firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 02 Sep 2022 19:13:51 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bI2PQJDttCEEHwg-GivMYeqA__93t6gAP7S80j1D3DrLIGvcDLb8TA==
Age: 2411
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bcdebf7a2bad5db595e8a0c1abb2ddcb
249dda2fa5e37b8a8f3a8c797193bf0874b6eedc
9b43ec48b16f96449208a0094c4d660806a2a2d344b5862dbff4c393bf3f9f9f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B43EC48B16F96449208A0094C4D660806A2A2D344B5862DBFF4C393BF3F9F9F"
Last-Modified: Thu, 01 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20202
Expires: Sat, 03 Sep 2022 01:30:44 GMT
Date: Fri, 02 Sep 2022 19:54:02 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 02 Sep 2022 01:15:17 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2BgD-BWr-6vtXj4154ZEP8mi5u3gU8l6zkekKiB1B94oFb8NtxkUFQ==
age: 67125
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 19:54:02 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.usertrust.com/
200 OK 2.2 kB IP
Hash 1785a45fa7343bb87e046213bf7f3f97
79c569e62a6f193baf70ea7c5ddd763db31d4934
b9fc387d491b83fc3e79a9647afecf8ba9b623c8ef39e83adbe83d5ee1e9905d
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 19:54:02 GMT
Content-Type: application/ocsp-response
Content-Length: 2236
Connection: keep-alive
Last-Modified: Wed, 31 Aug 2022 10:12:16 GMT
Expires: Wed, 07 Sep 2022 10:12:15 GMT
Etag: "79c569e62a6f193baf70ea7c5ddd763db31d4934"
Cache-Control: max-age=602439,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 482
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7448cb95fbb5fac4-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Fri, 02 Sep 2022 19:38:16 GMT
Expires: Fri, 02 Sep 2022 20:15:59 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: G1TolaAFFr5Lu64tCDRaUUjFd7mEyzAealwFXrj0t9gmRIRuxWQVSw==
Age: 946
ocsp.sectigo.com/
200 OK 472 B IP
Hash 8ff3e923cde43adf85cf00215e5786c5
88fe48849947bbf9a0edf16744a358efef58efb2
730a54afc224cf7e561ade3333b0dbf92afaaa39a472d322ac00953cb281f6cc
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 19:54:02 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 02 Sep 2022 09:57:51 GMT
Expires: Fri, 09 Sep 2022 09:57:50 GMT
Etag: "88fe48849947bbf9a0edf16744a358efef58efb2"
Cache-Control: max-age=568427,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7448cb961fb6fabc-OSL
ocsp.digicert.com/
200 OK 471 B IP
Hash 21daf45cdda2eb462873226bb5c1f0fb
4d4621bbf1461f35f7e536c1dbd9de71978ffa23
8164c742d013bdc2836cac1167acfe482547347ab6a1daefa15475f694dae057
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5907
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 19:54:02 GMT
Last-Modified: Fri, 02 Sep 2022 18:15:35 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
ocsp.usertrust.com/
200 OK 2.2 kB IP
Hash 1785a45fa7343bb87e046213bf7f3f97
79c569e62a6f193baf70ea7c5ddd763db31d4934
b9fc387d491b83fc3e79a9647afecf8ba9b623c8ef39e83adbe83d5ee1e9905d
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 19:54:03 GMT
Content-Type: application/ocsp-response
Content-Length: 2236
Connection: keep-alive
Last-Modified: Wed, 31 Aug 2022 10:12:16 GMT
Expires: Wed, 07 Sep 2022 10:12:15 GMT
Etag: "79c569e62a6f193baf70ea7c5ddd763db31d4934"
Cache-Control: max-age=602439,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 483
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7448cb99de50fac4-OSL
ocsp.sectigo.com/
200 OK 472 B IP
Hash 9a8a58bdd9fb34d7df6e7eb6fa45d19f
834997858dd51819ffc44f43826e0ba7e50a25f2
2f273c49050bcab27bfecdaac60e74048469e6aeb71791b9fc0c341831b8aa3c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 19:54:03 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 30 Aug 2022 17:23:25 GMT
Expires: Tue, 06 Sep 2022 17:23:24 GMT
Etag: "834997858dd51819ffc44f43826e0ba7e50a25f2"
Cache-Control: max-age=335960,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7448cb99ea57fabc-OSL
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: r2GfH3zWzhLzEV8roo/38g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: CAqgN2HXaIIcCVzEEIGuX2uXug4=
www.regions.com/MLO/stephanburton
301 Moved Permanently 0 B URL HTTP/1.1 www.regions.com/MLO/stephanburton
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /MLO/stephanburton HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Location: /locator/mlo/mortgage-loan-officer-Stephan-Burton-Tampa
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Date: Fri, 02 Sep 2022 19:54:02 GMT
Content-Length: 0
Set-Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660;path=/;httponly
Strict-Transport-Security: max-age=157680000
www.regions.com/locator/mlo/mortgage-loan-officer-Stephan-Burton-Tampa
302 Found 194 B URL HTTP/1.1 www.regions.com/locator/mlo/mortgage-loan-officer-Stephan-Burton-Tampa
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 83d6362ef142bca09530b15c7979985b
6c8714a4f4ffc12c1f2d8938e13c412de2d4e2d3
325739d6753e78f88a7a72fec12d494252e53afd103a79d3c7d4eca78a1fee26
GET /locator/mlo/mortgage-loan-officer-Stephan-Burton-Tampa HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Location: http://www.regions.com/locator/mlo/mortgage-loan-officer-stephan-burton-tampa
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Date: Fri, 02 Sep 2022 19:54:02 GMT
Content-Length: 194
Strict-Transport-Security: max-age=157680000
www.regions.com/locator/mlo/mortgage-loan-officer-stephan-burton-tampa
200 OK 17 kB URL HTTP/1.1 www.regions.com/locator/mlo/mortgage-loan-officer-stephan-burton-tampa
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (357), with CRLF, LF line terminators
Hash f59f1070fb854aac127c17dc581f6299
aeb12a5d6091feaf7026348e9d70a93b623f9924
8c63a7d6a9b6c60b53ef38a3332f66616ad16a153bf10e6577ea90c382185a54
GET /locator/mlo/mortgage-loan-officer-stephan-burton-tampa HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: br
Vary: Accept-Encoding
Set-Cookie: ASP.NET_SessionId=rlli5xz2gby02idx41r3kikq; path=/; HttpOnly; SameSite=Lax
SC_ANALYTICS_GLOBAL_COOKIE=1eb3dce625c044ca91ec010e32f44c35|False; expires=Mon, 30-Aug-2032 19:54:03 GMT; path=/; HttpOnly
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Date: Fri, 02 Sep 2022 19:54:02 GMT
Content-Length: 17126
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/fonts/source-sans-pro-300-webfont.woff2
200 OK 13 kB URL HTTP/1.1 www.regions.com/rdcresources/content/fonts/source-sans-pro-300-webfont.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 12936, version 1.0\012- data
Hash 6d4b2348a4f8f255a2bfd1ab35e30618
72a7e20b49379ccab237d004a3506e22b3b7934b
0d14a3a656216743eb1e133b5af93d6eaa98c6260b411a01894323e62166f80f
GET /rdcresources/content/fonts/source-sans-pro-300-webfont.woff2 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-stephan-burton-tampa
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=rlli5xz2gby02idx41r3kikq; SC_ANALYTICS_GLOBAL_COOKIE=1eb3dce625c044ca91ec010e32f44c35|False
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 743517
Date: Thu, 25 Aug 2022 05:22:05 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "d0bfec283195d81:0"
Content-Type: font/woff2
Last-Modified: Mon, 11 Jul 2022 14:18:57 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 12936
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/fonts/source-sans-pro-regular-webfont.woff2
200 OK 13 kB URL HTTP/1.1 www.regions.com/rdcresources/content/fonts/source-sans-pro-regular-webfont.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 13080, version 1.0\012- data
Hash 834648c5f6f2f73c3df33def9348d879
7385e4868c41fb1e4ba48503a16235ddb8cd8a6c
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
GET /rdcresources/content/fonts/source-sans-pro-regular-webfont.woff2 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-stephan-burton-tampa
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=rlli5xz2gby02idx41r3kikq; SC_ANALYTICS_GLOBAL_COOKIE=1eb3dce625c044ca91ec010e32f44c35|False
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 743517
Date: Thu, 25 Aug 2022 05:22:05 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "c0affd283195d81:0"
Content-Type: font/woff2
Last-Modified: Mon, 11 Jul 2022 14:18:58 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 13080
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/fonts/source-sans-pro-600-webfont.woff2
200 OK 13 kB URL HTTP/1.1 www.regions.com/rdcresources/content/fonts/source-sans-pro-600-webfont.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 13072, version 1.0\012- data
Hash 595d5c1e2d877c3a50a77158e977ede4
0564953f05d57246c240796c5ba2bbec8c8ba93c
72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652
GET /rdcresources/content/fonts/source-sans-pro-600-webfont.woff2 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-stephan-burton-tampa
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=rlli5xz2gby02idx41r3kikq; SC_ANALYTICS_GLOBAL_COOKIE=1eb3dce625c044ca91ec010e32f44c35|False
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 743517
Date: Thu, 25 Aug 2022 05:22:05 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "301bf0283195d81:0"
Content-Type: font/woff2
Last-Modified: Mon, 11 Jul 2022 14:18:58 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 13072
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/fonts/source-sans-pro-300italic-webfont.woff2
200 OK 13 kB URL HTTP/1.1 www.regions.com/rdcresources/content/fonts/source-sans-pro-300italic-webfont.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 12592, version 1.0\012- data
Hash 48e38952d86d1b849b4e7e79c109a116
d8c9466e811876438d3e1d900943e3fa3d9625c1
0007bd27c6755494aa1b4fdebf9f019db02b59e5f02222148e136c75ccef026e
GET /rdcresources/content/fonts/source-sans-pro-300italic-webfont.woff2 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-stephan-burton-tampa
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=rlli5xz2gby02idx41r3kikq; SC_ANALYTICS_GLOBAL_COOKIE=1eb3dce625c044ca91ec010e32f44c35|False
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 743475
Date: Thu, 25 Aug 2022 05:22:47 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "90e7f5283195d81:0"
Content-Type: font/woff2
Last-Modified: Mon, 11 Jul 2022 14:18:58 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 12592
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/fonts/source-sans-pro-italic-webfont.woff2
200 OK 13 kB URL HTTP/1.1 www.regions.com/rdcresources/content/fonts/source-sans-pro-italic-webfont.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 12580, version 1.0\012- data
Hash 0408305af8e45ff50aa09d3d3732fc01
3ff33e34998c68f480305e1d91adcd1ed8a2a7ee
6b49f18370ab654be0367fb969d5015649fdf5406bcbec33e5b0644f4bb7fe0a
GET /rdcresources/content/fonts/source-sans-pro-italic-webfont.woff2 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-stephan-burton-tampa
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=rlli5xz2gby02idx41r3kikq; SC_ANALYTICS_GLOBAL_COOKIE=1eb3dce625c044ca91ec010e32f44c35|False
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 743517
Date: Thu, 25 Aug 2022 05:22:05 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "40efe8283195d81:0"
Content-Type: font/woff2
Last-Modified: Mon, 11 Jul 2022 14:18:57 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 12580
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/fonts/droidserif-regular-webfont.woff2
200 OK 25 kB URL HTTP/1.1 www.regions.com/rdcresources/content/fonts/droidserif-regular-webfont.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 25180, version 1.0\012- data
Hash ed97ad0179a7e320488aabe236a03029
4d605ccfe533eb243f6c3ca403785960d8b5cff9
3913c00225825b9de4b6f6f292d6222b4328c5e8ae85bbe7c8929660ab0f8dee
GET /rdcresources/content/fonts/droidserif-regular-webfont.woff2 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-stephan-burton-tampa
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=rlli5xz2gby02idx41r3kikq; SC_ANALYTICS_GLOBAL_COOKIE=1eb3dce625c044ca91ec010e32f44c35|False
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 743508
Date: Thu, 25 Aug 2022 05:22:14 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "b0e2ee283195d81:0"
Content-Type: font/woff2
Last-Modified: Mon, 11 Jul 2022 14:18:58 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 25180
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/fonts/droidserif-bold-webfont.woff2
200 OK 28 kB URL HTTP/1.1 www.regions.com/rdcresources/content/fonts/droidserif-bold-webfont.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 28520, version 1.0\012- data
Hash 4a80ddcba4cef2129dec8753762ac8f1
44f352414c76a8f84c27d6240fa3634fd248f4fa
1fa9dc815c95ac07bd2badeacc086f16ea92051db9818ca26c2f7bf048ae8b40
GET /rdcresources/content/fonts/droidserif-bold-webfont.woff2 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-stephan-burton-tampa
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=rlli5xz2gby02idx41r3kikq; SC_ANALYTICS_GLOBAL_COOKIE=1eb3dce625c044ca91ec010e32f44c35|False
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 743475
Date: Thu, 25 Aug 2022 05:22:47 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "80def0283195d81:0"
Content-Type: font/woff2
Last-Modified: Mon, 11 Jul 2022 14:18:58 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 28520
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/fonts/droidserif-italic-webfont.woff2
200 OK 23 kB URL HTTP/1.1 www.regions.com/rdcresources/content/fonts/droidserif-italic-webfont.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 22988, version 1.0\012- data
Hash fe84712f81388dfad5f48e4de801ec44
1c3e195be8306df1edc70d4abfa9270876093640
98213150300a378382c71ad9eff1538120dd8f9f29780c475feead2add55d80d
GET /rdcresources/content/fonts/droidserif-italic-webfont.woff2 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-stephan-burton-tampa
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=rlli5xz2gby02idx41r3kikq; SC_ANALYTICS_GLOBAL_COOKIE=1eb3dce625c044ca91ec010e32f44c35|False
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 743475
Date: Thu, 25 Aug 2022 05:22:47 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "d065fb283195d81:0"
Content-Type: font/woff2
Last-Modified: Mon, 11 Jul 2022 14:18:58 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 22988
Strict-Transport-Security: max-age=157680000
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2191
Expires: Fri, 02 Sep 2022 20:30:35 GMT
Date: Fri, 02 Sep 2022 19:54:04 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2191
Expires: Fri, 02 Sep 2022 20:30:35 GMT
Date: Fri, 02 Sep 2022 19:54:04 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2191
Expires: Fri, 02 Sep 2022 20:30:35 GMT
Date: Fri, 02 Sep 2022 19:54:04 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2191
Expires: Fri, 02 Sep 2022 20:30:35 GMT
Date: Fri, 02 Sep 2022 19:54:04 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd1bf889-bcbe-4ad4-950a-a32b2f875537.jpeg
200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd1bf889-bcbe-4ad4-950a-a32b2f875537.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24d848f7606889b048b6334e70d8a5e0
85239ef4f2fee8d3345e599bc942cab63ff3aaf6
da6cf33b440b51f72a70f309d62fd581aed246b6a78b8f329fa3899db15ff86d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd1bf889-bcbe-4ad4-950a-a32b2f875537.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5889
x-amzn-requestid: 42237574-f86e-4ece-b986-6d0c5910fcc5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzMVgHajoAMFmXg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112756-48ff9d98464cf3c9680d97b4;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:42:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: _7BBSlQQucoO5poncTYuX4fcmS4WFg3UcVFXalckGCCNFKJ0h5UpsQ==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 22:31:42 GMT
etag: "85239ef4f2fee8d3345e599bc942cab63ff3aaf6"
content-type: image/jpeg
age: 76942
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg
200 OK 17 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 12756903aaa74164feb5f8525398ca36
9fef9b071daea6793cbbdfe391254ac4326b1aa2
6d474a6d96aebfed43a4f6812f18a1be8d100c590f75eb0fbf4ec7277dd0c442
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16818
x-amzn-requestid: 6950a3c5-2cdc-4a21-854c-10d925e32ecd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XiYLvHRSIAMFotQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630a6d7e-6e98b9a77e592bd01afb1d97;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 19:16:14 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3eBLhLH4APXLyj9kLHXNCFT9ccS_bnBp5INvMI93IFvOuBMERe_GgQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 13:36:12 GMT
age: 22672
etag: "9fef9b071daea6793cbbdfe391254ac4326b1aa2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 955f2a35bd6b3802670e7fa8a7cda833
4c70d27f7c51b7fcae1d8a883bfc2e67a551ae6c
2fb517039f0704d2f6fe2fa78eae47c71c645add1c2276f8726248184ae45760
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10435
x-amzn-requestid: 813ec4ca-243d-46cb-a6a6-8ec58e5dd9f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLjdHwnIAMFhzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112615-4733cfb83cf0e8734abc5716;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:37:25 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: n6DJbsUGTdXT42cNLTDq6Uz28H2SDhwq6drdKP4axAHsBz471X7r_g==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:37:26 GMT
etag: "4c70d27f7c51b7fcae1d8a883bfc2e67a551ae6c"
content-type: image/jpeg
age: 80198
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F141f656b-9191-4cf5-a05b-891ed5c9656f.jpeg
200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F141f656b-9191-4cf5-a05b-891ed5c9656f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5c3b7580a37e6eb7e5bd18491f1d4dd6
288b82ad8f924eb9570ae1c55da84d041f862366
046d1ef76448c53446068ef5f8315b7299484996cdebfd9d1e749b4ded9c7d3c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F141f656b-9191-4cf5-a05b-891ed5c9656f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5079
x-amzn-requestid: 3b19c77a-2e9b-499f-890b-36fc4ee72ba7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XslOVEtZIAMFv1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630e825b-01b7b71617b59f7414a0e5e5;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 21:34:19 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: zYT0vF7Bxa5m84D12jI2w_A-MzR3wIMBOb0ubTEdNMlpYUes5aYdlQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:44:27 GMT
age: 79777
etag: "288b82ad8f924eb9570ae1c55da84d041f862366"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6b23082-fe08-4f5d-b709-47175510cf45.jpeg
200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6b23082-fe08-4f5d-b709-47175510cf45.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5e05660322f0368dd2bf8067d7e4554d
ec65cb47d86488f734c945a210d5f636a40fea2c
98875230ec45766102191bdc4180742fa3b8f3ad5ad1a128d12437105f86247e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6b23082-fe08-4f5d-b709-47175510cf45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6196
x-amzn-requestid: a7d6ce70-06d7-498c-8024-80185a3fc3e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLyLFmVIAMFkcQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112674-3fad622927177e9236d7c50a;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:39:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qAMCgNpYR80vXSDyHFOFcbT8VukBemR2AGoGNaCfYaszKshu-gv6zg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:54:15 GMT
age: 79189
etag: "ec65cb47d86488f734c945a210d5f636a40fea2c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06f2c9c2-de63-41e1-8359-5a5923a2b1e8.webp
200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06f2c9c2-de63-41e1-8359-5a5923a2b1e8.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5ba50b2fd1814c5ffc95aef40c69ce8c
cbb4546228115cccc122b16209e70171bef5c1f2
de822c8549508b28a07d29b203ae3ef356470df906cba727fc765f1bd14bb866
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06f2c9c2-de63-41e1-8359-5a5923a2b1e8.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9252
x-amzn-requestid: 7feebba8-f6b9-4b79-9726-5a7534da277e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLyVG5DoAMF_Ug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112675-3123158f3dcfbd476537ca3c;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:39:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BOa5zGQyJS9q9bHmtKzlNtyS9ToGPZJkDFo2uY2lzz8Lnd3cZLQEaA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 22:48:18 GMT
age: 75946
etag: "cbb4546228115cccc122b16209e70171bef5c1f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.regions.com/RDCResources/Scripts/rdc-ui.min.js?v=1.0.0.29711
200 OK 136 kB URL HTTP/1.1 www.regions.com/RDCResources/Scripts/rdc-ui.min.js?v=1.0.0.29711
IP
File type Unicode text, UTF-8 text, with very long lines (60938)
Size 136 kB (136055 bytes)
Hash 42492498cde51a42c220179a3bb07cd7
d46962220c4eb820dc5979439624f4971859643a
5efef587675c5b1274a91098d052ee2b37f0c26dda7e7c33e465c2c80e14e20d
GET /RDCResources/Scripts/rdc-ui.min.js?v=1.0.0.29711 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-stephan-burton-tampa
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=rlli5xz2gby02idx41r3kikq; SC_ANALYTICS_GLOBAL_COOKIE=1eb3dce625c044ca91ec010e32f44c35|False
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 743517
Date: Thu, 25 Aug 2022 05:22:05 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "035ed283195d81:0"
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Mon, 11 Jul 2022 14:18:58 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 136055
Strict-Transport-Security: max-age=157680000
www.regions.com/RDCResources/Content/rdc-ui.min.css?v=1.0.0.29711
200 OK 1.0 MB URL HTTP/1.1 www.regions.com/RDCResources/Content/rdc-ui.min.css?v=1.0.0.29711
IP
File type ASCII text, with very long lines (65536), with no line terminators
Size 1.0 MB (1000110 bytes)
Hash 1229afcf08f18b0b5772785705fe013a
ab4af8fd7ebb0f2790b089812d51ff60f355f913
dc0d5ecd312bb12b6d74bb34b8e7f12ed7a75d70ce04ce3a52d11420f6c34fd1
GET /RDCResources/Content/rdc-ui.min.css?v=1.0.0.29711 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-stephan-burton-tampa
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=rlli5xz2gby02idx41r3kikq; SC_ANALYTICS_GLOBAL_COOKIE=1eb3dce625c044ca91ec010e32f44c35|False
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 743518
Date: Thu, 25 Aug 2022 05:22:04 GMT
Cache-Control: max-age= 31536000,public
Content-Length: 1000110
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "40b636283195d81:0"
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Mon, 11 Jul 2022 14:18:56 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/Icon/search.svg?revision=345bbb17-b750-4295-a5db-1f501a858f26
200 OK 682 B URL HTTP/1.1 www.regions.com/-/media/Images/Icon/search.svg?revision=345bbb17-b750-4295-a5db-1f501a858f26
IP
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (479)
Hash 5c8e0dbbaf534e8b511cbebca5107124
92f60b7cda1c1a38e7f2c1d1ce552f094f9153e3
c1b4bec142e10c78a966826eea596636b3a3d6d29a0bc2185aa08639cc7c6b0e
GET /-/media/Images/Icon/search.svg?revision=345bbb17-b750-4295-a5db-1f501a858f26 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-stephan-burton-tampa
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=rlli5xz2gby02idx41r3kikq; SC_ANALYTICS_GLOBAL_COOKIE=1eb3dce625c044ca91ec010e32f44c35|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 139020
Date: Thu, 01 Sep 2022 05:17:05 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 141f99657b484ff3a165bd5b28f5ed5b
Content-Type: image/svg+xml
Content-Encoding: br
Last-Modified: Tue, 16 Feb 2021 17:16:25 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Disposition: inline; filename="search.svg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 682
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/WebSiteImages/avatar-branch.png?revision=04722475-1946-4ca4-8a8b-d8ca60b1b2e4
200 OK 32 kB URL HTTP/1.1 www.regions.com/-/media/Images/WebSiteImages/avatar-branch.png?revision=04722475-1946-4ca4-8a8b-d8ca60b1b2e4
IP
File type PNG image data, 300 x 300, 8-bit/color RGB, non-interlaced\012- data
Hash 6fc369a602a8d0b803844cb324804c7d
415c94e7e9528cfcf2706ff599a72d148283384d
ae0ed41222aa8d4f4203f7734202032e84de9df5807b92ae3cc0fd26953e9b9e
GET /-/media/Images/WebSiteImages/avatar-branch.png?revision=04722475-1946-4ca4-8a8b-d8ca60b1b2e4 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-stephan-burton-tampa
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=rlli5xz2gby02idx41r3kikq; SC_ANALYTICS_GLOBAL_COOKIE=1eb3dce625c044ca91ec010e32f44c35|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 136376
Date: Thu, 01 Sep 2022 06:01:09 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: cfe05142397d49ae906d885497e957ce
Content-Type: image/png
Last-Modified: Wed, 29 Jun 2016 16:37:41 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="avatar-branch.png"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 32529
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/Icon/help.svg?revision=15819bb4-82b6-4fac-93d4-830e9f499d06
200 OK 841 B URL HTTP/1.1 www.regions.com/-/media/Images/Icon/help.svg?revision=15819bb4-82b6-4fac-93d4-830e9f499d06
IP
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1026)
Hash 3f3518f2fa0702ea2edda61a84b1e83f
7596d0bd10d7c37bed824536b4c2314fd740f750
341edac2635ec17ade3f5f00776440eb12d3cc909997e03d55e2367c45ca2d40
GET /-/media/Images/Icon/help.svg?revision=15819bb4-82b6-4fac-93d4-830e9f499d06 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-stephan-burton-tampa
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=rlli5xz2gby02idx41r3kikq; SC_ANALYTICS_GLOBAL_COOKIE=1eb3dce625c044ca91ec010e32f44c35|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 139020
Date: Thu, 01 Sep 2022 05:17:05 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 9e384c93485143d7a0dddaeb977494d7
Content-Type: image/svg+xml
Content-Encoding: br
Last-Modified: Tue, 16 Feb 2021 17:16:25 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Disposition: inline; filename="help.svg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 841
Strict-Transport-Security: max-age=157680000
www.regions.com/locator/mlo/-/media/Images/Icon/search-white.svg
200 OK 541 B URL HTTP/1.1 www.regions.com/locator/mlo/-/media/Images/Icon/search-white.svg
IP
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 23c561108d5c50986c96b5eff6b18456
03924f41cc9ada0421a9bd5f5492cde1e7261eca
73cee3dd2309a0a21606ee00e0dd303938a0884c326c423efcb2aea703fdb27e
GET /locator/mlo/-/media/Images/Icon/search-white.svg HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-stephan-burton-tampa
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=rlli5xz2gby02idx41r3kikq; SC_ANALYTICS_GLOBAL_COOKIE=1eb3dce625c044ca91ec010e32f44c35|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 134247
Date: Thu, 01 Sep 2022 06:36:38 GMT
Cache-Control: max-age= 560631,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 266249db9ad94eba8d100c894f81d1bb
Content-Type: image/svg+xml
Content-Encoding: br
Last-Modified: Tue, 16 Feb 2021 17:16:25 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Disposition: inline; filename="search-white.svg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 541
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/1px.gif
200 OK 119 B URL HTTP/1.1 www.regions.com/-/media/Images/1px.gif
IP
File type PNG image data, 1 x 1, 8-bit/color RGB, non-interlaced\012- data
Hash ce21cbdd9b894e6af794813eb3fdaf60
d324efa2b5648eaca4a376c87a01808eb63cc18f
603506996b902b8797cbc1dc4bf350440caad5c59feb97c39344fd7648403b5d
GET /-/media/Images/1px.gif HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-stephan-burton-tampa
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=rlli5xz2gby02idx41r3kikq; SC_ANALYTICS_GLOBAL_COOKIE=1eb3dce625c044ca91ec010e32f44c35|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 138984
Date: Thu, 01 Sep 2022 05:17:41 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: abb54fb4cab64b92b52e12f5fa9df56a
Content-Type: image/png
Last-Modified: Fri, 11 Feb 2022 18:54:06 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="1px.png"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 119
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/Logo/Desktop/header-logo-desktop-regions-standard.svg?revision=5073573a-233c-4471-a6dc-112e6b2cc767
200 OK 2.8 kB URL HTTP/1.1 www.regions.com/-/media/Images/Logo/Desktop/header-logo-desktop-regions-standard.svg?revision=5073573a-233c-4471-a6dc-112e6b2cc767
IP
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1307)
Hash aeeed583845703683b21e742aa48bf05
27111d73f960a02a916438c3ecc4aea310e66fe8
83afa577fc6a7bef257737a37b4380cdece3e6f565d85abcf263d516ac80a585
GET /-/media/Images/Logo/Desktop/header-logo-desktop-regions-standard.svg?revision=5073573a-233c-4471-a6dc-112e6b2cc767 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-stephan-burton-tampa
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=rlli5xz2gby02idx41r3kikq; SC_ANALYTICS_GLOBAL_COOKIE=1eb3dce625c044ca91ec010e32f44c35|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 139020
Date: Thu, 01 Sep 2022 05:17:05 GMT
Cache-Control: max-age= 604800,public
Content-Length: 2773
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 2587ba95fc7a4fcfacd83d243f8c881d
Content-Type: image/svg+xml
Content-Encoding: br
Last-Modified: Fri, 03 Apr 2020 23:05:47 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Disposition: inline; filename="header-logo-desktop-regions-standard.svg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/DotCom/Locator/MLOs/mortgage-loan-officer-Stephan-Burton-Tampa.ashx?revision=54638c7e-1aab-4b84-9867-3043102049f2
200 OK 46 kB URL HTTP/1.1 www.regions.com/-/media/Images/DotCom/Locator/MLOs/mortgage-loan-officer-Stephan-Burton-Tampa.ashx?revision=54638c7e-1aab-4b84-9867-3043102049f2
IP
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=10, manufacturer=NIKON CORPORATION, model=NIKON D7000, orientation=upper-left, xresolution=164, yresolution=172, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2017:08:18 16:22:05, GPS-Data], progressive, precision 8, 175x175, components 3\012- data
Hash c598ee792e758e5ff4a50b20f53f8c70
c72b27d6ccf0f5ed64b1bcbf637be7591eac0423
286447e02f0234ec1f7eada7d727e768a5cc1a412c8f005d7b0eef933461eb71
GET /-/media/Images/DotCom/Locator/MLOs/mortgage-loan-officer-Stephan-Burton-Tampa.ashx?revision=54638c7e-1aab-4b84-9867-3043102049f2 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-stephan-burton-tampa
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=rlli5xz2gby02idx41r3kikq; SC_ANALYTICS_GLOBAL_COOKIE=1eb3dce625c044ca91ec010e32f44c35|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 105926
Date: Thu, 01 Sep 2022 14:28:39 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 096ab1cfb1264982898a981764b6e699
Content-Length: 45718
Content-Type: application/octet-stream
Last-Modified: Wed, 07 Jul 2021 07:53:04 GMT
Accept-Ranges: bytes
Content-Disposition: attachment; filename="mortgage-loan-officer-Stephan-Burton-Tampa"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/media/images/websiteimages/icon-locator-mlo-badge.svg
200 OK 288 B URL HTTP/1.1 www.regions.com/rdcresources/content/media/images/websiteimages/icon-locator-mlo-badge.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (352)
Hash 644bd0cb57824821768ad81bc24a44af
2e2a8af1795c6b25db1565a3cdbda4d7cc91195a
116ed69e7888779413c0a65cb95b9c09e01d4340e802d2f7800918a3572bf39f
GET /rdcresources/content/media/images/websiteimages/icon-locator-mlo-badge.svg HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/RDCResources/Content/rdc-ui.min.css?v=1.0.0.29711
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=rlli5xz2gby02idx41r3kikq; SC_ANALYTICS_GLOBAL_COOKIE=1eb3dce625c044ca91ec010e32f44c35|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 742833
Date: Thu, 25 Aug 2022 05:33:30 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "3022da283195d81:0"
Content-Type: image/svg+xml
Content-Encoding: br
Last-Modified: Mon, 11 Jul 2022 14:18:57 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 288
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/media/images/websiteimages/icon-star-full.svg
200 OK 182 B URL HTTP/1.1 www.regions.com/rdcresources/content/media/images/websiteimages/icon-star-full.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 9f82b92e5ae5303f02f70f2866dc5770
76549bf7d83cfaf3eed0b2358cd4ced6a0d42799
b702cce1853091ca3940463fe67ba239ee335af3acd5e20b18ce3890156701e2
GET /rdcresources/content/media/images/websiteimages/icon-star-full.svg HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/RDCResources/Content/rdc-ui.min.css?v=1.0.0.29711
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=rlli5xz2gby02idx41r3kikq; SC_ANALYTICS_GLOBAL_COOKIE=1eb3dce625c044ca91ec010e32f44c35|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 742833
Date: Thu, 25 Aug 2022 05:33:30 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "70beda283195d81:0"
Content-Type: image/svg+xml
Content-Encoding: br
Last-Modified: Mon, 11 Jul 2022 14:18:57 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 182
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/WebSiteImages/video-component-background.jpg
200 OK 86 kB URL HTTP/1.1 www.regions.com/-/media/Images/WebSiteImages/video-component-background.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2800x900, components 3\012- data
Hash 714ec83101dd539af3adda51008a05d1
e2532bb228b37f019f4c7e50a850cc10d3dc5d3a
7caee0314b38dbf2499e877aaf6fc68cc34521d63d55a08d8b8ea4cecb7f7990
GET /-/media/Images/WebSiteImages/video-component-background.jpg HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/RDCResources/Content/rdc-ui.min.css?v=1.0.0.29711
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=rlli5xz2gby02idx41r3kikq; SC_ANALYTICS_GLOBAL_COOKIE=1eb3dce625c044ca91ec010e32f44c35|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 138648
Date: Thu, 01 Sep 2022 05:23:17 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 9d7b5cdd37ac4196bc046f22d89a7d60
Content-Length: 85802
Content-Type: image/jpeg
Last-Modified: Fri, 03 Apr 2020 23:05:56 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="video-component-background.jpg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/WebSiteImages/loader.gif
200 OK 8.4 kB URL HTTP/1.1 www.regions.com/-/media/Images/WebSiteImages/loader.gif
IP
File type GIF image data, version 89a, 80 x 80\012- data
Hash 0eb0c1bdfdc4a4bd352121f51fec9149
d19adfb29240f0e08accaa483fc00c83c795f369
94a9405de974c3a6ea53616c60777c091e1330fb1b07549d5bdba4168cd19e70
GET /-/media/Images/WebSiteImages/loader.gif HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/RDCResources/Content/rdc-ui.min.css?v=1.0.0.29711
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=rlli5xz2gby02idx41r3kikq; SC_ANALYTICS_GLOBAL_COOKIE=1eb3dce625c044ca91ec010e32f44c35|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 139009
Date: Thu, 01 Sep 2022 05:17:16 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 7cfa43f033c942d7a4dbec8b73001e6b
Content-Type: image/gif
Last-Modified: Fri, 03 Apr 2020 23:05:54 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="loader.gif"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 8369
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/media/images/websiteimages/icon-search.svg
200 OK 383 B URL HTTP/1.1 www.regions.com/rdcresources/content/media/images/websiteimages/icon-search.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (885)
Hash 5a496f703b488debeff9e2a3ffb15431
45c6bcfbba5d287d4ab934f1be58936ce02b07f1
cccd3510527cc3dba2e9549bfafc7d5adcc841c85ac5adc3ece5e929e5110521
GET /rdcresources/content/media/images/websiteimages/icon-search.svg HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/RDCResources/Content/rdc-ui.min.css?v=1.0.0.29711
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=rlli5xz2gby02idx41r3kikq; SC_ANALYTICS_GLOBAL_COOKIE=1eb3dce625c044ca91ec010e32f44c35|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 743394
Date: Thu, 25 Aug 2022 05:24:09 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "208ad7283195d81:0"
Content-Type: image/svg+xml
Content-Encoding: br
Last-Modified: Mon, 11 Jul 2022 14:18:57 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 383
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/media/images/websiteimages/icon-arrow-left.svg
200 OK 271 B URL HTTP/1.1 www.regions.com/rdcresources/content/media/images/websiteimages/icon-arrow-left.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 595ec3419c514f6124d629350f2559ee
7dcbf20f645ff774c667d1ec9090d5dc1ab58da4
4cef94260da59647776c163dd7699ab4bdbebc43321911f25c7283ac28adbc62
GET /rdcresources/content/media/images/websiteimages/icon-arrow-left.svg HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/RDCResources/Content/rdc-ui.min.css?v=1.0.0.29711
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=rlli5xz2gby02idx41r3kikq; SC_ANALYTICS_GLOBAL_COOKIE=1eb3dce625c044ca91ec010e32f44c35|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 743518
Date: Thu, 25 Aug 2022 05:22:05 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "a0fece283195d81:0"
Content-Type: image/svg+xml
Content-Encoding: gzip
Last-Modified: Mon, 11 Jul 2022 14:18:57 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 271
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/media/images/websiteimages/icon-arrow-right.svg
200 OK 268 B URL HTTP/1.1 www.regions.com/rdcresources/content/media/images/websiteimages/icon-arrow-right.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash bf462852af8a80299f553f3cb2857e23
a696e3d8f7046ddfb637660b29e65519ad518df6
5942ba789df5ee148adc440ceacafc7047448afc34ad08d41eecaa45f1bf08b3
GET /rdcresources/content/media/images/websiteimages/icon-arrow-right.svg HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/RDCResources/Content/rdc-ui.min.css?v=1.0.0.29711
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=rlli5xz2gby02idx41r3kikq; SC_ANALYTICS_GLOBAL_COOKIE=1eb3dce625c044ca91ec010e32f44c35|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 743518
Date: Thu, 25 Aug 2022 05:22:05 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "20c6cd283195d81:0"
Content-Type: image/svg+xml
Content-Encoding: gzip
Last-Modified: Mon, 11 Jul 2022 14:18:57 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 268
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/Insights/Thumbnail/Personal/H-FAH-preparing-for-a-major-home-remodel-thumb.jpg?revision=cea5c952-835f-4735-af18-4850d9b0646f
200 OK 98 kB URL HTTP/1.1 www.regions.com/-/media/Images/Insights/Thumbnail/Personal/H-FAH-preparing-for-a-major-home-remodel-thumb.jpg?revision=cea5c952-835f-4735-af18-4850d9b0646f
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 432x456, components 3\012- data
Hash 372bd7f2ff8ecf74e939d7d7e2ad94af
320244fbc60864b6662f3ae720817099bfaf3add
80d2097213a26f3ae12d5deae29efca6864f9cd0e7886a03812f0da841667207
GET /-/media/Images/Insights/Thumbnail/Personal/H-FAH-preparing-for-a-major-home-remodel-thumb.jpg?revision=cea5c952-835f-4735-af18-4850d9b0646f HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-stephan-burton-tampa
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=rlli5xz2gby02idx41r3kikq; SC_ANALYTICS_GLOBAL_COOKIE=1eb3dce625c044ca91ec010e32f44c35|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 139008
Date: Thu, 01 Sep 2022 05:17:17 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: f78551ee84504eef883b8b40efb13011
Content-Type: image/jpeg
Last-Modified: Mon, 01 Mar 2021 14:39:24 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="H-FAH-preparing-for-a-major-home-remodel-thumb.jpg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 98074
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FH-Save-Money-Refinancing-Your-Mortgage.jpg?revision=d3ad0902-be59-443c-a8a8-980c0ba397cd
200 OK 16 kB URL HTTP/1.1 www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FH-Save-Money-Refinancing-Your-Mortgage.jpg?revision=d3ad0902-be59-443c-a8a8-980c0ba397cd
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 216x228, components 3\012- data
Hash 51dd85ef382069ec38904173a12e9812
e821e922c3f7a622b4d032032d8c13eaaa71013a
e0863c1bfa4b1cc0e2068765f09fc77f543a4caa33fdc6b41da08d3f28b9b6b0
GET /-/media/Images/Insights/Thumbnail/Personal/P-H-FH-Save-Money-Refinancing-Your-Mortgage.jpg?revision=d3ad0902-be59-443c-a8a8-980c0ba397cd HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-stephan-burton-tampa
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=rlli5xz2gby02idx41r3kikq; SC_ANALYTICS_GLOBAL_COOKIE=1eb3dce625c044ca91ec010e32f44c35|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 139008
Date: Thu, 01 Sep 2022 05:17:17 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: ecc44ec6c3da494498bf2e82b723f903
Content-Length: 16468
Content-Type: image/jpeg
Last-Modified: Fri, 11 Sep 2020 15:58:15 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="P-H-FH-Save-Money-Refinancing-Your-Mortgage.jpg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FH-Questions_to_Ask_When_Considering_a_Home_Equity-Thumb.jpg?revision=bef24dc0-fea4-4d81-999e-3fcb5fc79dd3
200 OK 34 kB URL HTTP/1.1 www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FH-Questions_to_Ask_When_Considering_a_Home_Equity-Thumb.jpg?revision=bef24dc0-fea4-4d81-999e-3fcb5fc79dd3
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 432x456, components 3\012- data
Hash cddff7f07661de94582305c4455e96d7
e61aba41b7d7cc1b05560a1387824f82092cfd05
e6ddaffbc4e3f08ebe842ed529a3aaccbd23d6a140e5cc10db89b056f11e7105
GET /-/media/Images/Insights/Thumbnail/Personal/P-H-FH-Questions_to_Ask_When_Considering_a_Home_Equity-Thumb.jpg?revision=bef24dc0-fea4-4d81-999e-3fcb5fc79dd3 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-stephan-burton-tampa
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=rlli5xz2gby02idx41r3kikq; SC_ANALYTICS_GLOBAL_COOKIE=1eb3dce625c044ca91ec010e32f44c35|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 139008
Date: Thu, 01 Sep 2022 05:17:17 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 73176d8e641740558ec2903100565b1b
Content-Type: image/jpeg
Last-Modified: Fri, 11 Sep 2020 15:58:15 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="P-H-FH-Questions_to_Ask_When_Considering_a_Home_Equity-Thumb.jpg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 33665
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FAH-ThingsToKnowAboutAnAdjustableRateMortgage-Thumb.jpg?revision=7359873d-ce42-45c7-bef6-35604caaf84b
200 OK 33 kB URL HTTP/1.1 www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FAH-ThingsToKnowAboutAnAdjustableRateMortgage-Thumb.jpg?revision=7359873d-ce42-45c7-bef6-35604caaf84b
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 432x456, components 3\012- data
Hash a0fdb87f17a0891d20b4c7c7dd489ae3
e64540d9a8a47e946531663c1939a7595ac0da41
673948f25b84f697a6098cdb3880ed34ad8675ffd4b3c5b7c7c984a4a091a551
GET /-/media/Images/Insights/Thumbnail/Personal/P-H-FAH-ThingsToKnowAboutAnAdjustableRateMortgage-Thumb.jpg?revision=7359873d-ce42-45c7-bef6-35604caaf84b HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-stephan-burton-tampa
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=rlli5xz2gby02idx41r3kikq; SC_ANALYTICS_GLOBAL_COOKIE=1eb3dce625c044ca91ec010e32f44c35|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 138544
Date: Thu, 01 Sep 2022 05:25:01 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 8058e759fc414eed969f8bd2f43e85a0
Content-Type: image/jpeg
Last-Modified: Fri, 11 Sep 2020 15:58:16 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="P-H-FAH-ThingsToKnowAboutAnAdjustableRateMortgage-Thumb.jpg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 33076
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FAH-understanding-adjustable-rate-mortgages-podcast-Thumb.jpg?revision=123ce605-bb6a-45a2-bee4-cfab482b5041
200 OK 89 kB URL HTTP/1.1 www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FAH-understanding-adjustable-rate-mortgages-podcast-Thumb.jpg?revision=123ce605-bb6a-45a2-bee4-cfab482b5041
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.0 (Macintosh), datetime=2020:01:16 13:59:30 DIY-Thermocam raw data\012- (Lepton 2.x), scale 21870-29766, spot sensor temperature 74893065746301681918931676168192.000000, unit celsius, color scheme 0, calibration: offset 0.000000, slope 137438953472.000000], baseline, precision 8, 432x456, components 3\012- data
Hash 6f07089f352bd05fa11d90f30e6cc5e4
0cb2658df6969bd6b8be226965eb2c259f0ea20b
1d0f2941a7e38e37c07ab51df9d709e4711faee18fdba5382811abb70e061fa3
GET /-/media/Images/Insights/Thumbnail/Personal/P-H-FAH-understanding-adjustable-rate-mortgages-podcast-Thumb.jpg?revision=123ce605-bb6a-45a2-bee4-cfab482b5041 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-stephan-burton-tampa
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=rlli5xz2gby02idx41r3kikq; SC_ANALYTICS_GLOBAL_COOKIE=1eb3dce625c044ca91ec010e32f44c35|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 138540
Date: Thu, 01 Sep 2022 05:25:05 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: fbff9ae4cc204417b09fbc41995b15f9
Content-Type: image/jpeg
Last-Modified: Fri, 11 Sep 2020 15:58:05 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="P-H-FAH-understanding-adjustable-rate-mortgages-podcast-Thumb.jpg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 88747
Strict-Transport-Security: max-age=157680000
www.regions.com/locator/mlo/-/media/Images/Icon/icon-calendar/icon-calendar.svg
200 OK 940 B URL HTTP/1.1 www.regions.com/locator/mlo/-/media/Images/Icon/icon-calendar/icon-calendar.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2699), with no line terminators
Hash c83395d617c81d10166217b9351ddd3d
cc2faff006102f6fffddc4ad5455391471459233
e9c2910517c5105adba61d2001a7ab4ad1f36b90e059fdc8464c6f851310f899
GET /locator/mlo/-/media/Images/Icon/icon-calendar/icon-calendar.svg HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-stephan-burton-tampa
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=rlli5xz2gby02idx41r3kikq; SC_ANALYTICS_GLOBAL_COOKIE=1eb3dce625c044ca91ec010e32f44c35|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 134232
Date: Thu, 01 Sep 2022 06:36:53 GMT
Cache-Control: max-age= 560617,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 280096ce24584f08ae4f82ec6e1611c5
Content-Type: image/svg+xml
Content-Encoding: br
Last-Modified: Wed, 03 Mar 2021 23:16:47 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Disposition: inline; filename="icon-calendar.svg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 940
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FYH-Checklist_Closing_Costs_vs_Prepaid_Items-Thumb.jpg?revision=fd9cddf8-1e36-4d44-a1ee-5aeef8da81e8
200 OK 22 kB URL HTTP/1.1 www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FYH-Checklist_Closing_Costs_vs_Prepaid_Items-Thumb.jpg?revision=fd9cddf8-1e36-4d44-a1ee-5aeef8da81e8
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 432x456, components 3\012- data
Hash 43c3979dfaa872bee3d5ecd678b41551
efb2b3011959b7e59fdf8a0242fc69190eb85e4b
852995c5e7bd28d42e0086cac3de58ddbd9ef0161ade5267f3d16b09579dd6d4
GET /-/media/Images/Insights/Thumbnail/Personal/P-H-FYH-Checklist_Closing_Costs_vs_Prepaid_Items-Thumb.jpg?revision=fd9cddf8-1e36-4d44-a1ee-5aeef8da81e8 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-stephan-burton-tampa
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=rlli5xz2gby02idx41r3kikq; SC_ANALYTICS_GLOBAL_COOKIE=1eb3dce625c044ca91ec010e32f44c35|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 138548
Date: Thu, 01 Sep 2022 05:24:57 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 0bad9f02bd23408ba9830e28065b7798
Content-Type: image/jpeg
Last-Modified: Fri, 11 Sep 2020 15:58:16 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="P-H-FYH-Checklist_Closing_Costs_vs_Prepaid_Items-Thumb.jpg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 21773
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FAH-applying-for-a-home-loan-podcast-Thumb.jpg?revision=69f08e28-6916-4f57-a2ed-a1f0ed32dc22
200 OK 88 kB URL HTTP/1.1 www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FAH-applying-for-a-home-loan-podcast-Thumb.jpg?revision=69f08e28-6916-4f57-a2ed-a1f0ed32dc22
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.0 (Macintosh), datetime=2020:01:16 13:19:44], baseline, precision 8, 432x456, components 3\012- data
Hash c8841785cd39c7400eb055f52f4fd395
dcb5859dc36c50ab2727e2a9366d5c59551a4b28
1d47fb60ed8a9217554a061f114f98265f0241adeec6b7ecfe58b98a9ca9f137
GET /-/media/Images/Insights/Thumbnail/Personal/P-H-FAH-applying-for-a-home-loan-podcast-Thumb.jpg?revision=69f08e28-6916-4f57-a2ed-a1f0ed32dc22 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-stephan-burton-tampa
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=rlli5xz2gby02idx41r3kikq; SC_ANALYTICS_GLOBAL_COOKIE=1eb3dce625c044ca91ec010e32f44c35|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 138538
Date: Thu, 01 Sep 2022 05:25:08 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: db4a6978e622401bbde4a35d3c2b7841
Content-Type: image/jpeg
Last-Modified: Fri, 11 Sep 2020 15:58:05 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="P-H-FAH-applying-for-a-home-loan-podcast-Thumb.jpg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 88363
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-UYHE-Is_a_Home_Equity_Loan_or_Line_of_Credit_Right_for_you-Thumb.jpg?revision=015fa817-5dd3-4991-852e-0e106801180a
200 OK 21 kB URL HTTP/1.1 www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-UYHE-Is_a_Home_Equity_Loan_or_Line_of_Credit_Right_for_you-Thumb.jpg?revision=015fa817-5dd3-4991-852e-0e106801180a
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 432x456, components 3\012- data
Hash de1166a7dea4821e653419386f30ef80
849da63131c1f7333e790c7b8470beea90797a3d
73f81791ec41abc9a738979de0f83bd6c2efc70908e86047ff2b2aa5cdb62a60
GET /-/media/Images/Insights/Thumbnail/Personal/P-H-UYHE-Is_a_Home_Equity_Loan_or_Line_of_Credit_Right_for_you-Thumb.jpg?revision=015fa817-5dd3-4991-852e-0e106801180a HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-stephan-burton-tampa
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=rlli5xz2gby02idx41r3kikq; SC_ANALYTICS_GLOBAL_COOKIE=1eb3dce625c044ca91ec010e32f44c35|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 138589
Date: Thu, 01 Sep 2022 05:24:16 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 8ca54c4c0b8e477093a82d2796b8587b
Content-Type: image/jpeg
Last-Modified: Fri, 11 Sep 2020 15:58:11 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="P-H-UYHE-Is_a_Home_Equity_Loan_or_Line_of_Credit_Right_for_you-Thumb.jpg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 20600
Strict-Transport-Security: max-age=157680000
nexus.ensighten.com/regions/regions-prod/Bootstrap.js
200 OK 76 kB URL HTTP/2 nexus.ensighten.com/regions/regions-prod/Bootstrap.js
IP
File type ASCII text, with very long lines (1435)
Hash d60302a1a2a7906008cfbbf4a6f68967
f3fa455ff77e6fb1923f70fe284234dc37910f08
8dfa4982d743b59b18d2efb3fb7ac9a47030d22d550de17b73e3b97b63d3592b
GET /regions/regions-prod/Bootstrap.js HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Mon, 29 Aug 2022 16:54:29 GMT
x-amz-replication-status: COMPLETED
last-modified: Mon, 29 Aug 2022 16:53:23 GMT
etag: W/"faa8b915cbee140fd04d11e9f87fe781"
x-amz-server-side-encryption: AES256
cache-control: max-age=300
x-amz-version-id: Jt1O51VswUVTh__R3peFlGa0HbdTpt1l
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0e_1J51eLtRMZ4Ikd2qOIaGDIsu0y0_lp05CC-phguSjFxLsdt1EjA==
age: 356377
X-Firefox-Spdy: h2
maps.googleapis.com/maps/api/js?v=3.exp&libraries=places&client=gme-regionsbank&callback=REGIONS.maps.afterInit&_=1662148443505
200 OK 56 kB URL HTTP/2 maps.googleapis.com/maps/api/js?v=3.exp&libraries=places&client=gme-regionsbank&callback=REGIONS.maps.afterInit&_=1662148443505
IP
File type ASCII text, with very long lines (2523)
Hash b9b2c0347cfa401ac9f8c6308693887d
f7da45b8b0321efa9803514935b46280e8bc6b0e
21b185c9a1fb4383efe6db9327665f5b9cc1fbc6546d1b9c3808568b472b0528
GET /maps/api/js?v=3.exp&libraries=places&client=gme-regionsbank&callback=REGIONS.maps.afterInit&_=1662148443505 HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Fri, 02 Sep 2022 19:54:05 GMT
expires: Fri, 02 Sep 2022 20:24:05 GMT
cache-control: public, max-age=1800
vary: Accept-Language
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 56092
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=16
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.regions.com/-/media/Images/WebSiteImages/favicon.ico
200 OK 9.7 kB URL HTTP/1.1 www.regions.com/-/media/Images/WebSiteImages/favicon.ico
IP
File type MS Windows icon resource - 1 icon, 48x48, 32 bits/pixel\012- data
Hash 770326a3949eeac3b1b32f636a435b24
34e947c7883865ed4982b1108ff1d8d3225edaaf
d40069d6602b8db241d15a18513f0d26f783b9b012a46b7fca2bd4a23ccb5be1
GET /-/media/Images/WebSiteImages/favicon.ico HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-stephan-burton-tampa
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=rlli5xz2gby02idx41r3kikq; SC_ANALYTICS_GLOBAL_COOKIE=1eb3dce625c044ca91ec010e32f44c35|False; Regions_SessionId=c4d7ce7f-c6a7-420d-8746-57998d1d3617
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 158923
Date: Wed, 31 Aug 2022 23:45:23 GMT
Cache-Control: max-age= 584063,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: c8a67602af18477991e64598d71384a6
Content-Type: image/x-icon
Last-Modified: Wed, 26 Jan 2022 21:49:47 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="favicon.ico"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 9662
Strict-Transport-Security: max-age=157680000
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 59bdc2e0a449c6388eb0c96da3586600
c61d2414961c4f05c9bcf400d6a1d9792fbe9093
2b3c911dddbf9fad01ea3232354ac2f0e6731541ab3a7e916ef09682dd43cf4e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 19:54:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.regions.com/-/media/Images/DotCom/Generic/video-component-background.jpg?revision=bd3405f8-01e8-4334-ab30-0fa6d90ca353
200 OK 926 kB URL HTTP/1.1 www.regions.com/-/media/Images/DotCom/Generic/video-component-background.jpg?revision=bd3405f8-01e8-4334-ab30-0fa6d90ca353
IP
File type PNG image data, 1400 x 450, 8-bit/color RGBA, non-interlaced\012- data
Size 926 kB (926480 bytes)
Hash 869f6fce3cc41447159b757d89bc8ba7
e9e34caba119cb5727bf3324c4d897edd22ea1e6
8e8dcd035a49dabbf01d255019d0fca12bace4c39bbb8b3aa7373a1dadae49a5
GET /-/media/Images/DotCom/Generic/video-component-background.jpg?revision=bd3405f8-01e8-4334-ab30-0fa6d90ca353 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-stephan-burton-tampa
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=rlli5xz2gby02idx41r3kikq; SC_ANALYTICS_GLOBAL_COOKIE=1eb3dce625c044ca91ec010e32f44c35|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 138589
Date: Thu, 01 Sep 2022 05:24:16 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: f294c5922dab4c0da74893f259ffb939
Content-Length: 926480
Content-Type: image/png
Last-Modified: Tue, 04 Aug 2020 19:24:35 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="video-component-background.png"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
nexus.ensighten.com/regions/regions-prod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/regions/regions-prod/code/&publishedOn=Mon%20Aug%2029%2016:53:21%20GMT%202022&ClientID=1202&PageID=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa
200 OK 398 B URL HTTP/2 nexus.ensighten.com/regions/regions-prod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/regions/regions-prod/code/&publishedOn=Mon%20Aug%2029%2016:53:21%20GMT%202022&ClientID=1202&PageID=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa
IP
File type ASCII text, with very long lines (397)
Hash 0b7e34e9fd9920053fee4fa7a11af3f5
b5ae41c68e4d582fb8e1e4ca2bfbff40480296aa
a913ced91130f5637217b04434f3fdeb315cfe0d93e4079f2bac1b01cc94a49e
GET /regions/regions-prod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/regions/regions-prod/code/&publishedOn=Mon%20Aug%2029%2016:53:21%20GMT%202022&ClientID=1202&PageID=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 398
server: nginx
date: Fri, 02 Sep 2022 19:54:06 GMT
expires: Fri, 02 Sep 2022 19:54:05 GMT
cache-control: no-cache, no-store
x-cache: Miss from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hX_P3YUUALuahfFBAPZTLpPUeBNEdRu7RXUmv9BklFAaTMkSqzLx_w==
X-Firefox-Spdy: h2
nexus.ensighten.com/error/e.gif?msg=Invalid%20data%20definition%20used%3A%2059857&lnn=54&fn=https%3A%2F%2Fnexus.ensighten.com%2Fregions%2Fregions-prod%2FBootstrap.js&cid=1202&client=regions&publishPath=regions-prod&rid=-1&did=-1&errorName=DataDefinitionException
204 No Content 0 B URL HTTP/2 nexus.ensighten.com/error/e.gif?msg=Invalid%20data%20definition%20used%3A%2059857&lnn=54&fn=https%3A%2F%2Fnexus.ensighten.com%2Fregions%2Fregions-prod%2FBootstrap.js&cid=1202&client=regions&publishPath=regions-prod&rid=-1&did=-1&errorName=DataDefinitionException
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /error/e.gif?msg=Invalid%20data%20definition%20used%3A%2059857&lnn=54&fn=https%3A%2F%2Fnexus.ensighten.com%2Fregions%2Fregions-prod%2FBootstrap.js&cid=1202&client=regions&publishPath=regions-prod&rid=-1&did=-1&errorName=DataDefinitionException HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: CloudFront
date: Fri, 02 Sep 2022 01:05:17 GMT
cache-control: no-cache, no-store
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tYmeMELnluO6w8BaAjqx7-uggFhiD7YUAaMiRAvsg4cJ9j4xzGShBg==
age: 67729
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash dc076b754adaddcb000f3f987b6c5df2
01e9b40591692b8b2a6a94729e9481c7e600d248
9dbf2e71e1cbad91a71154b729e8ef496eda7544828a8bfd4f64e6dd70c4f64d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 19:54:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/bat.js
200 OK 11 kB IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Hash 293ae3e0fc8b0d5c143fdf9d8490228d
3976c659b908e70818a3a1ac71860b497fe2d1a9
04a840d967ae836e14179bde574cabf14a1fc871182ca0f8193e7a0b06c727ab
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11367
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ranges: bytes
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
set-cookie: MUID=0E86E96E0C5A629E289DFB7D0D0D638E; domain=.bing.com; expires=Wed, 27-Sep-2023 19:54:06 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B1EA110EFD624C64B31D420560A37D67 Ref B: OSL30EDGE0319 Ref C: 2022-09-02T19:54:06Z
date: Fri, 02 Sep 2022 19:54:05 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b69e4ee589f24deef7c8a3004daae9d1
e96ab184083a5084569b86b8846a6fa0c3b6af9a
7560417294eeb0f5c955d68bcc9b9eae40d69d1ff4b717a115ca1c614b1f4a17
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 19:54:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=AW-1013536406&l=regionsDataLayer
200 OK 46 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-1013536406&l=regionsDataLayer
IP
File type ASCII text, with very long lines (1615)
Hash fed2cb7b8e289ba4a992269c59a40981
eac33e765ed064860333ed4b0cfcb75d4e7f9196
75ca6371797d450656dafec51fb6e37887f1a8551c36c255d86fe4a2b7ecb3a1
GET /gtag/js?id=AW-1013536406&l=regionsDataLayer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 02 Sep 2022 19:54:06 GMT
expires: Fri, 02 Sep 2022 19:54:06 GMT
cache-control: private, max-age=900
last-modified: Fri, 02 Sep 2022 18:47:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45984
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 312 B IP
Hash 278f77bd8c68daed840ff7c0e2805feb
197f07c43b559537996083243e9c6a1a4848562e
62d0683d0f26e7cfdb52f6cfbe565147f592d509c71222499ec4cd5303d04318
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6036
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 19:54:06 GMT
Last-Modified: Fri, 02 Sep 2022 18:13:31 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 312
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9665d92cfb2f9db5f7032ed692dff0e0
2ca6220de116f04429a7ce3f3c8f95cae61db137
5cc77ac9117df4aa52cc268287bf82f9dde172f1bcd7f640d3f0ef04a5ed07c5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 19:54:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 7040539fecb815b0cc84c15e3e2e99df
761de2d6da86cb1df6bb1fdd85ad71f75a825bb4
b1edf3547f6db4798d46a116924942acc48ad56da1fd61f9951acf93053a6578
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 19:54:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=2f522f2cbc0fecebadd20f961aabdb13&k=regions-bank-pixel-8219&zmpID=regions-bank&cache_buster=5765883903771528&PageUrl=https://www.regions.com/locator/mlo/mortgage-loan-officer-stephan-burton-tampa
200 OK 1.9 kB URL HTTP/2 live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=2f522f2cbc0fecebadd20f961aabdb13&k=regions-bank-pixel-8219&zmpID=regions-bank&cache_buster=5765883903771528&PageUrl=https://www.regions.com/locator/mlo/mortgage-loan-officer-stephan-burton-tampa
IP
File type HTML document, ASCII text, with very long lines (1202)
Hash ad4dbf470cca25215fa46bc6b90567e0
efe00fc5ea750dad1433fceac16ffce2b6e58684
22513fedbed03e204851b6d900cf77c04caebf0cdafc7c28617939745ddccdd1
GET /sync?c=16b6410431b6374e780104abb0443ca8&p=2f522f2cbc0fecebadd20f961aabdb13&k=regions-bank-pixel-8219&zmpID=regions-bank&cache_buster=5765883903771528&PageUrl=https://www.regions.com/locator/mlo/mortgage-loan-officer-stephan-burton-tampa HTTP/1.1
Host: live.rezync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 1875
date: Fri, 02 Sep 2022 19:54:06 GMT
set-cookie: zync-uuid=f9587fd4-8a92-485a-b5fd-44b710f85774:1662148446.275249; Domain=rezync.com; Expires=Wed, 01 Mar 2023 19:54:06 GMT; Path=/; SameSite=None; Secure
sd-session-id=eyJfcGVybWFuZW50Ijp0cnVlLCJzZXNzaW9uX2lkIjoiZjk1ODdmZDQtOGE5Mi00ODVhLWI1ZmQtNDRiNzEwZjg1Nzc0OjE2NjIxNDg0NDYuMjc1MjQ5In0.YxJfXg.OPNMRkPFocyk8qokhrw2zv86YjA; Expires=Wed, 01 Mar 2023 19:54:06 GMT; HttpOnly; Path=/; SameSite=None; Secure
vary: Cookie
server: lighttpd/1.4.59
x-cache: Miss from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zwZW-lrEtGrl1FXoTkLw3tkAjflDlbE0eU41chYlIhHQrKtEajEZUg==
X-Firefox-Spdy: h2
www.youtube.com/iframe_api
200 OK 26 kB URL HTTP/2 www.youtube.com/iframe_api
IP
File type ASCII text, with very long lines (509)
Hash e9b167755b6c8434d29db9985e7d9776
d09f7d678acce1d82a8f86472319b39818b0fdf1
ecd21edb89efc1fde6224b81917bc2e213acebbab39eec970b9789f94bc37013
GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Fri, 02 Sep 2022 19:54:06 GMT
date: Fri, 02 Sep 2022 19:54:06 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=XkwQRoI5VrA; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=eTAyec8M5rM; Domain=.youtube.com; Expires=Wed, 01-Mar-2023 19:54:06 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+823; expires=Sun, 01-Sep-2024 19:54:06 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o1rxt&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0
200 OK 43 B URL HTTP/2 t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o1rxt&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?p_id=Twitter&p_user_id=0&txn_id=o1rxt&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 19:54:05 GMT
server: tsa_o
set-cookie: muc_ads=5931de5f-534c-419f-932e-1f8ab6e23f6d; Max-Age=63072000; Expires=Sun, 01 Sep 2024 19:54:06 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
strict-transport-security: max-age=0
x-response-time: 109
x-connection-hash: 5bbc8771ae62e8829d06ed50ab427270b99635a1a5c9ff213d31ba3a774c5a08
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=21011282&Ver=2&mid=f322dd99-c4b1-48d0-aa5e-f432d1e770d2&sid=ff9459802af811edac839733d4e15efa&vid=ff9482702af811eda593055893d58bf2&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Tampa%20Mortgage%20Lender%20%7C%20Stephan%20Burton%20%7C%20Regions&kw=Tampa%20Mortgage%20Lender%20%7C%20Stephan%20Burton%20%7C%20Regions&p=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa&r=<=3190&evt=pageLoad&sv=1&rn=105177
204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=21011282&Ver=2&mid=f322dd99-c4b1-48d0-aa5e-f432d1e770d2&sid=ff9459802af811edac839733d4e15efa&vid=ff9482702af811eda593055893d58bf2&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Tampa%20Mortgage%20Lender%20%7C%20Stephan%20Burton%20%7C%20Regions&kw=Tampa%20Mortgage%20Lender%20%7C%20Stephan%20Burton%20%7C%20Regions&p=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa&r=<=3190&evt=pageLoad&sv=1&rn=105177
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=21011282&Ver=2&mid=f322dd99-c4b1-48d0-aa5e-f432d1e770d2&sid=ff9459802af811edac839733d4e15efa&vid=ff9482702af811eda593055893d58bf2&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Tampa%20Mortgage%20Lender%20%7C%20Stephan%20Burton%20%7C%20Regions&kw=Tampa%20Mortgage%20Lender%20%7C%20Stephan%20Burton%20%7C%20Regions&p=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa&r=<=3190&evt=pageLoad&sv=1&rn=105177 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=0DBE965542666112194C844643316047; domain=.bing.com; expires=Wed, 27-Sep-2023 19:54:06 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9AF1A2C0286E436C8ADC849E3008A172 Ref B: OSL30EDGE0319 Ref C: 2022-09-02T19:54:06Z
date: Fri, 02 Sep 2022 19:54:05 GMT
X-Firefox-Spdy: h2
js.adsrvr.org/up_loader.1.1.0.js
200 OK 1.9 kB URL HTTP/1.1 js.adsrvr.org/up_loader.1.1.0.js
IP
File type ASCII text, with very long lines (4593), with no line terminators
Hash 8014ea74946aee77ef2f3b9a264be553
fda85fc27ac2f811e543c11436cf5623cbd46bb2
271b1db0f8cff912a931b78cedb32fd59adeb60025dbcbd7cc5add7d03c82f7c
GET /up_loader.1.1.0.js HTTP/1.1
Host: js.adsrvr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Thu, 01 Sep 2022 23:26:00 GMT
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ep90XF7LAwt5yqvdRtLQ_Ksynxv-QQe9elqTHpYvXX4FR8wPg_eR9w==
Age: 73686
ocsp.digicert.com/
200 OK 471 B IP
Hash b1ad004f11b9c337660dfc7b6a5091de
5e017d69c3549cd9d9b33d11486989bec8500b5a
6dfad0eaa16c37e2c7c9264636adcf2b3eed1577d44df08c388a983b810121b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4572
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 19:54:06 GMT
Last-Modified: Fri, 02 Sep 2022 18:37:55 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
c1.rfihub.net/js/tc.min.js
200 OK 6.2 kB URL HTTP/2 c1.rfihub.net/js/tc.min.js
IP
File type C source, ASCII text, with very long lines (19497)
Hash ab5a2e3f2414c0a2b622e48c0b6da2fd
1a894787bde6cbf9b58d47b8f4245607420112ad
a5ef19cf7ca85f760c462ed2f228430c8d0a6d9daf3aa34894a5c42113cfdb8f
GET /js/tc.min.js HTTP/1.1
Host: c1.rfihub.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 6162
date: Fri, 02 Sep 2022 19:48:04 GMT
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: public, max-age=3600
expires: Fri, 02 Sep 2022 20:48:04 GMT
last-modified: Fri, 02 Sep 2022 19:47:54 GMT
content-encoding: gzip
server: Jetty(9.3.29.v20201019)
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Vx8FCA7UfP18cQuy67-Lo3VPNLCPYMzT_AsvQaUOHyOGK5UJ9YWG-w==
age: 362
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 55381f432c617f018b216c35dd6dd60a
133915366fc5d760576d2d0a16cb66dc0ab5f388
ddd40e1c7d1aaeb81f000e3cf9f8a00e9c83f0baf649990fddbd2d8700032873
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 19:54:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash 53e4933126779cbf269a5819d467ad4b
1c3c6b27a0660a44717be304d90834cf2f9cf3ce
ed5ad968f7d95b37c817e86b54062702bef60b1ffd3977248aad23072af06b87
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: EuoSV9GY68jdkHfLrPosLQ49nw53HTgu2g7uODZSMziIKiyII8C+4dtV4jBq9dvR9XVhJx+nVIl8mnNLHnAXLA==
priority: u=3,i
content-length: 26752
x-fb-trip-id: 1904183273
date: Fri, 02 Sep 2022 19:54:06 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 003e8a2cb35bb65683fccbf8bf7a9797
b26fbc7607825162686c7e164d51956addeb1a6c
a71ec1144878270f76c09c51967a1d24b7d82dd700e83216be1e814a74796403
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 19:54:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 67921e2bd7c620bdd4db5ed1e73d3146
1deaa030ab490c63f94bde4c7ada5e2f849fb506
7fcee2496cdc63c9779941621d9e61acd006910947ccb6c7e98f383b0bf4574c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 19:54:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ad.doubleclick.net/ddm/activity/src=9100576;type=pv;cat=regio0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?167865720771.77264
302 Found 0 B URL HTTP/2 ad.doubleclick.net/ddm/activity/src=9100576;type=pv;cat=regio0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?167865720771.77264
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ddm/activity/src=9100576;type=pv;cat=regio0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?167865720771.77264 HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 02 Sep 2022 19:54:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://adservice.google.com/ddm/fls/p/src=9100576;type=pv;cat=regio0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?167865720771.77264&~oref=https://www.regions.com/
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 02-Sep-2022 20:09:06 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash b1ad004f11b9c337660dfc7b6a5091de
5e017d69c3549cd9d9b33d11486989bec8500b5a
6dfad0eaa16c37e2c7c9264636adcf2b3eed1577d44df08c388a983b810121b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4572
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 19:54:06 GMT
Last-Modified: Fri, 02 Sep 2022 18:37:55 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
pubads.g.doubleclick.net/activity;xsp=4958803;ord=5680569534377066?
200 OK 42 B URL HTTP/2 pubads.g.doubleclick.net/activity;xsp=4958803;ord=5680569534377066?
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /activity;xsp=4958803;ord=5680569534377066? HTTP/1.1
Host: pubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 02 Sep 2022 19:54:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 02-Sep-2022 20:09:06 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ct.pinterest.com/v3/?tid=2613483917557&noscript=1
200 OK 35 B URL HTTP/2 ct.pinterest.com/v3/?tid=2613483917557&noscript=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9b8d19f4310c758344e40bf17fbc7e85
2290ef058812d5f5e398736e2316cba8cf8093cf
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
GET /v3/?tid=2613483917557&noscript=1 HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: image/gif
content-length: 35
access-control-allow-origin: *
x-envoy-upstream-service-time: 3
referrer-policy: origin
x-pinterest-rid: 6518420389148135
date: Fri, 02 Sep 2022 19:54:06 GMT
set-cookie: _pinterest_ct_ua="TWc9PSZZSGMwUUVBd3JXaTBaZ0diZElHaGN4YkE1by9Rd1FFZWRvcm5MVXkwSWNXK2ZScFhIY3E1TmtrS0hQZGJmVThDTUdtOEFvZEc1V2ZPS0I0MU9vUXRhWWNxQ21GNGFjNVhhNHJNbTEwamlxWT0mWDhUdGpLTE1DUUdwc1dDbXRZWTRhRmxad3VVPQ=="; Expires=Sat, 02 Sep 2023 19:54:06 GMT; Path=/; Domain=ct.pinterest.com; Secure; SameSite=None
akamai-grn: 0.274f2417.1662148446.4d3dd95a
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
www.google.com/pagead/conversion_async.js
200 OK 16 kB URL HTTP/2 www.google.com/pagead/conversion_async.js
IP
File type ASCII text, with very long lines (1623)
Hash 4738d969770682feba80f04bf171d65b
be0e0ceb91bf5ed0c64b0f3f2cc2c99c6d4cd6b7
1daca97cf9e8078299f94c50346e45fead45bf908ca97ded912f26986c1c4e9a
GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 02 Sep 2022 19:54:06 GMT
expires: Fri, 02 Sep 2022 19:54:06 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 15579141248118922429
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 15687
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash 119321cec5bc6c45fd28bd83e37ee2b5
2653dfa7c06e7b93dd234d725c9314fe000e149d
7af660dbbbc59de8b7fd1b630f465cb2362a3c72430ab96c752e385765b965ef
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1157
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 19:54:06 GMT
Last-Modified: Fri, 02 Sep 2022 19:34:50 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
200 OK 471 B IP
Hash d2b796aa033eba4a9997440c704b7275
de102987f0fa9e65d80cf0f3b250f78e3956431d
bd941f283ab06f7fc92e08b1b01a443f2bd7da9d6b2488277374563a098e450a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5319
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 19:54:06 GMT
Last-Modified: Fri, 02 Sep 2022 18:25:27 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash d596de8ea8049d5fe75acfc5f91cb1a4
b6c77857263b6af90215582e03212313f3c3fe83
faf5be5fcc766f2e98a34bb5cdd100f11caec03b7059384b66466425c62f6c4f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1637
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 19:54:06 GMT
Last-Modified: Fri, 02 Sep 2022 19:26:49 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
adservice.google.com/ddm/fls/p/src=9100576;type=pv;cat=regio0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?167865720771.77264&~oref=https://www.regions.com/
302 Found 0 B URL HTTP/2 adservice.google.com/ddm/fls/p/src=9100576;type=pv;cat=regio0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?167865720771.77264&~oref=https://www.regions.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ddm/fls/p/src=9100576;type=pv;cat=regio0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?167865720771.77264&~oref=https://www.regions.com/ HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.regions.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 02 Sep 2022 19:54:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://adservice.google.no/ddm/fls/p/src=9100576;type=pv;cat=regio0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?167865720771.77264&~oref=https://www.regions.com/
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 0fb935f05e6aaba744f686e2bb3928f9
5b8211247e237b44ddd5bc3df47063bfcac84b0e
a998f91aa98aee49510e973a892dd630395bb1af087c7dbc77b61d29bef2bf68
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 19:54:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10175658&he=start&auid=regio0
200 OK 43 B URL HTTP/2 sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10175658&he=start&auid=regio0
IP
ASN #34010 Yahoo! UK Services Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /spp.pl?a=10000&.yp=10175658&he=start&auid=regio0 HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 19:54:06 GMT
expires: Fri, 02 Sep 2022 19:54:06 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBF5fEmMCEEXxA575vDV2kCZJo3_awWoFEgEBAQGwE2McYwAAAAAA_eMAAA&S=AQAAAvREC_gTlcq16s9_ODZ51Ew; Expires=Sun, 3 Sep 2023 01:54:06 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 55381f432c617f018b216c35dd6dd60a
133915366fc5d760576d2d0a16cb66dc0ab5f388
ddd40e1c7d1aaeb81f000e3cf9f8a00e9c83f0baf649990fddbd2d8700032873
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 19:54:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-conversion/1013536406/?random=1662148444996&cv=9&fst=1662148444996&num=1&label=F0kQCIWIgqYBEJatpeMD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa&tiba=Tampa%20Mortgage%20Lender%20%7C%20Stephan%20Burton%20%7C%20Regions&auid=839089433.1662148445>m_ee=1&hn=www.google.com&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4
302 Found 63 B URL HTTP/2 www.google.com/pagead/1p-conversion/1013536406/?random=1662148444996&cv=9&fst=1662148444996&num=1&label=F0kQCIWIgqYBEJatpeMD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa&tiba=Tampa%20Mortgage%20Lender%20%7C%20Stephan%20Burton%20%7C%20Regions&auid=839089433.1662148445>m_ee=1&hn=www.google.com&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4
IP
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/1013536406/?random=1662148444996&cv=9&fst=1662148444996&num=1&label=F0kQCIWIgqYBEJatpeMD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa&tiba=Tampa%20Mortgage%20Lender%20%7C%20Stephan%20Burton%20%7C%20Regions&auid=839089433.1662148445>m_ee=1&hn=www.google.com&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 02 Sep 2022 19:54:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/1013536406/?random=1662148444996&cv=9&fst=1662148444996&num=1&label=F0kQCIWIgqYBEJatpeMD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa&tiba=Tampa%20Mortgage%20Lender%20%7C%20Stephan%20Burton%20%7C%20Regions&auid=839089433.1662148445>m_ee=1&hn=www.google.com&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&d_nsid=0&ts=1662148444692
302 Found 0 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&d_nsid=0&ts=1662148444692
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&d_nsid=0&ts=1662148444692 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://www.regions.com
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.regions.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v038-006789e8c.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&d_nsid=0&ts=1662148444692
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=85038988813305964590904537087935874867; Max-Age=15552000; Expires=Wed, 01 Mar 2023 19:54:06 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: Fyq2tGlQQQc=
Content-Length: 0
Connection: keep-alive
dc.ads.linkedin.com/collect/?pid=681506&fmt=gif
302 Found 0 B URL HTTP/2 dc.ads.linkedin.com/collect/?pid=681506&fmt=gif
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect/?pid=681506&fmt=gif HTTP/1.1
Host: dc.ads.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fpid%3D681506%26fmt%3Dgif%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQJtQVRiKF6lnwAAAYL_xIlTCxyY4nfGLEsQ7_J6BUYI6IVsm19wAGZDg1Ib58MyGiWinhz9Sjixkw; Max-Age=2592000; Expires=Sun, 02 Oct 2022 19:54:06 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQLpS9daQC2j3AAAAYL_xIlTK-pT47ERZsdbIHAjQsD_FtKZW8Ri3vjamW_R2nm5mEIaXYcg1PIpdDQcHv9YZQ; Max-Age=2592000; Expires=Sun, 02 Oct 2022 19:54:06 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&f935919f-8d17-4630-8844-f47ffb3e5dc7"; domain=.linkedin.com; Path=/; Secure; Expires=Sat, 02-Sep-2023 19:54:06 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2376:u=1:x=1:i=1662148446:t=1662234846:v=2:sig=AQE_d6zR5PDaf0QHF4SSC-IfHYIW6ain"; Expires=Sat, 03 Sep 2022 19:54:06 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXntxe4PDngpMe3/gBLrg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: A3335CCA0A994333A0D31ADBA405B14D Ref B: OSL30EDGE0211 Ref C: 2022-09-02T19:54:06Z
date: Fri, 02 Sep 2022 19:54:05 GMT
content-length: 0
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1013536406/?random=1662148444994&cv=9&fst=1662148444994&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa&tiba=Tampa%20Mortgage%20Lender%20%7C%20Stephan%20Burton%20%7C%20Regions&auid=839089433.1662148445&hn=www.google.com&async=1&rfmt=3&fmt=4
200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1013536406/?random=1662148444994&cv=9&fst=1662148444994&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa&tiba=Tampa%20Mortgage%20Lender%20%7C%20Stephan%20Burton%20%7C%20Regions&auid=839089433.1662148445&hn=www.google.com&async=1&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (2446), with no line terminators
Hash 1f2aebc1a5bdf35459ce66aea19990cd
3854b525bf657a7ee38b16fb17e48a3efaaab2e5
6fbeec0ed6ad9f7dd6ce99ad5ad0606aa79b1b8bf67419427f15b53abe0b8ed7
GET /pagead/viewthroughconversion/1013536406/?random=1662148444994&cv=9&fst=1662148444994&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa&tiba=Tampa%20Mortgage%20Lender%20%7C%20Stephan%20Burton%20%7C%20Regions&auid=839089433.1662148445&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 02 Sep 2022 19:54:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1091
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 02-Sep-2022 20:09:06 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/959581806/?random=1662148445005&cv=9&fst=1662148445005&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa&tiba=Tampa%20Mortgage%20Lender%20%7C%20Stephan%20Burton%20%7C%20Regions&auid=839089433.1662148445&hn=www.google.com&async=1&rfmt=3&fmt=4
200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/959581806/?random=1662148445005&cv=9&fst=1662148445005&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa&tiba=Tampa%20Mortgage%20Lender%20%7C%20Stephan%20Burton%20%7C%20Regions&auid=839089433.1662148445&hn=www.google.com&async=1&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (2444), with no line terminators
Hash 9f1105e7e61e0ea33ebd61c41a0ea2e3
45d6420ca4f6c9c6f5aa6790b67953cd447f27bc
0c446f40851e012c21b2fdc4e75c363482939a06d90ec81f7b7822d6a3981318
GET /pagead/viewthroughconversion/959581806/?random=1662148445005&cv=9&fst=1662148445005&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa&tiba=Tampa%20Mortgage%20Lender%20%7C%20Stephan%20Burton%20%7C%20Regions&auid=839089433.1662148445&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 02 Sep 2022 19:54:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1089
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 02-Sep-2022 20:09:06 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1013536406/?random=1662148444996&cv=9&fst=1662148444996&num=1&fmt=3&label=F0kQCIWIgqYBEJatpeMD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa&tiba=Tampa%20Mortgage%20Lender%20%7C%20Stephan%20Burton%20%7C%20Regions&auid=839089433.1662148445>m_ee=1&hn=www.google.com&gcp=1&ct_cookie_present=1&async=1
200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1013536406/?random=1662148444996&cv=9&fst=1662148444996&num=1&fmt=3&label=F0kQCIWIgqYBEJatpeMD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa&tiba=Tampa%20Mortgage%20Lender%20%7C%20Stephan%20Burton%20%7C%20Regions&auid=839089433.1662148445>m_ee=1&hn=www.google.com&gcp=1&ct_cookie_present=1&async=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/1013536406/?random=1662148444996&cv=9&fst=1662148444996&num=1&fmt=3&label=F0kQCIWIgqYBEJatpeMD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa&tiba=Tampa%20Mortgage%20Lender%20%7C%20Stephan%20Burton%20%7C%20Regions&auid=839089433.1662148445>m_ee=1&hn=www.google.com&gcp=1&ct_cookie_present=1&async=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 02 Sep 2022 19:54:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 02-Sep-2022 20:09:06 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&d_nsid=0&ts=1662148444692
200 OK 124 B URL HTTP/1.1 dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&d_nsid=0&ts=1662148444692
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 1f6783349ac4177ec3b3845fd520dca6
d84e7a43a8c8ff6f1a568ad6cb4162767f5b32b7
64bc30aa6a9d9e5396bb67c6af32c31f5ca6610641f0bdea10d759281df6adca
GET /id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&d_nsid=0&ts=1662148444692 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.regions.com
Content-Type: application/x-www-form-urlencoded
Referer: https://www.regions.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.regions.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v038-03e3bd466.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-Error: 172
X-TID: L8gdFAnPSEw=
Content-Length: 124
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 77dcbad667fa753223ab404f9e5efc2e
8aa7da6ed9b77d478e9205e41c8b6fe0a973ae70
0a59d091c042b60cb2193e33754db4e8c2fd7c8e4abd5150a72db06cdc661a94
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 19:54:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o1rxt&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0
200 OK 43 B URL HTTP/2 analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o1rxt&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?p_id=Twitter&p_user_id=0&txn_id=o1rxt&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 19:54:05 GMT
server: tsa_o
set-cookie: personalization_id="v1_XvLbpeLzDa8rDx3oPZmqkw=="; Max-Age=63072000; Expires=Sun, 01 Sep 2024 19:54:06 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
strict-transport-security: max-age=631138519
x-response-time: 104
x-connection-hash: 6af270607821a0bbd7962665b7c1dbe51c3ab802bc8e1ffbb6df34083728b1e5
X-Firefox-Spdy: h2
rules.quantcount.com/rules-p-AMy7w2y7nzRg3.js
200 OK 271 B URL HTTP/2 rules.quantcount.com/rules-p-AMy7w2y7nzRg3.js
IP
Hash c3aea86cfb633cfbbc5016b7c212fbc1
89934f12847b20c8d992007ab07494977f56ce84
b6d7b217464fd3d4447c18b0c1df4bb42e458c41841e9d2a5ab780f853943884
GET /rules-p-AMy7w2y7nzRg3.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 271
last-modified: Fri, 26 Aug 2022 12:05:44 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
date: Fri, 02 Sep 2022 19:52:23 GMT
cache-control: max-age=3600
etag: "c3aea86cfb633cfbbc5016b7c212fbc1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ba_mya-1Pq-ZBUbzcWCJTtjnVaztXRxndlYvTVai1WrbmPKdajbAjg==
age: 449
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 1a4f17bd63350fcbd827d3598f23afa1
6bd2b6656712c2ca057e2a22baebbf20b3cd3772
9303c40cbc559e8a5bdcde4a1bd32c41e1b9403fcee96b5581bf511499eedb3c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 19:54:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/p/action/21011282.js
204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/21011282.js
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/21011282.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=1B2D49C76D236B443A3E5BD46C746A0D; domain=.bing.com; expires=Wed, 27-Sep-2023 19:54:06 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A543FA639AB74C24AE67FFF0BC91846C Ref B: OSL30EDGE0319 Ref C: 2022-09-02T19:54:06Z
date: Fri, 02 Sep 2022 19:54:05 GMT
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/p/src=9100576;type=pv;cat=regio0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?167865720771.77264&~oref=https://www.regions.com/
200 OK 42 B URL HTTP/2 adservice.google.no/ddm/fls/p/src=9100576;type=pv;cat=regio0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?167865720771.77264&~oref=https://www.regions.com/
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ddm/fls/p/src=9100576;type=pv;cat=regio0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?167865720771.77264&~oref=https://www.regions.com/ HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.regions.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 02 Sep 2022 19:54:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/959581806/?random=1662148445005&cv=9&fst=1662145200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa&tiba=Tampa%20Mortgage%20Lender%20%7C%20Stephan%20Burton%20%7C%20Regions&async=1&fmt=3&is_vtc=1&random=1235723109&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/959581806/?random=1662148445005&cv=9&fst=1662145200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa&tiba=Tampa%20Mortgage%20Lender%20%7C%20Stephan%20Burton%20%7C%20Regions&async=1&fmt=3&is_vtc=1&random=1235723109&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/959581806/?random=1662148445005&cv=9&fst=1662145200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa&tiba=Tampa%20Mortgage%20Lender%20%7C%20Stephan%20Burton%20%7C%20Regions&async=1&fmt=3&is_vtc=1&random=1235723109&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 02 Sep 2022 19:54:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1013536406/?random=1662148444994&cv=9&fst=1662145200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa&tiba=Tampa%20Mortgage%20Lender%20%7C%20Stephan%20Burton%20%7C%20Regions&async=1&fmt=3&is_vtc=1&random=2734359830&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1013536406/?random=1662148444994&cv=9&fst=1662145200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa&tiba=Tampa%20Mortgage%20Lender%20%7C%20Stephan%20Burton%20%7C%20Regions&async=1&fmt=3&is_vtc=1&random=2734359830&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1013536406/?random=1662148444994&cv=9&fst=1662145200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa&tiba=Tampa%20Mortgage%20Lender%20%7C%20Stephan%20Burton%20%7C%20Regions&async=1&fmt=3&is_vtc=1&random=2734359830&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 02 Sep 2022 19:54:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pxl.qccerttest.com/pixel?r=564882380;fpan=1;fpa=P0-194351685-1662148445138;pbc=;ns=0;ce=1;qjs=1;qv=087c24cc-20220902090643;ref=;cm=;gdpr=0;d=regions.com;dst=0;et=1662148445138;tzo=0;url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa;ogl=locale.en_US%2Csite_name.RegionsBank%2Ctype.article%2CTitle.Tampa%20Mortgage%20Lender%20%7C%20Stephan%20Burton%20%7C%20Regions%2Cdescription.Looking%20for%20a%20mortgage%20lender%20in%20Tampa%3F%20Stephan%20Burton%20at%20Regions%20Bank%20can%20assis%2Curl.http%3A%2F%2Fwww%252Eregions%252Ecom%2Flocator%2Fmlo%2Fmortgage-loan-officer-Stephan-Burton-Tampa%2Cimage.http%3A%2F%2Fwww%252Eregions%252Ecom%2F-%2Fmedia%2FImages%2FWebSiteImages%2Fregions-logo%252Epng%3Frevision%3D0a
200 OK 35 B URL HTTP/2 pxl.qccerttest.com/pixel?r=564882380;fpan=1;fpa=P0-194351685-1662148445138;pbc=;ns=0;ce=1;qjs=1;qv=087c24cc-20220902090643;ref=;cm=;gdpr=0;d=regions.com;dst=0;et=1662148445138;tzo=0;url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa;ogl=locale.en_US%2Csite_name.RegionsBank%2Ctype.article%2CTitle.Tampa%20Mortgage%20Lender%20%7C%20Stephan%20Burton%20%7C%20Regions%2Cdescription.Looking%20for%20a%20mortgage%20lender%20in%20Tampa%3F%20Stephan%20Burton%20at%20Regions%20Bank%20can%20assis%2Curl.http%3A%2F%2Fwww%252Eregions%252Ecom%2Flocator%2Fmlo%2Fmortgage-loan-officer-Stephan-Burton-Tampa%2Cimage.http%3A%2F%2Fwww%252Eregions%252Ecom%2F-%2Fmedia%2FImages%2FWebSiteImages%2Fregions-logo%252Epng%3Frevision%3D0a
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
GET /pixel?r=564882380;fpan=1;fpa=P0-194351685-1662148445138;pbc=;ns=0;ce=1;qjs=1;qv=087c24cc-20220902090643;ref=;cm=;gdpr=0;d=regions.com;dst=0;et=1662148445138;tzo=0;url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa;ogl=locale.en_US%2Csite_name.RegionsBank%2Ctype.article%2CTitle.Tampa%20Mortgage%20Lender%20%7C%20Stephan%20Burton%20%7C%20Regions%2Cdescription.Looking%20for%20a%20mortgage%20lender%20in%20Tampa%3F%20Stephan%20Burton%20at%20Regions%20Bank%20can%20assis%2Curl.http%3A%2F%2Fwww%252Eregions%252Ecom%2Flocator%2Fmlo%2Fmortgage-loan-officer-Stephan-Burton-Tampa%2Cimage.http%3A%2F%2Fwww%252Eregions%252Ecom%2F-%2Fmedia%2FImages%2FWebSiteImages%2Fregions-logo%252Epng%3Frevision%3D0a HTTP/1.1
Host: pxl.qccerttest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 35
last-modified: Thu, 04 Aug 2022 16:01:04 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Fri, 02 Sep 2022 05:55:33 GMT
etag: "55d25e9dc950d5db4d53a3b195c046c6"
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: RJneHuZ4Oo0C6_zyXDlTPDZieGnPc5ZWi4QYQ-aE3ucOIZrkkLz44Q==
age: 50314
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
www.google.no/pagead/1p-conversion/1013536406/?random=1662148444996&cv=9&fst=1662148444996&num=1&label=F0kQCIWIgqYBEJatpeMD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa&tiba=Tampa%20Mortgage%20Lender%20%7C%20Stephan%20Burton%20%7C%20Regions&auid=839089433.1662148445>m_ee=1&hn=www.google.com&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0
200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/1013536406/?random=1662148444996&cv=9&fst=1662148444996&num=1&label=F0kQCIWIgqYBEJatpeMD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa&tiba=Tampa%20Mortgage%20Lender%20%7C%20Stephan%20Burton%20%7C%20Regions&auid=839089433.1662148445>m_ee=1&hn=www.google.com&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/1013536406/?random=1662148444996&cv=9&fst=1662148444996&num=1&label=F0kQCIWIgqYBEJatpeMD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa&tiba=Tampa%20Mortgage%20Lender%20%7C%20Stephan%20Burton%20%7C%20Regions&auid=839089433.1662148445>m_ee=1&hn=www.google.com&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.regions.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 02 Sep 2022 19:54:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/signals/config/499108531775714?v=2.9.79&r=stable
200 OK 86 kB URL HTTP/2 connect.facebook.net/signals/config/499108531775714?v=2.9.79&r=stable
IP
Hash b9b13392a61087c5fe5444b13aeaf4ca
ccf46301f2a539f41511783f300a02132945e925
22b1230105921bcf46514efbf2bc8f885e412a67b65cb4bf06f654d974fa663c
GET /signals/config/499108531775714?v=2.9.79&r=stable HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: tqAdc+lvo4yQ4OlPPztGb0PuF51WM+rCIXq/+dqTN/0TFhzIzO2GyaUNcm1PxaersWg6schsOHWdRn6qfVh5ww==
priority: u=3,i
x-fb-trip-id: 1904183273
date: Fri, 02 Sep 2022 19:54:06 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pixel.quantserve.com/pixel;r=262651537;labels=_fp.event.PageView;rf=0;a=p-AMy7w2y7nzRg3;url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa;uht=2;fpan=0;fpa=P0-194351685-1662148445138;pbc=;ns=0;ce=1;qjs=1;qv=087c24cc-20220902090643;cm=;gdpr=0;ref=;d=regions.com;dst=0;et=1662148445141;tzo=0;ogl=locale.en_US%2Csite_name.RegionsBank%2Ctype.article%2CTitle.Tampa%20Mortgage%20Lender%20%7C%20Stephan%20Burton%20%7C%20Regions%2Cdescription.Looking%20for%20a%20mortgage%20lender%20in%20Tampa%3F%20Stephan%20Burton%20at%20Regions%20Bank%20can%20assis%2Curl.http%3A%2F%2Fwww%252Eregions%252Ecom%2Flocator%2Fmlo%2Fmortgage-loan-officer-Stephan-Burton-Tampa%2Cimage.http%3A%2F%2Fwww%252Eregions%252Ecom%2F-%2Fmedia%2FImages%2FWebSiteImages%2Fregions-logo%252Epng%3Frevision%3D0a;ses=85b5c046-a099-44d0-ab99-ff1872ed2b18
200 OK 35 B URL HTTP/2 pixel.quantserve.com/pixel;r=262651537;labels=_fp.event.PageView;rf=0;a=p-AMy7w2y7nzRg3;url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa;uht=2;fpan=0;fpa=P0-194351685-1662148445138;pbc=;ns=0;ce=1;qjs=1;qv=087c24cc-20220902090643;cm=;gdpr=0;ref=;d=regions.com;dst=0;et=1662148445141;tzo=0;ogl=locale.en_US%2Csite_name.RegionsBank%2Ctype.article%2CTitle.Tampa%20Mortgage%20Lender%20%7C%20Stephan%20Burton%20%7C%20Regions%2Cdescription.Looking%20for%20a%20mortgage%20lender%20in%20Tampa%3F%20Stephan%20Burton%20at%20Regions%20Bank%20can%20assis%2Curl.http%3A%2F%2Fwww%252Eregions%252Ecom%2Flocator%2Fmlo%2Fmortgage-loan-officer-Stephan-Burton-Tampa%2Cimage.http%3A%2F%2Fwww%252Eregions%252Ecom%2F-%2Fmedia%2FImages%2FWebSiteImages%2Fregions-logo%252Epng%3Frevision%3D0a;ses=85b5c046-a099-44d0-ab99-ff1872ed2b18
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
GET /pixel;r=262651537;labels=_fp.event.PageView;rf=0;a=p-AMy7w2y7nzRg3;url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa;uht=2;fpan=0;fpa=P0-194351685-1662148445138;pbc=;ns=0;ce=1;qjs=1;qv=087c24cc-20220902090643;cm=;gdpr=0;ref=;d=regions.com;dst=0;et=1662148445141;tzo=0;ogl=locale.en_US%2Csite_name.RegionsBank%2Ctype.article%2CTitle.Tampa%20Mortgage%20Lender%20%7C%20Stephan%20Burton%20%7C%20Regions%2Cdescription.Looking%20for%20a%20mortgage%20lender%20in%20Tampa%3F%20Stephan%20Burton%20at%20Regions%20Bank%20can%20assis%2Curl.http%3A%2F%2Fwww%252Eregions%252Ecom%2Flocator%2Fmlo%2Fmortgage-loan-officer-Stephan-Burton-Tampa%2Cimage.http%3A%2F%2Fwww%252Eregions%252Ecom%2F-%2Fmedia%2FImages%2FWebSiteImages%2Fregions-logo%252Epng%3Frevision%3D0a;ses=85b5c046-a099-44d0-ab99-ff1872ed2b18 HTTP/1.1
Host: pixel.quantserve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 19:54:06 GMT
content-type: image/gif
content-length: 35
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: mc=63125f5e-bbe57-66585-6fb67; expires=Tue, 03-Oct-2023 19:54:06 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 1a4f17bd63350fcbd827d3598f23afa1
6bd2b6656712c2ca057e2a22baebbf20b3cd3772
9303c40cbc559e8a5bdcde4a1bd32c41e1b9403fcee96b5581bf511499eedb3c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 19:54:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 1a4f17bd63350fcbd827d3598f23afa1
6bd2b6656712c2ca057e2a22baebbf20b3cd3772
9303c40cbc559e8a5bdcde4a1bd32c41e1b9403fcee96b5581bf511499eedb3c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 19:54:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 24ceb74ce80164f8942116d3abafd170
11170e76e2ef2a6e711c4c59d775dfe92f1009b2
e926e073d4d8923d40930b3f4d1772182c02189a50e9ecf11b39e6d31ebefc41
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 02 Sep 2022 19:54:06 GMT
Last-Modified: Fri, 02 Sep 2022 19:31:33 GMT
Server: ECS (nyb/1D10)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: mBknxBDbj9SkALjFvGYZVi8-NZc9Tp6lFZgrOBrC0kBTMaQLPNxVng==
Age: 1353
ocsp.sectigo.com/
200 OK 471 B IP
Hash a754c10a371d8507bfdb82f233cb6067
58fe6818cd4064f462d6ad5857437d1dcf0cebd8
0e5484e52680ac6e2e576ad45b3a2244169c24c9beb5b8584d4ea77e21634aa7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 19:54:06 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 31 Aug 2022 02:15:45 GMT
Expires: Wed, 07 Sep 2022 02:15:44 GMT
Etag: "58fe6818cd4064f462d6ad5857437d1dcf0cebd8"
Cache-Control: max-age=367897,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7448cbafaa20fabc-OSL
20839218p.rfihub.com/ca.html?ver=9&rb=46121&ca=20839218&cust1=https%3A%2F%2Fwww.regions.com%2F&pe=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa&pf=&ra=6114122876940605
200 OK 2.7 kB URL HTTP/1.1 20839218p.rfihub.com/ca.html?ver=9&rb=46121&ca=20839218&cust1=https%3A%2F%2Fwww.regions.com%2F&pe=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa&pf=&ra=6114122876940605
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (2669), with no line terminators
Hash cef27ead42efe96b96e0b6c6c69a3e32
47dbe5cf18412de8a6f2beed60de59945d32ef23
c151a0f53d4c2bbd1c6a1c5d3986bc92863b8e51d27b6d4df06bb70a11efd738
GET /ca.html?ver=9&rb=46121&ca=20839218&cust1=https%3A%2F%2Fwww.regions.com%2F&pe=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa&pf=&ra=6114122876940605 HTTP/1.1
Host: 20839218p.rfihub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 19:54:06 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: ruds=H4sIAAAAAAAA_-MSNjU0MTI2NjM3tDQ3MTUzNLEwNxXiM9RN9HOzjMgKTLXISQsBAKAJxD4lAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
rud=H4sIAAAAAAAA_-MSNjU0MTI2NjM3tDQ3MTUzNLEwNxXiM9RN9HOzjMgKTLXISQsBAKAJxD4lAAAA; Path=/; Domain=.rfihub.com; Expires=Wed, 27 Sep 2023 19:54:06 GMT; Secure; SameSite=None
eud=H4sIAAAAAAAA_5vFyGtoZmZkaGJhYmJmYWGxCo1_Co3_Co3_C40_iQmVPwuNvwiNvwqNvwmNvwtdPQsq_xYafxMrmn5uNPei8RcJo_IfofEB5EXUKCABAAA; Path=/; Domain=.rfihub.com; Expires=Wed, 27 Sep 2023 19:54:06 GMT; Secure; SameSite=None
Cache-Control: no-cache
Content-Type: text/html;charset=utf-8
Content-Length: 2669
Server: Jetty(9.3.29.v20201019)
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fpid%3D681506%26fmt%3Dgif%26liSync%3Dtrue
302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fpid%3D681506%26fmt%3Dgif%26liSync%3Dtrue
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fpid%3D681506%26fmt%3Dgif%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.regions.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?pid=681506&fmt=gif&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&25b6cfd6-54b2-4c7d-81f5-f29392983fae"; Domain=.linkedin.com; Expires=Sat, 02-Sep-2023 19:54:06 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&20220902195406501d3606-4bac-495f-87f2-70037ef521fcAQEu2w4eosAx0n3QzcGnKaAPSZ5hLo8I"; Domain=.www.linkedin.com; Expires=Sat, 02-Sep-2023 19:54:06 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NjIxNDg0NDY7MjswMjHnIccFCn1PRPgOO3k5z7aSPmxpI8r//eXusaUluvqM3g==; Domain=.linkedin.com; Expires=Wed, 01 Mar 2023 19:54:06 GMT; Path=/; Secure; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2376:u=1:x=1:i=1662148446:t=1662234846:v=2:sig=AQE_d6zR5PDaf0QHF4SSC-IfHYIW6ain"; Expires=Sat, 03 Sep 2022 19:54:06 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com https://*.qualtrics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-source-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXntxe7ilJonMngAU3jqg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 114D4F30B887410FBDC817CF89382DE6 Ref B: OSL30EDGE0211 Ref C: 2022-09-02T19:54:06Z
date: Fri, 02 Sep 2022 19:54:06 GMT
content-length: 0
X-Firefox-Spdy: h2
people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e30sImV4dGVybmFsX2lkcyI6eyJ6eW5jIjoiZjk1ODdmZDQtOGE5Mi00ODVhLWI1ZmQtNDRiNzEwZjg1Nzc0OjE2NjIxNDg0NDYuMjc1MjQ5In19&site_id=regions-bank
200 OK 146 B URL HTTP/1.1 people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e30sImV4dGVybmFsX2lkcyI6eyJ6eW5jIjoiZjk1ODdmZDQtOGE5Mi00ODVhLWI1ZmQtNDRiNzEwZjg1Nzc0OjE2NjIxNDg0NDYuMjc1MjQ5In19&site_id=regions-bank
IP
File type JSON data\012- , ASCII text
Hash 6be1267a4eae94761135977fc3325856
c18b2962b51c67b57b8a5fc627f972d636ee5aac
87844853b98af020fed46540141729247fa8bc83bc54adf260dd30b4ad4d1025
GET /identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e30sImV4dGVybmFsX2lkcyI6eyJ6eW5jIjoiZjk1ODdmZDQtOGE5Mi00ODVhLWI1ZmQtNDRiNzEwZjg1Nzc0OjE2NjIxNDg0NDYuMjc1MjQ5In19&site_id=regions-bank HTTP/1.1
Host: people.api.boomtrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.regions.com
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Authorization,x-app-id
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Origin: *
Content-Type: application/json
Date: Fri, 02 Sep 2022 19:54:06 GMT
Server: nginx
Content-Length: 146
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 08b16bbd1884a2e45b720b89a51d8f40
0c8c3afda3b7047e58dea98c3d40902cc9fb3cfc
a80a908eb94119ed66c637172a90d9d2d947091d6783cd3d2ae21800ea8b1ff2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 19:54:06 GMT
Server: ECS (amb/6B79)
Content-Length: 471
smetrics.regions.com/id?d_visid_ver=4.4.0&d_fieldgroup=MC&mcorgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&ts=1662148445165
200 OK 48 B URL HTTP/2 smetrics.regions.com/id?d_visid_ver=4.4.0&d_fieldgroup=MC&mcorgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&ts=1662148445165
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash ac26a1f8c65369be5814cab153a32474
14cf83d4e215d14d08fac5abfd32639298fbe8f4
814cee5c9689de3746c0726b8ae1b97cfea28580bef7fcb240de5668077c73eb
GET /id?d_visid_ver=4.4.0&d_fieldgroup=MC&mcorgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&ts=1662148445165 HTTP/1.1
Host: smetrics.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://www.regions.com
Connection: keep-alive
Referer: https://www.regions.com/
Cookie: _uetsid=ff9459802af811edac839733d4e15efa; _uetvid=ff9482702af811eda593055893d58bf2; _gcl_au=1.1.839089433.1662148445; btIdentify=4bea80e1-768b-4126-f607-10d4e8f13333; _bti=%7B%22bsin%22%3A%22%22%7D; _bts=a1bc569b-4589-4e8b-816e-cdd1f2691461; _fbp=fb.1.1662148445129.1198537247
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
access-control-allow-origin: https://www.regions.com
access-control-allow-credentials: true
date: Fri, 02 Sep 2022 19:54:07 GMT
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: AMCV_DB9639725BD2FC5B0A495C65%40AdobeOrg=0%7CMCMID%7C21669282610405894492732134064116125134; Path=/; Domain=regions.com; Max-Age=63072000; Expires=Sun, 01 Sep 2024 19:54:54 GMT;
s_ecid=MCMID%7C21669282610405894492732134064116125134; Path=/; Domain=regions.com; Max-Age=63072000; Expires=Sun, 01 Sep 2024 19:54:54 GMT; SameSite=Lax;
vary: Origin
content-type: application/x-javascript;charset=utf-8
content-length: 48
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&d_nsid=0&d_mid=21669282610405894492732134064116125134&ts=1662148445463
200 OK 1.3 kB URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&d_nsid=0&d_mid=21669282610405894492732134064116125134&ts=1662148445463
IP
File type JSON data\012- , ASCII text, with very long lines (3731), with no line terminators
Hash 6be64d85ace8bc7bd3ac0998467a6371
c4773787aab8fdc41a48a7888c6075a4c4e54c9e
2f713e58fa6647dc8ec5e6dd3453e6c8bcdacf4b487440637fd6eec2f164ee4a
GET /id?d_visid_ver=4.4.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&d_nsid=0&d_mid=21669282610405894492732134064116125134&ts=1662148445463 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://www.regions.com
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.regions.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v038-0fb401301.edge-irl1.demdex.com 3 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=15942147512028720363307838331480706467; Max-Age=15552000; Expires=Wed, 01 Mar 2023 19:54:07 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: iy7ceVjASaw=
Content-Length: 1271
Connection: keep-alive
smetrics.regions.com/b/ss/regionsbankprod/10/JS-2.22.3/s27798269485193?AQB=1&ndh=1&pf=1&callback=s_c_il[0].doPostbacks&et=1&t=2%2F8%2F2022%2019%3A54%3A5%205%200&d.&nsid=0&jsonv=1&.d&mid=21669282610405894492732134064116125134&aamlh=6&ce=UTF-8&ns=regions&cdp=2&pageName=rdc%7Clocator%7Cmortgage%20loan%20officer%20stephan%20burton%20tampa&g=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa&c.&apl=4.0&getPreviousValue=3.0&getPercentPageViewed=5.0&manageVars=3.0&.c&cc=USD&ch=locator&server=www.regions.com&events=event1&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&c1=D%3Dv1&v1=rdc&h1=D%3Dv1&c2=D%3Dv2&v2=mlo&h2=D%3Dch&c3=D%3DpageName&v3=D%3DpageName&h3=mortgage%20loan%20officer%20stephan%20burton%20tampa&c4=D%3Dg&v4=D%3Dg&c6=D%3Dv6&v6=en&c7=D%3Dv7&v7=desktop%20layout%7C1280x939&c8=D%3Dv8&c9=D%3Dv9&v9=%7C&v10=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa&v12=D%3Dmid&v18=anonymous&c19=D%3DpageName&c23=D%3Dv10&v68=22.3.2%7C2.22.3%7C4.4.0%7C20220801&c75=D%3Dv68&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&AQE=1
200 OK 3.7 kB URL HTTP/2 smetrics.regions.com/b/ss/regionsbankprod/10/JS-2.22.3/s27798269485193?AQB=1&ndh=1&pf=1&callback=s_c_il[0].doPostbacks&et=1&t=2%2F8%2F2022%2019%3A54%3A5%205%200&d.&nsid=0&jsonv=1&.d&mid=21669282610405894492732134064116125134&aamlh=6&ce=UTF-8&ns=regions&cdp=2&pageName=rdc%7Clocator%7Cmortgage%20loan%20officer%20stephan%20burton%20tampa&g=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa&c.&apl=4.0&getPreviousValue=3.0&getPercentPageViewed=5.0&manageVars=3.0&.c&cc=USD&ch=locator&server=www.regions.com&events=event1&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&c1=D%3Dv1&v1=rdc&h1=D%3Dv1&c2=D%3Dv2&v2=mlo&h2=D%3Dch&c3=D%3DpageName&v3=D%3DpageName&h3=mortgage%20loan%20officer%20stephan%20burton%20tampa&c4=D%3Dg&v4=D%3Dg&c6=D%3Dv6&v6=en&c7=D%3Dv7&v7=desktop%20layout%7C1280x939&c8=D%3Dv8&c9=D%3Dv9&v9=%7C&v10=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa&v12=D%3Dmid&v18=anonymous&c19=D%3DpageName&c23=D%3Dv10&v68=22.3.2%7C2.22.3%7C4.4.0%7C20220801&c75=D%3Dv68&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&AQE=1
IP
File type ASCII text, with very long lines (3687)
Hash 1c09ee31302736aaa4fb7eb26857f3cb
0c17aaf36b79599bd75ddeefdfbd838c755095b2
57d9e83954b43e093809072f6368c1b9f16d8fbe14439f9a7f704ea2593129fa
GET /b/ss/regionsbankprod/10/JS-2.22.3/s27798269485193?AQB=1&ndh=1&pf=1&callback=s_c_il[0].doPostbacks&et=1&t=2%2F8%2F2022%2019%3A54%3A5%205%200&d.&nsid=0&jsonv=1&.d&mid=21669282610405894492732134064116125134&aamlh=6&ce=UTF-8&ns=regions&cdp=2&pageName=rdc%7Clocator%7Cmortgage%20loan%20officer%20stephan%20burton%20tampa&g=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa&c.&apl=4.0&getPreviousValue=3.0&getPercentPageViewed=5.0&manageVars=3.0&.c&cc=USD&ch=locator&server=www.regions.com&events=event1&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&c1=D%3Dv1&v1=rdc&h1=D%3Dv1&c2=D%3Dv2&v2=mlo&h2=D%3Dch&c3=D%3DpageName&v3=D%3DpageName&h3=mortgage%20loan%20officer%20stephan%20burton%20tampa&c4=D%3Dg&v4=D%3Dg&c6=D%3Dv6&v6=en&c7=D%3Dv7&v7=desktop%20layout%7C1280x939&c8=D%3Dv8&c9=D%3Dv9&v9=%7C&v10=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa&v12=D%3Dmid&v18=anonymous&c19=D%3DpageName&c23=D%3Dv10&v68=22.3.2%7C2.22.3%7C4.4.0%7C20220801&c75=D%3Dv68&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&AQE=1 HTTP/1.1
Host: smetrics.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Cookie: _uetsid=ff9459802af811edac839733d4e15efa; _uetvid=ff9482702af811eda593055893d58bf2; _gcl_au=1.1.839089433.1662148445; btIdentify=4bea80e1-768b-4126-f607-10d4e8f13333; _bti=%7B%22app_id%22%3A%22regions-bank%22%2C%22bsin%22%3A%225lF7UNlEkYXmOw7AzjHVXDavjLXzJeAP0XYcIZCKm5c3gtl9YdfwWkUVbiYyABH0knee3GbPq%2FwUerqlj6pxpA%3D%3D%22%2C%22is_identified%22%3Afalse%7D; _bts=a1bc569b-4589-4e8b-816e-cdd1f2691461; _fbp=fb.1.1662148445129.1198537247; __qca=P0-194351685-1662148445138; AMCV_DB9639725BD2FC5B0A495C65%40AdobeOrg=1585540135%7CMCMID%7C21669282610405894492732134064116125134%7CMCAID%7CNONE%7CMCOPTOUT-1662155645s%7CNONE%7CMCAAMLH-1662753245%7C6%7CMCAAMB-1662753245%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C4.4.0; s_ecid=MCMID%7C21669282610405894492732134064116125134; AMCVS_DB9639725BD2FC5B0A495C65%40AdobeOrg=1; s_lang=en; gpv_pn=rdc%7Clocator%7Cmortgage%20loan%20officer%20stephan%20burton%20tampa; s_ips=939; s_tp=2615; s_ppv=rdc%257Clocator%257Cmortgage%2520loan%2520officer%2520stephan%2520burton%2520tampa%2C36%2C36%2C939%2C1%2C2; s_cc=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
date: Fri, 02 Sep 2022 19:54:07 GMT
expires: Thu, 01 Sep 2022 19:54:07 GMT
last-modified: Sat, 03 Sep 2022 19:54:07 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_ecid=MCMID%7C21669282610405894492732134064116125134; Path=/; Domain=regions.com; Max-Age=63072000; Expires=Sun, 01 Sep 2024 19:54:54 GMT;
etag: 3569436610656436224-4619439666827631550
vary: *
dcs: dcs-prod-irl1-1-v038-0c27a7d4b.edge-irl1.demdex.com 6 ms
x-aam-tid: MPXtDoOkTVE=
content-type: application/x-javascript;charset=utf-8
content-length: 3688
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
dpm.demdex.net/ibs:dpid=1121&dpuuid=5142336719745614875&redir=
302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=1121&dpuuid=5142336719745614875&redir=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=1121&dpuuid=5142336719745614875&redir= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v038-043538ae8.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5142336719745614875&redir=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=06355729119560523373308154758257630991; Max-Age=15552000; Expires=Wed, 01 Mar 2023 19:54:07 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: qO3YkWXHRMo=
Content-Length: 0
Connection: keep-alive
px.ads.linkedin.com/collect?pid=681506&fmt=gif&liSync=true
200 OK 65 B URL HTTP/2 px.ads.linkedin.com/collect?pid=681506&fmt=gif&liSync=true
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 8b0d5b18476ae12e2476f3621d54c4a5
2ad669e9d207fbb37e84dda25766dbaeb66d792c
2d7244b6960d26ae56f048f162f02949ca7858be19d9349ec82906e56dfa3cfe
GET /collect?pid=681506&fmt=gif&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.regions.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 65
content-type: image/gif
content-encoding: gzip
vary: Accept-Encoding
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&17c0ca99-d13e-4d92-8225-5c39009c1cc7"; domain=.linkedin.com; Path=/; Secure; Expires=Sat, 02-Sep-2023 19:54:07 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2376:u=1:x=1:i=1662148447:t=1662234847:v=2:sig=AQHA_-28f-zaNIrwZzSbp8A0LW3KVeX4"; Expires=Sat, 03 Sep 2022 19:54:07 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-source-fabric: prod-lor1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXntxe/zbrY86dNqrHc+w==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 27EA41E77324412C8FD5A3AFF6F7E1AF Ref B: OSL30EDGE0211 Ref C: 2022-09-02T19:54:06Z
date: Fri, 02 Sep 2022 19:54:06 GMT
X-Firefox-Spdy: h2
contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5142336719745614875
200 OK 45 B URL HTTP/2 contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5142336719745614875
IP
File type GIF image data, version 87a, 1 x 1\012- data
Hash 99cceceaed4d575484b69ddaf9ed66a7
1e3a3b15296b585833a22d987a387aa58aa1642d
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
GET /cksync.php?cs=3&type=rkt&ovsid=5142336719745614875 HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
content-length: 45
content-type: image/gif
set-cookie: visitor-id=3051500473580202000V10; Expires=Sat, 02 Sep 2023 19:54:07 GMT; domain=.media.net; Path=/;
data-rk=5142336719745614875~~3;Expires=Fri, 01 Sep 2023 19:54:07 GMT;path=/;domain=.media.net;
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E
expires: Fri, 02 Sep 2022 19:54:07 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 02 Sep 2022 19:54:07 GMT
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 7c77333f3e61f2077e54ae0a2da49773
eb2bcd376ffc74194c223d035216e612324b044f
b1268fe0ec8df1269e8f14ff5d08888e9d60863b40881cf10e9f5080879f4781
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 02 Sep 2022 19:54:07 GMT
Last-Modified: Fri, 02 Sep 2022 18:16:44 GMT
Server: ECS (nyb/1D27)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: lKzVolC_NLGu4zNxD3XInEB1KuFIAJF1mHOKEVsKK0a2rSLs9hmuYw==
Age: 5843
live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5142336719745614875&referrer=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa
302 Found 657 B URL HTTP/2 live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5142336719745614875&referrer=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (571)
Hash 6cfb49f407eff6aea2609eb6e1b11e9b
5bafc0016b6bbdc7815404fc25e70d31690871c8
d6145102908f1dd4f71f2a9d73ee235970dc843f9faefe78e17c1cb8d636d860
GET /pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5142336719745614875&referrer=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa HTTP/1.1
Host: live.rezync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Cookie: zync-uuid=f9587fd4-8a92-485a-b5fd-44b710f85774:1662148446.275249; sd-session-id=eyJfcGVybWFuZW50Ijp0cnVlLCJzZXNzaW9uX2lkIjoiZjk1ODdmZDQtOGE5Mi00ODVhLWI1ZmQtNDRiNzEwZjg1Nzc0OjE2NjIxNDg0NDYuMjc1MjQ5In0.YxJfXg.OPNMRkPFocyk8qokhrw2zv86YjA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=utf-8
content-length: 657
location: https://p.rfihub.com/cm?pub=39342&in=0&userid=f9587fd4-8a92-485a-b5fd-44b710f85774%3A1662148446.275249&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Df9587fd4-8a92-485a-b5fd-44b710f85774%253A1662148446.275249
date: Fri, 02 Sep 2022 19:54:07 GMT
set-cookie: zync-uuid=f9587fd4-8a92-485a-b5fd-44b710f85774:1662148446.275249; Domain=rezync.com; Expires=Wed, 01 Mar 2023 12:54:07 GMT; Path=/; SameSite=None; Secure
sd-session-id=.eJwNy0EOwiAQRuG7zLoYof8wwGUaKpAQLZpSNza9uyxf8r2Tlk_et9hyOygc-zdP9HjVUZ3CSb3-tvykQKxh5tmK9gK2Gk6Yrol67r2-21LTMMWzk5KgXPRGwXFUK5ekgFX0vTgWQdDWmrED9maEDTxdf4kSJTE.YxJfXw.TkeVDGnTwmJewYXnPyTtXRhR4L4; Expires=Wed, 01 Mar 2023 19:54:07 GMT; HttpOnly; Path=/; SameSite=None; Secure
vary: Cookie
server: lighttpd/1.4.59
x-cache: Miss from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: f6MODyJR8Ew8Ipg3gV3OTZpvIRSpQT3QDJUEiRrwn6yeOcNrypNeCg==
X-Firefox-Spdy: h2
dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5142336719745614875&forward=
302 Found 0 B URL HTTP/2 dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5142336719745614875&forward=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rum?cm_dsp_id=57&external_user_id=5142336719745614875&forward= HTTP/1.1
Host: dsum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 02 Sep 2022 19:54:07 GMT
content-length: 0
location: /rum?cm_dsp_id=57&external_user_id=5142336719745614875&forward=&C=1
cf-ray: 7448cbb2fda80b55-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMID=YxJfX86QU52IuQPgJbDtRwAA; Path=/; Domain=casalemedia.com; Expires=Sat, 02 Sep 2023 19:54:07 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=4521; Path=/; Domain=casalemedia.com; Expires=Thu, 01 Dec 2022 19:54:07 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=4521; Path=/; Domain=casalemedia.com; Expires=Thu, 01 Dec 2022 19:54:07 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8QV3umFPLpGR9rE9rvYmB9uWvjqaK9uRFYqvnRLMBFeqDYgcxhYnWtQOrP3UjfVgA8kilCezKKMfZQR0KUmvwjJjUEdkkONax%2BPajroVKlldrrpfMluOTTxWmxUGycYn2pGRi9rPtoWkeA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.cloudflare.com/cdn-cgi/trace
200 OK 596 B URL HTTP/2 www.cloudflare.com/cdn-cgi/trace
IP
Hash da498a522348a5c2600d177a1ae1cfe3
2ab3bdbd750dbc20f23c961af5071079b743b421
d7d39410a8d0ac4ed6994f2a53a77def29dec3bbe041868aef163588544abeed
GET /cdn-cgi/trace HTTP/1.1
Host: www.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.regions.com
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 19:54:07 GMT
content-type: text/plain
access-control-allow-origin: *
server: cloudflare
cf-ray: 7448cbb28acbb505-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
nexus.ensighten.com/regions/regions-prod/code/24da58b897a83ac8dd6122091a6386c7.js?conditionId0=365287
200 OK 541 B URL HTTP/2 nexus.ensighten.com/regions/regions-prod/code/24da58b897a83ac8dd6122091a6386c7.js?conditionId0=365287
IP
File type ASCII text, with very long lines (507)
Hash 847b9638b4880ca3b715acef3b29a07e
1923b21b4569e76b5ab7d3c80a55f795be61e8f9
488bc77410290240853ad2ab77e1d2115f8b846b38db6b913937ea5ba603424a
GET /regions/regions-prod/code/24da58b897a83ac8dd6122091a6386c7.js?conditionId0=365287 HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Wed, 03 Aug 2022 10:44:58 GMT
x-amz-replication-status: COMPLETED
last-modified: Thu, 29 Jul 2021 14:26:53 GMT
etag: W/"9ed4a4cfac4d3c7c1bfeb172d00660a5"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: BEVKDIy25SUFzQ.PZ9GYTiV2LlHnMgZ9
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RNOZNc3wk7cjsWzRiSnj_jqKX8Mv-z8mHwSv-Bi9o26uxlGRvMIz5Q==
age: 2624949
X-Firefox-Spdy: h2
regions.demdex.net/dest5.html?d_nsid=undefined
200 OK 2.8 kB URL HTTP/1.1 regions.demdex.net/dest5.html?d_nsid=undefined
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=undefined HTTP/1.1
Host: regions.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Fri, 2 Sep 2022 19:54:07 GMT
DCS: dcs-prod-irl1-2-v038-0972c09bf.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Wed, 3 Aug 2022 12:12:42 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: fQq3xjMSRZE=
Content-Length: 2791
Connection: keep-alive
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5142336719745614875&redir=
200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5142336719745614875&redir=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5142336719745614875&redir= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20839218p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-1-v038-0b87c8cf8.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: UtaMq9mySYk=
Content-Length: 59
Connection: keep-alive
p.rfihub.com/cm?pub=24472&in=1
302 Found 0 B URL HTTP/1.1 p.rfihub.com/cm?pub=24472&in=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm?pub=24472&in=1 HTTP/1.1
Host: p.rfihub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 302 Found
Date: Fri, 02 Sep 2022 19:54:07 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: eud=H4sIAAAAAAAA_7vFwmtoZmZkaGJhYmJuZG4JAMFVEtEQAAAA; Path=/; Domain=.rfihub.com; Expires=Wed, 27 Sep 2023 19:54:07 GMT; Secure; SameSite=None
rud=H4sIAAAAAAAA_-MSNjU0MTCwMLE0MjQ3tDQwNzK2NBTiM9R19nI2zKpMLXIr9QwAAJ0XFSElAAAA; Path=/; Domain=.rfihub.com; Expires=Wed, 27 Sep 2023 19:54:07 GMT; Secure; SameSite=None
ruds=H4sIAAAAAAAA_-MSNjU0MTCwMLE0MjQ3tDQwNzK2NBTiM9R19nI2zKpMLXIr9QwAAJ0XFSElAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Location: https://ps.eyeota.net/match?uid=5140084921719072391&bid=omt9pi0
Content-Length: 0
Server: Jetty(9.3.29.v20201019)
ocsp.digicert.com/
200 OK 471 B IP
Hash b6264afed096611659c501b0e3cfd1cf
fd7e7dde995f7f0263c551e0ee6176cb4445f5f7
fce69384b64fb7cb4f13da766bb467582fafc0e5fa9adbf36d9378556772a145
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5007
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 19:54:07 GMT
Last-Modified: Fri, 02 Sep 2022 18:30:40 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
status.geotrust.com/
200 OK 471 B IP
Hash 3d74cc59ac1d426fabf82c136911b54d
e42cdd4fcc9427d5881444f47fab50b2b7faee65
2ac463db0ade8d5335a3b2baf3a457f209f9ce86b3a8d0e632c3c5cf6409007e
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3545
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 19:54:07 GMT
Last-Modified: Fri, 02 Sep 2022 18:55:02 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
status.rapidssl.com/
200 OK 471 B IP
Hash 4a7789e46e5b2fb0ea721906bae851eb
9b7278516e854338c0072971bacbfd36b1ac03b7
21ed30f794fcf410a88a74e959c16937f42f84671f21d2ca685e1f37574e923d
POST / HTTP/1.1
Host: status.rapidssl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 847
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 19:54:07 GMT
Last-Modified: Fri, 02 Sep 2022 19:40:00 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5142336719745614875&
204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5142336719745614875&
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=13490&nid=2596&put=5142336719745614875& HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 54ab5e55007c9747024b4f039df5ce6b
Content-Type: image/gif
sync.search.spotxchange.com/partner?adv_id=7180&uid=5142336719745614875&img=1
302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?adv_id=7180&uid=5142336719745614875&img=1
IP
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?adv_id=7180&uid=5142336719745614875&img=1 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 02 Sep 2022 19:54:07 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=012c78fc-2af9-11ed-9f3d-10ffbde80206; expires=Fri, 30-Sep-2022 19:54:07 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?adv_id=7180&uid=5142336719745614875&img=1&__user_check__=1&sync_id=012c7960-2af9-11ed-9f3d-10ffbde80206
X-fe: 12
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
ocsp.digicert.com/
200 OK 471 B IP
Hash 3ffcbb50fa3da9175c8faa8527cfe57a
5dccfc33bd78d9d2a7a1809b1c429b0555e1f9d4
4c4e64eadf49e2c31572b0044bdb75b95cc7616bb1dd645d4be6ab97d9e14898
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6373
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 19:54:07 GMT
Last-Modified: Fri, 02 Sep 2022 18:07:55 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5142336719745614875
200 OK 43 B URL HTTP/2 aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5142336719745614875
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash db04c7b378cb2db912c3ba8a5a774ee3
dee34bd86c3484d31002182aa2b7caa4699126b8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
GET /adscores/g.pixel?sid=9212192898&rf=5142336719745614875 HTTP/1.1
Host: aa.agkn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 19:54:07 GMT
content-type: image/gif
content-length: 43
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
X-Firefox-Spdy: h2
bpi.rtactivate.com/tag/?id=11017&user_id=5142336719745614875
200 OK 43 B URL HTTP/2 bpi.rtactivate.com/tag/?id=11017&user_id=5142336719745614875
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /tag/?id=11017&user_id=5142336719745614875 HTTP/1.1
Host: bpi.rtactivate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: awselb/2.0
date: Fri, 02 Sep 2022 19:54:07 GMT
content-type: image/gif
content-length: 43
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 12574addc95abd5ba0a7fa999c247086
e475a59e04d0172a5ab60a8d84df17ab4e873075
9df83c0f4222df50763e506ee55b86f85d968758e291608a0732f79aa6d18aa2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 02 Sep 2022 19:54:07 GMT
Last-Modified: Fri, 02 Sep 2022 18:05:28 GMT
Server: ECS (nyb/1D1F)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 31gjlH7yi3KX3-b8J4KpkA7pi4YC9tmqARXsT-7vFDOHbZ7kP8ODtQ==
Age: 6519
p.rfihub.com/cm?pub=39342&in=0&userid=f9587fd4-8a92-485a-b5fd-44b710f85774%3A1662148446.275249&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Df9587fd4-8a92-485a-b5fd-44b710f85774%253A1662148446.275249
302 Found 0 B URL HTTP/1.1 p.rfihub.com/cm?pub=39342&in=0&userid=f9587fd4-8a92-485a-b5fd-44b710f85774%3A1662148446.275249&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Df9587fd4-8a92-485a-b5fd-44b710f85774%253A1662148446.275249
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm?pub=39342&in=0&userid=f9587fd4-8a92-485a-b5fd-44b710f85774%3A1662148446.275249&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Df9587fd4-8a92-485a-b5fd-44b710f85774%253A1662148446.275249 HTTP/1.1
Host: p.rfihub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20839218p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Fri, 02 Sep 2022 19:54:07 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rud=H4sIAAAAAAAA_-MSNjU0MDcxNrYwMjExNDO1sDQxMxPiM9T1TPI0MI-sDIwKyQkBAJ1djDglAAAA; Path=/; Domain=.rfihub.com; Expires=Wed, 27 Sep 2023 19:54:07 GMT; Secure; SameSite=None
ruds=H4sIAAAAAAAA_-MSNjU0MDcxNrYwMjExNDO1sDQxMxPiM9T1TPI0MI-sDIwKyQkBAJ1djDglAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
euds=H4sIAAAAAAAA_wXBwQ3AMAgDwE_XoSrIBtNtEkUM0sl79105TdUcmFaHQVy2OceAXf6MWIXXM8MhIO8oBvoH2oMntDkAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
eud=H4sIAAAAAAAA_z3IsQ2AMAwEwAmoMocRdt5-h20SRR6IkmnpuPKeFjU8WRuSc5ggfcry2gIs6lXpJG6NMEUCcRrdMN52_MdO-wAQqQQmSQAAAA; Path=/; Domain=.rfihub.com; Expires=Wed, 27 Sep 2023 19:54:07 GMT; Secure; SameSite=None
Location: https://idsync.rlcdn.com/501709.gif?partner_uid=f9587fd4-8a92-485a-b5fd-44b710f85774%3A1662148446.275249
Content-Length: 0
Server: Jetty(9.3.29.v20201019)
beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5142336719745614875
204 No Content 0 B URL HTTP/2 beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5142336719745614875
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatch.gif?partner_id=rfuel&partner_user_id=5142336719745614875 HTTP/1.1
Host: beacon.krxd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 02 Sep 2022 19:54:07 GMT
set-cookie: _kuid_=PDjYTKcm; Expires=Wed, 01-Mar-23 19:54:07 GMT; Max-Age=15552000; Domain=.krxd.net; Path=/
cache-control: private, no-cache, no-store
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by: beacon-n019-dub-prod.krxd.net
x-request-time: D=31 t=1662148447
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5142336719745614875
200 OK 43 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5142336719745614875
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fsetuid%3Fentity%3D18%26code%3D5142336719745614875 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20839218p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Fri, 02 Sep 2022 19:54:07 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: e86ddef9-838a-41df-83f9-4c3eec771a29
Set-Cookie: anj=dTM7k!M4/YErk#WF']wIg2GVVs#gv-!]tbPl1MNu::wpAk`W=ifSt1mlxJP+e:6$]e8>?2n?YLW4^@wn!_6-zQEVk`!)/38jh8`Q; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 01-Dec-2022 19:54:07 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
events.api.boomtrain.com/event/track
200 OK 2 B URL HTTP/2 events.api.boomtrain.com/event/track
IP
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /event/track HTTP/1.1
Host: events.api.boomtrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 555
Origin: https://www.regions.com
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 19:54:07 GMT
content-length: 2
server: nginx
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type, Authorization, x-app-id
access-control-allow-methods: GET, PUT, POST, DELETE
X-Firefox-Spdy: h2
x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5142336719745614875
200 OK 43 B URL HTTP/2 x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5142336719745614875
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /e/rocketfuel_sync?na_exid=5142336719745614875 HTTP/1.1
Host: x.dlx.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 43
expires: Fri, 02 Sep 2022 19:54:07 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 02 Sep 2022 19:54:07 GMT
strict-transport-security: max-age=2628000
X-Firefox-Spdy: h2
bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D
200 OK 0 B URL HTTP/2 bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D HTTP/1.1
Host: bs.serving-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 19:54:07 GMT
content-length: 0
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NOI DEVa OUR BUS UNI"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 591b2a184f9b07a64f0943ea8cbba8a1
9944706432bb1044d44bccc9bee96c8ee9b04dbb
4edfe10f04fce287e80cc25d346692eb888a154bd6b253321d16a2ae64294b7d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 19:54:07 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 31 Aug 2022 13:42:55 GMT
Expires: Wed, 07 Sep 2022 13:42:54 GMT
Etag: "9944706432bb1044d44bccc9bee96c8ee9b04dbb"
Cache-Control: max-age=409126,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7448cbb32ca6fabc-OSL
sync.search.spotxchange.com/partner?adv_id=7180&uid=5142336719745614875&img=1&__user_check__=1&sync_id=012c7960-2af9-11ed-9f3d-10ffbde80206
200 OK 43 B URL HTTP/1.1 sync.search.spotxchange.com/partner?adv_id=7180&uid=5142336719745614875&img=1&__user_check__=1&sync_id=012c7960-2af9-11ed-9f3d-10ffbde80206
IP
ASN #35220 SpotXchange, INC
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55fade2068e7503eae8d7ddf5eb6bd09
317496a096d6c86486a71d4521994bcd171a6bb3
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
GET /partner?adv_id=7180&uid=5142336719745614875&img=1&__user_check__=1&sync_id=012c7960-2af9-11ed-9f3d-10ffbde80206 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20839218p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Sep 2022 19:54:07 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Set-Cookie: audience=0138ca27-2af9-11ed-8bbb-14684a3a0206; expires=Fri, 30-Sep-2022 19:54:07 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 117
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 82a53f6ae16db91be71e3d752a573c39
0babd01ca86ddfa72769b36b1b23fc4b330fa138
a9efea10ab11aae7fefb7cf6ed05a05b00165ca67d7f548033a2c88e376892f7
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 02 Sep 2022 19:54:07 GMT
Last-Modified: Fri, 02 Sep 2022 18:48:55 GMT
Server: ECS (nyb/1D0C)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 9X0TpHCNWhC8cVOO9l4s0weAX9f31niM-pSDnHof70Xn--MBaj4x8Q==
Age: 3912
ocsp.usertrust.com/
200 OK 472 B IP
Hash 43eed4b9e109b78018b5fdd34ec44a29
840cffdd68a270662474ada3838d228400e294d9
85715cd8473bb7c4c5e229269955326c149bc91810d25b2db44a2c26e105102c
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 19:54:07 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 31 Aug 2022 09:01:06 GMT
Expires: Wed, 07 Sep 2022 09:01:05 GMT
Etag: "840cffdd68a270662474ada3838d228400e294d9"
Cache-Control: max-age=603799,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 709
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7448cbb48a71fac4-OSL
idsync.rlcdn.com/360947.gif?partner_uid=5142336719745614875
200 OK 42 B URL HTTP/2 idsync.rlcdn.com/360947.gif?partner_uid=5142336719745614875
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /360947.gif?partner_uid=5142336719745614875 HTTP/1.1
Host: idsync.rlcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: rlas3=+wZhY4/Dk6I0Mc0PIXjP1o4lDs4y8mlTzn28xZwg7uA=; Path=/; Domain=rlcdn.com; Expires=Sat, 02 Sep 2023 19:54:07 GMT; Secure; SameSite=None
pxrc=CAA=; Path=/; Domain=rlcdn.com; Expires=Tue, 01 Nov 2022 19:54:07 GMT; Secure; SameSite=None
timing-allow-origin: *
date: Fri, 02 Sep 2022 19:54:07 GMT
content-length: 42
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
idsync.rlcdn.com/501709.gif?partner_uid=f9587fd4-8a92-485a-b5fd-44b710f85774%3A1662148446.275249
307 Temporary Redirect 0 B URL HTTP/2 idsync.rlcdn.com/501709.gif?partner_uid=f9587fd4-8a92-485a-b5fd-44b710f85774%3A1662148446.275249
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /501709.gif?partner_uid=f9587fd4-8a92-485a-b5fd-44b710f85774%3A1662148446.275249 HTTP/1.1
Host: idsync.rlcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20839218p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 307 Temporary Redirect
cache-control: no-cache, no-store
location: https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJACjwIARAFGjZmOTU4N2ZkNC04YTkyLTQ4NWEtYjVmZC00NGI3MTBmODU3NzQ6MTY2MjE0ODQ0Ni4yNzUyNDkQABoNCN--yZgGEgUI6AcQAEIASgA
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: pxrc=CAA=; Path=/; Domain=rlcdn.com; Expires=Tue, 01 Nov 2022 19:54:07 GMT; Secure; SameSite=None
timing-allow-origin: *
date: Fri, 02 Sep 2022 19:54:07 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cm.everesttech.net/cm/dd?d_uuid=15942147512028720363307838331480706467
302 0 B URL HTTP/1.1 cm.everesttech.net/cm/dd?d_uuid=15942147512028720363307838331480706467
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/dd?d_uuid=15942147512028720363307838331480706467 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Date: Fri, 02 Sep 2022 19:54:07 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~YxJfXwAAAMbxCwN-; Domain=.everesttech.net; Expires=Sat, 02-Sep-2023 19:54:07 GMT; Path=/
everest_session_v2=YxJfXwAAAMbxDAN-; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YxJfXwAAAMbxCwN-
Server: AMO-cookiemap/1.1
ps.eyeota.net/match?uid=5140084921719072391&bid=omt9pi0
200 OK 0 B URL HTTP/1.1 ps.eyeota.net/match?uid=5140084921719072391&bid=omt9pi0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?uid=5140084921719072391&bid=omt9pi0 HTTP/1.1
Host: ps.eyeota.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20839218p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Set-Cookie: SERVERID=18097~DM; Domain=eyeota.net; Path=/; Expires=Fri, 02 Sep 2022 20:04:07 GMT; Secure; SameSite=None;
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
Content-Length: 0
Date: Fri, 02 Sep 2022 19:54:07 GMT
a.rfihub.com/cm?pub=445&in=0&forward=&google_error=3
200 OK 42 B URL HTTP/1.1 a.rfihub.com/cm?pub=445&in=0&forward=&google_error=3
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash accba0b69f352b4c9440f05891b015c5
9d01cc5dc8e042c0d4ad6cfb8b3ac38e84a5ef9f
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
GET /cm?pub=445&in=0&forward=&google_error=3 HTTP/1.1
Host: a.rfihub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20839218p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 19:54:07 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: ruds=H4sIAAAAAAAA_-MSNjU0MTG1sDA1MjQ2MDYxtDCzNBbiM9TNyHEsNPf3Swt3Si4CAOh8WUQlAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
rud=H4sIAAAAAAAA_-MSNjU0MTG1sDA1MjQ2MDYxtDCzNBbiM9TNyHEsNPf3Swt3Si4CAOh8WUQlAAAA; Path=/; Domain=.rfihub.com; Expires=Wed, 27 Sep 2023 19:54:07 GMT; Secure; SameSite=None
eud=H4sIAAAAAAAA_-NicjUO4jU0MzMyNLEwMTE3sTADAPUNhjETAAAA; Path=/; Domain=.rfihub.com; Expires=Wed, 27 Sep 2023 19:54:07 GMT; Secure; SameSite=None
euds=H4sIAAAAAAAA_-NicjUGAEAxo38EAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Cache-Control: no-cache
Content-Type: image/gif
Content-Length: 42
Server: Jetty(9.3.29.v20201019)
dpm.demdex.net/ibs:dpid=411&dpuuid=YxJfXwAAAMbxCwN-
302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=411&dpuuid=YxJfXwAAAMbxCwN-
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=411&dpuuid=YxJfXwAAAMbxCwN- HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.regions.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v038-0729fb8fe.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YxJfXwAAAMbxCwN-
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=81515926149268930601989889399034213119; Max-Age=15552000; Expires=Wed, 01 Mar 2023 19:54:07 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 4Y976cwCRgI=
Content-Length: 0
Connection: keep-alive
idsync.rlcdn.com/1000.gif?memo=CM3PHhJACjwIARAFGjZmOTU4N2ZkNC04YTkyLTQ4NWEtYjVmZC00NGI3MTBmODU3NzQ6MTY2MjE0ODQ0Ni4yNzUyNDkQABoNCN--yZgGEgUI6AcQAEIASgA
307 Temporary Redirect 0 B URL HTTP/2 idsync.rlcdn.com/1000.gif?memo=CM3PHhJACjwIARAFGjZmOTU4N2ZkNC04YTkyLTQ4NWEtYjVmZC00NGI3MTBmODU3NzQ6MTY2MjE0ODQ0Ni4yNzUyNDkQABoNCN--yZgGEgUI6AcQAEIASgA
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1000.gif?memo=CM3PHhJACjwIARAFGjZmOTU4N2ZkNC04YTkyLTQ4NWEtYjVmZC00NGI3MTBmODU3NzQ6MTY2MjE0ODQ0Ni4yNzUyNDkQABoNCN--yZgGEgUI6AcQAEIASgA HTTP/1.1
Host: idsync.rlcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20839218p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 307 Temporary Redirect
cache-control: no-cache, no-store
location: https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: pxrc=CN++yZgGEgUI6AcQABIGCLrqARAA; Path=/; Domain=rlcdn.com; Expires=Tue, 01 Nov 2022 19:54:07 GMT; Secure; SameSite=None
timing-allow-origin: *
date: Fri, 02 Sep 2022 19:54:07 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash fc8292dd81fd6d5477ebd8d0df5ee85b
1c1c6589728af2776ec5ccb651e6f942485b8299
9dd3f21c0a894e601edb49c9dc180bdb8603f64bdd55cfe8114b3512e9eef2a5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 02 Sep 2022 19:54:07 GMT
Last-Modified: Fri, 02 Sep 2022 18:29:40 GMT
Server: ECS (nyb/1D0C)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: T1rd5TNh-VGX7t6dKxV4wB2bavjJiFE2LVHqwUTE7lrPbdjnN2Ez7w==
Age: 5067
ocsp.sectigo.com/
200 OK 471 B IP
Hash cb7a750fa9348267c15cc938996ead6a
992ddfd1fa25e3ed2fbef82f29b5bc7049b27bd0
f95f2c93dd462fb2d17cf40682e7e6aa5138bcd158dcab83c5d66855f50cec79
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 19:54:07 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 30 Aug 2022 13:56:49 GMT
Expires: Tue, 06 Sep 2022 13:56:48 GMT
Etag: "992ddfd1fa25e3ed2fbef82f29b5bc7049b27bd0"
Cache-Control: max-age=323560,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7448cbb3cdf0b523-OSL
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YxJfXwAAAMbxCwN-
200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YxJfXwAAAMbxCwN-
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YxJfXwAAAMbxCwN- HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.regions.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v038-0f7693ade.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: XhKQ4pugR7U=
Content-Length: 59
Connection: keep-alive
x.bidswitch.net/sync?dsp_id=119&user_id=5142336719745614875&expires=30
302 Moved Temporarily 0 B URL HTTP/1.1 x.bidswitch.net/sync?dsp_id=119&user_id=5142336719745614875&expires=30
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=119&user_id=5142336719745614875&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Fri, 02 Sep 2022 19:54:07 GMT
Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5142336719745614875&expires=30
Set-Cookie: tuuid=bb6a22e1-f111-4c26-900f-cca2934a4321; path=/; expires=Sat, 02-Sep-2023 19:54:07 GMT; domain=.bidswitch.net; samesite=none; secure
c=1662148447; path=/; expires=Sat, 02-Sep-2023 19:54:07 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1662148447; path=/; expires=Sat, 02-Sep-2023 19:54:07 GMT; domain=.bidswitch.net; samesite=none; secure
c=1662148447; path=/; expires=Sat, 02-Sep-2023 19:54:07 GMT; domain=.bidswitch.net; samesite=none; secure
Content-Length: 0
Connection: keep-alive
x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5142336719745614875&expires=30
200 OK 43 B URL HTTP/1.1 x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5142336719745614875&expires=30
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?dsp_id=119&user_id=5142336719745614875&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20839218p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Fri, 02 Sep 2022 19:54:07 GMT
Content-Length: 43
Connection: keep-alive
idsync.rlcdn.com/362358.gif?google_error=3
200 OK 42 B URL HTTP/2 idsync.rlcdn.com/362358.gif?google_error=3
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /362358.gif?google_error=3 HTTP/1.1
Host: idsync.rlcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20839218p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: pxrc=CAA=; Path=/; Domain=rlcdn.com; Expires=Tue, 01 Nov 2022 19:54:07 GMT; Secure; SameSite=None
timing-allow-origin: *
date: Fri, 02 Sep 2022 19:54:07 GMT
content-length: 42
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 591b2a184f9b07a64f0943ea8cbba8a1
9944706432bb1044d44bccc9bee96c8ee9b04dbb
4edfe10f04fce287e80cc25d346692eb888a154bd6b253321d16a2ae64294b7d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 19:54:07 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 31 Aug 2022 13:42:55 GMT
Expires: Wed, 07 Sep 2022 13:42:54 GMT
Etag: "9944706432bb1044d44bccc9bee96c8ee9b04dbb"
Cache-Control: max-age=409126,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7448cbb4de09fabc-OSL
www.regions.com/-/media/js/mp_linkcode.js
200 OK 681 B URL HTTP/1.1 www.regions.com/-/media/js/mp_linkcode.js
IP
File type exported SGML document, ASCII text, with CRLF line terminators
Hash 662fd21e25a8269185df8c993bfd251d
4da619e51fa6a54e5ffcdd7d826c1e5550a67840
f9465098d4cfa9edb9fed28c3eceb6bd3251c3fb011e86d1fa8f27bf1a680ceb
GET /-/media/js/mp_linkcode.js HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-stephan-burton-tampa
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=rlli5xz2gby02idx41r3kikq; SC_ANALYTICS_GLOBAL_COOKIE=1eb3dce625c044ca91ec010e32f44c35|False; Regions_SessionId=c4d7ce7f-c6a7-420d-8746-57998d1d3617; _uetsid=ff9459802af811edac839733d4e15efa; _uetvid=ff9482702af811eda593055893d58bf2; _gcl_au=1.1.839089433.1662148445; btIdentify=4bea80e1-768b-4126-f607-10d4e8f13333; _bti=%7B%22app_id%22%3A%22regions-bank%22%2C%22bsin%22%3A%225lF7UNlEkYXmOw7AzjHVXDavjLXzJeAP0XYcIZCKm5c3gtl9YdfwWkUVbiYyABH0knee3GbPq%2FwUerqlj6pxpA%3D%3D%22%2C%22is_identified%22%3Afalse%7D; _bts=a1bc569b-4589-4e8b-816e-cdd1f2691461; _fbp=fb.1.1662148445129.1198537247; qcSxc=1662148445141; __qca=P0-194351685-1662148445138; AMCV_DB9639725BD2FC5B0A495C65%40AdobeOrg=1585540135%7CMCMID%7C21669282610405894492732134064116125134%7CMCAID%7CNONE%7CMCOPTOUT-1662155645s%7CNONE%7CMCAAMLH-1662753245%7C6%7CMCAAMB-1662753245%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19245%7CvVersion%7C4.4.0; s_ecid=MCMID%7C21669282610405894492732134064116125134; AMCVS_DB9639725BD2FC5B0A495C65%40AdobeOrg=1; s_lang=en; gpv_pn=rdc%7Clocator%7Cmortgage%20loan%20officer%20stephan%20burton%20tampa; s_ips=939; s_tp=2615; s_ppv=rdc%257Clocator%257Cmortgage%2520loan%2520officer%2520stephan%2520burton%2520tampa%2C36%2C36%2C939%2C1%2C2; s_cc=true; s_country=http%2F2; aam_uuid=15942147512028720363307838331480706467
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 139648
Date: Thu, 01 Sep 2022 05:06:40 GMT
Cache-Control: max-age= 604786,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 4857066adf6f4a81a810041500eb1228
Content-Type: application/x-javascript
Content-Encoding: br
Last-Modified: Thu, 25 Aug 2016 21:09:38 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Disposition: inline; filename="mp_linkcode.js"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 681
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/js/oo_engine.js
200 OK 15 kB URL HTTP/1.1 www.regions.com/-/media/js/oo_engine.js
IP
Hash 54216df51ccc54b91647f46e6324a5d1
35cf90a9b3fe6579456b237653cd652dd86fc347
7e268465893e047076cb3331536cd5762cebc6f6e96a5d17a7c16165fda220d0
GET /-/media/js/oo_engine.js HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-stephan-burton-tampa
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=rlli5xz2gby02idx41r3kikq; SC_ANALYTICS_GLOBAL_COOKIE=1eb3dce625c044ca91ec010e32f44c35|False; Regions_SessionId=c4d7ce7f-c6a7-420d-8746-57998d1d3617; _uetsid=ff9459802af811edac839733d4e15efa; _uetvid=ff9482702af811eda593055893d58bf2; _gcl_au=1.1.839089433.1662148445; btIdentify=4bea80e1-768b-4126-f607-10d4e8f13333; _bti=%7B%22app_id%22%3A%22regions-bank%22%2C%22bsin%22%3A%225lF7UNlEkYXmOw7AzjHVXDavjLXzJeAP0XYcIZCKm5c3gtl9YdfwWkUVbiYyABH0knee3GbPq%2FwUerqlj6pxpA%3D%3D%22%2C%22is_identified%22%3Afalse%7D; _bts=a1bc569b-4589-4e8b-816e-cdd1f2691461; _fbp=fb.1.1662148445129.1198537247; qcSxc=1662148445141; __qca=P0-194351685-1662148445138; AMCV_DB9639725BD2FC5B0A495C65%40AdobeOrg=1585540135%7CMCMID%7C21669282610405894492732134064116125134%7CMCAID%7CNONE%7CMCOPTOUT-1662155645s%7CNONE%7CMCAAMLH-1662753245%7C6%7CMCAAMB-1662753245%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19245%7CvVersion%7C4.4.0; s_ecid=MCMID%7C21669282610405894492732134064116125134; AMCVS_DB9639725BD2FC5B0A495C65%40AdobeOrg=1; s_lang=en; gpv_pn=rdc%7Clocator%7Cmortgage%20loan%20officer%20stephan%20burton%20tampa; s_ips=939; s_tp=2615; s_ppv=rdc%257Clocator%257Cmortgage%2520loan%2520officer%2520stephan%2520burton%2520tampa%2C36%2C36%2C939%2C1%2C2; s_cc=true; s_country=http%2F2; aam_uuid=15942147512028720363307838331480706467
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 146612
Date: Thu, 01 Sep 2022 03:10:36 GMT
Cache-Control: max-age= 598971,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: b3a2cf00a05f4c20880d8fe82eb7782b
Content-Type: application/x-javascript
Content-Encoding: br
Last-Modified: Thu, 25 Aug 2016 21:09:39 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Disposition: inline; filename="oo_engine.js"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 15048
Strict-Transport-Security: max-age=157680000
sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
302 Found 0 B URL HTTP/2 sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP/1.1
Host: sync-tm.everesttech.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
set-cookie: everest_g_v2=g_surferid~YxJfXwALASqRCwBC; Path=/; Domain=.everesttech.net; Expires=Sat, 02-Sep-2023 19:54:07 GMT; Max-Age=31536000
location: https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YxJfXwALASqRCwBC
server: Jetty(9.4.35.v20201120)
accept-ranges: bytes
date: Fri, 02 Sep 2022 19:54:07 GMT
via: 1.1 varnish
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1662148447.320505,VS0,VE407
cache-control: no-cache
pragma: no-cache
content-length: 0
X-Firefox-Spdy: h2
sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YxJfXwALASqRCwBC
200 OK 85 B URL HTTP/2 sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YxJfXwALASqRCwBC
IP
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 5bec6606b8392065f9da9898ca6f7b14
73ac5b01b5e3293fb792179626e7f8369cdb944d
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
GET /ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YxJfXwALASqRCwBC HTTP/1.1
Host: sync-tm.everesttech.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20839218p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
server: Jetty(9.4.35.v20201120)
accept-ranges: bytes
date: Fri, 02 Sep 2022 19:54:07 GMT
via: 1.1 varnish
age: 3127
x-served-by: cache-bma1624-BMA
x-cache: HIT
x-cache-hits: 3598
x-timer: S1662148448.753853,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 85
X-Firefox-Spdy: h2
zn2tbnxzsysy6zef7-regions.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_2tbnXZsYSY6ZeF7&Q_LOC=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa&t=1662148446007
200 OK 3.1 kB URL HTTP/2 zn2tbnxzsysy6zef7-regions.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_2tbnXZsYSY6ZeF7&Q_LOC=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa&t=1662148446007
IP
File type ASCII text, with very long lines (6801)
Hash 2d57f1f15580f2efca2dbb893d2ce39f
66f029a836a4f24ebde752f27ab51b778a84f25c
d3c15b99e003c48845e2e5ec31a912386896cc37d8df37af8cbae6af2e958c12
GET /WRSiteInterceptEngine/?Q_ZID=ZN_2tbnXZsYSY6ZeF7&Q_LOC=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa&t=1662148446007 HTTP/1.1
Host: zn2tbnxzsysy6zef7-regions.siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 19:54:07 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 7448cbb5c9e4b51e-OSL
access-control-allow-origin: *
age: 124207
cache-control: public, max-age=3600, s-maxage=604800
etag: W/"2127-dFd3v87hQQeC1v9m+LckbQLgo0s"
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=8487
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash 62ebfedc250974a73d3651e667a0e3af
ec194a5f98a9cb35fa8d7bff5cd8ee4675aced02
4ec4bb5e018dbf5bd68f3c0e82fd9d18e817aeca2f667a45596a2dcfe03fed0f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 19:54:07 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 31 Aug 2022 03:43:23 GMT
Expires: Wed, 07 Sep 2022 03:43:22 GMT
Etag: "ec194a5f98a9cb35fa8d7bff5cd8ee4675aced02"
Cache-Control: max-age=373154,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7448cbb6df7cfabc-OSL
lptag.liveperson.net/tag/tag.js?site=60208595
200 OK 7.6 kB URL HTTP/2 lptag.liveperson.net/tag/tag.js?site=60208595
IP
File type ASCII text, with very long lines (21652), with no line terminators
Hash 6b675640425ec8551a433e26a377d954
7234f02cce1ccb2a4facf2b34b9185cfcf27299d
8c9716f14d2e964be7c93d3d8c28819cb35c529fce6206a79061cda509e05bfd
GET /tag/tag.js?site=60208595 HTTP/1.1
Host: lptag.liveperson.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 19:54:07 GMT
content-type: application/javascript
content-length: 7567
last-modified: Thu, 03 Sep 2020 08:27:49 GMT
etag: "5f50a905-1d8f"
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
cache-control: public, max-age=630
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 881148d9e3046d17f74337017f8db4b5
3539ef98f6e9f4619fc3c4e8dc4a9e4567b36f73
cc94934d8d0d02b10c11adebf09a9e30b3c1a272405f5a80c026b0577df2512f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3366
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 19:54:07 GMT
Last-Modified: Fri, 02 Sep 2022 18:58:01 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
regionsbank.mpeasylink.com/mpel/mpel.js
200 1.7 kB URL HTTP/1.1 regionsbank.mpeasylink.com/mpel/mpel.js
IP
File type ASCII text, with very long lines (515)
Hash 6fdd7985388a9a91f458c96ece692409
c655f98e175824e81802934d717e0607b25d906f
17936884b849d8d2f051fa0b88d5cb58466d78931b687900b1b90aecde32d977
Analyzer Verdict Alert quad9 Sinkholed
GET /mpel/mpel.js HTTP/1.1
Host: regionsbank.mpeasylink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: nginx
Date: Fri, 02 Sep 2022 19:54:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"5096-1630605988000"
Last-Modified: Thu, 02 Sep 2021 18:06:28 GMT
Cache-Control: max-age=86400
Expires: Sat, 03 Sep 2022 19:54:08 GMT
vary: accept-encoding
Content-Encoding: gzip
siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.76.1&Q_CLIENTTYPE=web&Q_BRANDID=regions
200 OK 34 kB URL HTTP/2 siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.76.1&Q_CLIENTTYPE=web&Q_BRANDID=regions
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 661c47d31e1bf87e2952f57e3133c987
e8385571ec63935dc7585605aa3528f13548d9a0
6260567612e2da869e0fd53e4d1e9e24016dd57dddeb8c25406ecec41bebda84
GET /dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.76.1&Q_CLIENTTYPE=web&Q_BRANDID=regions HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 19:54:07 GMT
content-type: application/javascript
cf-ray: 7448cbb7ccf8b51e-OSL
access-control-allow-origin: *
age: 167413
cache-control: public, max-age=604800, s-maxage=604800
etag: W/"19abd-182d0e95990"
last-modified: Wed, 24 Aug 2022 17:32:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=105149
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
regionsbank.mpeasylink.com/mpel/mpel?href=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa&ref=&lang=&country=undefined&curr=undefined®ion=undefined&osl=en-US
200 641 B URL HTTP/1.1 regionsbank.mpeasylink.com/mpel/mpel?href=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa&ref=&lang=&country=undefined&curr=undefined®ion=undefined&osl=en-US
IP
File type ASCII text, with very long lines (641), with no line terminators
Hash b3dd2edb5dfeee1a0529766c41957c67
447d5e8bf3cb4bf49aab01f12639afc933b8ff38
ef9ba31d511766efc2f207e993c8a1286ccddcf236fe5910ebbd70b38d324ecd
Analyzer Verdict Alert quad9 Sinkholed
GET /mpel/mpel?href=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa&ref=&lang=&country=undefined&curr=undefined®ion=undefined&osl=en-US HTTP/1.1
Host: regionsbank.mpeasylink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: nginx
Date: Fri, 02 Sep 2022 19:54:08 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 641
Connection: keep-alive
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa OUR IND COM NAV INT STA"
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_2tbnXZsYSY6ZeF7&Q_CLIENTVERSION=1.76.1&Q_CLIENTTYPE=web
200 OK 5.4 kB URL HTTP/2 siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_2tbnXZsYSY6ZeF7&Q_CLIENTVERSION=1.76.1&Q_CLIENTTYPE=web
IP
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (4755), with no line terminators
Hash 0bff9c5467f85d24faeb633793297800
c4498d8633d8d2a115032d06262c56318bd5ce46
546759055f66f67083edffe476968a0911afe7fd9cd7b74c0ee2834f62035733
POST /WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_2tbnXZsYSY6ZeF7&Q_CLIENTVERSION=1.76.1&Q_CLIENTTYPE=web HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 135
Origin: https://www.regions.com
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 19:54:07 GMT
content-type: application/json
cf-ray: 7448cbb71bcfb51e-OSL
access-control-allow-origin: https://www.regions.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
trace-id: 77eef932a6b0ebf1
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
siteintercept.qualtrics.com/dxjsmodule/1.0f15e3ad6ddcff4e902e.chunk.js?Q_CLIENTVERSION=1.76.1&Q_CLIENTTYPE=web&Q_BRANDID=regions
200 OK 8.1 kB URL HTTP/2 siteintercept.qualtrics.com/dxjsmodule/1.0f15e3ad6ddcff4e902e.chunk.js?Q_CLIENTVERSION=1.76.1&Q_CLIENTTYPE=web&Q_BRANDID=regions
IP
File type ASCII text, with very long lines (28797), with no line terminators
Hash 22cbba2110686e7efaef3abbc773c09d
df39d9b03a2ee3be1baaccdfa922fc11c40665dd
1d536c7362fb964e4868334d54311c694cf008233b12eaf337d7033c76bcdd8b
GET /dxjsmodule/1.0f15e3ad6ddcff4e902e.chunk.js?Q_CLIENTVERSION=1.76.1&Q_CLIENTTYPE=web&Q_BRANDID=regions HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 19:54:08 GMT
content-type: application/javascript
cf-ray: 7448cbb83d89b51e-OSL
access-control-allow-origin: *
age: 167414
cache-control: public, max-age=604800, s-maxage=604800
etag: W/"738e-182d0e95990"
last-modified: Wed, 24 Aug 2022 17:32:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=29582
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
regionsbank.mpeasylink.com/mpel/mpel_storage.html?cmd=storePref&href=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa&siteurl=www.regions.com&lang=en&country=®ion=&sitelist=www.regions.com,regions.com,www.regionstest.com;espanol.regions.com¤cy=&nonMP=false&mode=&uuid=
200 1.2 kB URL HTTP/1.1 regionsbank.mpeasylink.com/mpel/mpel_storage.html?cmd=storePref&href=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa&siteurl=www.regions.com&lang=en&country=®ion=&sitelist=www.regions.com,regions.com,www.regionstest.com;espanol.regions.com¤cy=&nonMP=false&mode=&uuid=
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (650)
Hash 4e15b50697a74d423a6d9933b24a00a3
56185b17a5a18f75c8269f522a6f6e65dfd5a0f2
daccffddc4a2db0ebc4a2461a23cd60cabf64c5f60c9c099fc157ba2278f9dc7
Analyzer Verdict Alert quad9 Sinkholed
GET /mpel/mpel_storage.html?cmd=storePref&href=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa&siteurl=www.regions.com&lang=en&country=®ion=&sitelist=www.regions.com,regions.com,www.regionstest.com;espanol.regions.com¤cy=&nonMP=false&mode=&uuid= HTTP/1.1
Host: regionsbank.mpeasylink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: nginx
Date: Fri, 02 Sep 2022 19:54:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"2762-1630605988000"
Last-Modified: Thu, 02 Sep 2021 18:06:28 GMT
vary: accept-encoding
Content-Encoding: gzip
ocsp.sectigo.com/
200 OK 471 B IP
Hash 77aec48ecc3159aac0ddb7b8595be188
dc934010ebd653755f84f09f37b6991d19d1c5d1
3ccb3786da08eed429716f87ad77d12a401136202664c4dc6f203be76e0251f7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 19:54:08 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 02 Sep 2022 16:31:56 GMT
Expires: Fri, 09 Sep 2022 16:31:55 GMT
Etag: "dc934010ebd653755f84f09f37b6991d19d1c5d1"
Cache-Control: max-age=592066,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7448cbbbaa660b4d-OSL
ocsp.sectigo.com/
200 OK 471 B IP
Hash 77aec48ecc3159aac0ddb7b8595be188
dc934010ebd653755f84f09f37b6991d19d1c5d1
3ccb3786da08eed429716f87ad77d12a401136202664c4dc6f203be76e0251f7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 19:54:08 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 02 Sep 2022 16:31:56 GMT
Expires: Fri, 09 Sep 2022 16:31:55 GMT
Etag: "dc934010ebd653755f84f09f37b6991d19d1c5d1"
Cache-Control: max-age=592066,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7448cbbba985b4f7-OSL
ocsp.sectigo.com/
200 OK 471 B IP
Hash 77aec48ecc3159aac0ddb7b8595be188
dc934010ebd653755f84f09f37b6991d19d1c5d1
3ccb3786da08eed429716f87ad77d12a401136202664c4dc6f203be76e0251f7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 19:54:08 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 02 Sep 2022 16:31:56 GMT
Expires: Fri, 09 Sep 2022 16:31:55 GMT
Etag: "dc934010ebd653755f84f09f37b6991d19d1c5d1"
Cache-Control: max-age=592066,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7448cbbb2802b523-OSL
ocsp.sectigo.com/
200 OK 471 B IP
Hash 77aec48ecc3159aac0ddb7b8595be188
dc934010ebd653755f84f09f37b6991d19d1c5d1
3ccb3786da08eed429716f87ad77d12a401136202664c4dc6f203be76e0251f7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 19:54:08 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 02 Sep 2022 16:31:56 GMT
Expires: Fri, 09 Sep 2022 16:31:55 GMT
Etag: "dc934010ebd653755f84f09f37b6991d19d1c5d1"
Cache-Control: max-age=592066,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7448cbbbac0f1c06-OSL
lptag.liveperson.net/lptag/api/account/60208595/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3
200 OK 107 kB URL HTTP/2 lptag.liveperson.net/lptag/api/account/60208595/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3
IP
Size 107 kB (107057 bytes)
Hash 18af7489d2628bcc84bca0be5b25580f
e54853bd7085b618943fae325722eacd949b4d27
767c59d91c4603ca93ffa0f27ab0c79c473f7ad213fc234fa9d5c6571683daf5
GET /lptag/api/account/60208595/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3 HTTP/1.1
Host: lptag.liveperson.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 19:54:08 GMT
content-type: application/x-javascript
cache-control: public, max-age=630
server: ws
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: HIT
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_unified_window/10.20.0.17-release_5509/desktopEmbedded.js?version=10.20.0.17-release_5509
200 OK 302 kB URL HTTP/2 lpcdn.lpsnmedia.net/le_unified_window/10.20.0.17-release_5509/desktopEmbedded.js?version=10.20.0.17-release_5509
IP
File type ASCII text, with very long lines (32018)
Size 302 kB (301785 bytes)
Hash 39bec9062f9d61d24b675df3a3f16732
ffb466c0d978872bf45dc80d8de7baffc0945473
15f68704f02c76e8e8e77997b6681eba3f3ed35f700f4ba5f3118956043b5146
GET /le_unified_window/10.20.0.17-release_5509/desktopEmbedded.js?version=10.20.0.17-release_5509 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 19:54:08 GMT
content-type: application/javascript
last-modified: Mon, 08 Aug 2022 03:08:02 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sat, 02 Sep 2023 19:54:08 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_unified_window/10.20.0.17-release_5509/surveylogicinstance.min.js?version=10.20.0.17-release_5509
200 OK 2.7 kB URL HTTP/2 lpcdn.lpsnmedia.net/le_unified_window/10.20.0.17-release_5509/surveylogicinstance.min.js?version=10.20.0.17-release_5509
IP
File type ASCII text, with very long lines (7866), with no line terminators
Hash 2655f729fc1ba38f1b304c633d4f1a9f
7900c78c5c2533ed4b27d0b688d40069a4734924
f77081d7af6d1a28f06f9fa3718fa4944d4220c7249ac2f155abcc6ed53fabf5
GET /le_unified_window/10.20.0.17-release_5509/surveylogicinstance.min.js?version=10.20.0.17-release_5509 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 19:54:08 GMT
content-type: application/javascript
last-modified: Mon, 08 Aug 2022 03:08:02 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sat, 02 Sep 2023 19:54:08 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 4f67519a370287d8dc673991017e36cd
2e38d7d5b6a769f4c1af2198bc89eef78c196806
4e2373fa9ff0c0aebf3e7b8d15fdc1fd2c5b9350c22acd905f4517fe18302776
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 19:54:09 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 02 Sep 2022 11:37:42 GMT
Expires: Fri, 09 Sep 2022 11:37:41 GMT
Etag: "2e38d7d5b6a769f4c1af2198bc89eef78c196806"
Cache-Control: max-age=574411,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7448cbc22afb0b4d-OSL
data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=6&c=1202&i=86phqg&p=regions-prod&s=1420&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTcUAPAmY2xpZW50SWQiOjEyMDIsInB1Ymxpc2hQYXRoIjoicmVnaW9ucy1wcm9kIiwiaW5zdGFuY2UvAPE0Ijg2cGhxZyIsInBhY2tldCI6NCwibW9kZSI6Im9ic2VydmUiLCJjb29raWVzIjp7fSwiZW52aXJvbm1lbnQiOiJSZVwAIiBQXADyBnJlcXVlc3RzIjpbeyJkZXN0aW5hdMAA9LRodHRwczovL3ZhLnYubGl2ZXBlcnNvbi5uZXQvYXBpL2pzLzYwMjA4NTk1P3NpZD02cDZfS3NKUVFCaVJYdksyaGxUUXFnJmNiPWxwQ2IxMTQ5OXg0MjQyMiZ0PXBsJnRzPTE2NjIxNDg0NDc1OTkmcGlkPTk0NjQ1NzYzOTcmdGlkPTkxMzgwNDczNzMmdmlkPUl5WVRobU5qTXlOVFUwWWpNME16azQiLCJ0eXBlIjoic2NyaXB0Iiwic3RhcnQiOjFgAEA4NDU4CQEAcAEGFACQNjIsInNvdXJjPQGgcmVtb3ZlQ2hpbHMBwHN0YXR1cyI6ImxvYRAAYHJlYXNvbiYB1F0sImRhdGFQYXR0ZXISALJsaXN0IjpbXSwiaWMAzzEwODkwNDQ0ODF9LFgBS_kCNTY0Mjh4NDEzOTYmdD11YyZYAT85NjFYAQzgc2Rlcz0lNUIlN0IlMjJJAfABJTIyJTNBJTIycGFnZWRpdhAAoDJDJTIyZGl2SWQOAAEeAAYSAvAELWNoYXQtYnRuLWNvbnRhaW5lciYAXzdEJTVEuAEtLTYwuAE3NTcxuAFvYXBwZW5kuAE1rzIyMzY2MzgzNDW4Af8uHzK4AQwxbXV0aQQST7UEQXJDTCK4Aw93AyrQMjIzNjYzODM0N31dfQ
204 No Content 0 B URL HTTP/2 data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=6&c=1202&i=86phqg&p=regions-prod&s=1420&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTcUAPAmY2xpZW50SWQiOjEyMDIsInB1Ymxpc2hQYXRoIjoicmVnaW9ucy1wcm9kIiwiaW5zdGFuY2UvAPE0Ijg2cGhxZyIsInBhY2tldCI6NCwibW9kZSI6Im9ic2VydmUiLCJjb29raWVzIjp7fSwiZW52aXJvbm1lbnQiOiJSZVwAIiBQXADyBnJlcXVlc3RzIjpbeyJkZXN0aW5hdMAA9LRodHRwczovL3ZhLnYubGl2ZXBlcnNvbi5uZXQvYXBpL2pzLzYwMjA4NTk1P3NpZD02cDZfS3NKUVFCaVJYdksyaGxUUXFnJmNiPWxwQ2IxMTQ5OXg0MjQyMiZ0PXBsJnRzPTE2NjIxNDg0NDc1OTkmcGlkPTk0NjQ1NzYzOTcmdGlkPTkxMzgwNDczNzMmdmlkPUl5WVRobU5qTXlOVFUwWWpNME16azQiLCJ0eXBlIjoic2NyaXB0Iiwic3RhcnQiOjFgAEA4NDU4CQEAcAEGFACQNjIsInNvdXJjPQGgcmVtb3ZlQ2hpbHMBwHN0YXR1cyI6ImxvYRAAYHJlYXNvbiYB1F0sImRhdGFQYXR0ZXISALJsaXN0IjpbXSwiaWMAzzEwODkwNDQ0ODF9LFgBS_kCNTY0Mjh4NDEzOTYmdD11YyZYAT85NjFYAQzgc2Rlcz0lNUIlN0IlMjJJAfABJTIyJTNBJTIycGFnZWRpdhAAoDJDJTIyZGl2SWQOAAEeAAYSAvAELWNoYXQtYnRuLWNvbnRhaW5lciYAXzdEJTVEuAEtLTYwuAE3NTcxuAFvYXBwZW5kuAE1rzIyMzY2MzgzNDW4Af8uHzK4AQwxbXV0aQQST7UEQXJDTCK4Aw93AyrQMjIzNjYzODM0N31dfQ
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /privacy/v1/b/r.rnc?n=6&c=1202&i=86phqg&p=regions-prod&s=1420&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTcUAPAmY2xpZW50SWQiOjEyMDIsInB1Ymxpc2hQYXRoIjoicmVnaW9ucy1wcm9kIiwiaW5zdGFuY2UvAPE0Ijg2cGhxZyIsInBhY2tldCI6NCwibW9kZSI6Im9ic2VydmUiLCJjb29raWVzIjp7fSwiZW52aXJvbm1lbnQiOiJSZVwAIiBQXADyBnJlcXVlc3RzIjpbeyJkZXN0aW5hdMAA9LRodHRwczovL3ZhLnYubGl2ZXBlcnNvbi5uZXQvYXBpL2pzLzYwMjA4NTk1P3NpZD02cDZfS3NKUVFCaVJYdksyaGxUUXFnJmNiPWxwQ2IxMTQ5OXg0MjQyMiZ0PXBsJnRzPTE2NjIxNDg0NDc1OTkmcGlkPTk0NjQ1NzYzOTcmdGlkPTkxMzgwNDczNzMmdmlkPUl5WVRobU5qTXlOVFUwWWpNME16azQiLCJ0eXBlIjoic2NyaXB0Iiwic3RhcnQiOjFgAEA4NDU4CQEAcAEGFACQNjIsInNvdXJjPQGgcmVtb3ZlQ2hpbHMBwHN0YXR1cyI6ImxvYRAAYHJlYXNvbiYB1F0sImRhdGFQYXR0ZXISALJsaXN0IjpbXSwiaWMAzzEwODkwNDQ0ODF9LFgBS_kCNTY0Mjh4NDEzOTYmdD11YyZYAT85NjFYAQzgc2Rlcz0lNUIlN0IlMjJJAfABJTIyJTNBJTIycGFnZWRpdhAAoDJDJTIyZGl2SWQOAAEeAAYSAvAELWNoYXQtYnRuLWNvbnRhaW5lciYAXzdEJTVEuAEtLTYwuAE3NTcxuAFvYXBwZW5kuAE1rzIyMzY2MzgzNDW4Af8uHzK4AQwxbXV0aQQST7UEQXJDTCK4Aw93AyrQMjIzNjYzODM0N31dfQ HTTP/1.1
Host: data.privacy.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 02 Sep 2022 19:54:11 GMT
expires: Fri, 02 Sep 2022 19:54:10 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2
www.regionsmortgage.com/stephanburton
301 Moved permanently 0 B URL HTTP/1.1 www.regionsmortgage.com/stephanburton
IP
GET /stephanburton HTTP/1.1
Host: www.regionsmortgage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved permanently
Location: https://www.regionsmortgage.com/stephanburton
Connection: close
Cache-Control: no-cache
Pragma: no-cache
accdn.lpsnmedia.net/api/account/60208595/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
200 OK 0 B URL HTTP/2 accdn.lpsnmedia.net/api/account/60208595/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
IP
GET /api/account/60208595/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 19:54:09 GMT
content-type: application/javascript
vary: Accept
expires: Fri, 02 Sep 2022 19:54:22 GMT
x-envoy-upstream-service-time: 1
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: HIT
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
va.v.liveperson.net/api/js/60208595?&cb=lpCb62305x55107&t=sp&ts=1662148446763&pid=9464576397&tid=9138047373&pt=Tampa%20Mortgage%20Lender%20%7C%20Stephan%20Burton%20%7C%20Regions&u=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa&df=0&os=2&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
200 OK 0 B URL HTTP/2 va.v.liveperson.net/api/js/60208595?&cb=lpCb62305x55107&t=sp&ts=1662148446763&pid=9464576397&tid=9138047373&pt=Tampa%20Mortgage%20Lender%20%7C%20Stephan%20Burton%20%7C%20Regions&u=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa&df=0&os=2&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
IP
GET /api/js/60208595?&cb=lpCb62305x55107&t=sp&ts=1662148446763&pid=9464576397&tid=9138047373&pt=Tampa%20Mortgage%20Lender%20%7C%20Stephan%20Burton%20%7C%20Regions&u=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa&df=0&os=2&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D HTTP/1.1
Host: va.v.liveperson.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 19:54:09 GMT
content-type: application/javascript
set-cookie: LPVisitorID=IyYThmNjMyNTU0YjM0Mzk4; Expires=Sat, 02-Sep-2023 19:54:09 GMT; Path=/; HttpOnly
LPSessionID=6p6_KsJQQBiRXvK2hlTQqg; Path=/api/js/60208595; HttpOnly
cache-control: no-store
server: ws
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
va.v.liveperson.net/api/js/60208595?sid=6p6_KsJQQBiRXvK2hlTQqg&cb=lpCb11499x42422&t=pl&ts=1662148447599&pid=9464576397&tid=9138047373&vid=IyYThmNjMyNTU0YjM0Mzk4
200 OK 0 B URL HTTP/2 va.v.liveperson.net/api/js/60208595?sid=6p6_KsJQQBiRXvK2hlTQqg&cb=lpCb11499x42422&t=pl&ts=1662148447599&pid=9464576397&tid=9138047373&vid=IyYThmNjMyNTU0YjM0Mzk4
IP
GET /api/js/60208595?sid=6p6_KsJQQBiRXvK2hlTQqg&cb=lpCb11499x42422&t=pl&ts=1662148447599&pid=9464576397&tid=9138047373&vid=IyYThmNjMyNTU0YjM0Mzk4 HTTP/1.1
Host: va.v.liveperson.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 19:54:09 GMT
content-type: application/javascript
cache-control: no-store
server: ws
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
nexus.ensighten.com/regions/regions-prod/code/f55b971dda537fb0979dd6e5685b5178.js?conditionId0=423026
200 OK 0 B URL HTTP/2 nexus.ensighten.com/regions/regions-prod/code/f55b971dda537fb0979dd6e5685b5178.js?conditionId0=423026
IP
GET /regions/regions-prod/code/f55b971dda537fb0979dd6e5685b5178.js?conditionId0=423026 HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Mon, 29 Aug 2022 16:53:34 GMT
x-amz-replication-status: PENDING
last-modified: Mon, 29 Aug 2022 16:53:23 GMT
etag: W/"857a92093871b4e9e29c4844b928e25c"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: beqVkGce6rjfKUY.y_qKVsQgqc3YbXy8
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Sd7xYsYF1YYbPxbjmJPtNijJqal-B1C6uzG4US6-to6Hh_GOW1uFJg==
age: 356433
X-Firefox-Spdy: h2
partners.tremorhub.com/sync?UIRF=5142336719745614875&r=Q1xqdynowTDF
200 OK 0 B URL HTTP/2 partners.tremorhub.com/sync?UIRF=5142336719745614875&r=Q1xqdynowTDF
IP
GET /sync?UIRF=5142336719745614875&r=Q1xqdynowTDF HTTP/1.1
Host: partners.tremorhub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 19:54:07 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_unified_window/10.20.0.17-release_5509/ui-framework.js?version=10.20.0.17-release_5509
200 OK 0 B URL HTTP/2 lpcdn.lpsnmedia.net/le_unified_window/10.20.0.17-release_5509/ui-framework.js?version=10.20.0.17-release_5509
IP
GET /le_unified_window/10.20.0.17-release_5509/ui-framework.js?version=10.20.0.17-release_5509 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 19:54:08 GMT
content-type: application/javascript
last-modified: Mon, 08 Aug 2022 03:08:02 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sat, 02 Sep 2023 19:54:08 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
secure.quantserve.com/quant.js
200 OK 0 B URL HTTP/2 secure.quantserve.com/quant.js
IP
GET /quant.js HTTP/1.1
Host: secure.quantserve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 19:54:06 GMT
content-type: application/javascript
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "3K3nn1ChiYCKxJYFUmbsHw=="
expires: Fri, 09 Sep 2022 19:54:06 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
siteintercept.qualtrics.com/dxjsmodule/FeedbackLinkModule.js?Q_CLIENTVERSION=1.76.1&Q_CLIENTTYPE=web&Q_BRANDID=regions
200 OK 0 B URL HTTP/2 siteintercept.qualtrics.com/dxjsmodule/FeedbackLinkModule.js?Q_CLIENTVERSION=1.76.1&Q_CLIENTTYPE=web&Q_BRANDID=regions
IP
GET /dxjsmodule/FeedbackLinkModule.js?Q_CLIENTVERSION=1.76.1&Q_CLIENTTYPE=web&Q_BRANDID=regions HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 19:54:08 GMT
content-type: application/javascript
cf-ray: 7448cbb83d8db51e-OSL
access-control-allow-origin: *
age: 124650
cache-control: public, max-age=604800, s-maxage=604800
etag: W/"de0-182d0e95990"
last-modified: Wed, 24 Aug 2022 17:32:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=3552
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_unified_window/10.20.0.17-release_5509/lpChatV3.min.js?version=10.20.0.17-release_5509
200 OK 0 B URL HTTP/2 lpcdn.lpsnmedia.net/le_unified_window/10.20.0.17-release_5509/lpChatV3.min.js?version=10.20.0.17-release_5509
IP
GET /le_unified_window/10.20.0.17-release_5509/lpChatV3.min.js?version=10.20.0.17-release_5509 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 19:54:08 GMT
content-type: application/javascript
last-modified: Mon, 08 Aug 2022 03:08:01 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sat, 02 Sep 2023 19:54:08 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
siteintercept.qualtrics.com/dxjsmodule/11.4dc17d50d8eb18566aef.chunk.js?Q_CLIENTVERSION=1.76.1&Q_CLIENTTYPE=web&Q_BRANDID=www.regions.com
200 OK 0 B URL HTTP/2 siteintercept.qualtrics.com/dxjsmodule/11.4dc17d50d8eb18566aef.chunk.js?Q_CLIENTVERSION=1.76.1&Q_CLIENTTYPE=web&Q_BRANDID=www.regions.com
IP
GET /dxjsmodule/11.4dc17d50d8eb18566aef.chunk.js?Q_CLIENTVERSION=1.76.1&Q_CLIENTTYPE=web&Q_BRANDID=www.regions.com HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 19:54:07 GMT
content-type: application/javascript
cf-ray: 7448cbb60a30b51e-OSL
access-control-allow-origin: *
age: 167912
cache-control: public, max-age=604800, s-maxage=604800
etag: W/"f5d4-182d0e95990"
last-modified: Wed, 24 Aug 2022 17:32:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=62932
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
insight.adsrvr.org/track/up?adv=pkkjyal&ref=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa&upid=xzxny28&upv=1.1.0
200 OK 0 B URL HTTP/2 insight.adsrvr.org/track/up?adv=pkkjyal&ref=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa&upid=xzxny28&upv=1.1.0
IP
GET /track/up?adv=pkkjyal&ref=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-stephan-burton-tampa&upid=xzxny28&upv=1.1.0 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 19:54:07 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_unified_window/10.20.0.17-release_5509/UMSClientAPI.min.js?version=10.20.0.17-release_5509
200 OK 0 B URL HTTP/2 lpcdn.lpsnmedia.net/le_unified_window/10.20.0.17-release_5509/UMSClientAPI.min.js?version=10.20.0.17-release_5509
IP
GET /le_unified_window/10.20.0.17-release_5509/UMSClientAPI.min.js?version=10.20.0.17-release_5509 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 19:54:08 GMT
content-type: application/javascript
last-modified: Mon, 08 Aug 2022 03:08:01 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sat, 02 Sep 2023 19:54:08 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_secure_storage/3.18.0.0-release_5078/storage.secure.min.html?loc=https%3A%2F%2Fwww.regions.com&site=60208595&env=prod
200 OK 0 B URL HTTP/2 lpcdn.lpsnmedia.net/le_secure_storage/3.18.0.0-release_5078/storage.secure.min.html?loc=https%3A%2F%2Fwww.regions.com&site=60208595&env=prod
IP
GET /le_secure_storage/3.18.0.0-release_5078/storage.secure.min.html?loc=https%3A%2F%2Fwww.regions.com&site=60208595&env=prod HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 19:54:08 GMT
content-type: text/html
last-modified: Mon, 08 Aug 2022 03:15:58 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sat, 02 Sep 2023 19:54:08 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
205.255.102.40
15.188.95.229
23.38.201.22
35.157.107.208
91.228.74.200
54.154.221.23
104.18.32.68
31.13.72.12
185.94.180.126