.adobedtm.com https://.doubleclick.net https://connect.facebook.net https://.googletagmanager.com https://.googleadservices.com https://.googleapis.com https://.gstatic.com https://.google.com http://.zionsbank.com https://.zionsbank.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://.linkedin.com https://.bufferapp.com https://.pinterest.com https://.reddit.com https://googleads.g.doubleclick.net https://.pages05.net https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://.doubleclick.net https://.gstatic.com https://.online-metrix.net https://.omtrdc.net https://.demdex.net https://.everesttech.net https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://.issuu.com https://.doubleclick.net https://.demdex.net https://.visa.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.pages05.net https://.brightcove.net https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-content-security-policy: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
date: Mon, 16 Sep 2024 08:58:22 GMT
content-security-policy: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.googlesyndication.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=8640000;includeSubDomains;preload
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-cdn: Imperva
x-iinfo: 12-474665-474751 PNYy RT(1726477100193 944) q(0 2 2 -1) r(3 3) U24
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 22 Aug 2024 20:11:40 GMT
x-frame-options: SAMEORIGIN
access-control-max-age: 1000
access-control-allow-methods: GET,POST
vary: Host,Accept-Encoding,User-Agent
access-control-allow-origin: https://www.zionsbank.com
content-type: application/javascript;charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, CSRF-Token, Accept-Encoding
x-webkit-csp: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
expires: Tue, 16 Sep 2025 08:58:22 GMT

GET
H2 200 clientlib-base.min.6660fc9ee07e6b107f06776def134159.js Show response
www.zionsbank.com/etc.clientlibs/zbna-genesis-project/clientlibs/ 161 KB
52 KB 475ms
474ms Script
application/javascript 45.60.233.5
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zionsbank.com/etc.clientlibs/zbna-genesis-project/clientlibs/clientlib-base.min.6660fc9ee07e6b107f06776def134159.js

Requested by

Host: www.zionsbank.com
URL: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.60.233.5 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

5d6fda201f776dfc29ae601055f49fca3a14ce64e4efd88c62e47777cad1a34d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://.zionsbank.com https://.omtrdc.net https://.demdex.net https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.google.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.twilio.com wss://.twilio.com https://.googlesyndication.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://.adobedtm.com https://.doubleclick.net https://connect.facebook.net https://.googletagmanager.com https://.googleadservices.com https://.googleapis.com https://.gstatic.com https://.google.com http://.zionsbank.com https://.zionsbank.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://.linkedin.com https://.bufferapp.com https://.pinterest.com https://.reddit.com https://googleads.g.doubleclick.net https://.pages05.net https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://.doubleclick.net https://.gstatic.com https://.online-metrix.net https://.omtrdc.net https://.demdex.net https://.everesttech.net https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://.issuu.com https://.doubleclick.net https://.demdex.net https://.visa.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.pages05.net https://.brightcove.net https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=8640000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://.zionsbank.com https://.omtrdc.net https://.demdex.net https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.google.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.twilio.com wss://.twilio.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://.adobedtm.com https://.doubleclick.net https://connect.facebook.net https://.googletagmanager.com https://.googleadservices.com https://.googleapis.com https://.gstatic.com https://.google.com http://.zionsbank.com https://.zionsbank.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://.linkedin.com https://.bufferapp.com https://.pinterest.com https://.reddit.com https://googleads.g.doubleclick.net https://.pages05.net https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://.doubleclick.net https://.gstatic.com https://.online-metrix.net https://.omtrdc.net https://.demdex.net https://.everesttech.net https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://.issuu.com https://.doubleclick.net https://.demdex.net https://.visa.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.pages05.net https://.brightcove.net https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-content-security-policy: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
date: Mon, 16 Sep 2024 08:58:22 GMT
content-security-policy: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.googlesyndication.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=8640000;includeSubDomains;preload
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-cdn: Imperva
x-iinfo: 12-474665-474693 PNYN RT(1726477100193 945) q(0 3 3 -1) r(4 4) U24
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 29 Aug 2024 20:06:16 GMT
x-frame-options: SAMEORIGIN
access-control-max-age: 1000
access-control-allow-methods: GET,POST
vary: Host,Accept-Encoding,User-Agent
access-control-allow-origin: https://www.zionsbank.com
content-type: application/javascript;charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, CSRF-Token, Accept-Encoding
x-webkit-csp: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
expires: Tue, 16 Sep 2025 08:58:22 GMT

GET
H3 200 search-script.min.js Show response
customer.cludo.com/scripts/bundles/ 221 KB
48 KB 91ms
35ms Script
application/javascript 2606:4700:10::ac43:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://customer.cludo.com/scripts/bundles/search-script.min.js
Requested by: Host: www.zionsbank.com
URL: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b334979ae1bb352fc41d96f91ec65b81545da6aabe1fa81442c03a7f9fb4281

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 08:58:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Aug 2024 16:44:30 GMT
server: cloudflare
age: 278
etag: W/"02b76632efda1:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=300
cf-ray: 8c3fa77ebe204d7c-FRA
alt-svc: h3=":443"; ma=86400
x-lb: 4

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 236 KB
81 KB 105ms
51ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyDOCiT7kBVoU2BqaVwQUB5UMr0oLFd5MZI&callback=ZBNA.locationServices.initMap&libraries=geometry&v=weekly

Requested by

Host: www.zionsbank.com
URL: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

f9d828969777397ac88e21a5f77d57788513d19347efd79f1e120cdbb910a652

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 08:58:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82573
x-xss-protection: 0

GET
H2 200 _Incapsula_Resource Show response
www.zionsbank.com/ 81 KB
19 KB 123ms
123ms Script
application/javascript 45.60.233.5
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zionsbank.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=971432491
Requested by: Host: www.zionsbank.com
URL: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.60.233.5 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 8a88f677a660e8ddc612b6153bc4386dd9f8846bed7ba66cba656baff77345aa

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
x-robots-tag: noindex
content-length: 19763
content-type: application/javascript

GET
H2 200 id Show response
dpm.demdex.net/ 371 B
917 B 178ms
52ms XHR
application/json 52.31.141.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=FFE376A8532209960A490D44%40AdobeOrg&d_nsid=0&ts=1726477101855

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/f03976e3c291/1169b9ef5511/launch-565392c5c754.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.31.141.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-141-178.eu-west-1.compute.amazonaws.com

Software

Resource Hash

4668a0bc4157d8413e79c5ac1e43c57afd2ccbe1253c2289a6ef2cc38bc33082

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

dcs: dcs-prod-irl1-1-v065-05f07f085.edge-irl1.demdex.com 5 ms
pragma: no-cache
date: Mon, 16 Sep 2024 08:58:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-tid: xRr1bWi5QmM=
vary: Origin
content-type: application/json;charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://www.zionsbank.com
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 310
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 EX358e685ea45c491286c42d10352a4fc6-libraryCode_source.min.js Show response
assets.adobedtm.com/f03976e3c291/1169b9ef5511/24a1e1a43df7/ 49 KB
17 KB 35ms
35ms Script
application/x-javascript 2a02:26f0:3500:58e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/f03976e3c291/1169b9ef5511/24a1e1a43df7/EX358e685ea45c491286c42d10352a4fc6-libraryCode_source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/f03976e3c291/1169b9ef5511/launch-565392c5c754.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 54f7da9ae71a2ccc12781983a7bfa0f0979570daea6831295ccef84b92333850

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 08:58:21 GMT
content-encoding: gzip
last-modified: Thu, 05 Sep 2024 20:10:58 GMT
server: AkamaiNetStorage
etag: "4c56951f4e276e8d6f4feaf7967c97ab:1725567058.470044"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.zionsbank.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 17386
expires: Mon, 16 Sep 2024 09:58:21 GMT

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 13 KB
5 KB 79ms
25ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=362168&u=https%3A%2F%2Fwww.zionsbank.com%2F%2Fpersonal%2F-banking%2F%2Fhome%2F-loans%2F%2Ffixed%2F-rate%2F-home%2F-loan%2F%2F&f=1&vn=1.5
Requested by: Host: www.zionsbank.com
URL: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: ae81d49199e6ccb41d1c115f3cbe5301e3588623da83f676d2deac0a14ccfcd0

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 08:58:21 GMT
content-encoding: gzip
via: 1.1 google
server: gfra1
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0, no-cache, must-revalidate
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 salemove_integration.js Show response
api.glia.com/ 9 KB
10 KB 89ms
20ms Script
application/javascript 2600:9000:2724:cc00:17:4c3f:1b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.glia.com/salemove_integration.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/f03976e3c291/1169b9ef5511/launch-565392c5c754.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:cc00:17:4c3f:1b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a39fda84d9a110d7deecae1b8926b1ac860dd1c76f79e14b3a0d740c315c58c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
date: Mon, 16 Sep 2024 08:31:07 GMT
via: 1.1 20ce720be9c31a6a95223700ba5f8724.cloudfront.net (CloudFront)
last-modified: Wed, 11 Sep 2024 21:22:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P12
age: 1635
x-amz-server-side-encryption: AES256
etag: "3466cc6f2068120138b624ff9fd4a77b"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 9323
x-amz-cf-id: 0ZPMx4dxIbQSHTjbWFTzseBGxncEMQk2FaVAPrO6XKF1C4detFW3BQ==

GET
H3 200 va-45c1349573d14f5ac261f86023fd2bc9.js Show response
dev.visualwebsiteoptimizer.com/7.0/ 252 KB
71 KB 60ms
38ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/7.0/va-45c1349573d14f5ac261f86023fd2bc9.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=362168&u=https%3A%2F%2Fwww.zionsbank.com%2F%2Fpersonal%2F-banking%2F%2Fhome%2F-loans%2F%2Ffixed%2F-rate%2F-home%2F-loan%2F%2F&f=1&vn=1.5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 476e4ae973d5cb0aa6d213237f836b0a4c8ca8d2f067e53f024ddcadbdd9b992

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
Origin: https://www.zionsbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 08:58:21 GMT
content-encoding: br
via: 1.1 google
last-modified: Sat, 14 Sep 2024 11:01:53 GMT
server: gfra1
etag: "66e56d21-119eb"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72171

GET
H3 200 track-45c1349573d14f5ac261f86023fd2bc9.js Show response
dev.visualwebsiteoptimizer.com/7.0/ 16 KB
5 KB 45ms
24ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/7.0/track-45c1349573d14f5ac261f86023fd2bc9.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=362168&u=https%3A%2F%2Fwww.zionsbank.com%2F%2Fpersonal%2F-banking%2F%2Fhome%2F-loans%2F%2Ffixed%2F-rate%2F-home%2F-loan%2F%2F&f=1&vn=1.5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: b39262135ebb65249c4eeb26584c797c5782c95cb1d8a1527ab2d931578a407a

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
Origin: https://www.zionsbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 08:58:21 GMT
content-encoding: br
via: 1.1 google
last-modified: Sat, 14 Sep 2024 11:01:53 GMT
server: gfra1
etag: "66e56d21-124f"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4687

GET
H3 200 opa-90d7fee29be2aab5445d16205504b7da.js Show response
dev.visualwebsiteoptimizer.com/analysis/4.0/ 147 KB
37 KB 45ms
23ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-90d7fee29be2aab5445d16205504b7da.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=362168&u=https%3A%2F%2Fwww.zionsbank.com%2F%2Fpersonal%2F-banking%2F%2Fhome%2F-loans%2F%2Ffixed%2F-rate%2F-home%2F-loan%2F%2F&f=1&vn=1.5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 3ab05486da5989547c6a4db91448b343aa0eeb6534426fa5609bc256fc7776d0

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
Origin: https://www.zionsbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 08:58:21 GMT
content-encoding: br
via: 1.1 google
last-modified: Sat, 14 Sep 2024 11:01:40 GMT
server: gfra1
etag: "66e56d14-932e"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37678

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
144 B 151ms
150ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=362168&d=zionsbank.com&u=D928A352226E450E89D575EB8E6F7EC6F&h=ba559b6325b8c536e4df2161314d5c3f&t=false

Requested by

Host: www.zionsbank.com
URL: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv02c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 08:58:22 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv02c
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=43200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35

POST
H2 200 visitor_config Show response
api.glia.com/ 18 KB
20 KB 132ms
132ms XHR
application/json 2600:9000:2724:cc00:17:4c3f:1b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.glia.com/visitor_config?referrer=https%3A%2F%2Fwww.zionsbank.com%2F%2Fpersonal%2F-banking%2F%2Fhome%2F-loans%2F%2Ffixed%2F-rate%2F-home%2F-loan%2F%2F&

Requested by

Host: api.glia.com
URL: https://api.glia.com/salemove_integration.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:cc00:17:4c3f:1b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

da50fa4979e673845de88d3488c299756ada9f9e34e5e114b26a15df275e992b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 16 Sep 2024 08:58:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 20ce720be9c31a6a95223700ba5f8724.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P12
x-cache: Miss from cloudfront
content-length: 18856
access-control-max-age: 7200
vary: Origin
access-control-allow-methods: GET, POST, PUT, PATCH, OPTIONS, HEAD, DELETE
access-control-allow-origin: https://www.zionsbank.com
access-control-expose-headers
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json
x-site-visitor-config: true
access-control-allow-headers: Content-Type, Accept, Authorization
x-amz-cf-id: vo0V0k5xwRS2OL1Rv6_WpuhCF8sqnmWK47fz5aG8Zyr7Z_mBAFEmhA==

GET
H2 200 dest5.html
zionsbancorp.demdex.net/ Frame 825A 0
0 141ms
44ms Document
text/html 52.31.141.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://zionsbancorp.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/f03976e3c291/1169b9ef5511/launch-565392c5c754.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.31.141.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-141-178.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Mon, 16 Sep 2024 08:58:22 GMT
dcs: dcs-prod-irl1-1-v065-06a34db27.edge-irl1.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Mon, 2 Sep 2024 10:59:42 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: L3zV/d2LSaQ=

GET
H2

200

ibs:dpid=411&dpuuid=ZufzLgAAAGtg_AO-
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=26447657991448362001203319936929438638
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZufzLgAAAGtg_AO-

42 B
717 B

62ms
61ms

Image
image/gif

52.31.141.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZufzLgAAAGtg_AO-

Requested by

Host: www.zionsbank.com
URL: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//

Protocol

Server

52.31.141.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-141-178.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v065-0d671402b.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Mon, 16 Sep 2024 08:58:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: xLExW/pJSoU=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZufzLgAAAGtg_AO-
Date: Mon, 16 Sep 2024 08:58:22 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H3 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 18 KB
3 KB 27ms
27ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=362168&settings_type=1&vn=7.0&exc=1|65
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/7.0/va-45c1349573d14f5ac261f86023fd2bc9.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 2409dee53e7ac598962fbd2257e654407ebb168f9f78a79035a079eba43fcf93

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 08:58:21 GMT
content-encoding: gzip
via: 1.1 google
server: gfra1
etag: W/"1726311723"
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 bootstrapper-f1db72b75.js Show response
libs.salemove.com/visitor/ 649 KB
170 KB 79ms
23ms Script
application/javascript 2600:9000:2724:ce00:0:99b9:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://libs.salemove.com/visitor/bootstrapper-f1db72b75.js

Requested by

Host: api.glia.com
URL: https://api.glia.com/salemove_integration.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:ce00:0:99b9:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

30a10b1f050e5c8783c3cb59cf246f3e5d93ed76dd5c3f0ada5d1d4b5dbd855b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 07:52:03 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
via: 1.1 b9b04d42286133992b582a519d8da04e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P12
age: 3980
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 16 Sep 2024 07:16:56 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:5f7f2898ce5829dce7f598e4e7b3f9c1
etag: W/"5f7f2898ce5829dce7f598e4e7b3f9c1"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: Z2FBKVDqfdSDiFXHjWzduB48-XYEJa7ml9z3g2re0ErduWj0PzqOWQ==

GET
H3 200 worker-70faafffa0475802f5ee03ca5ff74179.js Show response
dev.visualwebsiteoptimizer.com/analysis/4.0/ 46 KB
13 KB 24ms
21ms XHR
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/4.0/worker-70faafffa0475802f5ee03ca5ff74179.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-90d7fee29be2aab5445d16205504b7da.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 09b67475f266dbf552159ca9f6b44d9dc3ea04842b2bd6e8b09d74f6b21897d0

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 08:58:21 GMT
content-encoding: br
via: 1.1 google
last-modified: Sat, 14 Sep 2024 11:01:40 GMT
server: gfra1
etag: "66e56d14-3459"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13401

GET
H2 200 webcomponents_es5-f1db72b75.js Show response
libs.salemove.com/visitor/ 936 B
1 KB 23ms
19ms Script
application/javascript 2600:9000:2724:ce00:0:99b9:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://libs.salemove.com/visitor/webcomponents_es5-f1db72b75.js

Requested by

Host: libs.salemove.com
URL: https://libs.salemove.com/visitor/bootstrapper-f1db72b75.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:ce00:0:99b9:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

832dbd199f70ade357e88a3f5d32920c8c63e69258dc173d3b261686320895db

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 07:52:04 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 b9b04d42286133992b582a519d8da04e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P12
age: 3979
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 936
last-modified: Mon, 16 Sep 2024 07:16:56 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:f86098c5208655efb405300993461936
etag: "f86098c5208655efb405300993461936"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: GAOh75HM7aIgPUTDtEvZDTVXBkubS8cz2h5ullGy_WVj6U-mrjbKAQ==

GET
H2 200 zfnb.svg
www.zionsbank.com/etc.clientlibs/zbna-genesis-project/clientlibs/clientlib-site/resources/logos/ 3 KB
11 KB 213ms
210ms Image
image/svg+xml 45.60.233.5
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zionsbank.com/etc.clientlibs/zbna-genesis-project/clientlibs/clientlib-site/resources/logos/zfnb.svg

Requested by

Host: www.zionsbank.com
URL: https://www.zionsbank.com/etc.clientlibs/zbna-genesis-project/clientlibs/clientlib-theme-zfnb.min.78256b9f5f3667e4bbda8ad4423bd7c5.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.60.233.5 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

0e74d6b9ee19e5d700f3696e7c6cf4b05de0ee85815cff1c04c709e544e461c8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://.zionsbank.com https://.omtrdc.net https://.demdex.net https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.google.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.twilio.com wss://.twilio.com https://.googlesyndication.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://.adobedtm.com https://.doubleclick.net https://connect.facebook.net https://.googletagmanager.com https://.googleadservices.com https://.googleapis.com https://.gstatic.com https://.google.com http://.zionsbank.com https://.zionsbank.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://.linkedin.com https://.bufferapp.com https://.pinterest.com https://.reddit.com https://googleads.g.doubleclick.net https://.pages05.net https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://.doubleclick.net https://.gstatic.com https://.online-metrix.net https://.omtrdc.net https://.demdex.net https://.everesttech.net https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://.issuu.com https://.doubleclick.net https://.demdex.net https://.visa.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.pages05.net https://.brightcove.net https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=8640000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://.zionsbank.com https://.omtrdc.net https://.demdex.net https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.google.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.twilio.com wss://.twilio.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://.adobedtm.com https://.doubleclick.net https://connect.facebook.net https://.googletagmanager.com https://.googleadservices.com https://.googleapis.com https://.gstatic.com https://.google.com http://.zionsbank.com https://.zionsbank.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://.linkedin.com https://.bufferapp.com https://.pinterest.com https://.reddit.com https://googleads.g.doubleclick.net https://.pages05.net https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://.doubleclick.net https://.gstatic.com https://.online-metrix.net https://.omtrdc.net https://.demdex.net https://.everesttech.net https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://.issuu.com https://.doubleclick.net https://.demdex.net https://.visa.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.pages05.net https://.brightcove.net https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.zionsbank.com/etc.clientlibs/zbna-genesis-project/clientlibs/clientlib-theme-zfnb.min.78256b9f5f3667e4bbda8ad4423bd7c5.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-content-security-policy: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
date: Mon, 16 Sep 2024 08:58:22 GMT
content-security-policy: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.googlesyndication.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=8640000;includeSubDomains;preload
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-cdn: Imperva
x-iinfo: 12-474665-474751 PNYy RT(1726477100193 1406) q(0 1 1 -1) r(2 2) U24
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 15 Sep 2024 20:19:18 GMT
x-frame-options: SAMEORIGIN
access-control-max-age: 1000
access-control-allow-methods: GET,POST
vary: Host,Accept-Encoding,User-Agent
access-control-allow-origin: https://www.zionsbank.com
content-type: image/svg+xml
cache-control: max-age=86400, public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, CSRF-Token, Accept-Encoding
x-webkit-csp: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
expires: Tue, 16 Sep 2025 08:58:22 GMT

GET
DATA 200
OK truncated
/ 571 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5539be3e62f7a9a26d2aa473bc993c4b3c989403ec5cef70cdae500b2d2a0a46

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H2 200 Muli-VariableFont_wght.ttf
www.zionsbank.com/etc.clientlibs/zbna-genesis-project/clientlibs/clientlib-site/resources/fonts/ 142 KB
152 KB 202ms
201ms Font
application/x-font-ttf 45.60.233.5
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zionsbank.com/etc.clientlibs/zbna-genesis-project/clientlibs/clientlib-site/resources/fonts/Muli-VariableFont_wght.ttf

Requested by

Host: www.zionsbank.com
URL: https://www.zionsbank.com/etc.clientlibs/zbna-genesis-project/clientlibs/clientlib-theme-zfnb.min.78256b9f5f3667e4bbda8ad4423bd7c5.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.60.233.5 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

c5886c5b2f5c63a89b06611d65ed05681a10c2c8331089bbc7725c82494e0a54

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://.zionsbank.com https://.omtrdc.net https://.demdex.net https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.google.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.twilio.com wss://.twilio.com https://.googlesyndication.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://.adobedtm.com https://.doubleclick.net https://connect.facebook.net https://.googletagmanager.com https://.googleadservices.com https://.googleapis.com https://.gstatic.com https://.google.com http://.zionsbank.com https://.zionsbank.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://.linkedin.com https://.bufferapp.com https://.pinterest.com https://.reddit.com https://googleads.g.doubleclick.net https://.pages05.net https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://.doubleclick.net https://.gstatic.com https://.online-metrix.net https://.omtrdc.net https://.demdex.net https://.everesttech.net https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://.issuu.com https://.doubleclick.net https://.demdex.net https://.visa.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.pages05.net https://.brightcove.net https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=8640000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://.zionsbank.com https://.omtrdc.net https://.demdex.net https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.google.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.twilio.com wss://.twilio.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://.adobedtm.com https://.doubleclick.net https://connect.facebook.net https://.googletagmanager.com https://.googleadservices.com https://.googleapis.com https://.gstatic.com https://.google.com http://.zionsbank.com https://.zionsbank.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://.linkedin.com https://.bufferapp.com https://.pinterest.com https://.reddit.com https://googleads.g.doubleclick.net https://.pages05.net https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://.doubleclick.net https://.gstatic.com https://.online-metrix.net https://.omtrdc.net https://.demdex.net https://.everesttech.net https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://.issuu.com https://.doubleclick.net https://.demdex.net https://.visa.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.pages05.net https://.brightcove.net https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.zionsbank.com/etc.clientlibs/zbna-genesis-project/clientlibs/clientlib-theme-zfnb.min.78256b9f5f3667e4bbda8ad4423bd7c5.css
Origin: https://www.zionsbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-content-security-policy: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
date: Mon, 16 Sep 2024 08:58:22 GMT
content-security-policy: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.googlesyndication.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=8640000;includeSubDomains;preload
x-permitted-cross-domain-policies: none
x-cdn: Imperva
x-iinfo: 12-474665-474754 PNNy RT(1726477100193 1422) q(0 0 0 -1) r(1 1) U24
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 15 Sep 2024 20:14:01 GMT
x-frame-options: SAMEORIGIN
access-control-max-age: 1000
access-control-allow-methods: GET,POST
vary: Host,Accept-Encoding,User-Agent,Origin
access-control-allow-origin: https://www.zionsbank.com
content-type: application/x-font-ttf
cache-control: max-age=86400, public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, CSRF-Token, Accept-Encoding
x-webkit-csp: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
expires: Tue, 16 Sep 2025 08:58:22 GMT

GET
H2 200 Muli-Italic-VariableFont_wght.ttf
www.zionsbank.com/etc.clientlibs/zbna-genesis-project/clientlibs/clientlib-site/resources/fonts/ 145 KB
154 KB 280ms
279ms Font
application/x-font-ttf 45.60.233.5
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zionsbank.com/etc.clientlibs/zbna-genesis-project/clientlibs/clientlib-site/resources/fonts/Muli-Italic-VariableFont_wght.ttf

Requested by

Host: www.zionsbank.com
URL: https://www.zionsbank.com/etc.clientlibs/zbna-genesis-project/clientlibs/clientlib-theme-zfnb.min.78256b9f5f3667e4bbda8ad4423bd7c5.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.60.233.5 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

1ad7c785bbb1a6a66f448b8d66416e8853e94b852590435cef08fb2d9f0766d9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://.zionsbank.com https://.omtrdc.net https://.demdex.net https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.google.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.twilio.com wss://.twilio.com https://.googlesyndication.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://.adobedtm.com https://.doubleclick.net https://connect.facebook.net https://.googletagmanager.com https://.googleadservices.com https://.googleapis.com https://.gstatic.com https://.google.com http://.zionsbank.com https://.zionsbank.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://.linkedin.com https://.bufferapp.com https://.pinterest.com https://.reddit.com https://googleads.g.doubleclick.net https://.pages05.net https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://.doubleclick.net https://.gstatic.com https://.online-metrix.net https://.omtrdc.net https://.demdex.net https://.everesttech.net https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://.issuu.com https://.doubleclick.net https://.demdex.net https://.visa.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.pages05.net https://.brightcove.net https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=8640000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://.zionsbank.com https://.omtrdc.net https://.demdex.net https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.google.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.twilio.com wss://.twilio.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://.adobedtm.com https://.doubleclick.net https://connect.facebook.net https://.googletagmanager.com https://.googleadservices.com https://.googleapis.com https://.gstatic.com https://.google.com http://.zionsbank.com https://.zionsbank.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://.linkedin.com https://.bufferapp.com https://.pinterest.com https://.reddit.com https://googleads.g.doubleclick.net https://.pages05.net https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://.doubleclick.net https://.gstatic.com https://.online-metrix.net https://.omtrdc.net https://.demdex.net https://.everesttech.net https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://.issuu.com https://.doubleclick.net https://.demdex.net https://.visa.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.pages05.net https://.brightcove.net https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.zionsbank.com/etc.clientlibs/zbna-genesis-project/clientlibs/clientlib-theme-zfnb.min.78256b9f5f3667e4bbda8ad4423bd7c5.css
Origin: https://www.zionsbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-content-security-policy: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
date: Mon, 16 Sep 2024 08:58:22 GMT
content-security-policy: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.googlesyndication.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=8640000;includeSubDomains;preload
x-permitted-cross-domain-policies: none
x-cdn: Imperva
x-iinfo: 12-474665-474693 PNNN RT(1726477100193 1424) q(0 0 0 -1) r(1 1) U24
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 15 Sep 2024 20:14:01 GMT
x-frame-options: SAMEORIGIN
access-control-max-age: 1000
access-control-allow-methods: GET,POST
vary: Host,Accept-Encoding,User-Agent,Origin
access-control-allow-origin: https://www.zionsbank.com
content-type: application/x-font-ttf
cache-control: max-age=86400, public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, CSRF-Token, Accept-Encoding
x-webkit-csp: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
expires: Tue, 16 Sep 2025 08:58:22 GMT

GET
H2 200 token.json Show response
www.zionsbank.com/libs/granite/csrf/ 2 B
9 KB 241ms
240ms XHR
application/json 45.60.233.5
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zionsbank.com/libs/granite/csrf/token.json

Requested by

Host: www.zionsbank.com
URL: https://www.zionsbank.com/etc.clientlibs/zbna-genesis-project/clientlibs/clientlib-dependencies.min.d2f6150e49d7af13d06bee9b2b69237e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.60.233.5 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://.zionsbank.com https://.omtrdc.net https://.demdex.net https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.google.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.twilio.com wss://.twilio.com https://.googlesyndication.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://.adobedtm.com https://.doubleclick.net https://connect.facebook.net https://.googletagmanager.com https://.googleadservices.com https://.googleapis.com https://.gstatic.com https://.google.com http://.zionsbank.com https://.zionsbank.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://.linkedin.com https://.bufferapp.com https://.pinterest.com https://.reddit.com https://googleads.g.doubleclick.net https://.pages05.net https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://.doubleclick.net https://.gstatic.com https://.online-metrix.net https://.omtrdc.net https://.demdex.net https://.everesttech.net https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://.issuu.com https://.doubleclick.net https://.demdex.net https://.visa.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.pages05.net https://.brightcove.net https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=8640000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://.zionsbank.com https://.omtrdc.net https://.demdex.net https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.google.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.twilio.com wss://.twilio.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://.adobedtm.com https://.doubleclick.net https://connect.facebook.net https://.googletagmanager.com https://.googleadservices.com https://.googleapis.com https://.gstatic.com https://.google.com http://.zionsbank.com https://.zionsbank.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://.linkedin.com https://.bufferapp.com https://.pinterest.com https://.reddit.com https://googleads.g.doubleclick.net https://.pages05.net https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://.doubleclick.net https://.gstatic.com https://.online-metrix.net https://.omtrdc.net https://.demdex.net https://.everesttech.net https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://.issuu.com https://.doubleclick.net https://.demdex.net https://.visa.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.pages05.net https://.brightcove.net https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-content-security-policy: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
date: Mon, 16 Sep 2024 08:58:22 GMT
content-security-policy: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.googlesyndication.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=8640000;includeSubDomains;preload
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-cdn: Imperva
x-iinfo: 12-474665-474760 PNYy RT(1726477100193 1871) q(0 0 0 -1) r(2 2) U24
referrer-policy: no-referrer-when-downgrade
x-frame-options: SAMEORIGIN
access-control-max-age: 1000
access-control-allow-methods: GET,POST
vary: Host,User-Agent
access-control-allow-origin: https://www.zionsbank.com
content-type: application/json;charset=iso-8859-1
cache-control: no-cache
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, CSRF-Token, Accept-Encoding
x-webkit-csp: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
expires: -1

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 71ms
34ms XHR
application/json 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: www.zionsbank.com
URL: https://www.zionsbank.com/etc.clientlibs/zbna-genesis-project/clientlibs/clientlib-dependencies.min.d2f6150e49d7af13d06bee9b2b69237e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 08:58:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.zionsbank.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 _Incapsula_Resource
www.zionsbank.com/ 1 B
35 B 100ms
99ms Image
text/plain 45.60.233.5
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zionsbank.com/_Incapsula_Resource?SWKMTFSR=1&e=0.8979860662216634
Requested by: Host: www.zionsbank.com
URL: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.60.233.5 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
H2 200 RCa412239ce02142378c922eee510dd734-source.min.js Show response
assets.adobedtm.com/f03976e3c291/1169b9ef5511/24a1e1a43df7/ 722 B
717 B 69ms
69ms Script
application/x-javascript 2a02:26f0:3500:58e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/f03976e3c291/1169b9ef5511/24a1e1a43df7/RCa412239ce02142378c922eee510dd734-source.min.js
Requested by: Host: www.zionsbank.com
URL: https://www.zionsbank.com/etc.clientlibs/zbna-genesis-project/clientlibs/clientlib-dependencies.min.d2f6150e49d7af13d06bee9b2b69237e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e58d8b17e9b8deddbc935bccecb97a5dd45009a85c41c5993d131ddb9b4f9df8

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 08:58:22 GMT
content-encoding: gzip
last-modified: Thu, 05 Sep 2024 20:10:58 GMT
server: AkamaiNetStorage
etag: "4c56951f4e276e8d6f4feaf7967c97ab:1725567058.470044"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.zionsbank.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 458
expires: Mon, 16 Sep 2024 09:58:22 GMT

GET
H2 200 RC8c555b91cb1b458c928e229ca2d41151-source.min.js Show response
assets.adobedtm.com/f03976e3c291/1169b9ef5511/24a1e1a43df7/ 1 KB
793 B 69ms
68ms Script
application/x-javascript 2a02:26f0:3500:58e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/f03976e3c291/1169b9ef5511/24a1e1a43df7/RC8c555b91cb1b458c928e229ca2d41151-source.min.js
Requested by: Host: www.zionsbank.com
URL: https://www.zionsbank.com/etc.clientlibs/zbna-genesis-project/clientlibs/clientlib-dependencies.min.d2f6150e49d7af13d06bee9b2b69237e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: f439d9cb97b0843436a0b72a0a8304da28c61db10729689e2904ae8417122c80

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 08:58:22 GMT
content-encoding: gzip
last-modified: Thu, 05 Sep 2024 20:10:58 GMT
server: AkamaiNetStorage
etag: "4c56951f4e276e8d6f4feaf7967c97ab:1725567058.470044"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.zionsbank.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 534
expires: Mon, 16 Sep 2024 09:58:22 GMT

GET
H2 200 RCbe4dfb547d5641a9b046d10e2f3ad38f-source.min.js Show response
assets.adobedtm.com/f03976e3c291/1169b9ef5511/24a1e1a43df7/ 1 KB
999 B 68ms
68ms Script
application/x-javascript 2a02:26f0:3500:58e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/f03976e3c291/1169b9ef5511/24a1e1a43df7/RCbe4dfb547d5641a9b046d10e2f3ad38f-source.min.js
Requested by: Host: www.zionsbank.com
URL: https://www.zionsbank.com/etc.clientlibs/zbna-genesis-project/clientlibs/clientlib-dependencies.min.d2f6150e49d7af13d06bee9b2b69237e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 7d8b480f7848c2dca649a136ec3ef84f719254aa8a5d903fc19e6560ffff9ae1

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 08:58:22 GMT
content-encoding: gzip
last-modified: Thu, 05 Sep 2024 20:10:58 GMT
server: AkamaiNetStorage
etag: "4c56951f4e276e8d6f4feaf7967c97ab:1725567058.470044"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.zionsbank.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 740
expires: Mon, 16 Sep 2024 09:58:22 GMT

GET
H2 200 RC167d5ea7b2884813b70ffb1d127d1908-source.min.js Show response
assets.adobedtm.com/f03976e3c291/1169b9ef5511/24a1e1a43df7/ 788 B
701 B 69ms
68ms Script
application/x-javascript 2a02:26f0:3500:58e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/f03976e3c291/1169b9ef5511/24a1e1a43df7/RC167d5ea7b2884813b70ffb1d127d1908-source.min.js
Requested by: Host: www.zionsbank.com
URL: https://www.zionsbank.com/etc.clientlibs/zbna-genesis-project/clientlibs/clientlib-dependencies.min.d2f6150e49d7af13d06bee9b2b69237e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 235413704e98b8102f476dd2ed4b6cd2bfc8687f6126b000aba8fc88de16791f

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 08:58:22 GMT
content-encoding: gzip
last-modified: Thu, 05 Sep 2024 20:10:58 GMT
server: AkamaiNetStorage
etag: "4c56951f4e276e8d6f4feaf7967c97ab:1725567058.470044"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.zionsbank.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 442
expires: Mon, 16 Sep 2024 09:58:22 GMT

GET
H2 200 RC8c003292f4704f18bf2e55cf7cd3c5ff-source.min.js Show response
assets.adobedtm.com/f03976e3c291/1169b9ef5511/24a1e1a43df7/ 984 B
850 B 69ms
69ms Script
application/x-javascript 2a02:26f0:3500:58e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/f03976e3c291/1169b9ef5511/24a1e1a43df7/RC8c003292f4704f18bf2e55cf7cd3c5ff-source.min.js
Requested by: Host: www.zionsbank.com
URL: https://www.zionsbank.com/etc.clientlibs/zbna-genesis-project/clientlibs/clientlib-dependencies.min.d2f6150e49d7af13d06bee9b2b69237e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: c454ff45a28465418139e17e86bf10b13ff10f82b833ec1ae84463ae28aa981c

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 08:58:22 GMT
content-encoding: gzip
last-modified: Thu, 05 Sep 2024 20:10:58 GMT
server: AkamaiNetStorage
etag: "4c56951f4e276e8d6f4feaf7967c97ab:1725567058.470044"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.zionsbank.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 591
expires: Mon, 16 Sep 2024 09:58:22 GMT

GET
H2 200 RC94082c8ffd514c91bc96c75fb1fe88d1-source.min.js Show response
assets.adobedtm.com/f03976e3c291/1169b9ef5511/24a1e1a43df7/ 648 B
646 B 73ms
73ms Script
application/x-javascript 2a02:26f0:3500:58e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/f03976e3c291/1169b9ef5511/24a1e1a43df7/RC94082c8ffd514c91bc96c75fb1fe88d1-source.min.js
Requested by: Host: www.zionsbank.com
URL: https://www.zionsbank.com/etc.clientlibs/zbna-genesis-project/clientlibs/clientlib-dependencies.min.d2f6150e49d7af13d06bee9b2b69237e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: c781eb0739f9b8271cf36eb9f7c8dcd1b1a2c87b596e0b4842883aa297eae7a4

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 08:58:22 GMT
content-encoding: gzip
last-modified: Thu, 05 Sep 2024 20:10:58 GMT
server: AkamaiNetStorage
etag: "4c56951f4e276e8d6f4feaf7967c97ab:1725567058.470044"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.zionsbank.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 387
expires: Mon, 16 Sep 2024 09:58:22 GMT

GET
H2 200 RC675a195264844b62b977e68003f33a91-source.min.js Show response
assets.adobedtm.com/f03976e3c291/1169b9ef5511/24a1e1a43df7/ 951 B
782 B 95ms
95ms Script
application/x-javascript 2a02:26f0:3500:58e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/f03976e3c291/1169b9ef5511/24a1e1a43df7/RC675a195264844b62b977e68003f33a91-source.min.js
Requested by: Host: www.zionsbank.com
URL: https://www.zionsbank.com/etc.clientlibs/zbna-genesis-project/clientlibs/clientlib-dependencies.min.d2f6150e49d7af13d06bee9b2b69237e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 25945b560a34ea14685fa42c64e35dfe491ce47e0e3b8a6170600144dfe4969a

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 08:58:22 GMT
content-encoding: gzip
last-modified: Thu, 05 Sep 2024 20:10:58 GMT
server: AkamaiNetStorage
etag: "4c56951f4e276e8d6f4feaf7967c97ab:1725567058.470044"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.zionsbank.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 523
expires: Mon, 16 Sep 2024 09:58:22 GMT

GET
H2 200 visitor-app.bb4c69d7-ac0acdaa.min.js Show response
libs.salemove.com/ 696 KB
201 KB 24ms
24ms Script
application/javascript 2600:9000:2724:ce00:0:99b9:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://libs.salemove.com/visitor-app.bb4c69d7-ac0acdaa.min.js

Requested by

Host: www.zionsbank.com
URL: https://www.zionsbank.com/etc.clientlibs/zbna-genesis-project/clientlibs/clientlib-dependencies.min.d2f6150e49d7af13d06bee9b2b69237e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:ce00:0:99b9:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2a21481c2aa60db46eba67df3e5b00dc744f9618589523084b1016889c3e14ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 12:59:53 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
via: 1.1 b9b04d42286133992b582a519d8da04e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P12
age: 244710
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 13 Sep 2024 12:34:35 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:136af17534e4c0e1fa5a12e055ab82b3
etag: W/"136af17534e4c0e1fa5a12e055ab82b3"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: tDFs1HC8pxT5KutF2j-wzmodM5O4syH4mw4eypK_2AYEb383DDwzlw==

GET
H2 200 visitor-app.bb4c69d7-ac0acdaa.default.css
libs.salemove.com/ 265 KB
40 KB 21ms
21ms Stylesheet
text/css 2600:9000:2724:ce00:0:99b9:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://libs.salemove.com/visitor-app.bb4c69d7-ac0acdaa.default.css

Requested by

Host: www.zionsbank.com
URL: https://www.zionsbank.com/etc.clientlibs/zbna-genesis-project/clientlibs/clientlib-dependencies.min.d2f6150e49d7af13d06bee9b2b69237e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:ce00:0:99b9:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

39f33500b19e0ab99e4a6514df81b1dea903ca51174545d79afd14492beca27b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 12:59:53 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
via: 1.1 b9b04d42286133992b582a519d8da04e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P12
age: 244710
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 13 Sep 2024 12:34:34 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:918c29b25d7009bdb10eb13502352832
etag: W/"918c29b25d7009bdb10eb13502352832"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: oRH-jeND-AB2dDg4UCvSFc5GjLO93pmhtVBKqY4gWaVLvNB7rjl7uQ==

GET
H2 200 ca622ae8f6864b Show response
api.salemove.com/visitor_app/bb4c69d7-ac0acdaa/sites/1b6c76f8-1936-45f0-a279-dcfc33788ac6/custom_locales/en-us-chat-zbna/ 15 KB
15 KB 76ms
25ms XHR
application/json 2600:9000:2724:dc00:17:4c3f:1b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.salemove.com/visitor_app/bb4c69d7-ac0acdaa/sites/1b6c76f8-1936-45f0-a279-dcfc33788ac6/custom_locales/en-us-chat-zbna/ca622ae8f6864b

Requested by

Host: www.zionsbank.com
URL: https://www.zionsbank.com/etc.clientlibs/zbna-genesis-project/clientlibs/clientlib-dependencies.min.d2f6150e49d7af13d06bee9b2b69237e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:dc00:17:4c3f:1b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f124e8d2095f8e89afc9361929c041765384e0a86dc03439962211b8e3a184c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 13:02:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 43be4ee3b8e339e1d27addbbdc49a4d4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P12
age: 244576
x-cache: Hit from cloudfront
content-length: 14943
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, PATCH, OPTIONS, HEAD, DELETE
content-type: application/json
access-control-allow-origin: https://www.zionsbank.com
access-control-expose-headers
cache-control: public, max-age=31536000
vary: Origin
access-control-allow-headers: Content-Type, Accept, Authorization
x-amz-cf-id: 7qBgmXaiq9_K10sxQdN1TtJyVReCtVJStl5dHWZaES-BlXDdFizP5w==

GET
H2 200 s87619484878838
zionsbancorp.sc.omtrdc.net/b/ss/zionsbancorpglobalprod2017/1/JS-2.22.3-LEWM/ 43 B
344 B 149ms
39ms Image
image/gif 63.140.62.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zionsbancorp.sc.omtrdc.net/b/ss/zionsbancorpglobalprod2017/1/JS-2.22.3-LEWM/s87619484878838?AQB=1&ndh=1&pf=1&t=16%2F8%2F2024%2010%3A58%3A22%201%20-120&mid=29573911582769566302093565757354472976&aamlh=6&ce=UTF-8&pageName=%7Cpersonal%7C-banking%7C%7Chome%7C-loans%7C%7Cfixed%7C-rate%7C-home%7C-loan%7C%7C&g=https%3A%2F%2Fwww.zionsbank.com%2F%2Fpersonal%2F-banking%2F%2Fhome%2F-loans%2F%2Ffixed%2F-rate%2F-home%2F-loan%2F%2F&c.&apl=4.0&getPreviousValue=3.0&getNewRepeat=3.0&getTimeParting=6.3&.c&cc=USD&events=event15&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c2=D%3Dv2&v2=29573911582769566302093565757354472976%7Cmid&c5=D%3Dv5&v5=%7Cpersonal%7C-banking%7C%7Chome%7C-loans%7C%7Cfixed%7C-rate%7C-home%7C-loan%7C%7C&c6=D%3Dv6&v6=zions%20bank%3A%7Cpersonal%7C-banking%7C%7Chome%7C-loans%7C%7Cfixed%7C-rate%7C-home%7C-loan%7C%7C&c7=D%3Dv7&v7=www.zionsbank.com%2F%2Fpersonal%2F-banking%2F%2Fhome%2F-loans%2F%2Ffixed%2F-rate%2F-home%2F-loan%2F%2F&c8=D%3Dv8&v8=https%3A%2F%2Fwww.zionsbank.com%2F%2Fpersonal%2F-banking%2F%2Fhome%2F-loans%2F%2Ffixed%2F-rate%2F-home%2F-loan%2F%2F&c11=19&v11=New&c13=D%3Dv13&v13=year%3D2024%20%7C%20month%3DSeptember%20%7C%20date%3D16%20%7C%20day%3DMonday%20%7C%20time%3D2%3A58%20AM&v15=%2B1&c17=D%3Dv17&c19=D%3Dv19&v19=zions%20bank&c43=VisitorAPI%20Present&v50=public%20website&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=FFE376A8532209960A490D44%40AdobeOrg&AQE=1

Requested by

Host: www.zionsbank.com
URL: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-17.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Sep 2024 08:58:23 GMT
x-content-type-options: nosniff
last-modified: Tue, 17 Sep 2024 08:58:23 GMT
server: jag
etag: 3707581348528947200-4618629506314461275
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 15 Sep 2024 08:58:23 GMT

GET
H2 200 events.js Show response
tags.srv.stackadapt.com/ 22 KB
7 KB 166ms
113ms Script
text/javascript 18.159.33.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: www.zionsbank.com
URL: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.33.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-33-125.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: ac32f23bb704d3d463917d07240777295d4af706118b096acd939d57cd6a1454

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 16 Sep 2024 08:58:23 GMT
cache-control: max-age=5
content-encoding: gzip
content-type: text/javascript

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
58 KB 43ms
20ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.zionsbank.com
URL: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 16 Sep 2024 08:58:22 GMT
document-policy: force-load-at-top
x-fb-server-load: 29
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58953
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=23, mss=1232, tbw=4458, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: ULO+tR74CPflmSXNBCFGoTCXgyGh2HPZRKSdlqNsFuLe7Tk0jXLombwg5woJ8k+skLJWmYf5Z/J1CXXUHckxVg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 308 KB
103 KB 93ms
43ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HQ7Y4FX9XQ

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/f03976e3c291/1169b9ef5511/launch-565392c5c754.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2d6bbc1a3e4a083cab7c20418d61c8e24503a9f64fd76b89edae2612ce210825

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 08:58:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104766
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 16 Sep 2024 08:58:22 GMT

GET
H3 200 709751526601432 Show response
connect.facebook.net/signals/config/ 91 KB
18 KB 271ms
271ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/709751526601432?v=2.9.167&r=stable&domain=www.zionsbank.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2653eec9f9dacaff8e4448738c014a993e8b0703fabf339a4e80687b1d31f48a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 16 Sep 2024 08:58:23 GMT
document-policy: force-load-at-top
x-fb-server-load: 37
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=74, mss=1232, tbw=67160, tp=63, tpl=0, uplat=142, ullat=0
pragma: public
x-fb-debug: HCguiap7pdwynD+AKbE3R9FHzpqyzQyl2Sl4SVouiHEv2qMJIkUy+aa6gBKjuagf978xSmSp96q8Eckp5zGw1Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 s83344296250884
zionsbancorp.sc.omtrdc.net/b/ss/zionsbancorpglobalprod2017/1/JS-2.22.3-LEWM/ 43 B
119 B 36ms
36ms Image
image/gif 63.140.62.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zionsbancorp.sc.omtrdc.net/b/ss/zionsbancorpglobalprod2017/1/JS-2.22.3-LEWM/s83344296250884?AQB=1&ndh=1&pf=1&t=16%2F8%2F2024%2010%3A58%3A22%201%20-120&mid=29573911582769566302093565757354472976&aamlh=6&ce=UTF-8&pageName=%7Cpersonal%7C-banking%7C%7Chome%7C-loans%7C%7Cfixed%7C-rate%7C-home%7C-loan%7C%7C&g=https%3A%2F%2Fwww.zionsbank.com%2F%2Fpersonal%2F-banking%2F%2Fhome%2F-loans%2F%2Ffixed%2F-rate%2F-home%2F-loan%2F%2F&c.&apl=4.0&getPreviousValue=3.0&getNewRepeat=3.0&getTimeParting=6.3&.c&cc=USD&events=event15&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c2=D%3Dv2&v2=29573911582769566302093565757354472976%7Cmid&c5=D%3Dv5&v5=%7Cpersonal%7C-banking%7C%7Chome%7C-loans%7C%7Cfixed%7C-rate%7C-home%7C-loan%7C%7C&c6=D%3Dv6&v6=zions%20bank%3A%7Cpersonal%7C-banking%7C%7Chome%7C-loans%7C%7Cfixed%7C-rate%7C-home%7C-loan%7C%7C&c7=D%3Dv7&v7=www.zionsbank.com%2F%2Fpersonal%2F-banking%2F%2Fhome%2F-loans%2F%2Ffixed%2F-rate%2F-home%2F-loan%2F%2F&c8=D%3Dv8&v8=https%3A%2F%2Fwww.zionsbank.com%2F%2Fpersonal%2F-banking%2F%2Fhome%2F-loans%2F%2Ffixed%2F-rate%2F-home%2F-loan%2F%2F&c9=D%3Dv9&v9=%7Cpersonal%7C-banking%7C%7Chome%7C-loans%7C%7Cfixed%7C-rate%7C-home%7C-loan%7C%7C&v10=highestPercentViewed%3D62%20%7C%20initialPercentViewed%3D62&c11=19&v11=New&c13=D%3Dv13&v13=year%3D2024%20%7C%20month%3DSeptember%20%7C%20date%3D16%20%7C%20day%3DMonday%20%7C%20time%3D2%3A58%20AM&v15=%2B1&c17=D%3Dv17&c19=D%3Dv19&v19=zions%20bank&c43=VisitorAPI%20Present&v50=public%20website&v69=https%3A%2F%2Fwww.zionsbank.com%2F%2Fpersonal%2F-banking%2F%2Fhome%2F-loans%2F%2Ffixed%2F-rate%2F-home%2F-loan%2F%2F&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=FFE376A8532209960A490D44%40AdobeOrg&AQE=1

Requested by

Host: www.zionsbank.com
URL: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-17.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Sep 2024 08:58:23 GMT
x-content-type-options: nosniff
last-modified: Tue, 17 Sep 2024 08:58:23 GMT
server: jag
etag: 3707581349406507008-4618241552147895794
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 15 Sep 2024 08:58:23 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
94 KB 37ms
37ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-590153406&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HQ7Y4FX9XQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2cbd7a0e86178856a2e806eedeb7312bf4f1309af04918a8f37d60dfbec9439b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 08:58:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96099
x-xss-protection: 0
last-modified: Mon, 16 Sep 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 16 Sep 2024 08:58:23 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 49 KB
14 KB 215ms
136ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.zionsbank.com
URL: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

60ed45fe20ede817f77c4e774e77fd9a9a4f4046c67456f1442eac2095918438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 16 Sep 2024 08:58:23 GMT
last-modified: Fri, 06 Sep 2024 21:17:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AB8F10296F2549C3B84E5B3667186773 Ref B: FRA31EDGE0713 Ref C: 2024-09-16T08:58:23Z
etag: "016326a20db1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 14305

GET
H2 200 bat.js Show response
bat.bing.com/ 49 KB
0 174ms
173ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.zionsbank.com
URL: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 60ed45fe20ede817f77c4e774e77fd9a9a4f4046c67456f1442eac2095918438

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 08:58:23 GMT
content-encoding: gzip
last-modified: Fri, 06 Sep 2024 21:17:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AB8F10296F2549C3B84E5B3667186773 Ref B: FRA31EDGE0713 Ref C: 2024-09-16T08:58:23Z
etag: "016326a20db1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 14305

GET
H2 200 sa.css
tags.srv.stackadapt.com/ 65 B
203 B 111ms
111ms Stylesheet
text/css 18.159.33.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: www.zionsbank.com
URL: https://www.zionsbank.com/etc.clientlibs/zbna-genesis-project/clientlibs/clientlib-dependencies.min.d2f6150e49d7af13d06bee9b2b69237e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.33.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-33-125.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: a30bb9458dd13fdc8c80f92b3532fa21dd7b5459a0b48eeea0c3bf71dec1ec93

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 16 Sep 2024 08:58:23 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 65
content-type: text/css

GET
H2 200 sa.jpeg Show response
tags.srv.stackadapt.com/ 0
2 KB 157ms
112ms Fetch
image/jpeg 18.159.33.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.33.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-33-125.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 16 Sep 2024 08:58:23 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 651
content-type: image/jpeg

GET
H2 200 sa.jpeg Show response
tags.srv.stackadapt.com/ 0
0 158ms
158ms Fetch
image/jpeg 18.159.33.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.33.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-33-125.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 16 Sep 2024 08:58:23 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 651
content-type: image/jpeg

GET
H2 200 sa.jpeg Show response
tags.srv.stackadapt.com/ 0
0 159ms
159ms Fetch
image/jpeg 18.159.33.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.33.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-33-125.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 16 Sep 2024 08:58:23 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 651
content-type: image/jpeg

POST
H2 200 keepe-spende-is-Macb-Ile-day-they-a-false-know-a Show response
www.zionsbank.com/ 734 B
913 B 306ms
298ms Fetch
application/json 45.60.233.5
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zionsbank.com/keepe-spende-is-Macb-Ile-day-they-a-false-know-a?d=www.zionsbank.com
Requested by: Host: www.zionsbank.com
URL: https://www.zionsbank.com/keepe-spende-is-Macb-Ile-day-they-a-false-know-a
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.60.233.5 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: bon /
Resource Hash: 7377113c3c74b31ded4241cd1f67b5961046337ba98313ad5c35f3ba8d990700

Request headers

Accept: application/json; charset=utf-8
Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

date: Mon, 16 Sep 2024 08:58:23 GMT
content-encoding: gzip
server: bon
x-cdn: Imperva
content-type: application/json
access-control-allow-origin: *
x-iinfo: 12-474665-474757 PNYN RT(1726477100193 2433) q(0 0 0 -1) r(2 2) U6
cache-control: no-cache, no-store
server-timing: bon, total;dur=198.389102

GET
H2 200 355010388.js Show response
bat.bing.com/p/action/ 370 B
421 B 44ms
44ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/355010388.js

Requested by

Host: www.zionsbank.com
URL: https://www.zionsbank.com/etc.clientlibs/zbna-genesis-project/clientlibs/clientlib-dependencies.min.d2f6150e49d7af13d06bee9b2b69237e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a791796f72eea3c5febcbe84acc17e5e8e434e71036ea481b168dc4f41f12a9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Mon, 16 Sep 2024 08:58:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 01F595BBA45E479D9559C7732EE9E9F4 Ref B: FRA31EDGE0713 Ref C: 2024-09-16T08:58:23Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=1800

POST
H2 204 0
bat.bing.com/actionp/ 0
287 B 42ms
42ms Ping
text/plain 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/actionp/0?ti=355010388&Ver=2&mid=b8888d6d-956f-41c0-b5b9-8c42f56356f8&evt=dedup

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 16 Sep 2024 08:58:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 04C6AB0FEF644FFB86711429AD9D2CFF Ref B: FRA31EDGE0713 Ref C: 2024-09-16T08:58:23Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 saq_pxl Show response
tags.srv.stackadapt.com/ 94 B
289 B 111ms
110ms XHR
text/plain 18.159.33.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=B-gDddMZLMsoVPBPxz1o0g&is_js=true&landing_url=https%3A%2F%2Fwww.zionsbank.com%2F%2Fpersonal%2F-banking%2F%2Fhome%2F-loans%2F%2Ffixed%2F-rate%2F-home%2F-loan%2F%2F&t=404%20Error%20Page&tip=8SLEBQ7sDptL2nYIZHIh02dRi6HzQ7axdvn-gI25fug&host=https%3A%2F%2Fwww.zionsbank.com&sa_conv_data_css_value=%270-a85b802f-86f5-5544-7197-56414755013b%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9a85b802f86f55544719756414755013bd972d783&l_src=&l_src_d=&u_src=&u_src_d=&shop=false&sa-user-id-v3=s%253AAQAKIHA3H2EEmQtKCcneGn8odvHKBl4NWP20rZid3RNg5kptENYBGAQgr-aftwYwAToEED3EAEIErAKKHQ.2cJl2ziCDsphZT0obGtm8lisnPXWVw2RbUhBFOH8UUE&sa-user-id-v2=s%253AqFuAL4b1VURxl1ZBR1UBO9ly14M.NBHHbbL%252F1WEzhB%252FcQWfEG7fSHshc3ZePsRTUji6yEVs&sa-user-id=s%253A0-a85b802f-86f5-5544-7197-56414755013b.IDSYYOUm01kjppRzsngxvGR7KTDsl%252Fky1aI%252F1WzCoBM
Requested by: Host: www.zionsbank.com
URL: https://www.zionsbank.com/etc.clientlibs/zbna-genesis-project/clientlibs/clientlib-dependencies.min.d2f6150e49d7af13d06bee9b2b69237e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.33.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-33-125.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://www.zionsbank.com
date: Mon, 16 Sep 2024 08:58:23 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 94
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8

GET
H2 200 saq_pxl Show response
tags.srv.stackadapt.com/ 94 B
289 B 112ms
111ms XHR
text/plain 18.159.33.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=B-gDddMZLMsoVPBPxz1o0g&is_js=true&landing_url=https%3A%2F%2Fwww.zionsbank.com%2F%2Fpersonal%2F-banking%2F%2Fhome%2F-loans%2F%2Ffixed%2F-rate%2F-home%2F-loan%2F%2F&t=404%20Error%20Page&tip=8SLEBQ7sDptL2nYIZHIh02dRi6HzQ7axdvn-gI25fug&host=https%3A%2F%2Fwww.zionsbank.com&sa_conv_data_css_value=&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9a85b802f86f55544719756414755013bd972d783&l_src=&l_src_d=&u_src=&u_src_d=&shop=false&sa-user-id-v3=s%253AAQAKIHA3H2EEmQtKCcneGn8odvHKBl4NWP20rZid3RNg5kptENYBGAQgr-aftwYwAToEED3EAEIErAKKHQ.2cJl2ziCDsphZT0obGtm8lisnPXWVw2RbUhBFOH8UUE&sa-user-id-v2=s%253AqFuAL4b1VURxl1ZBR1UBO9ly14M.NBHHbbL%252F1WEzhB%252FcQWfEG7fSHshc3ZePsRTUji6yEVs&sa-user-id=s%253A0-a85b802f-86f5-5544-7197-56414755013b.IDSYYOUm01kjppRzsngxvGR7KTDsl%252Fky1aI%252F1WzCoBM
Requested by: Host: www.zionsbank.com
URL: https://www.zionsbank.com/etc.clientlibs/zbna-genesis-project/clientlibs/clientlib-dependencies.min.d2f6150e49d7af13d06bee9b2b69237e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.33.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-33-125.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://www.zionsbank.com
date: Mon, 16 Sep 2024 08:58:23 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 94
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8

GET
H2 200 saq_pxl Show response
tags.srv.stackadapt.com/ 94 B
289 B 226ms
112ms XHR
text/plain 18.159.33.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=B-gDddMZLMsoVPBPxz1o0g&is_js=true&landing_url=https%3A%2F%2Fwww.zionsbank.com%2F%2Fpersonal%2F-banking%2F%2Fhome%2F-loans%2F%2Ffixed%2F-rate%2F-home%2F-loan%2F%2F&t=404%20Error%20Page&tip=8SLEBQ7sDptL2nYIZHIh02dRi6HzQ7axdvn-gI25fug&host=https%3A%2F%2Fwww.zionsbank.com&sa_conv_data_css_value=&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9a85b802f86f55544719756414755013bd972d783&l_src=&l_src_d=&u_src=&u_src_d=&shop=false&sa-user-id-v3=s%253AAQAKIHA3H2EEmQtKCcneGn8odvHKBl4NWP20rZid3RNg5kptENYBGAQgr-aftwYwAToEED3EAEIErAKKHQ.2cJl2ziCDsphZT0obGtm8lisnPXWVw2RbUhBFOH8UUE&sa-user-id-v2=s%253AqFuAL4b1VURxl1ZBR1UBO9ly14M.NBHHbbL%252F1WEzhB%252FcQWfEG7fSHshc3ZePsRTUji6yEVs&sa-user-id=s%253A0-a85b802f-86f5-5544-7197-56414755013b.IDSYYOUm01kjppRzsngxvGR7KTDsl%252Fky1aI%252F1WzCoBM
Requested by: Host: www.zionsbank.com
URL: https://www.zionsbank.com/etc.clientlibs/zbna-genesis-project/clientlibs/clientlib-dependencies.min.d2f6150e49d7af13d06bee9b2b69237e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.33.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-33-125.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://www.zionsbank.com
date: Mon, 16 Sep 2024 08:58:23 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 94
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 57ms
18ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=709751526601432&ev=PageView&dl=https%3A%2F%2Fwww.zionsbank.com&rl=&if=false&ts=1726477103356&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12316&fbp=fb.1.1726477103355.30503459617681297&pm=1&hrl=241e5a&ler=empty&cdl=API_unavailable&it=1726477103055&coo=false&cs_cc=1&ccs=1489496951428657&cas=7384374951657749%2C6445932415513490%2C7147498982046216%2C9463164920421551%2C7438177499599866%2C6721750811269322%2C7357487917698736%2C7916062828427784%2C6751319611549001%2C7817774121600490%2C7546634282025754%2C7630073603681980%2C7355172914561976%2C7069539913097175%2C5154536174648298%2C5895689963816340%2C7582901038431641%2C6842661982453864%2C7494318940659398%2C6732081296917969%2C7407291412659405%2C6906069689430479%2C6626242110774383&rqm=GET

Requested by

Host: www.zionsbank.com
URL: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.zionsbank.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1328, tbw=2805, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 16 Sep 2024 08:58:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 178ms
140ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=709751526601432&ev=PageView&dl=https%3A%2F%2Fwww.zionsbank.com&rl=&if=false&ts=1726477103356&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12316&fbp=fb.1.1726477103355.30503459617681297&pm=1&hrl=241e5a&ler=empty&cdl=API_unavailable&it=1726477103055&coo=false&cs_cc=1&ccs=1489496951428657&cas=7384374951657749%2C6445932415513490%2C7147498982046216%2C9463164920421551%2C7438177499599866%2C6721750811269322%2C7357487917698736%2C7916062828427784%2C6751319611549001%2C7817774121600490%2C7546634282025754%2C7630073603681980%2C7355172914561976%2C7069539913097175%2C5154536174648298%2C5895689963816340%2C7582901038431641%2C6842661982453864%2C7494318940659398%2C6732081296917969%2C7407291412659405%2C6906069689430479%2C6626242110774383&rqm=FGET

Requested by

Host: www.zionsbank.com
URL: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.zionsbank.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x88972af57b1946ed","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["24:5792584794130543","7830:5792584794130543","10853:5792584794130543","41:5792584794130543","8046:5792584794130543"]},"debug_reporting":true,"debug_key":"2056666568617755161"}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Mon, 16 Sep 2024 08:58:23 GMT
x-fb-server-load: 31
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7415162696500317194", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=13, mss=1328, tbw=3123, tp=-1, tpl=-1, uplat=120, ullat=0
pragma: no-cache
x-fb-debug: BTJnyAhyWV041yLGBbXhAIPWZBDf+F14n1LW/lcFZtI/hMVzShlRN8yJlnEkeobofTk3CY6Ec2QZ6G0nW8I0lg==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7415162696500317194"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
122 B 44ms
44ms Image
text/plain 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=355010388&Ver=2&mid=b8888d6d-956f-41c0-b5b9-8c42f56356f8&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=404%20Error%20Page&p=https%3A%2F%2Fwww.zionsbank.com%2F%2Fpersonal%2F-banking%2F%2Fhome%2F-loans%2F%2Ffixed%2F-rate%2F-home%2F-loan%2F%2F&r=&lt=2121&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=977497

Requested by

Host: www.zionsbank.com
URL: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 16 Sep 2024 08:58:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D3EBAB672A724FEF8B15BF3F28BA93FA Ref B: FRA31EDGE0713 Ref C: 2024-09-16T08:58:23Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
122 B 107ms
107ms Image
text/plain 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=355010388&Ver=2&mid=e8c578de-9393-4406-9830-f3b5c41e2e45&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=404%20Error%20Page&p=https%3A%2F%2Fwww.zionsbank.com%2F%2Fpersonal%2F-banking%2F%2Fhome%2F-loans%2F%2Ffixed%2F-rate%2F-home%2F-loan%2F%2F&r=&lt=2121&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=259061

Requested by

Host: www.zionsbank.com
URL: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 16 Sep 2024 08:58:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 52D87DE2D0CF4552B7381A0B8F66842D Ref B: FRA31EDGE0713 Ref C: 2024-09-16T08:58:23Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 92ms
40ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/f03976e3c291/1169b9ef5511/launch-565392c5c754.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8c5b492bce538929f628385e6ce826a1f633fb8b57120754149dc41d75135131

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 08:58:23 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script'
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Mon, 16 Sep 2024 08:58:23 GMT

GET
H2 200 favicon.ico
www.zionsbank.com/etc.clientlibs/zbna-genesis-project/clientlibs/clientlib-site/resources/favicons/zfnb/ 15 KB
24 KB 214ms
213ms Other
image/vnd.microsoft.icon 45.60.233.5
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zionsbank.com/etc.clientlibs/zbna-genesis-project/clientlibs/clientlib-site/resources/favicons/zfnb/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.60.233.5 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

29da3cb217153e55193fddea7ad808bf535bc0f73a8103cb0efea7024795271b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://.zionsbank.com https://.omtrdc.net https://.demdex.net https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.google.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.twilio.com wss://.twilio.com https://.googlesyndication.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://.adobedtm.com https://.doubleclick.net https://connect.facebook.net https://.googletagmanager.com https://.googleadservices.com https://.googleapis.com https://.gstatic.com https://.google.com http://.zionsbank.com https://.zionsbank.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://.linkedin.com https://.bufferapp.com https://.pinterest.com https://.reddit.com https://googleads.g.doubleclick.net https://.pages05.net https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://.doubleclick.net https://.gstatic.com https://.online-metrix.net https://.omtrdc.net https://.demdex.net https://.everesttech.net https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://.issuu.com https://.doubleclick.net https://.demdex.net https://.visa.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.pages05.net https://.brightcove.net https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=8640000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://.zionsbank.com https://.omtrdc.net https://.demdex.net https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.google.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.twilio.com wss://.twilio.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://.adobedtm.com https://.doubleclick.net https://connect.facebook.net https://.googletagmanager.com https://.googleadservices.com https://.googleapis.com https://.gstatic.com https://.google.com http://.zionsbank.com https://.zionsbank.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://.linkedin.com https://.bufferapp.com https://.pinterest.com https://.reddit.com https://googleads.g.doubleclick.net https://.pages05.net https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://.doubleclick.net https://.gstatic.com https://.online-metrix.net https://.omtrdc.net https://.demdex.net https://.everesttech.net https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://.issuu.com https://.doubleclick.net https://.demdex.net https://.visa.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.pages05.net https://.brightcove.net https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-content-security-policy: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
date: Mon, 16 Sep 2024 08:58:23 GMT
content-security-policy: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.googlesyndication.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=8640000;includeSubDomains;preload
x-permitted-cross-domain-policies: none
x-cdn: Imperva
x-iinfo: 12-474665-474760 PNNy RT(1726477100193 2678) q(0 0 0 -1) r(1 1) U24
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 15 Sep 2024 20:22:50 GMT
x-frame-options: SAMEORIGIN
access-control-max-age: 1000
access-control-allow-methods: GET,POST
vary: Host,Accept-Encoding,User-Agent
access-control-allow-origin: https://www.zionsbank.com
content-type: image/vnd.microsoft.icon
cache-control: max-age=86400, public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, CSRF-Token, Accept-Encoding
x-webkit-csp: default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://*.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://*.zionsbank.com https://*.omtrdc.net https://*.demdex.net https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.google.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.twilio.com wss://*.twilio.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://*.adobedtm.com https://*.doubleclick.net https://connect.facebook.net https://*.googletagmanager.com https://*.googleadservices.com https://*.googleapis.com https://*.gstatic.com https://*.google.com http://*.zionsbank.com https://*.zionsbank.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://*.linkedin.com https://*.bufferapp.com https://*.pinterest.com https://*.reddit.com https://googleads.g.doubleclick.net https://*.pages05.net https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.stackadapt.com https://*.licdn.com/ https://*.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://*.doubleclick.net https://*.gstatic.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net https://*.googleapis.com https://*.google.com https://*.cludo.com https://*.sumome.com https://sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.clarity.ms https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com https://*.exacttarget.com https://*.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://*.glia.com https://*.salemove.com wss://*.glia.com wss://*.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://*.zionsbank.com https://*.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://*.issuu.com https://*.doubleclick.net https://*.demdex.net https://*.visa.com https://*.youtube.com https://*.ytimg.com https://*.vimeo.com https://*.pages05.net https://*.brightcove.net https://*.sumome.com https://*.sumo.com https://sumo.com https://*.sndcdn.com https://*.soundcloud.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://*.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://*.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
expires: Wed, 16 Oct 2024 08:58:23 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/e38bb6de/www-widgetapi.vflset/ 31 KB
11 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e38bb6de/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2ba0e8a74340c429355e9260d453136d7b097666415b43f7ffbdce7af607542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 08:46:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 720
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10546
x-xss-protection: 0
last-modified: Tue, 10 Sep 2024 04:17:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 16 Sep 2025 08:46:23 GMT

POST
H/1.1 204
No Content /
client-logger.salemove.com/ 0
0 403ms
114ms Fetch 52.3.14.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://client-logger.salemove.com/

Requested by

Host: libs.salemove.com
URL: https://libs.salemove.com/visitor/bootstrapper-f1db72b75.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.3.14.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-3-14-134.compute-1.amazonaws.com

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
date: Mon, 16 Sep 2024 08:58:25 GMT
server: envoy
vary: Origin
access-control-max-age: 7200
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers
x-envoy-upstream-service-time: 0

GET common.js
maps.googleapis.com/maps-api-v3/api/js/58/4a/intl/de_ALL/ 0
0

GET util.js
maps.googleapis.com/maps-api-v3/api/js/58/4a/intl/de_ALL/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/58/4a/intl/de_ALL/common.js

Domain: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/58/4a/intl/de_ALL/util.js

Verdicts & Comments Add Verdict or Comment

153 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

45 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.zionsbank.com/	1969-12-31 23:59:59	Name: BIGipServeraem.affiliate.com Value: !lAnRZI7KkOF9oFvYfQ6ZfHTydpckBcT6AhDZFsFYz91PX5fFLKc+MIircKS5h/hqf9yCi49JtusEHA==
.zionsbank.com/	1969-12-31 23:59:59	Name: lid Value: c90477ede0794ef7103dad31f0b56b4c
.zionsbank.com/	1970-01-21 08:20:13	Name: plid Value: 7d60d3ed1bb30b2fcbee63eb61518cb1
www.zionsbank.com/	1969-12-31 23:59:59	Name: TS01ee6ffb Value: 0129c692f54f1651c549b1b2db67d7cf1fc901066cfc22d34eec7f47c9f00a774b57c166766831ec63c215e515c4644b65cddd3c56fd4b98cc626b4e0421a263816012e590
.zionsbank.com/	1969-12-31 23:59:59	Name: TS01863d32 Value: 0129c692f5fad05ae32045a8a90e4299178014d036fc22d34eec7f47c9f00a774b57c166763db867f1af5ba537f69916c5d11a2846a2898a521d3c01c306e76c7b3c2e61e5371c6e7d5a516ba87593154bcf1dca32
.zionsbank.com/	1970-01-21 08:20:08	Name: visid_incap_2126375 Value: Ngt1yGQVSPm7E4iy5Siq0izz52YAAAAAQUIPAAAAAABFGadhbp5t+jeBm5+1N9rx
.zionsbank.com/	1969-12-31 23:59:59	Name: nlbi_2126375 Value: GwiWTHyWfys+WhwrA472cAAAAACk0hQQ3M5vhP0qpf4CSSay
.zionsbank.com/	1969-12-31 23:59:59	Name: incap_ses_1463_2126375 Value: FRceXA8c3ykBOjnr5J5NFCzz52YAAAAA7gtQPBlzMU017rAf0diIRg==
.zionsbank.com/	1970-01-21 08:21:39	Name: _vwo_uuid_v2 Value: D928A352226E450E89D575EB8E6F7EC6F\|ba559b6325b8c536e4df2161314d5c3f
.demdex.net/	1970-01-21 03:53:49	Name: demdex Value: 26447657991448362001203319936929438638
.zionsbank.com/	1970-01-21 01:58:37	Name: _vis_opt_s Value: 1%7C
.zionsbank.com/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.zionsbank.com/	1970-01-21 08:20:34	Name: _vwo_uuid Value: D928A352226E450E89D575EB8E6F7EC6F
.zionsbank.com/	1970-01-20 23:34:38	Name: _vwo_sn Value: 0%3A1
.zionsbank.com/	1969-12-31 23:59:59	Name: AMCVS_FFE376A8532209960A490D44%40AdobeOrg Value: 1
api.glia.com/	1970-01-21 08:20:13	Name: visitor_session Value: eyJhbGciOiJFUzI1NiJ9.eyJpYXQiOjE3MjY0NzcxMDIsInZpc2l0b3JfaWQiOiI0YzkxMDg0Ni0xMTUwLTQ0MmUtYjQ1Ny1mZmNhMGEwODNhOWEiLCJpc3MiOiJHbGlhIFNpdGUgVmlzaXRvciBDb25maWciLCJraWQiOiJlMGU3N2U5MS05YjRlLTQ1N2UtYWQ1MS1lMDIyMGUyNmY1ZDkifQ.nkjsBiqe6CswSIlD2E184tCxOCLQZfJlJyU86MZFu_rfpe_06xNfbhi-KFnIClcdZX37Iat1e_HY2Xf52VQKwQ
api.glia.com/	1970-01-21 08:20:13	Name: visitor_session_partitioned Value: eyJhbGciOiJFUzI1NiJ9.eyJpYXQiOjE3MjY0NzcxMDIsInZpc2l0b3JfaWQiOiI0YzkxMDg0Ni0xMTUwLTQ0MmUtYjQ1Ny1mZmNhMGEwODNhOWEiLCJpc3MiOiJHbGlhIFNpdGUgVmlzaXRvciBDb25maWciLCJraWQiOiJlMGU3N2U5MS05YjRlLTQ1N2UtYWQ1MS1lMDIyMGUyNmY1ZDkifQ.nkjsBiqe6CswSIlD2E184tCxOCLQZfJlJyU86MZFu_rfpe_06xNfbhi-KFnIClcdZX37Iat1e_HY2Xf52VQKwQ
.zionsbank.com/	1970-01-21 01:44:13	Name: _vwo_ds Value: 3%3At_0%2Ca_0%3A0%241726477101%3A24.46062191%3A%3A%3A65_0%2C1_0%3A0
.dpm.demdex.net/	1970-01-21 03:53:49	Name: dpm Value: 26447657991448362001203319936929438638
.zionsbank.com/	1970-01-21 09:10:37	Name: AMCV_FFE376A8532209960A490D44%40AdobeOrg Value: 179643557%7CMCIDTS%7C19983%7CMCMID%7C29573911582769566302093565757354472976%7CMCAAMLH-1727081902%7C6%7CMCAAMB-1727081902%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1726484302s%7CNONE%7CMCSYNCSOP%7C411-19990%7CvVersion%7C5.5.0
.zionsbank.com/	1969-12-31 23:59:59	Name: s_ips Value: 1200
.zionsbank.com/	1969-12-31 23:59:59	Name: s_tp Value: 1933
.zionsbank.com/	1969-12-31 23:59:59	Name: s_ppv Value: %257Cpersonal%257C-banking%257C%257Chome%257C-loans%257C%257Cfixed%257C-rate%257C-home%257C-loan%257C%257C%2C62%2C62%2C1200%2C1%2C1
.zionsbank.com/	1970-01-20 23:34:38	Name: gpv_URL Value: https%3A%2F%2Fwww.zionsbank.com%2F%2Fpersonal%2F-banking%2F%2Fhome%2F-loans%2F%2Ffixed%2F-rate%2F-home%2F-loan%2F%2F
.zionsbank.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.zionsbank.com/	1970-01-21 00:17:49	Name: s_nr30 Value: 1726477102900-New
tags.srv.stackadapt.com/	1970-01-21 08:20:13	Name: sa-user-id Value: s%3A0-a85b802f-86f5-5544-7197-56414755013b.IDSYYOUm01kjppRzsngxvGR7KTDsl%2Fky1aI%2F1WzCoBM
.srv.stackadapt.com/	1970-01-21 08:20:13	Name: sa-user-id Value: s%3A0-a85b802f-86f5-5544-7197-56414755013b.IDSYYOUm01kjppRzsngxvGR7KTDsl%2Fky1aI%2F1WzCoBM
tags.srv.stackadapt.com/	1970-01-21 08:20:13	Name: sa-user-id-v2 Value: s%3AqFuAL4b1VURxl1ZBR1UBO9ly14M.NBHHbbL%2F1WEzhB%2FcQWfEG7fSHshc3ZePsRTUji6yEVs
.srv.stackadapt.com/	1970-01-21 08:20:13	Name: sa-user-id-v2 Value: s%3AqFuAL4b1VURxl1ZBR1UBO9ly14M.NBHHbbL%2F1WEzhB%2FcQWfEG7fSHshc3ZePsRTUji6yEVs
tags.srv.stackadapt.com/	1970-01-21 08:20:13	Name: sa-user-id-v3 Value: s%3AAQAKIHA3H2EEmQtKCcneGn8odvHKBl4NWP20rZid3RNg5kptENYBGAQgr-aftwYwAToEED3EAEIErAKKHQ.2cJl2ziCDsphZT0obGtm8lisnPXWVw2RbUhBFOH8UUE
.srv.stackadapt.com/	1970-01-21 08:20:13	Name: sa-user-id-v3 Value: s%3AAQAKIHA3H2EEmQtKCcneGn8odvHKBl4NWP20rZid3RNg5kptENYBGAQgr-aftwYwAToEED3EAEIErAKKHQ.2cJl2ziCDsphZT0obGtm8lisnPXWVw2RbUhBFOH8UUE
.zionsbank.com/	1970-01-21 09:10:37	Name: _ga_HQ7Y4FX9XQ Value: GS1.1.1726477103.1.0.1726477103.0.0.0
.zionsbank.com/	1970-01-21 09:10:37	Name: _ga Value: GA1.1.1957121482.1726477103
www.zionsbank.com/	1970-01-21 08:20:13	Name: sa-user-id Value: s%253A0-a85b802f-86f5-5544-7197-56414755013b.IDSYYOUm01kjppRzsngxvGR7KTDsl%252Fky1aI%252F1WzCoBM
www.zionsbank.com/	1970-01-21 08:20:13	Name: sa-user-id-v2 Value: s%253AqFuAL4b1VURxl1ZBR1UBO9ly14M.NBHHbbL%252F1WEzhB%252FcQWfEG7fSHshc3ZePsRTUji6yEVs
www.zionsbank.com/	1970-01-21 08:20:13	Name: sa-user-id-v3 Value: s%253AAQAKIHA3H2EEmQtKCcneGn8odvHKBl4NWP20rZid3RNg5kptENYBGAQgr-aftwYwAToEED3EAEIErAKKHQ.2cJl2ziCDsphZT0obGtm8lisnPXWVw2RbUhBFOH8UUE
.zionsbank.com/	1970-01-21 01:44:13	Name: _gcl_au Value: 1.1.1653520358.1726477103
.bing.com/	1970-01-21 08:56:13	Name: MUID Value: 1B1116A9FB196C83271D0255FAB56D77
.zionsbank.com/	1970-01-21 01:44:13	Name: _fbp Value: fb.1.1726477103355.30503459617681297
.zionsbank.com/	1969-12-31 23:59:59	Name: nlbi_2126375_2147483392 Value: KPA8MsyHgAt8yjnmA472cAAAAABoCe81D51ASY1l4pRxRDIm
.zionsbank.com/	1970-01-21 00:17:49	Name: reese84 Value: 3:vnffs2Dp7jga9/DUh/jqDw==:q5i72PWdeKNZW9bn7mP1QV3rxulXx72O1II3mpTxIBfa82AzfDr+9LFbAkDknx4tJzSyvAFjBjB0l2Z8CgxddPlbIJYiJ72FU/sVV8V2rwQUpiIB4g/7yovNTs3rSjG/5EPskONEa59YMzfgbuh0whs4KE3q4vf/5tvDHDNbJnu+WhYOyb+wxtb89toIkv2bGX+ZKxLaN6fv+OIwQ8kJuVb1kbivu61H9gunE0y1LvfDx2GCvMEib22edWA2g8rgwbYlVSAFfm/dLKOEWp3VXu6AFZAK3vwl12OC+OwPiUk4up97LvtZrwVMX/DjT8AJ+9JSHzrjco8xHX8CIflwegHgqMbuFQEyS8mq3y6ubjmhKQMqo9S/8pUTVVjOlWYEHXzTYSWA/6BCc89Qcn65IrUlEQWF0ikYsE9IP3X2SW/AAwnf3MsmyYkcy9S+NLpmfSrgk/hWP65/m2suevrBdJ8sXWxFAg1xFWpdSFnWeWxHVt4Oql3m2/Lg30sBDUNZKct0c34ybcsE946QeKiU/PwmtzF37O65O6AhzpkE9Jqp5pwlgqMF33TlP3Ivgo2aluslFJgtGCUwWeNX9/2YAg==:h13LZ7uIhROFuGrlhQeABurRRcgOfATbm6KSspGSSgY=
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: LjKGKKOyhqw
.youtube.com/	1970-01-21 03:53:49	Name: VISITOR_INFO1_LIVE Value: NJpucY-ODOM
.youtube.com/	1970-01-21 03:53:49	Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgNA%3D%3D

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan// Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://www.zionsbank.com//personal/-banking//home/-loans//fixed/-rate/-home/-loan// Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression ''unsafe-eval''
security	error	URL: https://assets.adobedtm.com/f03976e3c291/1169b9ef5511/launch-565392c5c754.min.js(Line 3) Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression ''unsafe-eval''
security	error	URL: https://www.zionsbank.com/keepe-spende-is-Macb-Ile-day-they-a-false-know-a Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression ''unsafe-eval''
security	error	URL: https://www.zionsbank.com/keepe-spende-is-Macb-Ile-day-they-a-false-know-a Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression ''unsafe-eval''
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-HQ7Y4FX9XQ(Line 207) Message: Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-HQ7Y4FX9XQ&gtm=45je4990v9131039118za200&_p=1726477103067&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1957121482.1726477103&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1726477103&sct=1&seg=0&dl=https%3A%2F%2Fwww.zionsbank.com%2F%2Fpersonal%2F-banking%2F%2Fhome%2F-loans%2F%2Ffixed%2F-rate%2F-home%2F-loan%2F%2F&dt=404%20Error%20Page&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2340' because it violates the following Content Security Policy directive: "connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://.zionsbank.com https://.omtrdc.net https://.demdex.net https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.google.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.twilio.com wss://.twilio.com https://.googlesyndication.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'".
javascript	error	URL: https://www.googletagmanager.com/gtag/js?id=G-HQ7Y4FX9XQ(Line 207) Message: Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-HQ7Y4FX9XQ&gtm=45je4990v9131039118za200&_p=1726477103067&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1957121482.1726477103&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1726477103&sct=1&seg=0&dl=https%3A%2F%2Fwww.zionsbank.com%2F%2Fpersonal%2F-banking%2F%2Fhome%2F-loans%2F%2Ffixed%2F-rate%2F-home%2F-loan%2F%2F&dt=404%20Error%20Page&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2340' because it violates the document's Content Security Policy.
security	error	URL: https://www.zionsbank.com/keepe-spende-is-Macb-Ile-day-they-a-false-know-a Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression ''unsafe-eval''
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-HQ7Y4FX9XQ(Line 207) Message: Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-HQ7Y4FX9XQ&gtm=45je4990v9131039118za200&_p=1726477103067&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1957121482.1726477103&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1726477103&sct=1&seg=0&dl=https%3A%2F%2Fwww.zionsbank.com%2F%2Fpersonal%2F-banking%2F%2Fhome%2F-loans%2F%2Ffixed%2F-rate%2F-home%2F-loan%2F%2F&dt=404%20Error%20Page&en=user_engagement&_et=4755&tfd=7098' because it violates the following Content Security Policy directive: "connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://.zionsbank.com https://.omtrdc.net https://.demdex.net https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.google.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.twilio.com wss://.twilio.com https://.googlesyndication.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'".
javascript	error	URL: https://www.googletagmanager.com/gtag/js?id=G-HQ7Y4FX9XQ(Line 207) Message: Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-HQ7Y4FX9XQ&gtm=45je4990v9131039118za200&_p=1726477103067&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1957121482.1726477103&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1726477103&sct=1&seg=0&dl=https%3A%2F%2Fwww.zionsbank.com%2F%2Fpersonal%2F-banking%2F%2Fhome%2F-loans%2F%2Ffixed%2F-rate%2F-home%2F-loan%2F%2F&dt=404%20Error%20Page&en=user_engagement&_et=4755&tfd=7098' because it violates the document's Content Security Policy.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://.zionsbank.com https://.omtrdc.net https://.demdex.net https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.google.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.twilio.com wss://.twilio.com https://.googlesyndication.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://.adobedtm.com https://.doubleclick.net https://connect.facebook.net https://.googletagmanager.com https://.googleadservices.com https://.googleapis.com https://.gstatic.com https://.google.com http://.zionsbank.com https://.zionsbank.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://.linkedin.com https://.bufferapp.com https://.pinterest.com https://.reddit.com https://googleads.g.doubleclick.net https://.pages05.net https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://.doubleclick.net https://.gstatic.com https://.online-metrix.net https://.omtrdc.net https://.demdex.net https://.everesttech.net https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://.issuu.com https://.doubleclick.net https://.demdex.net https://.visa.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.pages05.net https://.brightcove.net https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://*.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=8640000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; connect-src 'self' data: 'unsafe-inline' https://maps.googleapis.com https://bat.bing.com https://.adobedtm.com https://apiextintg.zionsbancorp.com https://apiext.zionsbancorp.com https://securepubapiextintg.zionsbancorp.com https://securepubapiext.zionsbancorp.com https://.zionsbank.com https://.omtrdc.net https://.demdex.net https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.google.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://zionsbancorp.sc.omtrdc.net https://www.google-analytics.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.twilio.com wss://.twilio.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://bat.bing.com https://.adobedtm.com https://.doubleclick.net https://connect.facebook.net https://.googletagmanager.com https://.googleadservices.com https://.googleapis.com https://.gstatic.com https://.google.com http://.zionsbank.com https://.zionsbank.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; object-src 'self' data: 'unsafe-inline' https://.linkedin.com https://.bufferapp.com https://.pinterest.com https://.reddit.com https://googleads.g.doubleclick.net https://.pages05.net https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.stackadapt.com https://.licdn.com/ https://.linkedin.com/ 'unsafe-eval'; img-src 'self' blob: data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://www.google-analytics.com https://bat.bing.com https://px.ads.linkedin.com https://p.adsymptotic.com https://www.facebook.com https://.doubleclick.net https://.gstatic.com https://.online-metrix.net https://.omtrdc.net https://.demdex.net https://.everesttech.net https://.googleapis.com https://.google.com https://.cludo.com https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.clarity.ms https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com https://.exacttarget.com https://.stackadapt.com 'unsafe-eval'; media-src 'self' data: 'unsafe-inline' https://.glia.com https://.salemove.com wss://.glia.com wss://.salemove.com 'unsafe-eval'; frame-src 'self' data: 'unsafe-inline' http://.zionsbank.com https://.zionsbank.com http://w3.zionsbank.com https://w3.zionsbank.com https://.issuu.com https://.doubleclick.net https://.demdex.net https://.visa.com https://.youtube.com https://.ytimg.com https://.vimeo.com https://.pages05.net https://.brightcove.net https://.sumome.com https://sumome.com https://.sumo.com https://sumo.com https://.sndcdn.com https://.soundcloud.com https://.visualwebsiteoptimizer.com https://app.vwo.com https://outlook.office365.com https://.online-metrix.net https://zions--innovate1.my.salesforce.com/lightning/lightning.out.js; frame-ancestors 'self' https://banking.zionsbank.com https://.sndcdn.com 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.gstatic.com https://.visualwebsiteoptimizer.com https://app.vwo.com 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.glia.com
api.salemove.com
assets.adobedtm.com
bat.bing.com
client-logger.salemove.com
cm.everesttech.net
connect.facebook.net
customer.cludo.com
dev.visualwebsiteoptimizer.com
dpm.demdex.net
libs.salemove.com
maps.googleapis.com
tags.srv.stackadapt.com
www.facebook.com
www.googletagmanager.com
www.youtube.com
www.zionsbank.com
zionsbancorp.demdex.net
zionsbancorp.sc.omtrdc.net
maps.googleapis.com
18.159.33.125
2600:9000:2724:cc00:17:4c3f:1b80:93a1
2600:9000:2724:ce00:0:99b9:cd80:93a1
2600:9000:2724:dc00:17:4c3f:1b80:93a1
2606:4700:10::ac43:1b98
2620:1ec:33:1::10
2a00:1450:4001:800::200e
2a00:1450:4001:803::200a
2a00:1450:4001:80b::2008
2a02:26f0:3500:58e::1e80
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
34.251.32.89
34.96.102.137
45.60.233.5
52.3.14.134
52.31.141.178
63.140.62.17
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4
09b67475f266dbf552159ca9f6b44d9dc3ea04842b2bd6e8b09d74f6b21897d0
0b334979ae1bb352fc41d96f91ec65b81545da6aabe1fa81442c03a7f9fb4281
0e74d6b9ee19e5d700f3696e7c6cf4b05de0ee85815cff1c04c709e544e461c8
1ad7c785bbb1a6a66f448b8d66416e8853e94b852590435cef08fb2d9f0766d9
1db657f4d32c323004aa76f9f2390918c3543d39ff4c2672d2f0469a45c810de
235413704e98b8102f476dd2ed4b6cd2bfc8687f6126b000aba8fc88de16791f
2409dee53e7ac598962fbd2257e654407ebb168f9f78a79035a079eba43fcf93
25945b560a34ea14685fa42c64e35dfe491ce47e0e3b8a6170600144dfe4969a
2653eec9f9dacaff8e4448738c014a993e8b0703fabf339a4e80687b1d31f48a
29da3cb217153e55193fddea7ad808bf535bc0f73a8103cb0efea7024795271b
2a21481c2aa60db46eba67df3e5b00dc744f9618589523084b1016889c3e14ef
2cbd7a0e86178856a2e806eedeb7312bf4f1309af04918a8f37d60dfbec9439b
2d6bbc1a3e4a083cab7c20418d61c8e24503a9f64fd76b89edae2612ce210825
30a10b1f050e5c8783c3cb59cf246f3e5d93ed76dd5c3f0ada5d1d4b5dbd855b
32707cec1ea6e26a901aba39fda2e14e6f8bf98bbc75970de13eeef540cf5fb1
34a8d4f240f1b7a01d0472d5367e1bc57e17f70a12a91aae37dcac3b33b24732
3611fef7024f6f151f4696cbc4e8b1bb2bd2a4a8c9d7793d09a244868b1b9276
39f33500b19e0ab99e4a6514df81b1dea903ca51174545d79afd14492beca27b
3ab05486da5989547c6a4db91448b343aa0eeb6534426fa5609bc256fc7776d0
3b3a634718b3b97945f8dc98726a805b22915b41bc19ca6331bf011b399f8339
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4668a0bc4157d8413e79c5ac1e43c57afd2ccbe1253c2289a6ef2cc38bc33082
476e4ae973d5cb0aa6d213237f836b0a4c8ca8d2f067e53f024ddcadbdd9b992
52e9280a9f47b8afb1a9adb658119801d05464d9641297ff5219da4ecd2df0b0
54f7da9ae71a2ccc12781983a7bfa0f0979570daea6831295ccef84b92333850
5539be3e62f7a9a26d2aa473bc993c4b3c989403ec5cef70cdae500b2d2a0a46
58296e8115fdd9df3a2174baed5491c43c9e6de1d2610bc61e94b61b45778db7
5abace525d6e352c1bbfe8f6160299315a53243d0287b5105a0609b59493f56b
5d6fda201f776dfc29ae601055f49fca3a14ce64e4efd88c62e47777cad1a34d
6030a443a46d7e8de2cc2efba123fd201076c1a1a4581c141363178d206a9fa0
60ed45fe20ede817f77c4e774e77fd9a9a4f4046c67456f1442eac2095918438
7377113c3c74b31ded4241cd1f67b5961046337ba98313ad5c35f3ba8d990700
7d8b480f7848c2dca649a136ec3ef84f719254aa8a5d903fc19e6560ffff9ae1
81f1d413b0a3966b23188ce87fdd3c25059f8c548b2f9603b1eabd2df9938ae2
832dbd199f70ade357e88a3f5d32920c8c63e69258dc173d3b261686320895db
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
882918765ff26ff068a3188689dea861427ddb2d25755ad2604225b6eb3c45bc
8a88f677a660e8ddc612b6153bc4386dd9f8846bed7ba66cba656baff77345aa
8b2b46802959dd06e74f1032a458794262d7da46be4395cbac2ea3b107479c8e
8c5b492bce538929f628385e6ce826a1f633fb8b57120754149dc41d75135131
976ba375fd58531594f57a4546e3f36bfc83148b96b76e62b317c466a445eb25
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a30bb9458dd13fdc8c80f92b3532fa21dd7b5459a0b48eeea0c3bf71dec1ec93
a39fda84d9a110d7deecae1b8926b1ac860dd1c76f79e14b3a0d740c315c58c6
a791796f72eea3c5febcbe84acc17e5e8e434e71036ea481b168dc4f41f12a9c
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac32f23bb704d3d463917d07240777295d4af706118b096acd939d57cd6a1454
ae81d49199e6ccb41d1c115f3cbe5301e3588623da83f676d2deac0a14ccfcd0
b39262135ebb65249c4eeb26584c797c5782c95cb1d8a1527ab2d931578a407a
c454ff45a28465418139e17e86bf10b13ff10f82b833ec1ae84463ae28aa981c
c5886c5b2f5c63a89b06611d65ed05681a10c2c8331089bbc7725c82494e0a54
c781eb0739f9b8271cf36eb9f7c8dcd1b1a2c87b596e0b4842883aa297eae7a4
c9bf4d44a09f933dc53ac996dd1ce4acfef8d40dfd2e2a340b8f46c263e64f73
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d276346bb2b73fe8c0ce628ed53e9d09b132db0f91c1433b3e70c40ca7b45262
d2ba0e8a74340c429355e9260d453136d7b097666415b43f7ffbdce7af607542
d973c1373112e20334fec56f544d0c7386e02c06a9c4bd7a1564afec2e4bdb44
da50fa4979e673845de88d3488c299756ada9f9e34e5e114b26a15df275e992b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e58d8b17e9b8deddbc935bccecb97a5dd45009a85c41c5993d131ddb9b4f9df8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f124e8d2095f8e89afc9361929c041765384e0a86dc03439962211b8e3a184c8
f439d9cb97b0843436a0b72a0a8304da28c61db10729689e2904ae8417122c80
f9d828969777397ac88e21a5f77d57788513d19347efd79f1e120cdbb910a652

www.zionsbank.com Open in urlscan Pro 45.60.233.5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

80 Requests

96 %HTTPS

61 %IPv6

16 Domains

19 Subdomains

18 IPs

3 Countries

2737 kBTransfer

7245 kBSize

45 Cookies

9 Outgoing links

Page URL History

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.zionsbank.com Open in urlscan Pro
45.60.233.5 Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

96 %
HTTPS

61 %
IPv6

16
Domains

19
Subdomains

18
IPs

3
Countries

2737 kB
Transfer

7245 kB
Size

45
Cookies

80 HTTP transactions
1 data transactions