r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash cc07d664b5dadee6f9120d54904dfa57
df75a55b0b2019684a6c512bee528c51a2c4a756
14a1bd6315a3256468edafedfd1c02a6ba147914c0f01e8504e7d8cc67781c34
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "14A1BD6315A3256468EDAFEDFD1C02A6BA147914C0F01E8504E7D8CC67781C34"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5053
Expires: Thu, 19 Jan 2023 00:02:33 GMT
Date: Wed, 18 Jan 2023 22:38:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 37284a837312d6586460a3b86bbe7bd0
6ac0847abd48eb8607597218aaa2cb2d434c012b
6a0e11bb042555d72b397ae0cc3d5e242d3a3fe04418e28ffd222decca7d16ca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A0E11BB042555D72B397AE0CC3D5E242D3A3FE04418E28FFD222DECCA7D16CA"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8276
Expires: Thu, 19 Jan 2023 00:56:16 GMT
Date: Wed, 18 Jan 2023 22:38:20 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 18 Jan 2023 21:49:22 GMT
content-type: application/json
age: 2938
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 6c8239f3894cfba54d1f3a9ea1c85db5
a70f2b3bf79f2aa26b0cc0340dd182565c3eb946
64dc0508d3fcea1ec92fb60310e9b3f5454c0b69f61e8453fd443bc46ab9471b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "64DC0508D3FCEA1EC92FB60310E9B3F5454C0B69F61E8453FD443BC46AB9471B"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4055
Expires: Wed, 18 Jan 2023 23:45:55 GMT
Date: Wed, 18 Jan 2023 22:38:20 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: pH+oiZlGXyRSulgxrA6N+nGT1fxrH9H2KV7GCqV8cQzdoOPQzKFfDpbJqGPGRosMBdFSm0BFIsg=
x-amz-request-id: GAX4YZ8MGEJS1MRF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 18 Jan 2023 21:45:35 GMT
age: 3165
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 22:38:20 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.usertrust.com/
104.18.32.68200 OK 2.2 kB IP 104.18.32.68:0
Hash 04769f5e9989f0c7f67c1d95601531b2
82e729f941a426e3079ebed9c21545f0c02039e8
8bfc40eba7560f38d7093331ac0ee5dbc24a9f4510fa08ea390123203ca305b8
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 22:38:20 GMT
Content-Type: application/ocsp-response
Content-Length: 2236
Connection: keep-alive
Last-Modified: Wed, 18 Jan 2023 10:12:16 GMT
Expires: Wed, 25 Jan 2023 10:12:15 GMT
Etag: "82e729f941a426e3079ebed9c21545f0c02039e8"
Cache-Control: max-age=604127,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1678
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bad203bc640b4d-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 70539de9afaca38819152edbb3f7aca8
6c5138194b781ceac129559579cd0ff19966bc0f
d16555b969523cb39d49068f0cecb1c6d7adeff4db66615a6438eebc55f9e2c0
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 22:38:20 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 18 Jan 2023 09:13:48 GMT
Expires: Wed, 25 Jan 2023 09:13:47 GMT
Etag: "6c5138194b781ceac129559579cd0ff19966bc0f"
Cache-Control: max-age=555926,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78bad203d90e0b3d-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 18 Jan 2023 22:17:25 GMT
age: 1256
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 79af32d8e279b4cfec147ab51cb6fcb3
d726903292bd1e08a6d9fe0719d2cd5b33dc5fe6
bfcb2d8f14d89736ac6b771f1618a8fc5e707691d60807a574fb719c8e9393ab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2623
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 22:38:21 GMT
Last-Modified: Wed, 18 Jan 2023 21:54:38 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
ocsp.usertrust.com/
104.18.32.68200 OK 2.2 kB IP 104.18.32.68:0
Hash 04769f5e9989f0c7f67c1d95601531b2
82e729f941a426e3079ebed9c21545f0c02039e8
8bfc40eba7560f38d7093331ac0ee5dbc24a9f4510fa08ea390123203ca305b8
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 22:38:21 GMT
Content-Type: application/ocsp-response
Content-Length: 2236
Connection: keep-alive
Last-Modified: Wed, 18 Jan 2023 10:12:16 GMT
Expires: Wed, 25 Jan 2023 10:12:15 GMT
Etag: "82e729f941a426e3079ebed9c21545f0c02039e8"
Cache-Control: max-age=604127,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1679
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bad2078ff20b4d-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 50a047cc32476e92606926fd65387c7c
1251cf57660b519ef13b47e607e6d92236eb0543
eedb51debfbfe0f6d97449cee289322b71c6d375b752c2625d4c784b571a5f1b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 22:38:21 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 18 Jan 2023 21:09:03 GMT
Expires: Wed, 25 Jan 2023 21:09:02 GMT
Etag: "1251cf57660b519ef13b47e607e6d92236eb0543"
Cache-Control: max-age=598840,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78bad2079c3f0b3d-OSL
push.services.mozilla.com/
35.163.62.5101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.62.5:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: MZPQdsv+A0gATm5XyUW75w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Gj2hKWH+otuLretEPPOazl4L9jc=
www.regions.com/MLO/maryhoang
205.255.103.100301 Moved Permanently 0 B URL HTTP/1.1 www.regions.com/MLO/maryhoang
IP 205.255.103.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /MLO/maryhoang HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Date: Wed, 18 Jan 2023 22:38:21 GMT
Content-Length: 0
Connection: keep-alive
Location: /locator/mlo/mortgage-loan-officer-Mary-Hoang-Peachtree-City
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Set-Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660;path=/;httponly
Strict-Transport-Security: max-age=157680000
www.regions.com/locator/mlo/mortgage-loan-officer-Mary-Hoang-Peachtree-City
205.255.103.100302 Found 200 B URL HTTP/1.1 www.regions.com/locator/mlo/mortgage-loan-officer-Mary-Hoang-Peachtree-City
IP 205.255.103.100:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 06ae5d75547dbe442cbe346ea3686e5e
d9312bb155b161acfe7d3f13ec4716daf2b36bbd
deaa7b338918cb90af3e3c7d2d802ab3a15cfabe17e9b36a5d030ed15d916a0c
GET /locator/mlo/mortgage-loan-officer-Mary-Hoang-Peachtree-City HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Date: Wed, 18 Jan 2023 22:38:21 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 200
Connection: keep-alive
Location: https://www.regions.com/locator/mlo/mortgage-loan-officer-mary-hoang-peachtree-city
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
www.regions.com/locator/mlo/mortgage-loan-officer-mary-hoang-peachtree-city
205.255.103.100200 OK 18 kB URL HTTP/1.1 www.regions.com/locator/mlo/mortgage-loan-officer-mary-hoang-peachtree-city
IP 205.255.103.100:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (415), with CRLF line terminators
Hash 6915d1ed2e4bf31743ef29ce196f41ee
0139a4204114749b7fb362abcb242521276706d2
67f1cc4e57fd5f2a4b1448344f4526187fed7acf4f2c18f128122c39b75c9f62
GET /locator/mlo/mortgage-loan-officer-mary-hoang-peachtree-city HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 22:38:22 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 17930
Connection: keep-alive
Cache-Control: private
Content-Encoding: br
Vary: Accept-Encoding
Set-Cookie: ASP.NET_SessionId=pd2zput2stijrifrgtv5aekd; path=/; HttpOnly; SameSite=Lax
SC_ANALYTICS_GLOBAL_COOKIE=2b45f76bcf8143578aed1c6115ff8cb1|False; expires=Sat, 15-Jan-2033 22:38:22 GMT; path=/; HttpOnly
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12429
Expires: Thu, 19 Jan 2023 02:05:31 GMT
Date: Wed, 18 Jan 2023 22:38:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12429
Expires: Thu, 19 Jan 2023 02:05:31 GMT
Date: Wed, 18 Jan 2023 22:38:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12429
Expires: Thu, 19 Jan 2023 02:05:31 GMT
Date: Wed, 18 Jan 2023 22:38:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12429
Expires: Thu, 19 Jan 2023 02:05:31 GMT
Date: Wed, 18 Jan 2023 22:38:22 GMT
Connection: keep-alive
www.regionsmortgage.com/maryhoang
205.255.102.40302 Found : Moved Temporarily 13 kB URL HTTP/1.1 www.regionsmortgage.com/maryhoang
IP 205.255.102.40:0
File type Web Open Font Format (Version 2), TrueType, length 12936, version 1.0\012- data
Hash 6d4b2348a4f8f255a2bfd1ab35e30618
72a7e20b49379ccab237d004a3506e22b3b7934b
0d14a3a656216743eb1e133b5af93d6eaa98c6260b411a01894323e62166f80f
GET /maryhoang HTTP/1.1
Host: www.regionsmortgage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found : Moved Temporarily
Location: https://www.regions.com/MLO/maryhoang
Connection: close
Cache-Control: no-cache
Pragma: no-cache
www.regions.com/rdcresources/content/fonts/source-sans-pro-regular-webfont.woff2
205.255.103.100200 OK 13 kB URL HTTP/1.1 www.regions.com/rdcresources/content/fonts/source-sans-pro-regular-webfont.woff2
IP 205.255.103.100:0
File type Web Open Font Format (Version 2), TrueType, length 13080, version 1.0\012- data
Hash 834648c5f6f2f73c3df33def9348d879
7385e4868c41fb1e4ba48503a16235ddb8cd8a6c
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
GET /rdcresources/content/fonts/source-sans-pro-regular-webfont.woff2 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-mary-hoang-peachtree-city
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=pd2zput2stijrifrgtv5aekd; SC_ANALYTICS_GLOBAL_COOKIE=2b45f76bcf8143578aed1c6115ff8cb1|False
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 2957006
Date: Thu, 15 Dec 2022 17:14:48 GMT
Cache-Control: max-age=31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "901bd54dd44d91:0"
Content-Type: font/woff2
Last-Modified: Wed, 30 Nov 2022 15:56:26 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 13080
Strict-Transport-Security: max-age=157680000
www.regions.com/RDCResources/Content/rdc-ui.min.css?v=1.0.0.18279
205.255.103.100200 OK 134 kB URL HTTP/1.1 www.regions.com/RDCResources/Content/rdc-ui.min.css?v=1.0.0.18279
IP 205.255.103.100:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 134 kB (134234 bytes)
Hash e95b9be0e568614a267144a7113e7225
b351de9d56c6360846d3a36458d033b6f1c4b863
0906048ef572dbe62c4c8a4469a7f7844e3b00123271e4aa3e43a9beccaf6e19
GET /RDCResources/Content/rdc-ui.min.css?v=1.0.0.18279 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-mary-hoang-peachtree-city
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=pd2zput2stijrifrgtv5aekd; SC_ANALYTICS_GLOBAL_COOKIE=2b45f76bcf8143578aed1c6115ff8cb1|False
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 2957119
Date: Thu, 15 Dec 2022 17:12:54 GMT
Cache-Control: max-age=31536000,public
Content-Length: 134234
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "609e884cd44d91:0"
Content-Type: text/css
Content-Encoding: br
Last-Modified: Wed, 30 Nov 2022 15:56:24 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/fonts/source-sans-pro-600-webfont.woff2
205.255.103.100200 OK 13 kB URL HTTP/1.1 www.regions.com/rdcresources/content/fonts/source-sans-pro-600-webfont.woff2
IP 205.255.103.100:0
File type Web Open Font Format (Version 2), TrueType, length 13072, version 1.0\012- data
Hash 595d5c1e2d877c3a50a77158e977ede4
0564953f05d57246c240796c5ba2bbec8c8ba93c
72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652
GET /rdcresources/content/fonts/source-sans-pro-600-webfont.woff2 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-mary-hoang-peachtree-city
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=pd2zput2stijrifrgtv5aekd; SC_ANALYTICS_GLOBAL_COOKIE=2b45f76bcf8143578aed1c6115ff8cb1|False
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 2957006
Date: Thu, 15 Dec 2022 17:14:48 GMT
Cache-Control: max-age=31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "9057cb4dd44d91:0"
Content-Type: font/woff2
Content-Length: 13072
Last-Modified: Wed, 30 Nov 2022 15:56:26 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/fonts/source-sans-pro-300italic-webfont.woff2
205.255.103.100200 OK 13 kB URL HTTP/1.1 www.regions.com/rdcresources/content/fonts/source-sans-pro-300italic-webfont.woff2
IP 205.255.103.100:0
File type Web Open Font Format (Version 2), TrueType, length 12592, version 1.0\012- data
Hash 48e38952d86d1b849b4e7e79c109a116
d8c9466e811876438d3e1d900943e3fa3d9625c1
0007bd27c6755494aa1b4fdebf9f019db02b59e5f02222148e136c75ccef026e
GET /rdcresources/content/fonts/source-sans-pro-300italic-webfont.woff2 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-mary-hoang-peachtree-city
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=pd2zput2stijrifrgtv5aekd; SC_ANALYTICS_GLOBAL_COOKIE=2b45f76bcf8143578aed1c6115ff8cb1|False
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 2925522
Date: Fri, 16 Dec 2022 01:59:33 GMT
Cache-Control: max-age=31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "c03dce4dd44d91:0"
Content-Type: font/woff2
Content-Length: 12592
Last-Modified: Wed, 30 Nov 2022 15:56:26 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/fonts/source-sans-pro-italic-webfont.woff2
205.255.103.100200 OK 13 kB URL HTTP/1.1 www.regions.com/rdcresources/content/fonts/source-sans-pro-italic-webfont.woff2
IP 205.255.103.100:0
File type Web Open Font Format (Version 2), TrueType, length 12580, version 1.0\012- data
Hash 0408305af8e45ff50aa09d3d3732fc01
3ff33e34998c68f480305e1d91adcd1ed8a2a7ee
6b49f18370ab654be0367fb969d5015649fdf5406bcbec33e5b0644f4bb7fe0a
GET /rdcresources/content/fonts/source-sans-pro-italic-webfont.woff2 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-mary-hoang-peachtree-city
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=pd2zput2stijrifrgtv5aekd; SC_ANALYTICS_GLOBAL_COOKIE=2b45f76bcf8143578aed1c6115ff8cb1|False
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 2925522
Date: Fri, 16 Dec 2022 01:59:33 GMT
Cache-Control: max-age=31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "9075c64dd44d91:0"
Content-Type: font/woff2
Last-Modified: Wed, 30 Nov 2022 15:56:26 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 12580
Strict-Transport-Security: max-age=157680000
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4d15f9a-9958-436b-ac3e-167b5a6563ea.jpeg
34.120.237.76200 OK 3.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4d15f9a-9958-436b-ac3e-167b5a6563ea.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b1b47910c4f71976f73a884bcae6f9bc
26c0d42fddb2a02d9878c34a76874710c92a9d30
9c5ce4945939b126cd36202f5afb8009ce790a792270ec31cc22099e4cd12a24
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4d15f9a-9958-436b-ac3e-167b5a6563ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3861
x-amzn-requestid: c8fbb2e1-9ec6-42c0-8030-9be785e8913e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9TegFNEoAMFwqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c865f6-04a9e7db684e88ed69e1bd43;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 21:34:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0vlLtF3fPmIBiYrKVY8qBwVvS7PMn3OTGpu6C0umuCqXdzYxsF-xgQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 21:53:12 GMT
age: 2710
etag: "26c0d42fddb2a02d9878c34a76874710c92a9d30"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe65902c3-48ee-4167-857a-c14e7f6464fc.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe65902c3-48ee-4167-857a-c14e7f6464fc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9c604448d6f1f1622279878df4f545cf
a412b00226d0d0ed3b9d8576d16d0ed2c516de91
16e45cd5e0ee3905a217af05d8f42e7e218551addca9d684c71bdeedde825929
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe65902c3-48ee-4167-857a-c14e7f6464fc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7020
x-amzn-requestid: 194bad3a-32af-458a-b131-5eeb73bffac1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ejsalGskoAMFeuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63be2776-3bfeb6920bf5eeea61aaf7dd;Sampled=0
x-amzn-remapped-date: Wed, 11 Jan 2023 03:05:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: v1LIU0SBfsPgyxhTIua1kvaAYib73vF9pGfMfDS-y1uFZ85HwJGOmw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 21:54:04 GMT
age: 2658
etag: "a412b00226d0d0ed3b9d8576d16d0ed2c516de91"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f0e28e6-b0e8-4d6a-86c1-1fc0c9c5513e.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f0e28e6-b0e8-4d6a-86c1-1fc0c9c5513e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7f69a0610e549f99b84e2ac1355ec1d6
c957e6d925e932c8f4939b5b723bccb532b5bf44
0304ec77a98bcd152446d03f4d630304bb6362d3ff99c58c883ebeb3f1448130
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f0e28e6-b0e8-4d6a-86c1-1fc0c9c5513e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8665
x-amzn-requestid: d4ef9b00-3cff-4ca0-be67-39074ca71996
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ewYQuE1NIAMFymQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c33a6a-57f41f0a286ffffd2ca5ee8b;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 23:27:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ESbnZ69JgaSSqmynXtDLCCkPi9I3KeFPISrQUr1WMJWQBIyxhTHW5w==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 17:37:08 GMT
age: 18074
etag: "c957e6d925e932c8f4939b5b723bccb532b5bf44"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa848e8c9-5ea8-4948-a3e7-109001ff6cba.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa848e8c9-5ea8-4948-a3e7-109001ff6cba.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 13457311f170ebcd637e77aa48873488
a51ef5eb01736824f382541c5a4ad025ae35c09e
f57f95cc9f18b2e41951f1fcd9c278ca0f522e98dbf57aeb4c59b4b59deeb605
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa848e8c9-5ea8-4948-a3e7-109001ff6cba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6235
x-amzn-requestid: 919a5e9d-11c0-4b12-a718-f5a256f4fda2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3RXBG8xoAMFW1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5fc2c-2398fc8910eb707e4c15b416;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 01:38:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MKOZeVCOBgny84FGH7fem1LQnV756ylBS2sGbZSdTpJQ2TNM2qJKFQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 21:54:10 GMT
age: 2652
etag: "a51ef5eb01736824f382541c5a4ad025ae35c09e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60b96714-9b31-441b-a346-5099f350e204.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60b96714-9b31-441b-a346-5099f350e204.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 115c22a4d18aebbb8ffb5fdd8da8c8ba
6f77d73abc59ca903e2a7fd514b559c60931c4d7
74ef77f35165e40f1d9e2c68924a797a8f1b586c325c2d053f830a6f4163ca97
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60b96714-9b31-441b-a346-5099f350e204.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8388
x-amzn-requestid: 01537ac7-e1b1-4fe8-96dd-e6abd92c4a16
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9TegGC7IAMF-BQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c865f6-0838524e1f33c0f53b548205;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 21:34:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BFn5gcxvAZWydXMPSEYOJIr6zBTAu8elKbwd90734RSpSNnO-GXunQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 21:53:12 GMT
age: 2710
etag: "6f77d73abc59ca903e2a7fd514b559c60931c4d7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F358af8d7-be1d-4bbe-ab3e-a9efaf49e1ac.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F358af8d7-be1d-4bbe-ab3e-a9efaf49e1ac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2b8f931fb5afe958e67fce9e1822dac4
5732887999b819f6facc6f4608a407b5a09adf75
3c6c787e700f8139ec0eeaad93923f647f9efa5ce60120fc0aab52fa9588efaf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F358af8d7-be1d-4bbe-ab3e-a9efaf49e1ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5005
x-amzn-requestid: 647dd62e-6b47-4298-9457-c7f37e653e0e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e5qLKEX6IAMFX0g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c6f0ad-3dc1396c1b3662fa4ec5f1fa;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 19:02:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: oi7K1Z45sral6ne0AsNTVD5vGc4WbZ7acJoq--4NFhN_f2z-xq7pWQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 21:55:43 GMT
etag: "5732887999b819f6facc6f4608a407b5a09adf75"
content-type: image/jpeg
age: 2559
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.regions.com/rdcresources/content/fonts/droidserif-regular-webfont.woff2
205.255.103.100200 OK 25 kB URL HTTP/1.1 www.regions.com/rdcresources/content/fonts/droidserif-regular-webfont.woff2
IP 205.255.103.100:0
File type Web Open Font Format (Version 2), TrueType, length 25180, version 1.0\012- data
Hash ed97ad0179a7e320488aabe236a03029
4d605ccfe533eb243f6c3ca403785960d8b5cff9
3913c00225825b9de4b6f6f292d6222b4328c5e8ae85bbe7c8929660ab0f8dee
GET /rdcresources/content/fonts/droidserif-regular-webfont.woff2 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-mary-hoang-peachtree-city
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=pd2zput2stijrifrgtv5aekd; SC_ANALYTICS_GLOBAL_COOKIE=2b45f76bcf8143578aed1c6115ff8cb1|False
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 2925522
Date: Fri, 16 Dec 2022 01:59:32 GMT
Cache-Control: max-age=31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "8030cb4dd44d91:0"
Content-Type: font/woff2
Content-Length: 25180
Last-Modified: Wed, 30 Nov 2022 15:56:26 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/fonts/droidserif-italic-webfont.woff2
205.255.103.100200 OK 23 kB URL HTTP/1.1 www.regions.com/rdcresources/content/fonts/droidserif-italic-webfont.woff2
IP 205.255.103.100:0
File type Web Open Font Format (Version 2), TrueType, length 22988, version 1.0\012- data
Hash fe84712f81388dfad5f48e4de801ec44
1c3e195be8306df1edc70d4abfa9270876093640
98213150300a378382c71ad9eff1538120dd8f9f29780c475feead2add55d80d
GET /rdcresources/content/fonts/droidserif-italic-webfont.woff2 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-mary-hoang-peachtree-city
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=pd2zput2stijrifrgtv5aekd; SC_ANALYTICS_GLOBAL_COOKIE=2b45f76bcf8143578aed1c6115ff8cb1|False
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 2925521
Date: Fri, 16 Dec 2022 01:59:33 GMT
Cache-Control: max-age=31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "20ad44dd44d91:0"
Content-Type: font/woff2
Content-Length: 22988
Last-Modified: Wed, 30 Nov 2022 15:56:26 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/media/img/regions-logo-no-r.svg
205.255.103.100200 OK 2.2 kB URL HTTP/1.1 www.regions.com/rdcresources/content/media/img/regions-logo-no-r.svg
IP 205.255.103.100:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1024)
Hash a1f74587948b0dd3ba17bc85e8e17cf8
73c00bb48f58bc146754ff1e38e82367e62b623c
54d76bbd9a1b94ddf025374da0c8f6072f47c4b83305fa54773b348d99f2b184
GET /rdcresources/content/media/img/regions-logo-no-r.svg HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-mary-hoang-peachtree-city
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=pd2zput2stijrifrgtv5aekd; SC_ANALYTICS_GLOBAL_COOKIE=2b45f76bcf8143578aed1c6115ff8cb1|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 2957171
Date: Thu, 15 Dec 2022 17:12:03 GMT
Cache-Control: max-age=31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "20c6914cd44d91:0"
Content-Type: image/svg+xml
Content-Length: 2183
Content-Encoding: br
Last-Modified: Wed, 30 Nov 2022 15:56:24 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/Logo/Desktop/header-logo-desktop-regions-standard.svg?revision=5073573a-233c-4471-a6dc-112e6b2cc767
205.255.103.100200 OK 2.8 kB URL HTTP/1.1 www.regions.com/-/media/Images/Logo/Desktop/header-logo-desktop-regions-standard.svg?revision=5073573a-233c-4471-a6dc-112e6b2cc767
IP 205.255.103.100:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1307)
Hash d58bee0aa7945d823a1107e530c1b91c
9030ba67d5b1bfbee85569b75f72e6a6c8de52af
7f9fe1eefa9793fa369be97036bb01cc78d3fad97d30579ac51d5a98d60cd36f
GET /-/media/Images/Logo/Desktop/header-logo-desktop-regions-standard.svg?revision=5073573a-233c-4471-a6dc-112e6b2cc767 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-mary-hoang-peachtree-city
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=pd2zput2stijrifrgtv5aekd; SC_ANALYTICS_GLOBAL_COOKIE=2b45f76bcf8143578aed1c6115ff8cb1|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 539174
Date: Thu, 12 Jan 2023 16:52:07 GMT
Cache-Control: max-age=604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 2587ba95fc7a4fcfacd83d243f8c881d
Content-Type: image/svg+xml
Content-Encoding: br
Last-Modified: Fri, 03 Apr 2020 23:05:47 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Disposition: inline; filename="header-logo-desktop-regions-standard.svg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 2771
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/fonts/droidserif-bold-webfont.woff2
205.255.103.100200 OK 28 kB URL HTTP/1.1 www.regions.com/rdcresources/content/fonts/droidserif-bold-webfont.woff2
IP 205.255.103.100:0
File type Web Open Font Format (Version 2), TrueType, length 28520, version 1.0\012- data
Hash 4a80ddcba4cef2129dec8753762ac8f1
44f352414c76a8f84c27d6240fa3634fd248f4fa
1fa9dc815c95ac07bd2badeacc086f16ea92051db9818ca26c2f7bf048ae8b40
GET /rdcresources/content/fonts/droidserif-bold-webfont.woff2 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-mary-hoang-peachtree-city
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=pd2zput2stijrifrgtv5aekd; SC_ANALYTICS_GLOBAL_COOKIE=2b45f76bcf8143578aed1c6115ff8cb1|False
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 2925521
Date: Fri, 16 Dec 2022 01:59:33 GMT
Cache-Control: max-age=31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "e01acc4dd44d91:0"
Content-Type: font/woff2
Last-Modified: Wed, 30 Nov 2022 15:56:26 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 28520
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/DotCom/Locator/MLOs/mortgage-loan-officer-Mary-Hoang-Peachtree-City.ashx?revision=f0e64c07-4cfb-4bf3-a8eb-01d2c9a82535
205.255.103.100200 OK 26 kB URL HTTP/1.1 www.regions.com/-/media/Images/DotCom/Locator/MLOs/mortgage-loan-officer-Mary-Hoang-Peachtree-City.ashx?revision=f0e64c07-4cfb-4bf3-a8eb-01d2c9a82535
IP 205.255.103.100:0
File type JPEG image data, progressive, precision 8, 175x175, components 3\012- data
Hash 6389b75175658de27c66986e04a8f3a8
95fb5f9fb7ed994db0ac07e196823e96456ee787
1b78274b2105ce569a6efc9eb4c2262b92be4e2f7ec132c82bd96a7855166c4a
GET /-/media/Images/DotCom/Locator/MLOs/mortgage-loan-officer-Mary-Hoang-Peachtree-City.ashx?revision=f0e64c07-4cfb-4bf3-a8eb-01d2c9a82535 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-mary-hoang-peachtree-city
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=pd2zput2stijrifrgtv5aekd; SC_ANALYTICS_GLOBAL_COOKIE=2b45f76bcf8143578aed1c6115ff8cb1|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 481364
Date: Fri, 13 Jan 2023 08:55:38 GMT
Cache-Control: max-age=604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: bd9ee7401a484cab881a02103658e0e8
Content-Length: 25755
Content-Type: application/octet-stream
Last-Modified: Tue, 07 Jun 2022 05:33:18 GMT
Accept-Ranges: bytes
Content-Disposition: attachment; filename="mortgage-loan-officer-Mary-Hoang-Peachtree-City"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/1px.gif
205.255.103.100200 OK 119 B URL HTTP/1.1 www.regions.com/-/media/Images/1px.gif
IP 205.255.103.100:0
File type PNG image data, 1 x 1, 8-bit/color RGB, non-interlaced\012- data
Hash ce21cbdd9b894e6af794813eb3fdaf60
d324efa2b5648eaca4a376c87a01808eb63cc18f
603506996b902b8797cbc1dc4bf350440caad5c59feb97c39344fd7648403b5d
GET /-/media/Images/1px.gif HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-mary-hoang-peachtree-city
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=pd2zput2stijrifrgtv5aekd; SC_ANALYTICS_GLOBAL_COOKIE=2b45f76bcf8143578aed1c6115ff8cb1|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 539079
Date: Thu, 12 Jan 2023 16:53:43 GMT
Cache-Control: max-age=604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: abb54fb4cab64b92b52e12f5fa9df56a
Content-Type: image/png
Content-Length: 119
Last-Modified: Fri, 11 Feb 2022 18:54:06 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="1px.png"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/WebSiteImages/avatar-branch.png?revision=04722475-1946-4ca4-8a8b-d8ca60b1b2e4
205.255.103.100200 OK 32 kB URL HTTP/1.1 www.regions.com/-/media/Images/WebSiteImages/avatar-branch.png?revision=04722475-1946-4ca4-8a8b-d8ca60b1b2e4
IP 205.255.103.100:0
File type PNG image data, 300 x 300, 8-bit/color RGB, non-interlaced\012- data
Hash 6fc369a602a8d0b803844cb324804c7d
415c94e7e9528cfcf2706ff599a72d148283384d
ae0ed41222aa8d4f4203f7734202032e84de9df5807b92ae3cc0fd26953e9b9e
GET /-/media/Images/WebSiteImages/avatar-branch.png?revision=04722475-1946-4ca4-8a8b-d8ca60b1b2e4 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-mary-hoang-peachtree-city
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=pd2zput2stijrifrgtv5aekd; SC_ANALYTICS_GLOBAL_COOKIE=2b45f76bcf8143578aed1c6115ff8cb1|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 538767
Date: Thu, 12 Jan 2023 16:58:55 GMT
Cache-Control: max-age=604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 071966f87dd741458e3fca4a6119123b
Content-Type: image/png
Last-Modified: Wed, 29 Jun 2016 16:37:41 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="avatar-branch.png"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 32529
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/media/img/icon-header-chevron-down.svg
205.255.103.100200 OK 517 B URL HTTP/1.1 www.regions.com/rdcresources/content/media/img/icon-header-chevron-down.svg
IP 205.255.103.100:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text
Hash 6fe592877f7dfdf762e54c6897eb7b82
e938188ad794631774fc4f3c9164c00007d50efd
879055122ad0f1083f2205e4e45871dfdbba85a5d1015fd62caef18ff002cd17
GET /rdcresources/content/media/img/icon-header-chevron-down.svg HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/RDCResources/Content/rdc-ui.min.css?v=1.0.0.18279
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=pd2zput2stijrifrgtv5aekd; SC_ANALYTICS_GLOBAL_COOKIE=2b45f76bcf8143578aed1c6115ff8cb1|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 2957171
Date: Thu, 15 Dec 2022 17:12:03 GMT
Cache-Control: max-age=31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "609b444dd44d91:0"
Content-Type: image/svg+xml
Content-Encoding: br
Last-Modified: Wed, 30 Nov 2022 15:56:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 517
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/media/img/icon-help.svg
205.255.103.100200 OK 1.6 kB URL HTTP/1.1 www.regions.com/rdcresources/content/media/img/icon-help.svg
IP 205.255.103.100:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (2810)
Hash 1e87abefd0a276764c34a02b603b55db
726453b4422b74ff47e7219c823e809bc2dc0763
f00319af3c6c500e1707cb37995e13782710bc08ec0e2bc68a4e6ea28053c25b
GET /rdcresources/content/media/img/icon-help.svg HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/RDCResources/Content/rdc-ui.min.css?v=1.0.0.18279
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=pd2zput2stijrifrgtv5aekd; SC_ANALYTICS_GLOBAL_COOKIE=2b45f76bcf8143578aed1c6115ff8cb1|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 2957171
Date: Thu, 15 Dec 2022 17:12:03 GMT
Cache-Control: max-age=31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "2062724dd44d91:0"
Content-Type: image/svg+xml
Content-Length: 1604
Content-Encoding: br
Last-Modified: Wed, 30 Nov 2022 15:56:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/WebSiteImages/loader.gif
205.255.103.100200 OK 8.4 kB URL HTTP/1.1 www.regions.com/-/media/Images/WebSiteImages/loader.gif
IP 205.255.103.100:0
File type GIF image data, version 89a, 80 x 80\012- data
Hash 0eb0c1bdfdc4a4bd352121f51fec9149
d19adfb29240f0e08accaa483fc00c83c795f369
94a9405de974c3a6ea53616c60777c091e1330fb1b07549d5bdba4168cd19e70
GET /-/media/Images/WebSiteImages/loader.gif HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/RDCResources/Content/rdc-ui.min.css?v=1.0.0.18279
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=pd2zput2stijrifrgtv5aekd; SC_ANALYTICS_GLOBAL_COOKIE=2b45f76bcf8143578aed1c6115ff8cb1|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 539087
Date: Thu, 12 Jan 2023 16:53:35 GMT
Cache-Control: max-age=604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 7cfa43f033c942d7a4dbec8b73001e6b
Content-Length: 8369
Content-Type: image/gif
Last-Modified: Fri, 03 Apr 2020 23:05:54 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="loader.gif"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/media/images/websiteimages/icon-search.svg
205.255.103.100200 OK 383 B URL HTTP/1.1 www.regions.com/rdcresources/content/media/images/websiteimages/icon-search.svg
IP 205.255.103.100:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (885)
Hash 5a496f703b488debeff9e2a3ffb15431
45c6bcfbba5d287d4ab934f1be58936ce02b07f1
cccd3510527cc3dba2e9549bfafc7d5adcc841c85ac5adc3ece5e929e5110521
GET /rdcresources/content/media/images/websiteimages/icon-search.svg HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/RDCResources/Content/rdc-ui.min.css?v=1.0.0.18279
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=pd2zput2stijrifrgtv5aekd; SC_ANALYTICS_GLOBAL_COOKIE=2b45f76bcf8143578aed1c6115ff8cb1|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 2957103
Date: Thu, 15 Dec 2022 17:13:11 GMT
Cache-Control: max-age=31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "3092af4dd44d91:0"
Content-Type: image/svg+xml
Content-Encoding: br
Last-Modified: Wed, 30 Nov 2022 15:56:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 383
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/media/images/websiteimages/icon-arrow-left.svg
205.255.103.100200 OK 182 B URL HTTP/1.1 www.regions.com/rdcresources/content/media/images/websiteimages/icon-arrow-left.svg
IP 205.255.103.100:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 3d6e93f26cbed5c0aa513bf999390324
2eba3877db3b6e7628432bac0ddaa87bb15e0964
16bf21ce7515f635f6001facdc834a464e4f33ee66f8107a6d9c591b652d8945
GET /rdcresources/content/media/images/websiteimages/icon-arrow-left.svg HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/RDCResources/Content/rdc-ui.min.css?v=1.0.0.18279
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=pd2zput2stijrifrgtv5aekd; SC_ANALYTICS_GLOBAL_COOKIE=2b45f76bcf8143578aed1c6115ff8cb1|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 2957155
Date: Thu, 15 Dec 2022 17:12:19 GMT
Cache-Control: max-age=31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "1044af4dd44d91:0"
Content-Type: image/svg+xml
Content-Length: 182
Content-Encoding: br
Last-Modified: Wed, 30 Nov 2022 15:56:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/media/images/websiteimages/icon-arrow-right.svg
205.255.103.100200 OK 178 B URL HTTP/1.1 www.regions.com/rdcresources/content/media/images/websiteimages/icon-arrow-right.svg
IP 205.255.103.100:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 3fdfa195b0c473d29f63646ffc634e37
1269b3601af214b36e1215d781c1042b192333ad
14bd0be8cfd82397404fec404f48f9994b2dd47fceb8a4f6b004d59803cade17
GET /rdcresources/content/media/images/websiteimages/icon-arrow-right.svg HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/RDCResources/Content/rdc-ui.min.css?v=1.0.0.18279
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=pd2zput2stijrifrgtv5aekd; SC_ANALYTICS_GLOBAL_COOKIE=2b45f76bcf8143578aed1c6115ff8cb1|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 2957156
Date: Thu, 15 Dec 2022 17:12:18 GMT
Cache-Control: max-age=31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "1044af4dd44d91:0"
Content-Type: image/svg+xml
Content-Encoding: br
Last-Modified: Wed, 30 Nov 2022 15:56:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 178
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/WebSiteImages/video-component-background.jpg
205.255.103.100200 OK 86 kB URL HTTP/1.1 www.regions.com/-/media/Images/WebSiteImages/video-component-background.jpg
IP 205.255.103.100:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2800x900, components 3\012- data
Hash 714ec83101dd539af3adda51008a05d1
e2532bb228b37f019f4c7e50a850cc10d3dc5d3a
7caee0314b38dbf2499e877aaf6fc68cc34521d63d55a08d8b8ea4cecb7f7990
GET /-/media/Images/WebSiteImages/video-component-background.jpg HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/RDCResources/Content/rdc-ui.min.css?v=1.0.0.18279
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=pd2zput2stijrifrgtv5aekd; SC_ANALYTICS_GLOBAL_COOKIE=2b45f76bcf8143578aed1c6115ff8cb1|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 538802
Date: Thu, 12 Jan 2023 16:58:20 GMT
Cache-Control: max-age=604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 9d7b5cdd37ac4196bc046f22d89a7d60
Content-Type: image/jpeg
Content-Length: 85802
Last-Modified: Fri, 03 Apr 2020 23:05:56 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="video-component-background.jpg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/Insights/Thumbnail/Personal/H-FAH-preparing-for-a-major-home-remodel-thumb.jpg?revision=cea5c952-835f-4735-af18-4850d9b0646f
205.255.103.100200 OK 98 kB URL HTTP/1.1 www.regions.com/-/media/Images/Insights/Thumbnail/Personal/H-FAH-preparing-for-a-major-home-remodel-thumb.jpg?revision=cea5c952-835f-4735-af18-4850d9b0646f
IP 205.255.103.100:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 432x456, components 3\012- data
Hash 372bd7f2ff8ecf74e939d7d7e2ad94af
320244fbc60864b6662f3ae720817099bfaf3add
80d2097213a26f3ae12d5deae29efca6864f9cd0e7886a03812f0da841667207
GET /-/media/Images/Insights/Thumbnail/Personal/H-FAH-preparing-for-a-major-home-remodel-thumb.jpg?revision=cea5c952-835f-4735-af18-4850d9b0646f HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-mary-hoang-peachtree-city
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=pd2zput2stijrifrgtv5aekd; SC_ANALYTICS_GLOBAL_COOKIE=2b45f76bcf8143578aed1c6115ff8cb1|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 539079
Date: Thu, 12 Jan 2023 16:53:43 GMT
Cache-Control: max-age=604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: f78551ee84504eef883b8b40efb13011
Content-Type: image/jpeg
Content-Length: 98074
Last-Modified: Mon, 01 Mar 2021 14:39:24 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="H-FAH-preparing-for-a-major-home-remodel-thumb.jpg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
www.regions.com/RDCResources/Scripts/rdc-ui.min.js?v=1.0.0.18279
205.255.103.100200 OK 147 kB URL HTTP/1.1 www.regions.com/RDCResources/Scripts/rdc-ui.min.js?v=1.0.0.18279
IP 205.255.103.100:0
File type Unicode text, UTF-8 text, with very long lines (60936)
Size 147 kB (147128 bytes)
Hash 928c0bb7a178f6eac27060bf4c99c952
dbfca8566bbdf825aa3daefb70bef7b46febe3d2
fe7c6fffb1a7523f3972aa929857d53669f01b1947cadfb017790fc9ad19b6ff
GET /RDCResources/Scripts/rdc-ui.min.js?v=1.0.0.18279 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-mary-hoang-peachtree-city
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=pd2zput2stijrifrgtv5aekd; SC_ANALYTICS_GLOBAL_COOKIE=2b45f76bcf8143578aed1c6115ff8cb1|False
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 2957120
Date: Thu, 15 Dec 2022 17:12:55 GMT
Cache-Control: max-age=31536000,public
Content-Length: 147128
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "604ce34dd44d91:0"
Content-Type: application/javascript
Content-Encoding: br
Last-Modified: Wed, 30 Nov 2022 15:56:27 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FH-Save-Money-Refinancing-Your-Mortgage.jpg?revision=d3ad0902-be59-443c-a8a8-980c0ba397cd
205.255.103.100200 OK 16 kB URL HTTP/1.1 www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FH-Save-Money-Refinancing-Your-Mortgage.jpg?revision=d3ad0902-be59-443c-a8a8-980c0ba397cd
IP 205.255.103.100:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 216x228, components 3\012- data
Hash 51dd85ef382069ec38904173a12e9812
e821e922c3f7a622b4d032032d8c13eaaa71013a
e0863c1bfa4b1cc0e2068765f09fc77f543a4caa33fdc6b41da08d3f28b9b6b0
GET /-/media/Images/Insights/Thumbnail/Personal/P-H-FH-Save-Money-Refinancing-Your-Mortgage.jpg?revision=d3ad0902-be59-443c-a8a8-980c0ba397cd HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-mary-hoang-peachtree-city
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=pd2zput2stijrifrgtv5aekd; SC_ANALYTICS_GLOBAL_COOKIE=2b45f76bcf8143578aed1c6115ff8cb1|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 539079
Date: Thu, 12 Jan 2023 16:53:43 GMT
Cache-Control: max-age=604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: ecc44ec6c3da494498bf2e82b723f903
Content-Type: image/jpeg
Content-Length: 16468
Last-Modified: Fri, 11 Sep 2020 15:58:15 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="P-H-FH-Save-Money-Refinancing-Your-Mortgage.jpg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-UYHE-Is_a_Home_Equity_Loan_or_Line_of_Credit_Right_for_you-Thumb.jpg?revision=015fa817-5dd3-4991-852e-0e106801180a
205.255.103.100200 OK 21 kB URL HTTP/1.1 www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-UYHE-Is_a_Home_Equity_Loan_or_Line_of_Credit_Right_for_you-Thumb.jpg?revision=015fa817-5dd3-4991-852e-0e106801180a
IP 205.255.103.100:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 432x456, components 3\012- data
Hash de1166a7dea4821e653419386f30ef80
849da63131c1f7333e790c7b8470beea90797a3d
73f81791ec41abc9a738979de0f83bd6c2efc70908e86047ff2b2aa5cdb62a60
GET /-/media/Images/Insights/Thumbnail/Personal/P-H-UYHE-Is_a_Home_Equity_Loan_or_Line_of_Credit_Right_for_you-Thumb.jpg?revision=015fa817-5dd3-4991-852e-0e106801180a HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-mary-hoang-peachtree-city
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=pd2zput2stijrifrgtv5aekd; SC_ANALYTICS_GLOBAL_COOKIE=2b45f76bcf8143578aed1c6115ff8cb1|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 539009
Date: Thu, 12 Jan 2023 16:54:53 GMT
Cache-Control: max-age=604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 8ca54c4c0b8e477093a82d2796b8587b
Content-Type: image/jpeg
Content-Length: 20600
Last-Modified: Fri, 11 Sep 2020 15:58:11 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="P-H-UYHE-Is_a_Home_Equity_Loan_or_Line_of_Credit_Right_for_you-Thumb.jpg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FYH-Checklist_Closing_Costs_vs_Prepaid_Items-Thumb.jpg?revision=fd9cddf8-1e36-4d44-a1ee-5aeef8da81e8
205.255.103.100200 OK 22 kB URL HTTP/1.1 www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FYH-Checklist_Closing_Costs_vs_Prepaid_Items-Thumb.jpg?revision=fd9cddf8-1e36-4d44-a1ee-5aeef8da81e8
IP 205.255.103.100:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 432x456, components 3\012- data
Hash 43c3979dfaa872bee3d5ecd678b41551
efb2b3011959b7e59fdf8a0242fc69190eb85e4b
852995c5e7bd28d42e0086cac3de58ddbd9ef0161ade5267f3d16b09579dd6d4
GET /-/media/Images/Insights/Thumbnail/Personal/P-H-FYH-Checklist_Closing_Costs_vs_Prepaid_Items-Thumb.jpg?revision=fd9cddf8-1e36-4d44-a1ee-5aeef8da81e8 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-mary-hoang-peachtree-city
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=pd2zput2stijrifrgtv5aekd; SC_ANALYTICS_GLOBAL_COOKIE=2b45f76bcf8143578aed1c6115ff8cb1|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 538804
Date: Thu, 12 Jan 2023 16:58:17 GMT
Cache-Control: max-age=604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 0bad9f02bd23408ba9830e28065b7798
Content-Type: image/jpeg
Content-Length: 21773
Last-Modified: Fri, 11 Sep 2020 15:58:16 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="P-H-FYH-Checklist_Closing_Costs_vs_Prepaid_Items-Thumb.jpg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
www.regions.com/locator/mlo/-/media/Images/Icon/icon-calendar/icon-calendar.svg
205.255.103.100200 OK 940 B URL HTTP/1.1 www.regions.com/locator/mlo/-/media/Images/Icon/icon-calendar/icon-calendar.svg
IP 205.255.103.100:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2699), with no line terminators
Hash c83395d617c81d10166217b9351ddd3d
cc2faff006102f6fffddc4ad5455391471459233
e9c2910517c5105adba61d2001a7ab4ad1f36b90e059fdc8464c6f851310f899
GET /locator/mlo/-/media/Images/Icon/icon-calendar/icon-calendar.svg HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-mary-hoang-peachtree-city
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=pd2zput2stijrifrgtv5aekd; SC_ANALYTICS_GLOBAL_COOKIE=2b45f76bcf8143578aed1c6115ff8cb1|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 568919
Date: Thu, 12 Jan 2023 08:36:22 GMT
Cache-Control: max-age=599057,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 280096ce24584f08ae4f82ec6e1611c5
Content-Type: image/svg+xml
Content-Length: 940
Content-Encoding: br
Last-Modified: Wed, 03 Mar 2021 23:16:47 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Disposition: inline; filename="icon-calendar.svg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FAH-ThingsToKnowAboutAnAdjustableRateMortgage-Thumb.jpg?revision=7359873d-ce42-45c7-bef6-35604caaf84b
205.255.103.100200 OK 33 kB URL HTTP/1.1 www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FAH-ThingsToKnowAboutAnAdjustableRateMortgage-Thumb.jpg?revision=7359873d-ce42-45c7-bef6-35604caaf84b
IP 205.255.103.100:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 432x456, components 3\012- data
Hash a0fdb87f17a0891d20b4c7c7dd489ae3
e64540d9a8a47e946531663c1939a7595ac0da41
673948f25b84f697a6098cdb3880ed34ad8675ffd4b3c5b7c7c984a4a091a551
GET /-/media/Images/Insights/Thumbnail/Personal/P-H-FAH-ThingsToKnowAboutAnAdjustableRateMortgage-Thumb.jpg?revision=7359873d-ce42-45c7-bef6-35604caaf84b HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-mary-hoang-peachtree-city
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=pd2zput2stijrifrgtv5aekd; SC_ANALYTICS_GLOBAL_COOKIE=2b45f76bcf8143578aed1c6115ff8cb1|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 538804
Date: Thu, 12 Jan 2023 16:58:17 GMT
Cache-Control: max-age=604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 8058e759fc414eed969f8bd2f43e85a0
Content-Type: image/jpeg
Last-Modified: Fri, 11 Sep 2020 15:58:16 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="P-H-FAH-ThingsToKnowAboutAnAdjustableRateMortgage-Thumb.jpg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 33076
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FAH-understanding-adjustable-rate-mortgages-podcast-Thumb.jpg?revision=123ce605-bb6a-45a2-bee4-cfab482b5041
205.255.103.100200 OK 89 kB URL HTTP/1.1 www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FAH-understanding-adjustable-rate-mortgages-podcast-Thumb.jpg?revision=123ce605-bb6a-45a2-bee4-cfab482b5041
IP 205.255.103.100:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.0 (Macintosh), datetime=2020:01:16 13:59:30 DIY-Thermocam raw data\012- (Lepton 2.x), scale 21870-29766, spot sensor temperature 74893065746301681918931676168192.000000, unit celsius, color scheme 0, calibration: offset 0.000000, slope 137438953472.000000], baseline, precision 8, 432x456, components 3\012- data
Hash 6f07089f352bd05fa11d90f30e6cc5e4
0cb2658df6969bd6b8be226965eb2c259f0ea20b
1d0f2941a7e38e37c07ab51df9d709e4711faee18fdba5382811abb70e061fa3
GET /-/media/Images/Insights/Thumbnail/Personal/P-H-FAH-understanding-adjustable-rate-mortgages-podcast-Thumb.jpg?revision=123ce605-bb6a-45a2-bee4-cfab482b5041 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-mary-hoang-peachtree-city
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=pd2zput2stijrifrgtv5aekd; SC_ANALYTICS_GLOBAL_COOKIE=2b45f76bcf8143578aed1c6115ff8cb1|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 538804
Date: Thu, 12 Jan 2023 16:58:17 GMT
Cache-Control: max-age=604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: fbff9ae4cc204417b09fbc41995b15f9
Content-Type: image/jpeg
Content-Length: 88747
Last-Modified: Fri, 11 Sep 2020 15:58:05 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="P-H-FAH-understanding-adjustable-rate-mortgages-podcast-Thumb.jpg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FAH-applying-for-a-home-loan-podcast-Thumb.jpg?revision=69f08e28-6916-4f57-a2ed-a1f0ed32dc22
205.255.103.100200 OK 88 kB URL HTTP/1.1 www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FAH-applying-for-a-home-loan-podcast-Thumb.jpg?revision=69f08e28-6916-4f57-a2ed-a1f0ed32dc22
IP 205.255.103.100:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.0 (Macintosh), datetime=2020:01:16 13:19:44], baseline, precision 8, 432x456, components 3\012- data
Hash c8841785cd39c7400eb055f52f4fd395
dcb5859dc36c50ab2727e2a9366d5c59551a4b28
1d47fb60ed8a9217554a061f114f98265f0241adeec6b7ecfe58b98a9ca9f137
GET /-/media/Images/Insights/Thumbnail/Personal/P-H-FAH-applying-for-a-home-loan-podcast-Thumb.jpg?revision=69f08e28-6916-4f57-a2ed-a1f0ed32dc22 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-mary-hoang-peachtree-city
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=pd2zput2stijrifrgtv5aekd; SC_ANALYTICS_GLOBAL_COOKIE=2b45f76bcf8143578aed1c6115ff8cb1|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 538804
Date: Thu, 12 Jan 2023 16:58:18 GMT
Cache-Control: max-age=604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: db4a6978e622401bbde4a35d3c2b7841
Content-Type: image/jpeg
Content-Length: 88363
Last-Modified: Fri, 11 Sep 2020 15:58:05 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="P-H-FAH-applying-for-a-home-loan-podcast-Thumb.jpg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
nexus.ensighten.com/regions/regions-prod/Bootstrap.js
54.230.111.35200 OK 76 kB URL HTTP/2 nexus.ensighten.com/regions/regions-prod/Bootstrap.js
IP 54.230.111.35:0
File type ASCII text, with very long lines (1435)
Hash 5f038f9bd7e7eba963c0365743235503
028dab72c10c7e34cd2ec2b4353e6e693a718537
05f31adc04c80d6f24ca04f748a3819c57dc78e7034879f600f81f725b3f7e19
GET /regions/regions-prod/Bootstrap.js HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Mon, 12 Dec 2022 19:16:33 GMT
x-amz-replication-status: COMPLETED
last-modified: Mon, 12 Dec 2022 19:12:14 GMT
etag: W/"3bfa0eb27a70cd7807f1fb42c0b116e6"
x-amz-server-side-encryption: AES256
cache-control: max-age=300
x-amz-version-id: m3L33adF6WObuWfNikricxmwBiJC6ehH
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QuCzB4nuA4mqxNCqeqLI7-MszUsxYyyeg0NyOX4lG6wiWgYcE1uiZg==
age: 3208910
X-Firefox-Spdy: h2
maps.googleapis.com/maps/api/js?v=3.exp&libraries=places&client=gme-regionsbank&callback=REGIONS.maps.afterInit&_=1674081503148
142.250.74.106200 OK 55 kB URL HTTP/2 maps.googleapis.com/maps/api/js?v=3.exp&libraries=places&client=gme-regionsbank&callback=REGIONS.maps.afterInit&_=1674081503148
IP 142.250.74.106:0
File type ASCII text, with very long lines (2495)
Hash 6c1a2571e4daae708eb372462078f919
c6b0654bf3f4635ef12ff70388b05d9a1d2477b4
25ba3f3285d557d4c62813d631f7d554c5658f4c697d31e489e8a4d1bd64453e
GET /maps/api/js?v=3.exp&libraries=places&client=gme-regionsbank&callback=REGIONS.maps.afterInit&_=1674081503148 HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Wed, 18 Jan 2023 22:38:23 GMT
expires: Wed, 18 Jan 2023 23:08:23 GMT
cache-control: public, max-age=1800
vary: Accept-Language
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 55300
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=37
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 607bf9684e4803d817fdd1120427dcdd
886fa77396c792751868f05806793937a4f11be6
d17df5470015b9c3be3fc1e9c8fa5f2b732231eed453b689e94897f6f1da3911
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 22:38:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.regions.com/-/media/Images/DotCom/Generic/video-component-background.jpg?revision=bd3405f8-01e8-4334-ab30-0fa6d90ca353
205.255.103.100200 OK 926 kB URL HTTP/1.1 www.regions.com/-/media/Images/DotCom/Generic/video-component-background.jpg?revision=bd3405f8-01e8-4334-ab30-0fa6d90ca353
IP 205.255.103.100:0
File type PNG image data, 1400 x 450, 8-bit/color RGBA, non-interlaced\012- data
Size 926 kB (926480 bytes)
Hash 869f6fce3cc41447159b757d89bc8ba7
e9e34caba119cb5727bf3324c4d897edd22ea1e6
8e8dcd035a49dabbf01d255019d0fca12bace4c39bbb8b3aa7373a1dadae49a5
GET /-/media/Images/DotCom/Generic/video-component-background.jpg?revision=bd3405f8-01e8-4334-ab30-0fa6d90ca353 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-mary-hoang-peachtree-city
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=pd2zput2stijrifrgtv5aekd; SC_ANALYTICS_GLOBAL_COOKIE=2b45f76bcf8143578aed1c6115ff8cb1|False; Regions_SessionId=c22fabc1-9f57-46d3-ac91-31968f3cd124
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 538983
Date: Thu, 12 Jan 2023 16:55:19 GMT
Cache-Control: max-age=604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: f294c5922dab4c0da74893f259ffb939
Content-Type: image/png
Last-Modified: Tue, 04 Aug 2020 19:24:35 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="video-component-background.png"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 926480
Strict-Transport-Security: max-age=157680000
nexus.ensighten.com/regions/regions-prod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/regions/regions-prod/code/&publishedOn=Mon%20Dec%2012%2019:12:12%20GMT%202022&ClientID=1202&PageID=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city
54.230.111.35200 OK 398 B URL HTTP/2 nexus.ensighten.com/regions/regions-prod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/regions/regions-prod/code/&publishedOn=Mon%20Dec%2012%2019:12:12%20GMT%202022&ClientID=1202&PageID=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city
IP 54.230.111.35:0
File type ASCII text, with very long lines (397)
Hash 60cddb179b25e850c480e12bb370d34e
83316ad24cc5289a9e8b5becc9e2065ce06779cc
8e3f0d2d9e049c00a9bb5ae8e9335368e82868043f4408bc24ee7eb06753de50
GET /regions/regions-prod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/regions/regions-prod/code/&publishedOn=Mon%20Dec%2012%2019:12:12%20GMT%202022&ClientID=1202&PageID=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 398
server: nginx
date: Wed, 18 Jan 2023 22:38:23 GMT
expires: Wed, 18 Jan 2023 22:38:22 GMT
cache-control: no-cache, no-store
x-cache: Miss from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7r_MbW9X8AeizDXbzLVq7tsd7QQTxoGkyuSgCTIuMNO0Bf-qF9vrQQ==
X-Firefox-Spdy: h2
nexus.ensighten.com/error/e.gif?msg=Invalid%20data%20definition%20used%3A%2059857&lnn=54&fn=https%3A%2F%2Fnexus.ensighten.com%2Fregions%2Fregions-prod%2FBootstrap.js&cid=1202&client=regions&publishPath=regions-prod&rid=-1&did=-1&errorName=DataDefinitionException
54.230.111.35204 No Content 0 B URL HTTP/2 nexus.ensighten.com/error/e.gif?msg=Invalid%20data%20definition%20used%3A%2059857&lnn=54&fn=https%3A%2F%2Fnexus.ensighten.com%2Fregions%2Fregions-prod%2FBootstrap.js&cid=1202&client=regions&publishPath=regions-prod&rid=-1&did=-1&errorName=DataDefinitionException
IP 54.230.111.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /error/e.gif?msg=Invalid%20data%20definition%20used%3A%2059857&lnn=54&fn=https%3A%2F%2Fnexus.ensighten.com%2Fregions%2Fregions-prod%2FBootstrap.js&cid=1202&client=regions&publishPath=regions-prod&rid=-1&did=-1&errorName=DataDefinitionException HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: CloudFront
date: Wed, 18 Jan 2023 00:24:45 GMT
cache-control: no-cache, no-store
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TsEARpeGXGYXzWQSMtZQonqnn_ZhXxZdRPfQhVj6jJEDpPvtyZ1Kaw==
age: 80019
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 783c01fa14ade2316e22ead869b3dbf8
71e20a947b3a9e10cb2bf046e2ca3da294d97f70
9b0aee93ad83dd0c14a106a2514b86ab950b2fc679596fd621841242b5c7e95c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 22:38:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 609e45fea97c358f277f4213b972edba
518a702ba2e895a2f4c93f3ea271b7166ca4d1c7
579f760c7325c9cb3be879ba7b238908150383bdb5a165b602c158b4588a6baa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5848
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 22:38:24 GMT
Last-Modified: Wed, 18 Jan 2023 21:00:56 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 312
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a03c1b05d4fd2df8726c1d4a618cda2a
83eeed527617ea7b042b442ddd8ebbab904f6693
954e6ba072ba88bdede092c1c95062a7c47a2d394fde8969d0a9033ee7acb8d2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 22:38:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=AW-1013536406&l=regionsDataLayer
142.250.74.40200 OK 72 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-1013536406&l=regionsDataLayer
IP 142.250.74.40:0
File type ASCII text, with very long lines (7724)
Hash 99c45449fb37118b8e36def7698b612c
719868cb971bbf9cbd234803c4af360aff0a406b
bd829bf4a531f491c90b2b7e0545300fd187f352944f39e2f735b66dccfa8442
GET /gtag/js?id=AW-1013536406&l=regionsDataLayer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 18 Jan 2023 22:38:24 GMT
expires: Wed, 18 Jan 2023 22:38:24 GMT
cache-control: private, max-age=900
last-modified: Wed, 18 Jan 2023 22:03:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 72022
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 783c01fa14ade2316e22ead869b3dbf8
71e20a947b3a9e10cb2bf046e2ca3da294d97f70
9b0aee93ad83dd0c14a106a2514b86ab950b2fc679596fd621841242b5c7e95c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 22:38:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10175658&he=start&auid=regio0
212.82.100.181200 OK 43 B URL HTTP/2 sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10175658&he=start&auid=regio0
IP 212.82.100.181:0
ASN #34010 Yahoo! UK Services Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /spp.pl?a=10000&.yp=10175658&he=start&auid=regio0 HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 22:38:24 GMT
expires: Wed, 18 Jan 2023 22:38:24 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBOB0yGMCEHizKAE1_MKH7Cz8MWh8FUYFEgEBAQHGyWPSYwAAAAAA_eMAAA&S=AQAAAqSDRU4Ie5U7TDxi4y0fGbk; Expires=Fri, 19 Jan 2024 04:38:24 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a03c1b05d4fd2df8726c1d4a618cda2a
83eeed527617ea7b042b442ddd8ebbab904f6693
954e6ba072ba88bdede092c1c95062a7c47a2d394fde8969d0a9033ee7acb8d2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 22:38:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 96932e7ee122dfbe89a87a0265f8bf94
a260e5fb88fa73efaedcd7880f4bfea7acf44fbb
e806134fe3187494ab16df5a777bb4d7b8d0a8c400b542a5414b63c7ef3ac3e2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 22:38:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
nexus.ensighten.com/regions/regions-prod/code/24da58b897a83ac8dd6122091a6386c7.js?conditionId0=365287
54.230.111.35200 OK 584 B URL HTTP/2 nexus.ensighten.com/regions/regions-prod/code/24da58b897a83ac8dd6122091a6386c7.js?conditionId0=365287
IP 54.230.111.35:0
File type ASCII text, with very long lines (507)
Hash 3ea9aa4c8755c51aef30f68efb98288f
b75cc6d132a12626b414b36a366b136a35b595f3
074188cf7b4ac1c754807fd53a20c9b0579479550d3a2448f64f3a2f82c64e4c
GET /regions/regions-prod/code/24da58b897a83ac8dd6122091a6386c7.js?conditionId0=365287 HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Fri, 16 Dec 2022 02:10:12 GMT
x-amz-replication-status: COMPLETED
last-modified: Thu, 29 Jul 2021 14:26:53 GMT
etag: W/"9ed4a4cfac4d3c7c1bfeb172d00660a5"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: BEVKDIy25SUFzQ.PZ9GYTiV2LlHnMgZ9
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: l3woLqQCJJ4LmEwKBog-TF2JYDUS66uY2dvWKpEALfUHqCUiRVkb1g==
age: 2924892
X-Firefox-Spdy: h2
adservice.google.com/ddm/fls/i/src=9100576;type=pv;cat=regio0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=0;ord=8929416867121.523;~oref=https://www.regions.com/
142.250.74.130200 OK 238 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=9100576;type=pv;cat=regio0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=0;ord=8929416867121.523;~oref=https://www.regions.com/
IP 142.250.74.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (481), with no line terminators
Hash 1d96c7c1e1496739f79b9686eae77d8c
591cb4a6a8f11ff32fd6e116b4597ebf9a8284d3
25efcfcd4f24702a3083b5afa2383e1317fa64d30de9e92829db6a1ef3c2ed5c
GET /ddm/fls/i/src=9100576;type=pv;cat=regio0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=0;ord=8929416867121.523;~oref=https://www.regions.com/ HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9100576.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 22:38:24 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 238
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=2f522f2cbc0fecebadd20f961aabdb13&k=regions-bank-pixel-8219&zmpID=regions-bank&cache_buster=104680512821794&PageUrl=https://www.regions.com/locator/mlo/mortgage-loan-officer-mary-hoang-peachtree-city
143.204.55.106200 OK 1.9 kB URL HTTP/2 live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=2f522f2cbc0fecebadd20f961aabdb13&k=regions-bank-pixel-8219&zmpID=regions-bank&cache_buster=104680512821794&PageUrl=https://www.regions.com/locator/mlo/mortgage-loan-officer-mary-hoang-peachtree-city
IP 143.204.55.106:0
File type HTML document, ASCII text, with very long lines (1201)
Hash b4e28b2f67cb41172bd522166d1f12a4
151e9605e6235bd3d70ec2dd7e7aa588ffee7083
368201c2c00fc7fbabf4b905db47fcc79d6baaaf4f35315ea76da638381d7cc2
GET /sync?c=16b6410431b6374e780104abb0443ca8&p=2f522f2cbc0fecebadd20f961aabdb13&k=regions-bank-pixel-8219&zmpID=regions-bank&cache_buster=104680512821794&PageUrl=https://www.regions.com/locator/mlo/mortgage-loan-officer-mary-hoang-peachtree-city HTTP/1.1
Host: live.rezync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 1874
date: Wed, 18 Jan 2023 22:38:24 GMT
set-cookie: zync-uuid=afd171b8-c614-4e20-bfde-984bbfa84de2:1674081504.245601; Domain=rezync.com; Expires=Mon, 17 Jul 2023 14:38:24 GMT; Path=/; SameSite=None; Secure
sd-session-id=eyJfcGVybWFuZW50Ijp0cnVlLCJzZXNzaW9uX2lkIjoiYWZkMTcxYjgtYzYxNC00ZTIwLWJmZGUtOTg0YmJmYTg0ZGUyOjE2NzQwODE1MDQuMjQ1NjAxIn0.Y8h04A.xYxXhOAxJzlXmngYzoNUZUJ5IDI; Expires=Mon, 17 Jul 2023 22:38:24 GMT; HttpOnly; Path=/; SameSite=None; Secure
vary: Cookie
server: lighttpd/1.4.59
x-cache: Miss from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: SaXBSipmnxtTp8QsoePVh0GrgHvAtQGA1Uk0M-05kJL8Nki3mAkVmw==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 96932e7ee122dfbe89a87a0265f8bf94
a260e5fb88fa73efaedcd7880f4bfea7acf44fbb
e806134fe3187494ab16df5a777bb4d7b8d0a8c400b542a5414b63c7ef3ac3e2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 22:38:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/bat.js
204.79.197.200200 OK 12 kB IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39124), with no line terminators
Hash d925a898de26295fdebfc90203ef46fa
77dd3f5893b76530e08058d50e8f9aef017e80c7
8f4a413fec7e48f5ac290f4596fef33b6396e7fb31080ec0203a5ec817d140c8
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11460
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 17:15:50 GMT
accept-ranges: bytes
etag: "027e538cd8d91:0"
vary: Accept-Encoding
set-cookie: MUID=1B4FB14831F069CB21B6A3D53005685A; domain=.bing.com; expires=Mon, 12-Feb-2024 22:38:24 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6C34B0DE6AC049A0BC7290FB55A19CC5 Ref B: OSL30EDGE0209 Ref C: 2023-01-18T22:38:24Z
date: Wed, 18 Jan 2023 22:38:24 GMT
X-Firefox-Spdy: h2
js.adsrvr.org/up_loader.1.1.0.js
143.204.45.46200 OK 1.9 kB URL HTTP/1.1 js.adsrvr.org/up_loader.1.1.0.js
IP 143.204.45.46:0
File type ASCII text, with very long lines (4593), with no line terminators
Hash a8dc4482053f1d083f27d34ceeea1cbd
6bc208909339ac82a1f12722d78b3aa633008452
0c4c42bc3ffe74dad7814fef97f081777141f4a8b3acd4186e4f450535070037
GET /up_loader.1.1.0.js HTTP/1.1
Host: js.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Wed, 18 Jan 2023 06:03:07 GMT
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: XyDLs5i268Txactop_iJOd09wOTxeSeZjr3gK1ecgjh9Wxcb6oMd5w==
Age: 59719
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 948e6eab4e0fbb57ec991519b205a62b
d85968f393cf652627a14b5afd00e17d46bdfa13
4b1931c60a3b716142ac04c9b573f15dc7cef2297b62c1fad93d132cc6c05391
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4600
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 22:38:24 GMT
Last-Modified: Wed, 18 Jan 2023 21:21:44 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
ct.pinterest.com/v3/?tid=2613483917557&noscript=1
2.18.172.195200 OK 35 B URL HTTP/2 ct.pinterest.com/v3/?tid=2613483917557&noscript=1
IP 2.18.172.195:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9b8d19f4310c758344e40bf17fbc7e85
2290ef058812d5f5e398736e2316cba8cf8093cf
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
GET /v3/?tid=2613483917557&noscript=1 HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: image/gif
content-length: 35
access-control-allow-origin: *
x-envoy-upstream-service-time: 3
referrer-policy: origin
x-pinterest-rid: 1316166111350920
date: Wed, 18 Jan 2023 22:38:24 GMT
set-cookie: _pinterest_ct_ua="TWc9PSZHeUQrUndtWU02akJvRDhZWncwczNybHloRVh4N29pTmtlcDQzT1hYNUEzNTZkV29FZkovdTlNYnZNTExaK1UxWVhYd0t6TTlRQkZOTzRQRlQ3UUM0TmhUTWVVQk8waFhmbm9jeGZLRkhRQT0mdGRNK2txR2pNK2xGQTNnTTVqOFBGRDJvYS84PQ=="; Expires=Thu, 18 Jan 2024 22:38:24 GMT; Path=/; Domain=ct.pinterest.com; Secure; SameSite=None
akamai-grn: 0.540a655f.1674081504.3f3c0d59
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6ffc62725eb8d702d9aebcb456457fb2
0b5f6c5f99abfc8cc37016f8b76e19097c3ba294
f0d158f00224cad7d42c75dfdbbbe4f7ab6a4cdb221d3faa5aeb9917d98d4f0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 22:38:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
p.teads.tv/teads-fellow.js
184.24.45.54200 OK 6.3 kB URL HTTP/1.1 p.teads.tv/teads-fellow.js
IP 184.24.45.54:0
File type ASCII text, with very long lines (19635), with no line terminators
Hash 224d302d48a5c194cb87c2152bf52001
f0be89c90787bc5a87946f85f73f87c58727d223
0e3a9f450a5e726c59778e41c976fc71ca48ddd4188125b227e3e2be126d0300
GET /teads-fellow.js HTTP/1.1
Host: p.teads.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: C1njjQz5whSSe3kQ+nblwm5FG29XTfh8cuqjZmmiZ9A205tmyeTSvsQoBVorF+iU9WtM456wwYw=
x-amz-request-id: RRKA82CSM3X0GXXK
Last-Modified: Mon, 09 Jan 2023 10:26:18 GMT
ETag: "7975ad4e75e6b6b30a6de6933b071ae0"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Encoding: gzip
Content-Length: 6292
Cache-Control: max-age=515
Date: Wed, 18 Jan 2023 22:38:24 GMT
Connection: keep-alive
Vary: Accept-Encoding
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3e3addb820a34c3b5c0500b1d1db42e9
d86fe35c6d60352dec9804fd4d19987e03b6414c
539ad699fe3f8d7491b9c2c28652e350de293692250021e6b295476029f18041
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6355
Cache-Control: max-age=162859
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 22:38:24 GMT
Etag: "63c83538-1d7"
Expires: Fri, 20 Jan 2023 19:52:43 GMT
Last-Modified: Wed, 18 Jan 2023 18:06:48 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 532289832b1f21cd9014c904ca0a1ad6
16b0dbd03283cf8a80316e49ab0a0299fd237d99
e0b0758c8bea976e4963c7ca91cc223d9b68f1e45048dd9d5cce73c9f20a08a9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 22:38:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 541db4f3f0ba067bfb58cdac34cb86f4
20e6883f068568888ce37c6b9ef8f5d12be257c0
83898f3b2da2a11996d2eb3a5115ef301255030fdf231b8bf7971916769bc7be
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: oRPn2VajOM0r58qdDQqLYLoRcSo9Wf+j4uLTLyFfdFN7/WH+sCdWZwmv6m6+ZmFs05LUEmX/WmwOWEjPywfNjA==
priority: u=3,i
content-length: 27815
x-fb-trip-id: 1904183273
date: Wed, 18 Jan 2023 22:38:24 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash cc801dcdb63bac82d1f66fc29a1ac762
07778d4f04632fd2190a2140e28fdfc64f9093ca
34e03c2acf99396bb3b97bb45285e98550314a14a42f407f8849ac8ff6add142
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3909
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 22:38:24 GMT
Last-Modified: Wed, 18 Jan 2023 21:33:15 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 313
dc.ads.linkedin.com/collect/?pid=681506&fmt=gif
13.107.42.14302 Found 0 B URL HTTP/2 dc.ads.linkedin.com/collect/?pid=681506&fmt=gif
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect/?pid=681506&fmt=gif HTTP/1.1
Host: dc.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fpid%3D681506%26fmt%3Dgif%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQKx7i__tNTO3gAAAYXHCIzpnjwEDyzCPzgQxwaZoAi656XvUp6vXJRNUuZh2fX4p7hf5VhtUqOWFA; Max-Age=2592000; Expires=Fri, 17 Feb 2023 22:38:24 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQIuG1TMzqIWWgAAAYXHCIzpqdyNUBOb_XUcmodTYES0dOsVMQcyGAYIlp9rbAVUuoufH0JjOoEpcF5ATUifpQ; Max-Age=2592000; Expires=Fri, 17 Feb 2023 22:38:24 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&c2645a79-7c77-424f-88a1-333d1e140450"; domain=.linkedin.com; Path=/; Secure; Expires=Thu, 18-Jan-2024 22:38:24 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2471:u=1:x=1:i=1674081504:t=1674167904:v=2:sig=AQGWzTovcxMKJGTuxrtO-UFlunZmqWVa"; Expires=Thu, 19 Jan 2023 22:38:24 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXykXlmV+q93CrXqT/YpA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: A3B12090465A42A7B91192E66D945192 Ref B: OSL30EDGE0117 Ref C: 2023-01-18T22:38:24Z
date: Wed, 18 Jan 2023 22:38:24 GMT
content-length: 0
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1013536406/?random=1674081504066&cv=11&fst=1674081504066&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&tiba=Peachtree%20City%20Mortgage%20Lender%20%7C%20Mary%20Hoang%20%7C%20Regions&auid=2079591048.1674081504&data=event%3Dgtag.config&rfmt=3&fmt=4
216.58.211.2200 OK 941 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1013536406/?random=1674081504066&cv=11&fst=1674081504066&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&tiba=Peachtree%20City%20Mortgage%20Lender%20%7C%20Mary%20Hoang%20%7C%20Regions&auid=2079591048.1674081504&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 216.58.211.2:0
File type ASCII text, with very long lines (2073), with no line terminators
Hash f11da1ff3e7de710966dc8cc11f61507
9f15ad49a9879a9f4db95697a9a2ebce66b11093
8e26fc52f70ae6f08ff7a353ff06647be021ca1f81207338427ae4108c2e4b1b
GET /pagead/viewthroughconversion/1013536406/?random=1674081504066&cv=11&fst=1674081504066&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&tiba=Peachtree%20City%20Mortgage%20Lender%20%7C%20Mary%20Hoang%20%7C%20Regions&auid=2079591048.1674081504&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 22:38:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 941
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 18-Jan-2023 22:53:24 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/959581806/?random=1674081504155&cv=11&fst=1674081504155&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&tiba=Peachtree%20City%20Mortgage%20Lender%20%7C%20Mary%20Hoang%20%7C%20Regions&auid=2079591048.1674081504&data=event%3Dgtag.config&rfmt=3&fmt=4
216.58.211.2200 OK 940 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/959581806/?random=1674081504155&cv=11&fst=1674081504155&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&tiba=Peachtree%20City%20Mortgage%20Lender%20%7C%20Mary%20Hoang%20%7C%20Regions&auid=2079591048.1674081504&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 216.58.211.2:0
File type ASCII text, with very long lines (2069), with no line terminators
Hash a5f1df17530c8a1511af3aa9b6ad607c
8a80e5ea6b67d36a5d2aac68ff0971f27eadf7ec
8f76bff4fb4a7ab91e60a05207940218cf4747a82dc9fdf435c91ffa047da4a9
GET /pagead/viewthroughconversion/959581806/?random=1674081504155&cv=11&fst=1674081504155&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&tiba=Peachtree%20City%20Mortgage%20Lender%20%7C%20Mary%20Hoang%20%7C%20Regions&auid=2079591048.1674081504&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 22:38:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 940
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 18-Jan-2023 22:53:24 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6ffc62725eb8d702d9aebcb456457fb2
0b5f6c5f99abfc8cc37016f8b76e19097c3ba294
f0d158f00224cad7d42c75dfdbbbe4f7ab6a4cdb221d3faa5aeb9917d98d4f0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 22:38:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.bttrack.com/universal/44911
69.16.175.10200 OK 3.4 kB URL HTTP/1.1 cdn.bttrack.com/universal/44911
IP 69.16.175.10:0
File type Unicode text, UTF-8 text, with very long lines (3380), with no line terminators
Hash 8085a3c89ace740e36e1867624d36841
f47805a9249032289fd14f9991b092e1dc7f313d
278fb7a7ea8be322523b3298dde9ef5632bee8cc99137a162c6527a2c6b71269
GET /universal/44911 HTTP/1.1
Host: cdn.bttrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 22:38:24 GMT
Connection: Keep-Alive
Cache-Control: max-age=716
Content-Length: 3382
Content-Type: application/javascript; charset=utf-8
Accept-Ranges: bytes
X-HW: 1674081504.dop012.sk1.t,1674081504.cds016.sk1.shn,1674081504.dop012.sk1.t,1674081504.cds216.sk1.c
www.google.com/pagead/1p-conversion/1013536406/?random=1674081504081&cv=11&fst=1674081504081&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&label=F0kQCIWIgqYBEJatpeMD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&tiba=Peachtree%20City%20Mortgage%20Lender%20%7C%20Mary%20Hoang%20%7C%20Regions>m_ee=1&auid=2079591048.1674081504&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
142.250.74.164302 Found 63 B URL HTTP/2 www.google.com/pagead/1p-conversion/1013536406/?random=1674081504081&cv=11&fst=1674081504081&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&label=F0kQCIWIgqYBEJatpeMD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&tiba=Peachtree%20City%20Mortgage%20Lender%20%7C%20Mary%20Hoang%20%7C%20Regions>m_ee=1&auid=2079591048.1674081504&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP 142.250.74.164:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/1013536406/?random=1674081504081&cv=11&fst=1674081504081&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&label=F0kQCIWIgqYBEJatpeMD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&tiba=Peachtree%20City%20Mortgage%20Lender%20%7C%20Mary%20Hoang%20%7C%20Regions>m_ee=1&auid=2079591048.1674081504&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 22:38:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/1013536406/?random=1674081504081&cv=11&fst=1674081504081&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&label=F0kQCIWIgqYBEJatpeMD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&tiba=Peachtree%20City%20Mortgage%20Lender%20%7C%20Mary%20Hoang%20%7C%20Regions>m_ee=1&auid=2079591048.1674081504&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ib.adnxs.com/pixie?pi=8d5f389a-2c0c-4c6f-bc78-444ec3a0890e&e=PageView&script=0
37.252.171.53200 OK 42 B URL HTTP/1.1 ib.adnxs.com/pixie?pi=8d5f389a-2c0c-4c6f-bc78-444ec3a0890e&e=PageView&script=0
IP 37.252.171.53:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pixie?pi=8d5f389a-2c0c-4c6f-bc78-444ec3a0890e&e=PageView&script=0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 18 Jan 2023 22:38:24 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
cdn.boomtrain.com/p13n/regions-bank/p13n.min.js
143.204.55.95200 OK 25 kB URL HTTP/1.1 cdn.boomtrain.com/p13n/regions-bank/p13n.min.js
IP 143.204.55.95:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 35412c19688cb34c537ed24322be37d4
fea9c350f958438b2c86af6267723086f83b506e
74421927212d6e0309ca25975ab783f6643cdb3b9aaaddc969a6f0a73bb37e64
GET /p13n/regions-bank/p13n.min.js HTTP/1.1
Host: cdn.boomtrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 08:43:18 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: _neQXYFNnDVQBFabtbSqs.RJnPpp3BZf
Server: AmazonS3
Content-Encoding: gzip
Date: Wed, 18 Jan 2023 22:38:24 GMT
Cache-Control: public, max-age=3600
ETag: W/"1a0bb2e22fb7c3644d799d217d277ecf"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: W2u8xQHbT8GDUykb27Q2SNJ6EMliZS_Ly-fezOWwVV4RyP9jydGpoA==
Age: 183
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 558ca082e2b49b22ae356cf10b191c68
c3956046019b64bc525381a4ab7f0c70002b5b17
862dfa54857c199a1d5450b0b07d8fcc3e2702476e7a0938b3d34e2fab332af3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 22:38:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pubads.g.doubleclick.net/activity;xsp=4958803;ord=1427231719340191?
142.250.74.66200 OK 42 B URL HTTP/2 pubads.g.doubleclick.net/activity;xsp=4958803;ord=1427231719340191?
IP 142.250.74.66:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /activity;xsp=4958803;ord=1427231719340191? HTTP/1.1
Host: pubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 22:38:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 18-Jan-2023 22:53:24 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
c1.rfihub.net/js/tc.min.js
54.230.111.29200 OK 6.2 kB URL HTTP/2 c1.rfihub.net/js/tc.min.js
IP 54.230.111.29:0
File type C source, ASCII text, with very long lines (19497)
Hash ab5a2e3f2414c0a2b622e48c0b6da2fd
1a894787bde6cbf9b58d47b8f4245607420112ad
a5ef19cf7ca85f760c462ed2f228430c8d0a6d9daf3aa34894a5c42113cfdb8f
GET /js/tc.min.js HTTP/1.1
Host: c1.rfihub.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 6162
date: Wed, 18 Jan 2023 22:28:39 GMT
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: public, max-age=3600
expires: Wed, 18 Jan 2023 23:28:39 GMT
last-modified: Wed, 18 Jan 2023 22:28:29 GMT
content-encoding: gzip
server: Jetty(9.3.29.v20201019)
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: D8q83Pm7jP6AKZdaYtcW3lEKZvqLbAy9Pkb4k94JTDnUXjyPLL6qXg==
age: 585
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1013536406/?random=1674081504081&cv=11&fst=1674081504081&fmt=3&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&label=F0kQCIWIgqYBEJatpeMD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&tiba=Peachtree%20City%20Mortgage%20Lender%20%7C%20Mary%20Hoang%20%7C%20Regions>m_ee=1&auid=2079591048.1674081504&data=event%3Dconversion&gcp=1&ct_cookie_present=1
216.58.211.2200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1013536406/?random=1674081504081&cv=11&fst=1674081504081&fmt=3&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&label=F0kQCIWIgqYBEJatpeMD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&tiba=Peachtree%20City%20Mortgage%20Lender%20%7C%20Mary%20Hoang%20%7C%20Regions>m_ee=1&auid=2079591048.1674081504&data=event%3Dconversion&gcp=1&ct_cookie_present=1
IP 216.58.211.2:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/1013536406/?random=1674081504081&cv=11&fst=1674081504081&fmt=3&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&label=F0kQCIWIgqYBEJatpeMD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&tiba=Peachtree%20City%20Mortgage%20Lender%20%7C%20Mary%20Hoang%20%7C%20Regions>m_ee=1&auid=2079591048.1674081504&data=event%3Dconversion&gcp=1&ct_cookie_present=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 22:38:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 18-Jan-2023 22:53:24 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 948e6eab4e0fbb57ec991519b205a62b
d85968f393cf652627a14b5afd00e17d46bdfa13
4b1931c60a3b716142ac04c9b573f15dc7cef2297b62c1fad93d132cc6c05391
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4600
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 22:38:24 GMT
Last-Modified: Wed, 18 Jan 2023 21:21:44 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
googleads.g.doubleclick.net/pagead/viewthroughconversion/1001842764/?random=1674081504076&cv=11&fst=1674081504076&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&tiba=Peachtree%20City%20Mortgage%20Lender%20%7C%20Mary%20Hoang%20%7C%20Regions&auid=2079591048.1674081504&data=event%3Dgtag.config&rfmt=3&fmt=4
216.58.211.2200 OK 940 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1001842764/?random=1674081504076&cv=11&fst=1674081504076&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&tiba=Peachtree%20City%20Mortgage%20Lender%20%7C%20Mary%20Hoang%20%7C%20Regions&auid=2079591048.1674081504&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 216.58.211.2:0
File type ASCII text, with very long lines (2071), with no line terminators
Hash 5f46d4ed03ae941f8bbf6e3f53649560
480c1c52c7e13658e14d7d163911dec12fab72c3
4ef317cd7a01af39591216b1f4507788a6e00f257b3465aebc955a198c467e47
GET /pagead/viewthroughconversion/1001842764/?random=1674081504076&cv=11&fst=1674081504076&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&tiba=Peachtree%20City%20Mortgage%20Lender%20%7C%20Mary%20Hoang%20%7C%20Regions&auid=2079591048.1674081504&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 22:38:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 940
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 18-Jan-2023 22:53:24 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/i/src=9100576;type=pv;cat=regio0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=0;ord=8929416867121.523;~oref=https://www.regions.com/
142.250.74.98200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=9100576;type=pv;cat=regio0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=0;ord=8929416867121.523;~oref=https://www.regions.com/
IP 142.250.74.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=9100576;type=pv;cat=regio0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=0;ord=8929416867121.523;~oref=https://www.regions.com/ HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 22:38:24 GMT
expires: Wed, 18 Jan 2023 22:38:24 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=21011282&Ver=2&mid=b8b92050-2427-4058-b47b-926cf07baff1&sid=d1619980978011ed95077d02426b7641&vid=d1619190978011eda5576d4eee030ca9&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Peachtree%20City%20Mortgage%20Lender%20%7C%20Mary%20Hoang%20%7C%20Regions&kw=Peachtree%20City%20Mortgage%20Lender%20%7C%20Mary%20Hoang%20%7C%20Regions&p=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&r=<=3341&evt=pageLoad&sv=1&rn=497931
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=21011282&Ver=2&mid=b8b92050-2427-4058-b47b-926cf07baff1&sid=d1619980978011ed95077d02426b7641&vid=d1619190978011eda5576d4eee030ca9&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Peachtree%20City%20Mortgage%20Lender%20%7C%20Mary%20Hoang%20%7C%20Regions&kw=Peachtree%20City%20Mortgage%20Lender%20%7C%20Mary%20Hoang%20%7C%20Regions&p=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&r=<=3341&evt=pageLoad&sv=1&rn=497931
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=21011282&Ver=2&mid=b8b92050-2427-4058-b47b-926cf07baff1&sid=d1619980978011ed95077d02426b7641&vid=d1619190978011eda5576d4eee030ca9&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Peachtree%20City%20Mortgage%20Lender%20%7C%20Mary%20Hoang%20%7C%20Regions&kw=Peachtree%20City%20Mortgage%20Lender%20%7C%20Mary%20Hoang%20%7C%20Regions&p=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&r=<=3341&evt=pageLoad&sv=1&rn=497931 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=3714D496CBEE6A451D19C60BCA1B6BBF; domain=.bing.com; expires=Mon, 12-Feb-2024 22:38:24 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D285C386840144E3B5D4FB0743A4A1E0 Ref B: OSL30EDGE0209 Ref C: 2023-01-18T22:38:24Z
date: Wed, 18 Jan 2023 22:38:24 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6ffc62725eb8d702d9aebcb456457fb2
0b5f6c5f99abfc8cc37016f8b76e19097c3ba294
f0d158f00224cad7d42c75dfdbbbe4f7ab6a4cdb221d3faa5aeb9917d98d4f0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 22:38:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.bttrack.com/js/15965/analytics/1.0/analytics.min.js
69.16.175.10200 OK 369 B URL HTTP/1.1 cdn.bttrack.com/js/15965/analytics/1.0/analytics.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (599), with no line terminators
Hash b045c89f27df9cb80290f338c0f47bdd
e2965f4bded689f1396c45ab66805faaddbc1992
4576c1c4b4d9da6c7bb286729feadd58ed66b6bd868a9dc6ae52c005f1f66d62
GET /js/15965/analytics/1.0/analytics.min.js HTTP/1.1
Host: cdn.bttrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 22:38:24 GMT
Connection: Keep-Alive
Cache-Control: max-age=61337
Content-Encoding: gzip
Content-Length: 369
Content-Type: text/javascript; charset=utf-8
Accept-Ranges: bytes
X-HW: 1674081504.dop012.sk1.t,1674081504.cds016.sk1.shn,1674081504.dop012.sk1.t,1674081504.cds236.sk1.c
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2d940e0ef973f9d51ebf073d222d33c3
97eff179707a84a44dfc45067a34d35c79cd6b64
8346d1665f836cea29e45d146d3474a655207455d2cbf0f2cf5c7826e3cce6b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6063
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 22:38:24 GMT
Last-Modified: Wed, 18 Jan 2023 20:57:21 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6ffc62725eb8d702d9aebcb456457fb2
0b5f6c5f99abfc8cc37016f8b76e19097c3ba294
f0d158f00224cad7d42c75dfdbbbe4f7ab6a4cdb221d3faa5aeb9917d98d4f0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 22:38:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o1rxt&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0
104.244.42.3200 OK 43 B URL HTTP/2 analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o1rxt&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0
IP 104.244.42.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?p_id=Twitter&p_user_id=0&txn_id=o1rxt&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 22:38:24 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_O6e591lPkPwOKxlZff/UqQ=="; Max-Age=63072000; Expires=Fri, 17 Jan 2025 22:38:24 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 1b8438b6abf0aabe
strict-transport-security: max-age=631138519
x-response-time: 104
x-connection-hash: 41205e513f26fabe965bfc97568787ead288a8edb7d0d94a749c38f31ffb4a71
X-Firefox-Spdy: h2
bat.bing.com/p/action/21011282.js
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/21011282.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/21011282.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=27DD2725F9DA602B0AF435B8F82F6181; domain=.bing.com; expires=Mon, 12-Feb-2024 22:38:24 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1A4073463A9147E596A1A9C95B0AA0BC Ref B: OSL30EDGE0209 Ref C: 2023-01-18T22:38:24Z
date: Wed, 18 Jan 2023 22:38:24 GMT
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1001842764/?random=1674081504076&cv=11&fst=1674079200000&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&tiba=Peachtree%20City%20Mortgage%20Lender%20%7C%20Mary%20Hoang%20%7C%20Regions&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=290301970&rmt_tld=1&ipr=y
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1001842764/?random=1674081504076&cv=11&fst=1674079200000&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&tiba=Peachtree%20City%20Mortgage%20Lender%20%7C%20Mary%20Hoang%20%7C%20Regions&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=290301970&rmt_tld=1&ipr=y
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1001842764/?random=1674081504076&cv=11&fst=1674079200000&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&tiba=Peachtree%20City%20Mortgage%20Lender%20%7C%20Mary%20Hoang%20%7C%20Regions&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=290301970&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 22:38:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1013536406/?random=1674081504066&cv=11&fst=1674079200000&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&tiba=Peachtree%20City%20Mortgage%20Lender%20%7C%20Mary%20Hoang%20%7C%20Regions&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2824241741&rmt_tld=1&ipr=y
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1013536406/?random=1674081504066&cv=11&fst=1674079200000&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&tiba=Peachtree%20City%20Mortgage%20Lender%20%7C%20Mary%20Hoang%20%7C%20Regions&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2824241741&rmt_tld=1&ipr=y
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1013536406/?random=1674081504066&cv=11&fst=1674079200000&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&tiba=Peachtree%20City%20Mortgage%20Lender%20%7C%20Mary%20Hoang%20%7C%20Regions&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2824241741&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 22:38:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2d940e0ef973f9d51ebf073d222d33c3
97eff179707a84a44dfc45067a34d35c79cd6b64
8346d1665f836cea29e45d146d3474a655207455d2cbf0f2cf5c7826e3cce6b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6063
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 22:38:24 GMT
Last-Modified: Wed, 18 Jan 2023 20:57:21 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
pixel.quantserve.com/pixel;r=1900132462;labels=_fp.event.PageView;event=refresh;rf=3;a=p-AMy7w2y7nzRg3;url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city;uht=2;fpan=1;fpa=P0-825831061-1674081504421;pbc=;ns=0;ce=1;qjs=1;qv=8508733c-20230116145555;cm=;gdpr=0;ref=;d=regions.com;dst=0;et=1674081504422;tzo=0;ogl=locale.en_US%2Csite_name.RegionsBank%2Ctype.article%2CTitle.Peachtree%20City%20Mortgage%20Lender%20%7C%20Mary%20Hoang%20%7C%20Regions%2Cdescription.Looking%20for%20a%20mortgage%20lender%20in%20Peachtree%20City%3F%20Mary%20Hoang%20at%20Regions%20Bank%20can%20%2Curl.https%3A%2F%2Fwww%252Eregions%252Ecom%2Flocator%2Fmlo%2Fmortgage-loan-officer-Mary-Hoang-Peachtree-C%2Cimage.https%3A%2F%2Fwww%252Eregions%252Ecom%2F-%2Fmedia%2FImages%2FWebSiteImages%2Fregions-logo%252Epng%3Frevision%3D0;ses=fb79b4be-d67c-40b3-889e-d5f7933ca917
91.228.74.251200 OK 35 B URL HTTP/2 pixel.quantserve.com/pixel;r=1900132462;labels=_fp.event.PageView;event=refresh;rf=3;a=p-AMy7w2y7nzRg3;url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city;uht=2;fpan=1;fpa=P0-825831061-1674081504421;pbc=;ns=0;ce=1;qjs=1;qv=8508733c-20230116145555;cm=;gdpr=0;ref=;d=regions.com;dst=0;et=1674081504422;tzo=0;ogl=locale.en_US%2Csite_name.RegionsBank%2Ctype.article%2CTitle.Peachtree%20City%20Mortgage%20Lender%20%7C%20Mary%20Hoang%20%7C%20Regions%2Cdescription.Looking%20for%20a%20mortgage%20lender%20in%20Peachtree%20City%3F%20Mary%20Hoang%20at%20Regions%20Bank%20can%20%2Curl.https%3A%2F%2Fwww%252Eregions%252Ecom%2Flocator%2Fmlo%2Fmortgage-loan-officer-Mary-Hoang-Peachtree-C%2Cimage.https%3A%2F%2Fwww%252Eregions%252Ecom%2F-%2Fmedia%2FImages%2FWebSiteImages%2Fregions-logo%252Epng%3Frevision%3D0;ses=fb79b4be-d67c-40b3-889e-d5f7933ca917
IP 91.228.74.251:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
GET /pixel;r=1900132462;labels=_fp.event.PageView;event=refresh;rf=3;a=p-AMy7w2y7nzRg3;url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city;uht=2;fpan=1;fpa=P0-825831061-1674081504421;pbc=;ns=0;ce=1;qjs=1;qv=8508733c-20230116145555;cm=;gdpr=0;ref=;d=regions.com;dst=0;et=1674081504422;tzo=0;ogl=locale.en_US%2Csite_name.RegionsBank%2Ctype.article%2CTitle.Peachtree%20City%20Mortgage%20Lender%20%7C%20Mary%20Hoang%20%7C%20Regions%2Cdescription.Looking%20for%20a%20mortgage%20lender%20in%20Peachtree%20City%3F%20Mary%20Hoang%20at%20Regions%20Bank%20can%20%2Curl.https%3A%2F%2Fwww%252Eregions%252Ecom%2Flocator%2Fmlo%2Fmortgage-loan-officer-Mary-Hoang-Peachtree-C%2Cimage.https%3A%2F%2Fwww%252Eregions%252Ecom%2F-%2Fmedia%2FImages%2FWebSiteImages%2Fregions-logo%252Epng%3Frevision%3D0;ses=fb79b4be-d67c-40b3-889e-d5f7933ca917 HTTP/1.1
Host: pixel.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 18 Jan 2023 22:38:24 GMT
content-type: image/gif
content-length: 35
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: d=EPYBBgGKKAISAa77pg2e6bRu; expires=Tue, 18-Apr-2023 22:38:24 GMT; path=/; domain=.quantserve.com
mc=63c874e0-b04b9-af436-6fb6d; expires=Sun, 18-Feb-2024 22:38:24 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2
www.google.no/pagead/1p-conversion/1013536406/?random=1674081504081&cv=11&fst=1674081504081&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&label=F0kQCIWIgqYBEJatpeMD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&tiba=Peachtree%20City%20Mortgage%20Lender%20%7C%20Mary%20Hoang%20%7C%20Regions>m_ee=1&auid=2079591048.1674081504&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
142.250.74.67200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/1013536406/?random=1674081504081&cv=11&fst=1674081504081&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&label=F0kQCIWIgqYBEJatpeMD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&tiba=Peachtree%20City%20Mortgage%20Lender%20%7C%20Mary%20Hoang%20%7C%20Regions>m_ee=1&auid=2079591048.1674081504&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP 142.250.74.67:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/1013536406/?random=1674081504081&cv=11&fst=1674081504081&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&label=F0kQCIWIgqYBEJatpeMD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&tiba=Peachtree%20City%20Mortgage%20Lender%20%7C%20Mary%20Hoang%20%7C%20Regions>m_ee=1&auid=2079591048.1674081504&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.regions.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 22:38:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 558ca082e2b49b22ae356cf10b191c68
c3956046019b64bc525381a4ab7f0c70002b5b17
862dfa54857c199a1d5450b0b07d8fcc3e2702476e7a0938b3d34e2fab332af3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 22:38:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/959581806/?random=1674081504155&cv=11&fst=1674079200000&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&tiba=Peachtree%20City%20Mortgage%20Lender%20%7C%20Mary%20Hoang%20%7C%20Regions&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=304415058&rmt_tld=1&ipr=y
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/959581806/?random=1674081504155&cv=11&fst=1674079200000&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&tiba=Peachtree%20City%20Mortgage%20Lender%20%7C%20Mary%20Hoang%20%7C%20Regions&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=304415058&rmt_tld=1&ipr=y
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/959581806/?random=1674081504155&cv=11&fst=1674079200000&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&tiba=Peachtree%20City%20Mortgage%20Lender%20%7C%20Mary%20Hoang%20%7C%20Regions&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=304415058&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 22:38:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cm.teads.tv/v2/advertiser?referer=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&buyer_pixel_id=5995
184.24.45.54200 OK 134 B URL HTTP/1.1 cm.teads.tv/v2/advertiser?referer=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&buyer_pixel_id=5995
IP 184.24.45.54:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0bd915307fa64ebf1aa52928d6522862
2db616333549026a7b42105013b6924147260cc7
5597af4b4946fdf9254cdf2b25b8c1250df12478f00977b484d456c27a6016f4
GET /v2/advertiser?referer=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&buyer_pixel_id=5995 HTTP/1.1
Host: cm.teads.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.regions.com/
Origin: https://www.regions.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Content-Length: 134
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.regions.com
Observe-Browsing-Topics: ?1
Origin-Trial: Az9xQo/imzWWuauBg0JngENQMoxulJzGzdGQ0VfUZDk7et2DJfmfUxfOWnHlwQiZRFG+Grc8bH8xWgOPW2ltjQQAAAB+eyJvcmlnaW4iOiJodHRwczovL3RlYWRzLnR2OjQ0MyIsImZlYXR1cmUiOiJQcml2YWN5U2FuZGJveEFkc0FQSXMiLCJleHBpcnkiOjE2ODA2NTI3OTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
Expires: Wed, 18 Jan 2023 22:38:24 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 18 Jan 2023 22:38:24 GMT
Connection: keep-alive
Set-Cookie: ar_debug=1; Path=/; HttpOnly; Secure; SameSite=None
rules.quantcount.com/rules-p-AMy7w2y7nzRg3.js
54.230.111.33200 OK 222 B URL HTTP/2 rules.quantcount.com/rules-p-AMy7w2y7nzRg3.js
IP 54.230.111.33:0
Hash 91338acd9f357367ba2e127f42326aed
2bf73e49b85716a3aaeded5e0e85046fb30e39ea
0b05aa0628fbe20e5842c7782041141ea89bdd714245c5c352283266e6eb4aa1
GET /rules-p-AMy7w2y7nzRg3.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 222
last-modified: Thu, 13 Oct 2022 22:22:02 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
date: Wed, 18 Jan 2023 22:38:24 GMT
cache-control: max-age=3600
etag: "91338acd9f357367ba2e127f42326aed"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PeGFED0DKvxL77HkoMhvurQYG6CLx4islJbZPhwNIHG1bAvnQISOyg==
age: 2789
X-Firefox-Spdy: h2
pxl.jivox.com/tags/conv/pxre.php?px=26019adec57560&us_privacy=true
3.224.47.111200 OK 43 B URL HTTP/2 pxl.jivox.com/tags/conv/pxre.php?px=26019adec57560&us_privacy=true
IP 3.224.47.111:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /tags/conv/pxre.php?px=26019adec57560&us_privacy=true HTTP/1.1
Host: pxl.jivox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 22:38:24 GMT
content-type: image/gif
content-length: 43
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
pragma: no-cache
access-control-allow-origin: *
p3p: CP='IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA'
server: Jetty(9.4.39.v20210325)
X-Firefox-Spdy: h2
pxl.jivox.com/tags/re/pxrc.php?px=0603424bd9904a&ret=img&cData=Universal_Page_View&us_privacy=true
3.224.47.111200 OK 43 B URL HTTP/2 pxl.jivox.com/tags/re/pxrc.php?px=0603424bd9904a&ret=img&cData=Universal_Page_View&us_privacy=true
IP 3.224.47.111:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /tags/re/pxrc.php?px=0603424bd9904a&ret=img&cData=Universal_Page_View&us_privacy=true HTTP/1.1
Host: pxl.jivox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 22:38:24 GMT
content-type: image/gif
content-length: 43
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
pragma: no-cache
access-control-allow-origin: *
p3p: CP='IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA'
access-control-allow-headers: content-type
set-cookie: jvxsync=ttkLo5SbVEn7; Path=/; Domain=.jivox.com; Expires=Tue, 18-Apr-2023 22:38:24 GMT; Max-Age=7776000; Secure; SameSite=None
expires: Thu, 01 Jan 1970 00:00:00 GMT
server: Jetty(9.4.39.v20210325)
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=499108531775714&ev=PageView&dl=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&rl=&if=false&ts=1674081504612&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1674081504608.893777754&it=1674081504368&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=499108531775714&ev=PageView&dl=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&rl=&if=false&ts=1674081504612&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1674081504608.893777754&it=1674081504368&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=499108531775714&ev=PageView&dl=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&rl=&if=false&ts=1674081504612&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1674081504608.893777754&it=1674081504368&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 18 Jan 2023 22:38:24 GMT
X-Firefox-Spdy: h2
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fpid%3D681506%26fmt%3Dgif%26liSync%3Dtrue
13.107.42.14302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fpid%3D681506%26fmt%3Dgif%26liSync%3Dtrue
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fpid%3D681506%26fmt%3Dgif%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.regions.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?pid=681506&fmt=gif&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&e4cba956-0e5a-49ab-8d14-ab4d851c2d45"; Domain=.linkedin.com; Expires=Thu, 18-Jan-2024 22:38:24 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&202301182238241ebe6455-c57f-4d25-8ce7-1de6510e4aa7AQFWg_69IuG3svI2JWOLsOtMs1OJ_-8V"; Domain=.www.linkedin.com; Expires=Thu, 18-Jan-2024 22:38:24 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NzQwODE1MDQ7MjswMjGKnxktX24xYLavUBZOJWQeUDuJ1IEo/zWzUJvw16wu2w==; Domain=.linkedin.com; Expires=Mon, 17 Jul 2023 22:38:24 GMT; Path=/; Secure; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2414:u=1:x=1:i=1674081504:t=1674167904:v=2:sig=AQHq3ZPoGLDJdlJ2pIPb8-iAFWJ8nnKv"; Expires=Thu, 19 Jan 2023 22:38:24 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com *.microsoft.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; worker-src blob: 'self'; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' *.linkedin.com teams.microsoft.com client.learningapp.microsoft.com
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXykXlraiflfilKBYlK9Q==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 4D86250177FB47A2AA928B404DCC3D6F Ref B: OSL30EDGE0117 Ref C: 2023-01-18T22:38:24Z
date: Wed, 18 Jan 2023 22:38:24 GMT
content-length: 0
X-Firefox-Spdy: h2
t.teads.tv/track?action=pageView&env=js-web&tag_version=6.11.0_34c88e6&buyer_pixel_id=5995&referer=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&user_session_id=39dcf1a4-b5b6-45ad-90d4-f23d46d541e6
2.18.173.43200 OK 23 B URL HTTP/2 t.teads.tv/track?action=pageView&env=js-web&tag_version=6.11.0_34c88e6&buyer_pixel_id=5995&referer=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&user_session_id=39dcf1a4-b5b6-45ad-90d4-f23d46d541e6
IP 2.18.173.43:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash da5b449fff36752a93779fa4067cd2eb
71a96eea77f21ab5f1819b96c4cedd5cd34476ca
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
GET /track?action=pageView&env=js-web&tag_version=6.11.0_34c88e6&buyer_pixel_id=5995&referer=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&user_session_id=39dcf1a4-b5b6-45ad-90d4-f23d46d541e6 HTTP/1.1
Host: t.teads.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 23
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Wed, 18 Jan 2023 22:38:24 GMT
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?pid=681506&fmt=gif&liSync=true
13.107.42.14200 OK 65 B URL HTTP/2 px.ads.linkedin.com/collect?pid=681506&fmt=gif&liSync=true
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 8b0d5b18476ae12e2476f3621d54c4a5
2ad669e9d207fbb37e84dda25766dbaeb66d792c
2d7244b6960d26ae56f048f162f02949ca7858be19d9349ec82906e56dfa3cfe
GET /collect?pid=681506&fmt=gif&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.regions.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 65
content-type: image/gif
content-encoding: gzip
vary: Accept-Encoding
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&5f6ddb10-c842-4976-8e7f-b532fb7484b4"; domain=.linkedin.com; Path=/; Secure; Expires=Thu, 18-Jan-2024 22:38:24 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2471:u=1:x=1:i=1674081504:t=1674167904:v=2:sig=AQGWzTovcxMKJGTuxrtO-UFlunZmqWVa"; Expires=Thu, 19 Jan 2023 22:38:24 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXykXluEU95+6tT1a6wRg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 667B5F2B51B047758E552F770E29F456 Ref B: OSL30EDGE0117 Ref C: 2023-01-18T22:38:24Z
date: Wed, 18 Jan 2023 22:38:24 GMT
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 5365b436893c2c6d4454300e578d43b9
df4040c57e7b5ba27a40dc6cc50b159f9f2dcfed
d9ba46f4d9956c50771fc006483d5355a1d647b64600577a788b9de1b4f7063e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 18 Jan 2023 22:38:25 GMT
Last-Modified: Wed, 18 Jan 2023 21:02:15 GMT
Server: ECS (bsa/EB12)
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: l6YqpH6vOb6L3y3ioFSsiq5ZMX_p9FScbfiMWu20GeUDBpxKySMXcA==
Age: 5769
bttrack.com/Pixel/Retarget/2474
192.132.33.46200 OK 35 B URL HTTP/2 bttrack.com/Pixel/Retarget/2474
IP 192.132.33.46:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /Pixel/Retarget/2474 HTTP/1.1
Host: bttrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,no-cache
pragma: no-cache
content-type: image/gif
expires: -1
server: Microsoft-IIS/8.5
x-aspnetmvc-version: 5.2
x-aspnet-version: 4.0.30319
p3p: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
x-servername: Track004-iad
date: Wed, 18 Jan 2023 22:37:31 GMT
content-length: 35
X-Firefox-Spdy: h2
people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e30sImV4dGVybmFsX2lkcyI6eyJ6eW5jIjoiYWZkMTcxYjgtYzYxNC00ZTIwLWJmZGUtOTg0YmJmYTg0ZGUyOjE2NzQwODE1MDQuMjQ1NjAxIn19&site_id=regions-bank
52.206.248.69200 OK 146 B URL HTTP/1.1 people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e30sImV4dGVybmFsX2lkcyI6eyJ6eW5jIjoiYWZkMTcxYjgtYzYxNC00ZTIwLWJmZGUtOTg0YmJmYTg0ZGUyOjE2NzQwODE1MDQuMjQ1NjAxIn19&site_id=regions-bank
IP 52.206.248.69:0
File type JSON data\012- , ASCII text
Hash c0ef20a3e4f47e6115c68ef248869d09
659db6823c6989e4ee8c052176640b08e14fc57d
3a57e7894a4abc924a8efb973203d16016b6152362cd8c0b16b7d5a505a7c331
GET /identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e30sImV4dGVybmFsX2lkcyI6eyJ6eW5jIjoiYWZkMTcxYjgtYzYxNC00ZTIwLWJmZGUtOTg0YmJmYTg0ZGUyOjE2NzQwODE1MDQuMjQ1NjAxIn19&site_id=regions-bank HTTP/1.1
Host: people.api.boomtrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.regions.com
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Authorization,x-app-id
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Origin: *
Content-Type: application/json
Date: Wed, 18 Jan 2023 22:38:25 GMT
Server: nginx
Content-Length: 146
Connection: keep-alive
bttrack.com/engagement/js?goalId=15965&cb=1674081504473
192.132.33.46200 OK 3.5 kB URL HTTP/2 bttrack.com/engagement/js?goalId=15965&cb=1674081504473
IP 192.132.33.46:0
File type ASCII text, with very long lines (10120), with no line terminators
Hash 084ad0a30b5113532b216148f0978e1b
760ca507e0d45cb2fc9b5586b909e336fd1f7e66
71bb917fb9eb57ae3410a8c488c9ff81b19e37f36ca4b91b41614480d96db9ae
GET /engagement/js?goalId=15965&cb=1674081504473 HTTP/1.1
Host: bttrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,no-cache
pragma: no-cache
content-type: text/javascript; charset=utf-8
content-encoding: gzip
expires: -1
server: Microsoft-IIS/8.5
x-aspnetmvc-version: 5.2
x-aspnet-version: 4.0.30319
set-cookie: bt-es-15965=8dd240b9-3fcc-40be-9ac5-9b262b94b8ab; path=/
p3p: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
x-servername: Track002-iad
date: Wed, 18 Jan 2023 22:37:31 GMT
X-Firefox-Spdy: h2
bttrack.com/engagement/getpixels?gid=15965
192.132.33.46200 OK 0 B URL HTTP/2 bttrack.com/engagement/getpixels?gid=15965
IP 192.132.33.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /engagement/getpixels?gid=15965 HTTP/1.1
Host: bttrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.regions.com
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private,no-cache
pragma: no-cache
content-type: text/html
content-encoding: gzip
expires: -1
server: Microsoft-IIS/8.5
x-aspnetmvc-version: 5.2
access-control-allow-origin: *
x-aspnet-version: 4.0.30319
p3p: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
x-servername: Track004-iad
date: Wed, 18 Jan 2023 22:37:31 GMT
content-length: 0
X-Firefox-Spdy: h2
events.api.boomtrain.com/event/track
54.237.111.200200 OK 2 B URL HTTP/2 events.api.boomtrain.com/event/track
IP 54.237.111.200:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /event/track HTTP/1.1
Host: events.api.boomtrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 565
Origin: https://www.regions.com
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 22:38:25 GMT
content-type: text/plain
content-length: 2
server: nginx
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type, Authorization, x-app-id
access-control-allow-methods: GET, PUT, POST, DELETE
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 61e6ea623244a0ebdfb22576ea4aec27
c0cf16ba117ba8398b45365db0de956d1e051242
f5a8890dd2a7df6fc4df9ec3f29cbe0e4671e5e8a85cfc4b23c171d21706b512
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 22:38:25 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 18 Jan 2023 02:15:45 GMT
Expires: Wed, 25 Jan 2023 02:15:44 GMT
Etag: "c0cf16ba117ba8398b45365db0de956d1e051242"
Cache-Control: max-age=530838,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78bad21ea8c90b3d-OSL
secure.quantserve.com/quant.js
91.228.74.251200 OK 13 kB URL HTTP/2 secure.quantserve.com/quant.js
IP 91.228.74.251:0
Hash 1b091435b8a24fc11c1060595e81e930
65b30c012b0d6bef1ee977668bf39f18e1c0dd2c
973d8e280660d92df35e03f2b035bf8b35deab01b36a9891401b5f6fa9901e84
GET /quant.js HTTP/1.1
Host: secure.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 22:38:24 GMT
content-type: application/javascript
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "OVi4z6W4qM+KoQEZlRgh5w=="
expires: Wed, 25 Jan 2023 22:38:24 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
s.ad.smaato.net/c/?dspInit=DSP_ID_HERE&dspCookie=DSP_COOKIE_ID_HERE
143.204.55.106400 Bad Request 0 B URL HTTP/2 s.ad.smaato.net/c/?dspInit=DSP_ID_HERE&dspCookie=DSP_COOKIE_ID_HERE
IP 143.204.55.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/?dspInit=DSP_ID_HERE&dspCookie=DSP_COOKIE_ID_HERE HTTP/1.1
Host: s.ad.smaato.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 400 Bad Request
server: CloudFront
date: Wed, 18 Jan 2023 22:38:25 GMT
content-length: 0
cache-control: max-age=300
x-cache: FunctionGeneratedResponse from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 6Cf_Ejn96Bs6oZ_BYaok10fNjzRbrXrz-ZHD6NkBE5GT0pL0-rKN2A==
X-Firefox-Spdy: h2
www.regions.com/-/media/js/mp_linkcode.js
205.255.103.100200 OK 681 B URL HTTP/1.1 www.regions.com/-/media/js/mp_linkcode.js
IP 205.255.103.100:0
File type exported SGML document, ASCII text, with CRLF line terminators
Hash 662fd21e25a8269185df8c993bfd251d
4da619e51fa6a54e5ffcdd7d826c1e5550a67840
f9465098d4cfa9edb9fed28c3eceb6bd3251c3fb011e86d1fa8f27bf1a680ceb
GET /-/media/js/mp_linkcode.js HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-mary-hoang-peachtree-city
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=pd2zput2stijrifrgtv5aekd; SC_ANALYTICS_GLOBAL_COOKIE=2b45f76bcf8143578aed1c6115ff8cb1|False; Regions_SessionId=c22fabc1-9f57-46d3-ac91-31968f3cd124; _gcl_au=1.1.2079591048.1674081504; _uetsid=d1619980978011ed95077d02426b7641; _uetvid=d1619190978011eda5576d4eee030ca9; btIdentify=be1aef70-7f10-4f6c-eae5-1efb84e4dd93; _bti=%7B%22app_id%22%3A%22regions-bank%22%2C%22bsin%22%3A%22y9PL4h9V5Ony2gR26LyRpXUK1OSyCNfQv%2F8QrK0ctLWg6jyIO1S8Gwwx01PQxcZJnEclXJRnmcVgiqnm4czcKQ%3D%3D%22%2C%22is_identified%22%3Afalse%7D; _bts=d37f0e18-bdc4-4990-98e5-d58b4ad77ec8; __qca=P0-825831061-1674081504421; _fbp=fb.1.1674081504608.893777754; tfpsi=39dcf1a4-b5b6-45ad-90d4-f23d46d541e6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 539576
Date: Thu, 12 Jan 2023 16:45:28 GMT
Cache-Control: max-age=604772,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 96a5004225b64970b3f92286706aa937
Content-Type: application/x-javascript
Content-Encoding: br
Last-Modified: Thu, 25 Aug 2016 21:09:38 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Disposition: inline; filename="mp_linkcode.js"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 681
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/js/oo_engine.js
205.255.103.100200 OK 15 kB URL HTTP/1.1 www.regions.com/-/media/js/oo_engine.js
IP 205.255.103.100:0
Hash 54216df51ccc54b91647f46e6324a5d1
35cf90a9b3fe6579456b237653cd652dd86fc347
7e268465893e047076cb3331536cd5762cebc6f6e96a5d17a7c16165fda220d0
GET /-/media/js/oo_engine.js HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-mary-hoang-peachtree-city
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=pd2zput2stijrifrgtv5aekd; SC_ANALYTICS_GLOBAL_COOKIE=2b45f76bcf8143578aed1c6115ff8cb1|False; Regions_SessionId=c22fabc1-9f57-46d3-ac91-31968f3cd124; _gcl_au=1.1.2079591048.1674081504; _uetsid=d1619980978011ed95077d02426b7641; _uetvid=d1619190978011eda5576d4eee030ca9; btIdentify=be1aef70-7f10-4f6c-eae5-1efb84e4dd93; _bti=%7B%22app_id%22%3A%22regions-bank%22%2C%22bsin%22%3A%22y9PL4h9V5Ony2gR26LyRpXUK1OSyCNfQv%2F8QrK0ctLWg6jyIO1S8Gwwx01PQxcZJnEclXJRnmcVgiqnm4czcKQ%3D%3D%22%2C%22is_identified%22%3Afalse%7D; _bts=d37f0e18-bdc4-4990-98e5-d58b4ad77ec8; __qca=P0-825831061-1674081504421; _fbp=fb.1.1674081504608.893777754; tfpsi=39dcf1a4-b5b6-45ad-90d4-f23d46d541e6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 576429
Date: Thu, 12 Jan 2023 06:31:16 GMT
Cache-Control: max-age=590332,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 0f944996319049b39b4b66734c00ea78
Content-Type: application/x-javascript
Content-Length: 15048
Content-Encoding: br
Last-Modified: Thu, 25 Aug 2016 21:09:39 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Disposition: inline; filename="oo_engine.js"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ba4ac475f20dba6639848d0a5b0040ab
5c0c07f675e6f28bf8a28bc292ddfbe7d03a8a59
e6147753bc46d3e16999a134a006f77a26b8a1d05154829164752b3656323ca0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5917
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 22:38:26 GMT
Last-Modified: Wed, 18 Jan 2023 20:59:49 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5144588522960336448&referrer=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city
143.204.55.106302 Found 657 B URL HTTP/2 live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5144588522960336448&referrer=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city
IP 143.204.55.106:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (571)
Hash 35973f04ce0f9cd37e9bbe7a574bc2b1
56eb96a3e63b5bd6e146eeb5fe52155af158550e
4808ea7a67affb9bff4dbf978dd82e15df5530a7d4a37833a47fafac681acf37
GET /pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5144588522960336448&referrer=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city HTTP/1.1
Host: live.rezync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Cookie: zync-uuid=afd171b8-c614-4e20-bfde-984bbfa84de2:1674081504.245601; sd-session-id=eyJfcGVybWFuZW50Ijp0cnVlLCJzZXNzaW9uX2lkIjoiYWZkMTcxYjgtYzYxNC00ZTIwLWJmZGUtOTg0YmJmYTg0ZGUyOjE2NzQwODE1MDQuMjQ1NjAxIn0.Y8h04A.xYxXhOAxJzlXmngYzoNUZUJ5IDI
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=utf-8
content-length: 657
location: https://p.rfihub.com/cm?pub=39342&in=0&userid=afd171b8-c614-4e20-bfde-984bbfa84de2%3A1674081504.245601&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dafd171b8-c614-4e20-bfde-984bbfa84de2%253A1674081504.245601
date: Wed, 18 Jan 2023 22:38:26 GMT
set-cookie: zync-uuid=afd171b8-c614-4e20-bfde-984bbfa84de2:1674081504.245601; Domain=rezync.com; Expires=Mon, 17 Jul 2023 14:38:25 GMT; Path=/; SameSite=None; Secure
sd-session-id=.eJwNylEOgyAMANC79FsWigUrlzEgJSGbbLHuZ8a7z8-XvBOWj-xb6tIPiMf-lQHWV7ulEE_Q9tvkCRE8Enlm79wc7DgGIoZrABXV9u5LK_dJteCEmc0akAyJsybXImZmyrkmpiIuYpjIMnpLD0c-WITrD6eCJh8.Y8h04Q.M-y9fBeE7I5NcIITmCFQ3xk_zsE; Expires=Mon, 17 Jul 2023 22:38:25 GMT; HttpOnly; Path=/; SameSite=None; Secure
vary: Cookie
server: lighttpd/1.4.59
x-cache: Miss from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -GGzyA9h3mS1dcjtzPS6J708NnqQsFS2yNW0NaXOuRlRuq6W7HmBDA==
X-Firefox-Spdy: h2
ib.adnxs.com/setuid?entity=18&code=5144588522960336448
37.252.171.53307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/setuid?entity=18&code=5144588522960336448
IP 37.252.171.53:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /setuid?entity=18&code=5144588522960336448 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 18 Jan 2023 22:38:26 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5144588522960336448
AN-X-Request-Uuid: 1d8bcb34-4f5c-49bf-9b51-336e686f9234
Set-Cookie: uuid2=5739949650217494477; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 18-Apr-2023 22:38:26 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5144588522960336448
23.38.200.22200 OK 45 B URL HTTP/2 contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5144588522960336448
IP 23.38.200.22:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash 99cceceaed4d575484b69ddaf9ed66a7
1e3a3b15296b585833a22d987a387aa58aa1642d
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
GET /cksync.php?cs=3&type=rkt&ovsid=5144588522960336448 HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
content-length: 45
content-type: image/gif
set-cookie: visitor-id=3170831063580241000V10; Expires=Thu, 18 Jan 2024 22:38:26 GMT; domain=.media.net; Path=/;
data-rk=5144588522960336448~~3;Expires=Wed, 17 Jan 2024 22:38:26 GMT;path=/;domain=.media.net;
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=31536000
x-mnet-hl2: E
expires: Wed, 18 Jan 2023 22:38:26 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 18 Jan 2023 22:38:26 GMT
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 6c0363d02096eb02a6cededb44cc368c
0a7a9f63b39298badc7684587d6ad679ca453739
472dcc743a548f8fabd557207dffaceb35e9f3308528fb3ce1906863fab37515
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=89824
Date: Wed, 18 Jan 2023 22:38:26 GMT
Etag: "63c72473-1d7"
Expires: Thu, 19 Jan 2023 23:35:30 GMT
Last-Modified: Tue, 17 Jan 2023 22:42:59 GMT
Server: ECS (bsa/EB12)
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xy5RUQGn0YNInwpOhSjWONQNXdEkwnvHCFu5APtrnD8Kg3fEzzwQMw==
Age: 3151
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1d177c944069d0e769868ada28b7acec
aede8cb62b6fcbe010edc26789517a4962174a00
d8bfa29fed838f2a081cadab887542669918f852ce2aa39e7f4c9db53ef55cdb
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4695
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 22:38:26 GMT
Last-Modified: Wed, 18 Jan 2023 21:20:11 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
p.rfihub.com/cm?pub=24472&in=1
193.0.160.129302 Found 0 B URL HTTP/1.1 p.rfihub.com/cm?pub=24472&in=1
IP 193.0.160.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm?pub=24472&in=1 HTTP/1.1
Host: p.rfihub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 302 Found
Date: Wed, 18 Jan 2023 22:38:26 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: ruds=H4sIAAAAAAAA_-MSNjU0NjExNTUxMjA3MjY1Njc2sBTiM9T19XUxNHeq0nVz8vEFAEe3QHglAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
eud=H4sIAAAAAAAA_7vFwmtoZm5iYGFoamBmbGwAAA673FIQAAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 12 Feb 2024 22:38:26 GMT; Secure; SameSite=None
rud=H4sIAAAAAAAA_-MSNjU0NjExNTUxMjA3MjY1Njc2sBTiM9T19XUxNHeq0nVz8vEFAEe3QHglAAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 12 Feb 2024 22:38:26 GMT; Secure; SameSite=None
Location: https://ps.eyeota.net/match?uid=5134455420723537309&bid=omt9pi0
Content-Length: 0
Server: Jetty(9.3.29.v20201019)
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6797992138b939e2b6d15e82f93d58ac
9000a2429fbc81883598e3c8fc5a6f4708ceb3f4
05dec5242c7e8108aa6e5692fb6b8d59d57e08bc7a322043357053a7c8d717ef
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2868
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 22:38:26 GMT
Last-Modified: Wed, 18 Jan 2023 21:50:38 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5144588522960336448
37.252.171.53200 OK 43 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5144588522960336448
IP 37.252.171.53:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fsetuid%3Fentity%3D18%26code%3D5144588522960336448 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20839218p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 18 Jan 2023 22:38:26 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: f351ef7c-97b8-418b-83cf-e7d76ebefd03
Set-Cookie: anj=dTM7k!M4/YErk#WF']wIg2E?at(5dt!]tbPl1MNu::wpAk`W=ie:5_DjF$d_gjZqegk'Jin9ke'tDT@-!_6-zQEVk`!*4qD(LHj5; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 18-Apr-2023 22:38:26 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
us-u.openx.net/w/1.0/sd?id=537073062&val=5144588522960336448&r=
35.244.159.8200 OK 43 B URL HTTP/2 us-u.openx.net/w/1.0/sd?id=537073062&val=5144588522960336448&r=
IP 35.244.159.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /w/1.0/sd?id=537073062&val=5144588522960336448&r= HTTP/1.1
Host: us-u.openx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept
server: OXGW/0.0.0
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Wed, 18 Jan 2023 22:38:26 GMT
content-type: image/gif
content-length: 43
cache-control: private, max-age=0, no-cache
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
p.rfihub.com/cm?pub=39342&in=0&userid=afd171b8-c614-4e20-bfde-984bbfa84de2%3A1674081504.245601&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dafd171b8-c614-4e20-bfde-984bbfa84de2%253A1674081504.245601
193.0.160.129302 Found 0 B URL HTTP/1.1 p.rfihub.com/cm?pub=39342&in=0&userid=afd171b8-c614-4e20-bfde-984bbfa84de2%3A1674081504.245601&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dafd171b8-c614-4e20-bfde-984bbfa84de2%253A1674081504.245601
IP 193.0.160.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm?pub=39342&in=0&userid=afd171b8-c614-4e20-bfde-984bbfa84de2%3A1674081504.245601&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dafd171b8-c614-4e20-bfde-984bbfa84de2%253A1674081504.245601 HTTP/1.1
Host: p.rfihub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20839218p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Wed, 18 Jan 2023 22:38:26 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: eud=H4sIAAAAAAAA_z3IsRWAMAgFwAmsMgc-iD8E3SYIDGTptHZeeU_TVSFT3OhWASE7k1cknQb3WobIfolOsMlg7B1DWd62_aeH2gexgZ-DSQAAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 12 Feb 2024 22:38:26 GMT; Secure; SameSite=None
rud=H4sIAAAAAAAA_-MSNjU0MTCwMLE0MjY2NwOyzC0NhfgMdY2rXE38M5PNHC1dXQCxcbZqJQAAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 12 Feb 2024 22:38:26 GMT; Secure; SameSite=None
ruds=H4sIAAAAAAAA_-MSNjU0MTCwMLE0MjY2NwOyzC0NhfgMdY2rXE38M5PNHC1dXQCxcbZqJQAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
euds=H4sIAAAAAAAA_wXBwRGAMAgEwI_t4HDMhaDdhBAKsXJ3v8tXFyYyZDsoPKaSXUeeYGavYB174ZMaGMrbOFzxAzuabN45AAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Location: https://idsync.rlcdn.com/501709.gif?partner_uid=afd171b8-c614-4e20-bfde-984bbfa84de2%3A1674081504.245601
Content-Length: 0
Server: Jetty(9.3.29.v20201019)
x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5144588522960336448
23.38.201.22200 OK 43 B URL HTTP/2 x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5144588522960336448
IP 23.38.201.22:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /e/rocketfuel_sync?na_exid=5144588522960336448 HTTP/1.1
Host: x.dlx.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 43
expires: Wed, 18 Jan 2023 22:38:26 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 18 Jan 2023 22:38:26 GMT
strict-transport-security: max-age=2628000
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?adv_id=7180&uid=5144588522960336448&img=1
185.94.180.126302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?adv_id=7180&uid=5144588522960336448&img=1
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?adv_id=7180&uid=5144588522960336448&img=1 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 18 Jan 2023 22:38:26 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=d2a33aec-9780-11ed-8f80-1afcdea00106; expires=Wed, 15-Feb-2023 22:38:26 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?adv_id=7180&uid=5144588522960336448&img=1&__user_check__=1&sync_id=d2a33b3b-9780-11ed-8f80-1afcdea00106
X-fe: 130
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 46a56cce68bfd977f6e7bfc4f3835b33
d468ba73156815a49283c91895f99c644ef1bbeb
2719eaa8df02b2bcaa8fcbb02a779357c33b986fa70f786517cca8bf330672aa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4557
Cache-Control: max-age=117863
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 22:38:26 GMT
Etag: "63c78c7c-1d7"
Expires: Fri, 20 Jan 2023 07:22:49 GMT
Last-Modified: Wed, 18 Jan 2023 06:06:52 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash a8c83c5f250274b0c90a1473d3f4e734
3758d549a4811cabbb822c26656cb39384eeb859
92b8aa682cb24b124c8e94afd92e7f85542648ba03c18ffe2e9b5668c8cf62f2
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 18 Jan 2023 22:38:26 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 18 Jan 2023 03:10:39 GMT
Expires: Thu, 19 Jan 2023 03:10:39 GMT
ETag: "3758d549a4811cabbb822c26656cb39384eeb859"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
bpi.rtactivate.com/tag/?id=11017&user_id=5144588522960336448
54.198.16.210200 OK 43 B URL HTTP/2 bpi.rtactivate.com/tag/?id=11017&user_id=5144588522960336448
IP 54.198.16.210:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /tag/?id=11017&user_id=5144588522960336448 HTTP/1.1
Host: bpi.rtactivate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: awselb/2.0
date: Wed, 18 Jan 2023 22:38:26 GMT
content-type: image/gif
content-length: 43
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 9a8fd0b3241bcf1ee875873e894dffa5
83b718b8f86a02f2bb2bf07c5ed20d5b267bf1ae
36ef11e6b7f16d416e2adb0b5075adf256ba43997742bd473cf2743d904eb3bc
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 22:38:26 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 18 Jan 2023 13:42:56 GMT
Expires: Wed, 25 Jan 2023 13:42:55 GMT
Etag: "83b718b8f86a02f2bb2bf07c5ed20d5b267bf1ae"
Cache-Control: max-age=572068,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78bad2261fa90b3d-OSL
dpm.demdex.net/ibs:dpid=1121&dpuuid=5144588522960336448&redir=
52.30.252.118302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=1121&dpuuid=5144588522960336448&redir=
IP 52.30.252.118:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=1121&dpuuid=5144588522960336448&redir= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v045-02b96ccc8.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5144588522960336448&redir=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=57438945826938087742526896962970191544; Max-Age=15552000; Expires=Mon, 17 Jul 2023 22:38:26 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: v+PSMqBoQkQ=
Content-Length: 0
Connection: keep-alive
dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5144588522960336448&forward=
185.80.36.245302 Found 0 B URL HTTP/1.1 dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5144588522960336448&forward=
IP 185.80.36.245:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rum?cm_dsp_id=57&external_user_id=5144588522960336448&forward= HTTP/1.1
Host: dsum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Wed, 18 Jan 2023 22:38:26 GMT
Server: Apache
Cache-Control: no-cache
Expires: 0
Location: /rum?cm_dsp_id=57&external_user_id=5144588522960336448&forward=&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Content-Length: 0
Set-Cookie: CMID=Y8h04rWCRyggjijT4kQ4CAAA; Path=/; Domain=casalemedia.com; Expires=Thu, 18 Jan 2024 22:38:26 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=4381; Path=/; Domain=casalemedia.com; Expires=Tue, 18 Apr 2023 22:38:26 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=4381; Path=/; Domain=casalemedia.com; Expires=Tue, 18 Apr 2023 22:38:26 GMT; Max-Age=7776000; Secure; SameSite=None
Keep-Alive: timeout=1, max=500
Connection: Keep-Alive
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash a01964295cccdd84b93c5c7967e58f99
3846f1a03f9b632c83a7d3110e89a46db294bf7f
7cfc0e61e816f6408125fd1b50a74786c29d125f5f95d0cfe0780508f4e52725
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5198
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 22:38:26 GMT
Last-Modified: Wed, 18 Jan 2023 21:11:48 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 727
idsync.rlcdn.com/501709.gif?partner_uid=afd171b8-c614-4e20-bfde-984bbfa84de2%3A1674081504.245601
35.244.174.68307 Temporary Redirect 0 B URL HTTP/2 idsync.rlcdn.com/501709.gif?partner_uid=afd171b8-c614-4e20-bfde-984bbfa84de2%3A1674081504.245601
IP 35.244.174.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /501709.gif?partner_uid=afd171b8-c614-4e20-bfde-984bbfa84de2%3A1674081504.245601 HTTP/1.1
Host: idsync.rlcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20839218p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 307 Temporary Redirect
cache-control: no-cache, no-store
location: https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJACjwIARAFGjZhZmQxNzFiOC1jNjE0LTRlMjAtYmZkZS05ODRiYmZhODRkZTI6MTY3NDA4MTUwNC4yNDU2MDEQABoNCOLpoZ4GEgUI6AcQAEIASgA
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: rlas3=MxX4Cu0xsJg2MlfE4B8uMmHHrCfVpMVwlMluuGz9aEI=; Path=/; Domain=rlcdn.com; Expires=Thu, 18 Jan 2024 22:38:26 GMT; Secure; SameSite=None
pxrc=CAA=; Path=/; Domain=rlcdn.com; Expires=Sun, 19 Mar 2023 22:38:26 GMT; Secure; SameSite=None
timing-allow-origin: *
date: Wed, 18 Jan 2023 22:38:26 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5144588522960336448&forward=&C=1
185.80.36.245200 OK 43 B URL HTTP/1.1 dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5144588522960336448&forward=&C=1
IP 185.80.36.245:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /rum?cm_dsp_id=57&external_user_id=5144588522960336448&forward=&C=1 HTTP/1.1
Host: dsum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20839218p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 22:38:26 GMT
Server: Apache
Cache-Control: no-cache
Content-Type: image/gif
Expires: 0
Pragma: no-cache
Content-Length: 43
Keep-Alive: timeout=1, max=499
Connection: Keep-Alive
idsync.rlcdn.com/360947.gif?partner_uid=5144588522960336448
35.244.174.68200 OK 42 B URL HTTP/2 idsync.rlcdn.com/360947.gif?partner_uid=5144588522960336448
IP 35.244.174.68:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /360947.gif?partner_uid=5144588522960336448 HTTP/1.1
Host: idsync.rlcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: pxrc=CAA=; Path=/; Domain=rlcdn.com; Expires=Sun, 19 Mar 2023 22:38:26 GMT; Secure; SameSite=None
timing-allow-origin: *
date: Wed, 18 Jan 2023 22:38:26 GMT
content-length: 42
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5144588522960336448
35.156.155.121200 OK 43 B URL HTTP/2 aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5144588522960336448
IP 35.156.155.121:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash db04c7b378cb2db912c3ba8a5a774ee3
dee34bd86c3484d31002182aa2b7caa4699126b8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
GET /adscores/g.pixel?sid=9212192898&rf=5144588522960336448 HTTP/1.1
Host: aa.agkn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 22:38:26 GMT
content-type: image/gif
content-length: 43
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
X-Firefox-Spdy: h2
sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
151.101.194.49302 Found 0 B URL HTTP/2 sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
IP 151.101.194.49:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP/1.1
Host: sync-tm.everesttech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
set-cookie: everest_g_v2=g_surferid~Y8h04gAAALkWIQA_; Path=/; Domain=.everesttech.net; Expires=Thu, 18-Jan-2024 22:38:26 GMT; Max-Age=31536000
location: https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=Y8h04gAAALkWIQA_
server: Jetty(9.4.35.v20201120)
accept-ranges: bytes
date: Wed, 18 Jan 2023 22:38:26 GMT
via: 1.1 varnish
x-served-by: cache-bma1670-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1674081506.430769,VS0,VE92
cache-control: no-cache
pragma: no-cache
content-length: 0
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?adv_id=7180&uid=5144588522960336448&img=1&__user_check__=1&sync_id=d2a33b3b-9780-11ed-8f80-1afcdea00106
185.94.180.126200 OK 43 B URL HTTP/1.1 sync.search.spotxchange.com/partner?adv_id=7180&uid=5144588522960336448&img=1&__user_check__=1&sync_id=d2a33b3b-9780-11ed-8f80-1afcdea00106
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55fade2068e7503eae8d7ddf5eb6bd09
317496a096d6c86486a71d4521994bcd171a6bb3
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
GET /partner?adv_id=7180&uid=5144588522960336448&img=1&__user_check__=1&sync_id=d2a33b3b-9780-11ed-8f80-1afcdea00106 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20839218p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 18 Jan 2023 22:38:26 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Set-Cookie: audience=d2b6e2e1-9780-11ed-904a-14e583300206; expires=Wed, 15-Feb-2023 22:38:26 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 116
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3e42d0094e75f5925d27b12b3adf45a2
1acda853137cabb1eea675312dc5badab45b3317
e9f5c48eadcd450691844b1244857d631be33e26bce11e78ef086d5de6122193
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4004
Cache-Control: max-age=138561
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 22:38:26 GMT
Etag: "63c7df7f-1d7"
Expires: Fri, 20 Jan 2023 13:07:47 GMT
Last-Modified: Wed, 18 Jan 2023 12:01:03 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=Y8h04gAAALkWIQA_
151.101.194.49200 OK 85 B URL HTTP/2 sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=Y8h04gAAALkWIQA_
IP 151.101.194.49:0
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 5bec6606b8392065f9da9898ca6f7b14
73ac5b01b5e3293fb792179626e7f8369cdb944d
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
GET /ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=Y8h04gAAALkWIQA_ HTTP/1.1
Host: sync-tm.everesttech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20839218p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
server: Jetty(9.4.35.v20201120)
accept-ranges: bytes
date: Wed, 18 Jan 2023 22:38:26 GMT
via: 1.1 varnish
age: 2317
x-served-by: cache-bma1670-BMA
x-cache: HIT
x-cache-hits: 3791
x-timer: S1674081507.543074,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 85
X-Firefox-Spdy: h2
idsync.rlcdn.com/1000.gif?memo=CM3PHhJACjwIARAFGjZhZmQxNzFiOC1jNjE0LTRlMjAtYmZkZS05ODRiYmZhODRkZTI6MTY3NDA4MTUwNC4yNDU2MDEQABoNCOLpoZ4GEgUI6AcQAEIASgA
35.244.174.68307 Temporary Redirect 0 B URL HTTP/2 idsync.rlcdn.com/1000.gif?memo=CM3PHhJACjwIARAFGjZhZmQxNzFiOC1jNjE0LTRlMjAtYmZkZS05ODRiYmZhODRkZTI6MTY3NDA4MTUwNC4yNDU2MDEQABoNCOLpoZ4GEgUI6AcQAEIASgA
IP 35.244.174.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1000.gif?memo=CM3PHhJACjwIARAFGjZhZmQxNzFiOC1jNjE0LTRlMjAtYmZkZS05ODRiYmZhODRkZTI6MTY3NDA4MTUwNC4yNDU2MDEQABoNCOLpoZ4GEgUI6AcQAEIASgA HTTP/1.1
Host: idsync.rlcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20839218p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 307 Temporary Redirect
cache-control: no-cache, no-store
location: https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: pxrc=COLpoZ4GEgUI6AcQABIGCLrqARAA; Path=/; Domain=rlcdn.com; Expires=Sun, 19 Mar 2023 22:38:26 GMT; Secure; SameSite=None
timing-allow-origin: *
date: Wed, 18 Jan 2023 22:38:26 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.usertrust.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 1eae7683cd2ac06128d031bad9233db5
b100b667277ce1726213d5bfda336ec0859a2663
e7703f8e139b2c69f114b1dd8843faa5b224fdbb54bfc6d0ea429e7783b2ac00
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 22:38:26 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 18 Jan 2023 09:01:03 GMT
Expires: Wed, 25 Jan 2023 09:01:02 GMT
Etag: "b100b667277ce1726213d5bfda336ec0859a2663"
Cache-Control: max-age=602480,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1519
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bad2280ad50b4d-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8739a45abe543a04249a416de4cf20b3
0e32af3e9098b26dc4bd38560aa022074bc330d5
9d34541f0e34ba339b46547b13fb4a107da51477f1c236cf0df09602ba3464bc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1480
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 22:38:26 GMT
Etag: "63c7a471-1d7"
Last-Modified: Wed, 18 Jan 2023 22:13:46 GMT
Server: ECS (amb/6B9B)
X-Cache: HIT
Content-Length: 471
beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5144588522960336448
34.247.119.70204 No Content 0 B URL HTTP/2 beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5144588522960336448
IP 34.247.119.70:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatch.gif?partner_id=rfuel&partner_user_id=5144588522960336448 HTTP/1.1
Host: beacon.krxd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 18 Jan 2023 22:38:26 GMT
set-cookie: _kuid_=PU6u3_JU; Expires=Mon, 17-Jul-23 22:38:26 GMT; Max-Age=15552000; Domain=.krxd.net; Path=/
cache-control: private, no-cache, no-store
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by: beacon-n007-dub-prod.krxd.net
x-request-time: D=48 t=1674081506
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1d177c944069d0e769868ada28b7acec
aede8cb62b6fcbe010edc26789517a4962174a00
d8bfa29fed838f2a081cadab887542669918f852ce2aa39e7f4c9db53ef55cdb
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4695
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 22:38:26 GMT
Last-Modified: Wed, 18 Jan 2023 21:20:11 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5144588522960336448&redir=
52.30.252.118200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5144588522960336448&redir=
IP 52.30.252.118:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5144588522960336448&redir= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20839218p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v045-0f14bb97f.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: QUCNRqObQWs=
Content-Length: 59
Connection: keep-alive
data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=0&c=1202&i=5bfp8m&p=regions-prod&s=340&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTcUAPAmY2xpZW50SWQiOjEyMDIsInB1Ymxpc2hQYXRoIjoicmVnaW9ucy1wcm9kIiwiaW5zdGFuY2UvAPE0IjViZnA4bSIsInBhY2tldCI6MCwibW9kZSI6Im9ic2VydmUiLCJjb29raWVzIjp7fSwiZW52aXJvbm1lbnQiOiJSZVwAIiBQXADyBnJlcXVlc3RzIjpbeyJkZXN0aW5hdMAAYCIsInR5cFkA8A9iaWxsaW5nIiwic3RhcnQiOjE2NzQwODE1MDU2OTViAMBkIjotMSwic291cmMyAAIrAPAAdHVzIjoiIiwicmVhc29uZQDUXSwiZGF0YVBhdHRlchIAsGxpc3QiOltdLCJpEgHwADY3NDA4MTUwNTY5NX1dfQ
63.34.68.24204 No Content 0 B URL HTTP/2 data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=0&c=1202&i=5bfp8m&p=regions-prod&s=340&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTcUAPAmY2xpZW50SWQiOjEyMDIsInB1Ymxpc2hQYXRoIjoicmVnaW9ucy1wcm9kIiwiaW5zdGFuY2UvAPE0IjViZnA4bSIsInBhY2tldCI6MCwibW9kZSI6Im9ic2VydmUiLCJjb29raWVzIjp7fSwiZW52aXJvbm1lbnQiOiJSZVwAIiBQXADyBnJlcXVlc3RzIjpbeyJkZXN0aW5hdMAAYCIsInR5cFkA8A9iaWxsaW5nIiwic3RhcnQiOjE2NzQwODE1MDU2OTViAMBkIjotMSwic291cmMyAAIrAPAAdHVzIjoiIiwicmVhc29uZQDUXSwiZGF0YVBhdHRlchIAsGxpc3QiOltdLCJpEgHwADY3NDA4MTUwNTY5NX1dfQ
IP 63.34.68.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /privacy/v1/b/r.rnc?n=0&c=1202&i=5bfp8m&p=regions-prod&s=340&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTcUAPAmY2xpZW50SWQiOjEyMDIsInB1Ymxpc2hQYXRoIjoicmVnaW9ucy1wcm9kIiwiaW5zdGFuY2UvAPE0IjViZnA4bSIsInBhY2tldCI6MCwibW9kZSI6Im9ic2VydmUiLCJjb29raWVzIjp7fSwiZW52aXJvbm1lbnQiOiJSZVwAIiBQXADyBnJlcXVlc3RzIjpbeyJkZXN0aW5hdMAAYCIsInR5cFkA8A9iaWxsaW5nIiwic3RhcnQiOjE2NzQwODE1MDU2OTViAMBkIjotMSwic291cmMyAAIrAPAAdHVzIjoiIiwicmVhc29uZQDUXSwiZGF0YVBhdHRlchIAsGxpc3QiOltdLCJpEgHwADY3NDA4MTUwNTY5NX1dfQ HTTP/1.1
Host: data.privacy.ensighten.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 18 Jan 2023 22:38:26 GMT
expires: Wed, 18 Jan 2023 22:38:25 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2
data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=1&c=1202&i=5bfp8m&p=regions-prod&s=15636&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTcUAPAmY2xpZW50SWQiOjEyMDIsInB1Ymxpc2hQYXRoIjoicmVnaW9ucy1wcm9kIiwiaW5zdGFuY2UvAPE0IjViZnA4bSIsInBhY2tldCI6MSwibW9kZSI6Im9ic2VydmUiLCJjb29raWVzIjp7fSwiZW52aXJvbm1lbnQiOiJSZVwAIiBQXADyBnJlcXVlc3RzIjpbeyJkZXN0aW5hdMAA8QxodHRwczovL21hcHMuZ29vZ2xlYXBpcy5jb20UAEEvYXBpCQDwCGpzL2dlbl8yMDQ_Y3NwX3Rlc3Q9dHJ1iQAwdHlwmgCgeGhyIiwic3RhcrEAwDY3NDA4MTUwMzU5Mp8AAAYBBxQAgDMsInNvdXJjOQCyWEhSX01BTkFHRVJBAMB0dXMiOiJhbGxvd2UcAWByZWFzb26_ANRdLCJkYXRhUGF0dGVyEgCybGlzdCI6W10sImlmAM8zNjU0Mjk5OTEwfSzxAGEfM_EAZh8x8QAk8ApzdGF0aWNtYXA_Y2VudGVyPTMzLjM3NTk2RwHwAzk5OTksJTIwLTg0LjU1NjU0NhIA9Ao5OTkmem9vbT0xNSZtYXJrZXJzPWljb246UwJDd3d3LuUCAU8C8wd-L21lZGlhL0ltYWdlcy9XZWJTaXRlDgDyAGJyYW5jaC1sb2NhdG9yLVEAfy5wbmclN0OMABPSc3R5bGU9aHVlOiUyMwEAgSU3Q3NhdHVy7QLwBzotMTAwJnNpemU9NDAweDQwMCZtYXC8AvAoPXJvYWRtYXAma2V5PUFJemFTeUJzMGhxWWZOWXNZUFlPdGNacllsaTZqMEs4Qi13TzltYyIsIjsAYiI6ImltZ7YCDPcCHzcGAgAXN_cCQUhUTUz-ANJfU0VUQVRUUklCVVRFTAAPAgMtrzIwNjQwNTI0MDMRAgfxAG5leHVzLmVuc2lnaHRlbqQBA7ABEy8IAAGdBBEvcQTyF3JDb21wb25lbnQucGhwP25hbWVzcGFjZT1Cb290c3RyYXBwZXImSAIgSnPkBB89YQAWY2NvZGUvJh8F8ARlZE9uPU1vbiUyMERlYyUyMDEyBQBROToxMjoLAMJHTVQlMjAyMDIyJkNiBSBEPWEFgSZQYWdlSUQ9gAKbJTNBJTJGJTJGhgIzJTJGZAJgJTJGbWxvBgDxBG9ydGdhZ2UtbG9hbi1vZmZpY2WCAvYHeS1ob2FuZy1wZWFjaHRyZWUtY2l0efoBYnNjcmlwdLEBC_0BLTI0_QE3NzU0_QGwaW5zZXJ0QmVmb3JDBQA4AQH1BD9sb2HyBCGvNTIwMTkyNTk4N_AB_2UfNvABDCBtdWIFMm9uT78HMnJDTDgCAukDD_YBLR859gEwAYUD8BoyNGRhNThiODk3YTgzYWM4ZGQ2MTIyMDkxYTYzODZjNy5qcz9jb25kaT8Ir0lkMD0zNjUyODcUAxE-NzUxJAEvNjgUA0ifNjg5ODU0NTA1HgGSDjUIGTceAQxCAh9BQQIxBCMBDzcEMQ9BAk8PVQUADyMBCg9lAzMEJAEfOEcCG_ALZXJyb3IvZS5naWY_bXNnPUludmFsaWQlMjDCCgAHAEFlZmluSQNxJTIwdXNlZLQG-wEwNTk4NTcmbG5uPTU0JmZuzwYPVAcAMyUyRq8HBgoAAbkHNSUyRp0Hci5qcyZjaWQpBwKZDBM9NgAEeQcBtAcDFAABQACSJnJpZD0tMSZkBwAB0QClTmFtZT1EYXRhRL4AUEV4Y2VwEAQGBgQPFAkELjgwJwUBFAAFCwzxAmltZ19ET01BdHRyTW9kaWZpAAwFHgcPEwwojzM1MzU5NzQ2EQkI8QNzcC5hbmFseXRpY3MueWFob28UCfEQc3BwLnBsP2E9MTAwMDAmLnlwPTEwMTc1NjU4JmhlPfEMUiZhdWlkUQEA-g0PGwoLPTgxOAoFARQADwcBT58yMDc4ODQyNzTNAgjzGzkxMDA1NzYuZmxzLmRvdWJsZWNsaWNrLm5ldC9hY3Rpdml0eWk7c3JjPSoAEDvvAHM9cHY7Y2F0BAGAO2RjX2xhdD0IABByQALwDjt0YWdfZm9yX2NoaWxkX2RpcmVjdGVkX3RyZWF0tg7xBD07dGZ1YT07bnBhPTtnZHByPTAHAPcRX2NvbnNlbnQ9MDtvcmQ9ODkyOTQxNjg2NzEyMS41MjN1AkNmcmFtTQkKjwkuODJ7BgEUAAZxAQE8AA97AkOvNDQ3NDMzMDAxNEEEB-JkYy5hZHMubGlua2VkaYwL4GNvbGxlY3QvP3BpZD02TA-XNiZmbXQ9Z2lm9QAPfgwDHziBCgABFAAG8gAPagNFrzQwNjMzMzE1NDLvAAdQY3QucGloDjFlc3RkA_IJdjMvP3RpZD0yNjEzNDgzOTE3NTU3Jm5vYwsvPTHxABAeNVQDKDI1XggP8QBFnzUzNjY0OTUwN1sECAZYBDB0d2m8EAH2AOJpL2Fkc2N0P3BfaWQ9VBkAcCZwX3VzZXISAFAwJnR4bgkA8AFvMXJ4dCZldmVudHM9JTVCAwDwGDIycGFnZXZpZXclMjIlMkNudWxsJTVEJTVEJnR3X3NhbGVfYW1vdTkDABEA_wBvcmRlcl9xdWFudGl0eT2lBBAfMqwFABgywA4faVEBRZ80NTY2NDI4MjbOEAgANwIfL0ABiw_lBQAZMu8KD0ABRZ8yMzAxOTc3MzgXDAgwcHVicQQfZ-IFBsE7eHNwPTQ5NTg4MDN6Bf8CMTQyNzIzMTcxOTM0MDE5MT-UAw8fM3cFAAAUAA-FBE8AowBfODk0MDL8CwhyaWIuYWRueOwU8CFwaXhpZT9waT04ZDVmMzg5YS0yYzBjLTRjNmYtYmM3OC00NDRlYzNhMDg5MGUmZT1sEFNWaWV3JqIED1EDEB4zvwoQOBQADw4BT582MDMxMTc2MTJRAwiRcHhsLmppdm94mgThdGFncy9jb252L3B4cmXyEfsNcHg9MjYwMTlhZGVjNTc1NjAmdXNfcHJpdmFjeQoWD_8JBR8zEwMAABQADwIBTyAyMvUIPzEwMAIBGyByZQABFGMAAfAJMDYwMzQyNGJkOTkwNGEmcmV0PWltZyZjEAtAPVVuaRcYMGFsXxwCEV8dAg8iAR8eOcYGLzM5xgZRjzI1MDA3NzE1IQsJD30MAAQqFAQIAAE5DBEvCw79ETlmMDNhM2U3OTM3YzA1Mzg5NmE2ODIyM2I3MzQ4N2U4TBBmNDIzMDI2VwQCWwMC5w4K0Qk-NzUwKAEZNe4HD2ATPI83NDY4OTQzN1IYCA8eAXgOTBA3ODU2RgIMTBAPKQ8zBCQBDwgJCA8kAQEBWA4PKQ_8HzQsBgAYOUAWDMIBCQ4SAVIBPyIsIjgbHgIlDx81JgUJDykcCgCpDw9HGv8-DjQHEDnPDgU0Bw8KAgoPWRYkBT8aD7MOCAMtHj5kcy5FCgCbDDBhZC-eDHB0aHJvdWdoTAgCNR_wAi8xMDEzNTM2NDA2Lz9yYW5kQxwEGh4ANB7JJmN2PTExJmZzdD0xGAAA_Q5hMyZiZz1mAQAgJmd0EfM6T04mYXN5bmM9MSZndG09Mm9hMWExJnVfdz0xMjgwJnVfaD0xMDI0JmxhYmVsPUYwa1FDSVdJZ3FZQkVKYXRwZU1EJmhuPXd3d_4eAP8IqyZmcm09MCZ1cmx-Ew9NGj50JnRpYmE9UGEasyUyMENpdHklMjBNlRrwACUyMExlbmRlciUyMCU3QxoAIGFyIQAQSJsaBRUAA_EfAAMBUl9lZT0xkBK2MjA3OTU5MTA0OC5KARAmfxQRPU0ONiUzRJgBoiZnY3A9MSZjdF9ZIEFfcHJleREPfQ8OPTQwOCwOAhQABaUCDywORm8yMzI3NjjlFwsAtgECrgKgdGFnbWFuYWdlcucB9gAvZ3RhZy9qcz9pZD1BVy2YAiImbMcSIG5z2glATGF5ZdogAOYSPyI6IpYIBy04MpYIRzQwOTB4Bw_2GzyfMjk5MDM4NDQ55gwID_0AVh80BAIAJzkx_QAMqQQPdQgyAwMBHzXbDAkP2BVXDb4LODQwOeoiACUfMG5kQwMVAtcKD_8bKgXNFQ_oDwgP_ABWD_8BAgj8AA__AUMD0BYvNzZtFAcPKxKhDzgCSw8gEhAPNQGQD20DXAM1AR85Ag4IDzUBjx00TgoLagIPpgNDAjwBLzQwqQQIsWxpdmUucmV6eW5jnAcA1An0Oj9jPTE2YjY0MTA0MzFiNjM3NGU3ODAxMDRhYmIwNDQzY2E4JnA9MmY1MjJmMmNiYzBmZWNlYmFkZDIwZjk2MWFhYmRiMTMmaz3WHPQGYmFuay1waXhlbC04MjE5JnptcElE7AcQLR4AoCZjYWNoZV9idXMGJ_EAMTA0NjgwNTEyODIxNzk0YiQUVRYKMDovL10HA1wAAbUAA1skYy9tbG8vbcIJD1ckOC04M9kPODQxNGUFD2EGPI84NjQwNDUwMl4FCA-4Af8TDvsiC7gBD3cDQwO_AR80xg0IAMICDxwLEJ85NTk1ODE4MDYbCwBHJmN4PRApDyALBj00MDakGzk0MTZTGg-2EzsAOQRfNDQ2NTX2FQgPAQFaHTgUKgsBAQ8IAkIEBwEPoRwJIGpzgR6wcnZyLm9yZy91cF86EFBlci4xLuIuL2pzlhURLjgykwcZMqEjDwANPY8xMjMzODMyNZQHCA_ZADIfNNkADQ-4AUITMt8AD3UWCQ_fADIeM5gDKDI3uw0PuAFFD1gGCA_ZADIdNXswGjTZAA-4AUsPCRcIgWJhdC5iaW5nNwgAViPAb24vMD90aT0yMTAxcAjwBSZWZXI9MiZtaWQ9YjhiOTIwNTAtxRrwFi00MDU4LWI0N2ItOTI2Y2YwN2JhZmYxJnNpZD1kMTYxOTk4MDkmCfQGMWVkOTUwNzdkMDI0MjZiNzY0MSZ2JQAlMTklAPABYTU1NzZkNGVlZTAzMGNhOSUA8w5zPTEmbXNjbGtpZD1OJnBpPTAmbGc9ZW4tVVMmc1oTE3NZE49zYz0yNCZ0bMYSOC9rd00AOB9wxBNO8AByPSZsdD0zMzQxJmV2dD39FP8DTG9hZCZzdj0xJnJuPTQ5NzkzRhMPLTI4Lx8RNBQABUYTDzIwSo8xMTk1MDEwOEwFCAm1AgANAA8YBhQeMfcGKDI4twoPYAQ8nzM5MjgxNDY4N3AMCAC_AAWBAwANAA_MABQfNCwFAAnMAA9TBEID0gAvOTCpKwgPVSVBDtQTEDLsFQWSAg9wDDsFSiUPsQoID-YAQA8VDwAK5gAP0wFCBO0AHzkFBwhAcC50ZacjMXR2LwkAMC1mZRU3Hy6sAhQeM78BLzMw2AdInzM0NTU3OTEyNJAWCA_TACwP0gcACtMAD6wBQgTZAA-SJgkmY22tAf8GdjIvYWR2ZXJ0aXNlcj9yZWZlcmVyiAZOYWJ1eWVyX98QADYoRjU5OTW3C1JmZXRjaHUWCUwhLjQzbB4CFAAF5QNfRkVUQ0iiOTufNTU4Mjk5Njg4KgII8gBjb25uZWN0LmZhY2Vib2-BLIFlbl9VUy9mYsAaH3MJAxUOcS1HNDM3MpwYD4EGPI8yMjA3NDMwNboLCQ_fADgPlAYACt8ADxUDQtAyMjA3NDMwNTk3fV19
63.34.68.24204 No Content 0 B URL HTTP/2 data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=1&c=1202&i=5bfp8m&p=regions-prod&s=15636&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTcUAPAmY2xpZW50SWQiOjEyMDIsInB1Ymxpc2hQYXRoIjoicmVnaW9ucy1wcm9kIiwiaW5zdGFuY2UvAPE0IjViZnA4bSIsInBhY2tldCI6MSwibW9kZSI6Im9ic2VydmUiLCJjb29raWVzIjp7fSwiZW52aXJvbm1lbnQiOiJSZVwAIiBQXADyBnJlcXVlc3RzIjpbeyJkZXN0aW5hdMAA8QxodHRwczovL21hcHMuZ29vZ2xlYXBpcy5jb20UAEEvYXBpCQDwCGpzL2dlbl8yMDQ_Y3NwX3Rlc3Q9dHJ1iQAwdHlwmgCgeGhyIiwic3RhcrEAwDY3NDA4MTUwMzU5Mp8AAAYBBxQAgDMsInNvdXJjOQCyWEhSX01BTkFHRVJBAMB0dXMiOiJhbGxvd2UcAWByZWFzb26_ANRdLCJkYXRhUGF0dGVyEgCybGlzdCI6W10sImlmAM8zNjU0Mjk5OTEwfSzxAGEfM_EAZh8x8QAk8ApzdGF0aWNtYXA_Y2VudGVyPTMzLjM3NTk2RwHwAzk5OTksJTIwLTg0LjU1NjU0NhIA9Ao5OTkmem9vbT0xNSZtYXJrZXJzPWljb246UwJDd3d3LuUCAU8C8wd-L21lZGlhL0ltYWdlcy9XZWJTaXRlDgDyAGJyYW5jaC1sb2NhdG9yLVEAfy5wbmclN0OMABPSc3R5bGU9aHVlOiUyMwEAgSU3Q3NhdHVy7QLwBzotMTAwJnNpemU9NDAweDQwMCZtYXC8AvAoPXJvYWRtYXAma2V5PUFJemFTeUJzMGhxWWZOWXNZUFlPdGNacllsaTZqMEs4Qi13TzltYyIsIjsAYiI6ImltZ7YCDPcCHzcGAgAXN_cCQUhUTUz-ANJfU0VUQVRUUklCVVRFTAAPAgMtrzIwNjQwNTI0MDMRAgfxAG5leHVzLmVuc2lnaHRlbqQBA7ABEy8IAAGdBBEvcQTyF3JDb21wb25lbnQucGhwP25hbWVzcGFjZT1Cb290c3RyYXBwZXImSAIgSnPkBB89YQAWY2NvZGUvJh8F8ARlZE9uPU1vbiUyMERlYyUyMDEyBQBROToxMjoLAMJHTVQlMjAyMDIyJkNiBSBEPWEFgSZQYWdlSUQ9gAKbJTNBJTJGJTJGhgIzJTJGZAJgJTJGbWxvBgDxBG9ydGdhZ2UtbG9hbi1vZmZpY2WCAvYHeS1ob2FuZy1wZWFjaHRyZWUtY2l0efoBYnNjcmlwdLEBC_0BLTI0_QE3NzU0_QGwaW5zZXJ0QmVmb3JDBQA4AQH1BD9sb2HyBCGvNTIwMTkyNTk4N_AB_2UfNvABDCBtdWIFMm9uT78HMnJDTDgCAukDD_YBLR859gEwAYUD8BoyNGRhNThiODk3YTgzYWM4ZGQ2MTIyMDkxYTYzODZjNy5qcz9jb25kaT8Ir0lkMD0zNjUyODcUAxE-NzUxJAEvNjgUA0ifNjg5ODU0NTA1HgGSDjUIGTceAQxCAh9BQQIxBCMBDzcEMQ9BAk8PVQUADyMBCg9lAzMEJAEfOEcCG_ALZXJyb3IvZS5naWY_bXNnPUludmFsaWQlMjDCCgAHAEFlZmluSQNxJTIwdXNlZLQG-wEwNTk4NTcmbG5uPTU0JmZuzwYPVAcAMyUyRq8HBgoAAbkHNSUyRp0Hci5qcyZjaWQpBwKZDBM9NgAEeQcBtAcDFAABQACSJnJpZD0tMSZkBwAB0QClTmFtZT1EYXRhRL4AUEV4Y2VwEAQGBgQPFAkELjgwJwUBFAAFCwzxAmltZ19ET01BdHRyTW9kaWZpAAwFHgcPEwwojzM1MzU5NzQ2EQkI8QNzcC5hbmFseXRpY3MueWFob28UCfEQc3BwLnBsP2E9MTAwMDAmLnlwPTEwMTc1NjU4JmhlPfEMUiZhdWlkUQEA-g0PGwoLPTgxOAoFARQADwcBT58yMDc4ODQyNzTNAgjzGzkxMDA1NzYuZmxzLmRvdWJsZWNsaWNrLm5ldC9hY3Rpdml0eWk7c3JjPSoAEDvvAHM9cHY7Y2F0BAGAO2RjX2xhdD0IABByQALwDjt0YWdfZm9yX2NoaWxkX2RpcmVjdGVkX3RyZWF0tg7xBD07dGZ1YT07bnBhPTtnZHByPTAHAPcRX2NvbnNlbnQ9MDtvcmQ9ODkyOTQxNjg2NzEyMS41MjN1AkNmcmFtTQkKjwkuODJ7BgEUAAZxAQE8AA97AkOvNDQ3NDMzMDAxNEEEB-JkYy5hZHMubGlua2VkaYwL4GNvbGxlY3QvP3BpZD02TA-XNiZmbXQ9Z2lm9QAPfgwDHziBCgABFAAG8gAPagNFrzQwNjMzMzE1NDLvAAdQY3QucGloDjFlc3RkA_IJdjMvP3RpZD0yNjEzNDgzOTE3NTU3Jm5vYwsvPTHxABAeNVQDKDI1XggP8QBFnzUzNjY0OTUwN1sECAZYBDB0d2m8EAH2AOJpL2Fkc2N0P3BfaWQ9VBkAcCZwX3VzZXISAFAwJnR4bgkA8AFvMXJ4dCZldmVudHM9JTVCAwDwGDIycGFnZXZpZXclMjIlMkNudWxsJTVEJTVEJnR3X3NhbGVfYW1vdTkDABEA_wBvcmRlcl9xdWFudGl0eT2lBBAfMqwFABgywA4faVEBRZ80NTY2NDI4MjbOEAgANwIfL0ABiw_lBQAZMu8KD0ABRZ8yMzAxOTc3MzgXDAgwcHVicQQfZ-IFBsE7eHNwPTQ5NTg4MDN6Bf8CMTQyNzIzMTcxOTM0MDE5MT-UAw8fM3cFAAAUAA-FBE8AowBfODk0MDL8CwhyaWIuYWRueOwU8CFwaXhpZT9waT04ZDVmMzg5YS0yYzBjLTRjNmYtYmM3OC00NDRlYzNhMDg5MGUmZT1sEFNWaWV3JqIED1EDEB4zvwoQOBQADw4BT582MDMxMTc2MTJRAwiRcHhsLmppdm94mgThdGFncy9jb252L3B4cmXyEfsNcHg9MjYwMTlhZGVjNTc1NjAmdXNfcHJpdmFjeQoWD_8JBR8zEwMAABQADwIBTyAyMvUIPzEwMAIBGyByZQABFGMAAfAJMDYwMzQyNGJkOTkwNGEmcmV0PWltZyZjEAtAPVVuaRcYMGFsXxwCEV8dAg8iAR8eOcYGLzM5xgZRjzI1MDA3NzE1IQsJD30MAAQqFAQIAAE5DBEvCw79ETlmMDNhM2U3OTM3YzA1Mzg5NmE2ODIyM2I3MzQ4N2U4TBBmNDIzMDI2VwQCWwMC5w4K0Qk-NzUwKAEZNe4HD2ATPI83NDY4OTQzN1IYCA8eAXgOTBA3ODU2RgIMTBAPKQ8zBCQBDwgJCA8kAQEBWA4PKQ_8HzQsBgAYOUAWDMIBCQ4SAVIBPyIsIjgbHgIlDx81JgUJDykcCgCpDw9HGv8-DjQHEDnPDgU0Bw8KAgoPWRYkBT8aD7MOCAMtHj5kcy5FCgCbDDBhZC-eDHB0aHJvdWdoTAgCNR_wAi8xMDEzNTM2NDA2Lz9yYW5kQxwEGh4ANB7JJmN2PTExJmZzdD0xGAAA_Q5hMyZiZz1mAQAgJmd0EfM6T04mYXN5bmM9MSZndG09Mm9hMWExJnVfdz0xMjgwJnVfaD0xMDI0JmxhYmVsPUYwa1FDSVdJZ3FZQkVKYXRwZU1EJmhuPXd3d_4eAP8IqyZmcm09MCZ1cmx-Ew9NGj50JnRpYmE9UGEasyUyMENpdHklMjBNlRrwACUyMExlbmRlciUyMCU3QxoAIGFyIQAQSJsaBRUAA_EfAAMBUl9lZT0xkBK2MjA3OTU5MTA0OC5KARAmfxQRPU0ONiUzRJgBoiZnY3A9MSZjdF9ZIEFfcHJleREPfQ8OPTQwOCwOAhQABaUCDywORm8yMzI3NjjlFwsAtgECrgKgdGFnbWFuYWdlcucB9gAvZ3RhZy9qcz9pZD1BVy2YAiImbMcSIG5z2glATGF5ZdogAOYSPyI6IpYIBy04MpYIRzQwOTB4Bw_2GzyfMjk5MDM4NDQ55gwID_0AVh80BAIAJzkx_QAMqQQPdQgyAwMBHzXbDAkP2BVXDb4LODQwOeoiACUfMG5kQwMVAtcKD_8bKgXNFQ_oDwgP_ABWD_8BAgj8AA__AUMD0BYvNzZtFAcPKxKhDzgCSw8gEhAPNQGQD20DXAM1AR85Ag4IDzUBjx00TgoLagIPpgNDAjwBLzQwqQQIsWxpdmUucmV6eW5jnAcA1An0Oj9jPTE2YjY0MTA0MzFiNjM3NGU3ODAxMDRhYmIwNDQzY2E4JnA9MmY1MjJmMmNiYzBmZWNlYmFkZDIwZjk2MWFhYmRiMTMmaz3WHPQGYmFuay1waXhlbC04MjE5JnptcElE7AcQLR4AoCZjYWNoZV9idXMGJ_EAMTA0NjgwNTEyODIxNzk0YiQUVRYKMDovL10HA1wAAbUAA1skYy9tbG8vbcIJD1ckOC04M9kPODQxNGUFD2EGPI84NjQwNDUwMl4FCA-4Af8TDvsiC7gBD3cDQwO_AR80xg0IAMICDxwLEJ85NTk1ODE4MDYbCwBHJmN4PRApDyALBj00MDakGzk0MTZTGg-2EzsAOQRfNDQ2NTX2FQgPAQFaHTgUKgsBAQ8IAkIEBwEPoRwJIGpzgR6wcnZyLm9yZy91cF86EFBlci4xLuIuL2pzlhURLjgykwcZMqEjDwANPY8xMjMzODMyNZQHCA_ZADIfNNkADQ-4AUITMt8AD3UWCQ_fADIeM5gDKDI3uw0PuAFFD1gGCA_ZADIdNXswGjTZAA-4AUsPCRcIgWJhdC5iaW5nNwgAViPAb24vMD90aT0yMTAxcAjwBSZWZXI9MiZtaWQ9YjhiOTIwNTAtxRrwFi00MDU4LWI0N2ItOTI2Y2YwN2JhZmYxJnNpZD1kMTYxOTk4MDkmCfQGMWVkOTUwNzdkMDI0MjZiNzY0MSZ2JQAlMTklAPABYTU1NzZkNGVlZTAzMGNhOSUA8w5zPTEmbXNjbGtpZD1OJnBpPTAmbGc9ZW4tVVMmc1oTE3NZE49zYz0yNCZ0bMYSOC9rd00AOB9wxBNO8AByPSZsdD0zMzQxJmV2dD39FP8DTG9hZCZzdj0xJnJuPTQ5NzkzRhMPLTI4Lx8RNBQABUYTDzIwSo8xMTk1MDEwOEwFCAm1AgANAA8YBhQeMfcGKDI4twoPYAQ8nzM5MjgxNDY4N3AMCAC_AAWBAwANAA_MABQfNCwFAAnMAA9TBEID0gAvOTCpKwgPVSVBDtQTEDLsFQWSAg9wDDsFSiUPsQoID-YAQA8VDwAK5gAP0wFCBO0AHzkFBwhAcC50ZacjMXR2LwkAMC1mZRU3Hy6sAhQeM78BLzMw2AdInzM0NTU3OTEyNJAWCA_TACwP0gcACtMAD6wBQgTZAA-SJgkmY22tAf8GdjIvYWR2ZXJ0aXNlcj9yZWZlcmVyiAZOYWJ1eWVyX98QADYoRjU5OTW3C1JmZXRjaHUWCUwhLjQzbB4CFAAF5QNfRkVUQ0iiOTufNTU4Mjk5Njg4KgII8gBjb25uZWN0LmZhY2Vib2-BLIFlbl9VUy9mYsAaH3MJAxUOcS1HNDM3MpwYD4EGPI8yMjA3NDMwNboLCQ_fADgPlAYACt8ADxUDQtAyMjA3NDMwNTk3fV19
IP 63.34.68.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /privacy/v1/b/r.rnc?n=1&c=1202&i=5bfp8m&p=regions-prod&s=15636&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTcUAPAmY2xpZW50SWQiOjEyMDIsInB1Ymxpc2hQYXRoIjoicmVnaW9ucy1wcm9kIiwiaW5zdGFuY2UvAPE0IjViZnA4bSIsInBhY2tldCI6MSwibW9kZSI6Im9ic2VydmUiLCJjb29raWVzIjp7fSwiZW52aXJvbm1lbnQiOiJSZVwAIiBQXADyBnJlcXVlc3RzIjpbeyJkZXN0aW5hdMAA8QxodHRwczovL21hcHMuZ29vZ2xlYXBpcy5jb20UAEEvYXBpCQDwCGpzL2dlbl8yMDQ_Y3NwX3Rlc3Q9dHJ1iQAwdHlwmgCgeGhyIiwic3RhcrEAwDY3NDA4MTUwMzU5Mp8AAAYBBxQAgDMsInNvdXJjOQCyWEhSX01BTkFHRVJBAMB0dXMiOiJhbGxvd2UcAWByZWFzb26_ANRdLCJkYXRhUGF0dGVyEgCybGlzdCI6W10sImlmAM8zNjU0Mjk5OTEwfSzxAGEfM_EAZh8x8QAk8ApzdGF0aWNtYXA_Y2VudGVyPTMzLjM3NTk2RwHwAzk5OTksJTIwLTg0LjU1NjU0NhIA9Ao5OTkmem9vbT0xNSZtYXJrZXJzPWljb246UwJDd3d3LuUCAU8C8wd-L21lZGlhL0ltYWdlcy9XZWJTaXRlDgDyAGJyYW5jaC1sb2NhdG9yLVEAfy5wbmclN0OMABPSc3R5bGU9aHVlOiUyMwEAgSU3Q3NhdHVy7QLwBzotMTAwJnNpemU9NDAweDQwMCZtYXC8AvAoPXJvYWRtYXAma2V5PUFJemFTeUJzMGhxWWZOWXNZUFlPdGNacllsaTZqMEs4Qi13TzltYyIsIjsAYiI6ImltZ7YCDPcCHzcGAgAXN_cCQUhUTUz-ANJfU0VUQVRUUklCVVRFTAAPAgMtrzIwNjQwNTI0MDMRAgfxAG5leHVzLmVuc2lnaHRlbqQBA7ABEy8IAAGdBBEvcQTyF3JDb21wb25lbnQucGhwP25hbWVzcGFjZT1Cb290c3RyYXBwZXImSAIgSnPkBB89YQAWY2NvZGUvJh8F8ARlZE9uPU1vbiUyMERlYyUyMDEyBQBROToxMjoLAMJHTVQlMjAyMDIyJkNiBSBEPWEFgSZQYWdlSUQ9gAKbJTNBJTJGJTJGhgIzJTJGZAJgJTJGbWxvBgDxBG9ydGdhZ2UtbG9hbi1vZmZpY2WCAvYHeS1ob2FuZy1wZWFjaHRyZWUtY2l0efoBYnNjcmlwdLEBC_0BLTI0_QE3NzU0_QGwaW5zZXJ0QmVmb3JDBQA4AQH1BD9sb2HyBCGvNTIwMTkyNTk4N_AB_2UfNvABDCBtdWIFMm9uT78HMnJDTDgCAukDD_YBLR859gEwAYUD8BoyNGRhNThiODk3YTgzYWM4ZGQ2MTIyMDkxYTYzODZjNy5qcz9jb25kaT8Ir0lkMD0zNjUyODcUAxE-NzUxJAEvNjgUA0ifNjg5ODU0NTA1HgGSDjUIGTceAQxCAh9BQQIxBCMBDzcEMQ9BAk8PVQUADyMBCg9lAzMEJAEfOEcCG_ALZXJyb3IvZS5naWY_bXNnPUludmFsaWQlMjDCCgAHAEFlZmluSQNxJTIwdXNlZLQG-wEwNTk4NTcmbG5uPTU0JmZuzwYPVAcAMyUyRq8HBgoAAbkHNSUyRp0Hci5qcyZjaWQpBwKZDBM9NgAEeQcBtAcDFAABQACSJnJpZD0tMSZkBwAB0QClTmFtZT1EYXRhRL4AUEV4Y2VwEAQGBgQPFAkELjgwJwUBFAAFCwzxAmltZ19ET01BdHRyTW9kaWZpAAwFHgcPEwwojzM1MzU5NzQ2EQkI8QNzcC5hbmFseXRpY3MueWFob28UCfEQc3BwLnBsP2E9MTAwMDAmLnlwPTEwMTc1NjU4JmhlPfEMUiZhdWlkUQEA-g0PGwoLPTgxOAoFARQADwcBT58yMDc4ODQyNzTNAgjzGzkxMDA1NzYuZmxzLmRvdWJsZWNsaWNrLm5ldC9hY3Rpdml0eWk7c3JjPSoAEDvvAHM9cHY7Y2F0BAGAO2RjX2xhdD0IABByQALwDjt0YWdfZm9yX2NoaWxkX2RpcmVjdGVkX3RyZWF0tg7xBD07dGZ1YT07bnBhPTtnZHByPTAHAPcRX2NvbnNlbnQ9MDtvcmQ9ODkyOTQxNjg2NzEyMS41MjN1AkNmcmFtTQkKjwkuODJ7BgEUAAZxAQE8AA97AkOvNDQ3NDMzMDAxNEEEB-JkYy5hZHMubGlua2VkaYwL4GNvbGxlY3QvP3BpZD02TA-XNiZmbXQ9Z2lm9QAPfgwDHziBCgABFAAG8gAPagNFrzQwNjMzMzE1NDLvAAdQY3QucGloDjFlc3RkA_IJdjMvP3RpZD0yNjEzNDgzOTE3NTU3Jm5vYwsvPTHxABAeNVQDKDI1XggP8QBFnzUzNjY0OTUwN1sECAZYBDB0d2m8EAH2AOJpL2Fkc2N0P3BfaWQ9VBkAcCZwX3VzZXISAFAwJnR4bgkA8AFvMXJ4dCZldmVudHM9JTVCAwDwGDIycGFnZXZpZXclMjIlMkNudWxsJTVEJTVEJnR3X3NhbGVfYW1vdTkDABEA_wBvcmRlcl9xdWFudGl0eT2lBBAfMqwFABgywA4faVEBRZ80NTY2NDI4MjbOEAgANwIfL0ABiw_lBQAZMu8KD0ABRZ8yMzAxOTc3MzgXDAgwcHVicQQfZ-IFBsE7eHNwPTQ5NTg4MDN6Bf8CMTQyNzIzMTcxOTM0MDE5MT-UAw8fM3cFAAAUAA-FBE8AowBfODk0MDL8CwhyaWIuYWRueOwU8CFwaXhpZT9waT04ZDVmMzg5YS0yYzBjLTRjNmYtYmM3OC00NDRlYzNhMDg5MGUmZT1sEFNWaWV3JqIED1EDEB4zvwoQOBQADw4BT582MDMxMTc2MTJRAwiRcHhsLmppdm94mgThdGFncy9jb252L3B4cmXyEfsNcHg9MjYwMTlhZGVjNTc1NjAmdXNfcHJpdmFjeQoWD_8JBR8zEwMAABQADwIBTyAyMvUIPzEwMAIBGyByZQABFGMAAfAJMDYwMzQyNGJkOTkwNGEmcmV0PWltZyZjEAtAPVVuaRcYMGFsXxwCEV8dAg8iAR8eOcYGLzM5xgZRjzI1MDA3NzE1IQsJD30MAAQqFAQIAAE5DBEvCw79ETlmMDNhM2U3OTM3YzA1Mzg5NmE2ODIyM2I3MzQ4N2U4TBBmNDIzMDI2VwQCWwMC5w4K0Qk-NzUwKAEZNe4HD2ATPI83NDY4OTQzN1IYCA8eAXgOTBA3ODU2RgIMTBAPKQ8zBCQBDwgJCA8kAQEBWA4PKQ_8HzQsBgAYOUAWDMIBCQ4SAVIBPyIsIjgbHgIlDx81JgUJDykcCgCpDw9HGv8-DjQHEDnPDgU0Bw8KAgoPWRYkBT8aD7MOCAMtHj5kcy5FCgCbDDBhZC-eDHB0aHJvdWdoTAgCNR_wAi8xMDEzNTM2NDA2Lz9yYW5kQxwEGh4ANB7JJmN2PTExJmZzdD0xGAAA_Q5hMyZiZz1mAQAgJmd0EfM6T04mYXN5bmM9MSZndG09Mm9hMWExJnVfdz0xMjgwJnVfaD0xMDI0JmxhYmVsPUYwa1FDSVdJZ3FZQkVKYXRwZU1EJmhuPXd3d_4eAP8IqyZmcm09MCZ1cmx-Ew9NGj50JnRpYmE9UGEasyUyMENpdHklMjBNlRrwACUyMExlbmRlciUyMCU3QxoAIGFyIQAQSJsaBRUAA_EfAAMBUl9lZT0xkBK2MjA3OTU5MTA0OC5KARAmfxQRPU0ONiUzRJgBoiZnY3A9MSZjdF9ZIEFfcHJleREPfQ8OPTQwOCwOAhQABaUCDywORm8yMzI3NjjlFwsAtgECrgKgdGFnbWFuYWdlcucB9gAvZ3RhZy9qcz9pZD1BVy2YAiImbMcSIG5z2glATGF5ZdogAOYSPyI6IpYIBy04MpYIRzQwOTB4Bw_2GzyfMjk5MDM4NDQ55gwID_0AVh80BAIAJzkx_QAMqQQPdQgyAwMBHzXbDAkP2BVXDb4LODQwOeoiACUfMG5kQwMVAtcKD_8bKgXNFQ_oDwgP_ABWD_8BAgj8AA__AUMD0BYvNzZtFAcPKxKhDzgCSw8gEhAPNQGQD20DXAM1AR85Ag4IDzUBjx00TgoLagIPpgNDAjwBLzQwqQQIsWxpdmUucmV6eW5jnAcA1An0Oj9jPTE2YjY0MTA0MzFiNjM3NGU3ODAxMDRhYmIwNDQzY2E4JnA9MmY1MjJmMmNiYzBmZWNlYmFkZDIwZjk2MWFhYmRiMTMmaz3WHPQGYmFuay1waXhlbC04MjE5JnptcElE7AcQLR4AoCZjYWNoZV9idXMGJ_EAMTA0NjgwNTEyODIxNzk0YiQUVRYKMDovL10HA1wAAbUAA1skYy9tbG8vbcIJD1ckOC04M9kPODQxNGUFD2EGPI84NjQwNDUwMl4FCA-4Af8TDvsiC7gBD3cDQwO_AR80xg0IAMICDxwLEJ85NTk1ODE4MDYbCwBHJmN4PRApDyALBj00MDakGzk0MTZTGg-2EzsAOQRfNDQ2NTX2FQgPAQFaHTgUKgsBAQ8IAkIEBwEPoRwJIGpzgR6wcnZyLm9yZy91cF86EFBlci4xLuIuL2pzlhURLjgykwcZMqEjDwANPY8xMjMzODMyNZQHCA_ZADIfNNkADQ-4AUITMt8AD3UWCQ_fADIeM5gDKDI3uw0PuAFFD1gGCA_ZADIdNXswGjTZAA-4AUsPCRcIgWJhdC5iaW5nNwgAViPAb24vMD90aT0yMTAxcAjwBSZWZXI9MiZtaWQ9YjhiOTIwNTAtxRrwFi00MDU4LWI0N2ItOTI2Y2YwN2JhZmYxJnNpZD1kMTYxOTk4MDkmCfQGMWVkOTUwNzdkMDI0MjZiNzY0MSZ2JQAlMTklAPABYTU1NzZkNGVlZTAzMGNhOSUA8w5zPTEmbXNjbGtpZD1OJnBpPTAmbGc9ZW4tVVMmc1oTE3NZE49zYz0yNCZ0bMYSOC9rd00AOB9wxBNO8AByPSZsdD0zMzQxJmV2dD39FP8DTG9hZCZzdj0xJnJuPTQ5NzkzRhMPLTI4Lx8RNBQABUYTDzIwSo8xMTk1MDEwOEwFCAm1AgANAA8YBhQeMfcGKDI4twoPYAQ8nzM5MjgxNDY4N3AMCAC_AAWBAwANAA_MABQfNCwFAAnMAA9TBEID0gAvOTCpKwgPVSVBDtQTEDLsFQWSAg9wDDsFSiUPsQoID-YAQA8VDwAK5gAP0wFCBO0AHzkFBwhAcC50ZacjMXR2LwkAMC1mZRU3Hy6sAhQeM78BLzMw2AdInzM0NTU3OTEyNJAWCA_TACwP0gcACtMAD6wBQgTZAA-SJgkmY22tAf8GdjIvYWR2ZXJ0aXNlcj9yZWZlcmVyiAZOYWJ1eWVyX98QADYoRjU5OTW3C1JmZXRjaHUWCUwhLjQzbB4CFAAF5QNfRkVUQ0iiOTufNTU4Mjk5Njg4KgII8gBjb25uZWN0LmZhY2Vib2-BLIFlbl9VUy9mYsAaH3MJAxUOcS1HNDM3MpwYD4EGPI8yMjA3NDMwNboLCQ_fADgPlAYACt8ADxUDQtAyMjA3NDMwNTk3fV19 HTTP/1.1
Host: data.privacy.ensighten.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 18 Jan 2023 22:38:26 GMT
expires: Wed, 18 Jan 2023 22:38:25 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2
data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=2&c=1202&i=5bfp8m&p=regions-prod&s=15699&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTcUAPAmY2xpZW50SWQiOjEyMDIsInB1Ymxpc2hQYXRoIjoicmVnaW9ucy1wcm9kIiwiaW5zdGFuY2UvAPE0IjViZnA4bSIsInBhY2tldCI6MSwibW9kZSI6Im9ic2VydmUiLCJjb29raWVzIjp7fSwiZW52aXJvbm1lbnQiOiJSZVwAIiBQXADyBnJlcXVlc3RzIjpbeyJkZXN0aW5hdMAA8kZodHRwczovL3d3dy5nb29nbGUuY29tL3BhZ2VhZC8xcC11c2VyLWxpc3QvMTAxMzUzNjQwNi8_cmFuZG9tPTE2NzQwODE1MDQwNjYmY3Y9MTEmZnN0GABANzkyMAEAUSZiZz1mAQDxKSZndWlkPU9OJmFzeW5jPTEmZ3RtPTJvYTFhMSZ1X3c9MTI4MCZ1X2g9MTAyNCZmcm09MCZ1cmw9pQCQJTNBJTJGJTJGqwADPQEArADwASUyRmxvY2F0b3IlMkZtbG8GAPQmb3J0Z2FnZS1sb2FuLW9mZmljZXItbWFyeS1ob2FuZy1wZWFjaHRyZWUtY2l0eSZ0aWJhPVAUALMlMjBDaXR5JTIwTUgA8AAlMjBMZW5kZXIlMjAlN0MaACBhciEAEEhOAAUVAAN2AfAWJmRhdGE9ZXZlbnQlM0RndGFnLmNvbmZpZyZmbXQ9MyZpc192dP4AA0UB8BEyODI0MjQxNzQxJnJtdF90bGQ9MCZpcHI9eSIsInR5cPYBoGltZyIsInN0YXINAgV2ATAzNzX7AQBiAgoUAFNzb3VyYzkA8ABfRE9NQXR0ck1vZGlmaWVtAuFzdGF0dXMiOiJhbGxvdxMAYHJlYXNvbiMCMF0sIsIAZFBhdHRlchIAAAICcyI6W10sImluAL85MDExMTYxNDN9LFUCEC9ub1QC_24fMVQCFh82VAIAPzYsIlQCT681NDcxMjIyODk5VAIHAqUE9AZhZHMuZy5kb3VibGVjbGljay5uZXRiAuN2aWV3dGhyb3VnaGNvbqwFD78EHgXXBA-_BCQwaG49qgQFsABwZXJ2aWNlc7MED9sEpxBhwQXFMjA3OTU5MTA0OC4xdwQP9gQHEnL3BAAGABY00gRvc2NyaXB01QQBPzA3NIECABc4gQKpYXBwZW5kQ2hpbM0EMGxvYRAAD8oEHp82NTYxNDA2Mjh2Av_rLzg4dgIMMW11dDYJEk-CCSJyQb0CAkkHD3wCLC80MnwC_-wfOXwCHC9DTH0COQ_DCRMPGAwFfzk1OTU4MTgXDAJfMTU1JmMXDP8knzMwNDQxNTA1OBYMHy44MU8CABQAD8IJT0A2MjAy7Q4vNTHQBAcGFgkfLhYMBA9SAv9XDxQMFi84MlICABcykwk_aW1naA5DrzM1MDQ5NDAwOTVSAgcFZAsPFAwdD2kCHAETDADTBA8TDP9eLzE2EwwAJzg0gAIPEww7nzMyMzA4NzYzMpcJQQ91Av-YD10TAA91AlEPjwkID-oE_9EfN2oHAAjqBAyHDg8LDDIF8QQPZgcIcGJ0dHJhY2vBEvcEL1BpeGVsL1JldGFyZ2V0LzI0N9sRD60WBS45MNsAABQABZcK-AdIVE1MSW1hZ2VfU0VUQVRUUklCVVRF6gwPsBYnnzMzNzcwNjk1MuIACEhjZG4u5gAwdW5pPhSPYWwvNDQ5MTG9EhA_MzgzwAEAJzkzqgawaW5zZXJ0QmVmb3LGGQWLFw9CECZ_MDYwOTkwN3ILCA_YADEvNTO9AQAI2AAPmAJCIjQ23gAvODf-CQcQcIwCYS5xdWFudBsbAaECARUA8Qo7cj0xOTAwMTMyNDYyO2xhYmVscz1fZnAunRmhLlBhZ2VWaWV3Ow8A_xE9cmVmcmVzaDtyZj0zO2E9cC1BTXk3dzJ5N256UmczO4kaUNA7dWh0PTI7ZnBhbj0xBwDmPVAwLTgyNTgzMTA2MS1tFfAHNDIxO3BiYz07bnM9MDtjZT0xO3FqcwYA8QF2PTg1MDg3MzNjLTIwMjMwoxn3CDU1NTU7Y209O2dkcHI9MDtyZWY9O2Q9RRuSO2RzdD0wO2V0uxsB6QrgNDIyO3R6bz0wO29nbD1kG_MGbGUuZW5fVVMlMkNzaXRlX25hbWUu9hpwQmFuayUyQ7Aa_wIuYXJ0aWNsZSUyQ1RpdGxlLlsbNlIlMkNkZToWUGlvbi5MAh1gbmclMjBm_htmMGElMjBttBsUbLQbXWluJTIwhQAuM0bJG1NhdCUyMNIAMiUyMNUAMDBjYUEAfSUyQ3VybC6NHFMlMjUyRUwBAQwAP2NvbZUcFhBNlRwBRxwVLaEAYC1DJTJDaQgFD20AFhAt9hxxZWRpYSUyRkIFtXMlMkZXZWJTaXRlEAADpABRLWxvZ2-pAKBwbmclM0ZyZXZpzh72HiUzRDA7c2VzPWZiNzliNGJlLWQ2N2MtNDBiMy04ODllLWQ1Zjc5MzNjYTkxNwwFD-4FBC40MrMLARQABe4FDzMOR0A2MTU3kRIfNjUEB2xzZWN1cmU2BAFFBDYuanPeAAJtAgKDBgl8HT4zODMUDyg0MqcYD-oFPJ81MjI5MjY2MTnXAEseNaYHCtcAD-kFQgPdAD8yMTS0AQfxATIwODM5MjE4cC5yZmlodWLpBfQLY2EuaHRtbD92ZXI9OSZyYj00NjEyMSZjYT0vAG8mY3VzdDFFIA4_JnBlJAAOAAUFD2kgKfYIcGY9JnJhPTU5MTc0MDcxOTU3NDQ5MjVvAlNpZnJhbRcICW8CPjQ0M9UTARQABlADATwAD4YRQ581MzY1OTQ5ODgkGwgkYzGYAQCMHZ9qcy90Yy5taW5PAxM-NDEzgBkoNDNhCA9PAzyPNDUwMDI4MTRZEgkP0wAsHjQ0CQrTAA9LA0ID2QA_NTAwSwMHcWliLmFkbniOHvQiL3BpeGllP3BpPThkNWYzODlhLTJjMGMtNGM2Zi1iYzc4LTQ0NGVjM2EwODkwZSZlPTgJEiYdBRA97CQA-Ac_IjoiDQYDPjM4M0sPCgoBD8ARO482MDMxMTc2McARCQ8DAV0fNcADAQjgAgwNAg9gHDEECQEfM7gDCA8JAV4POAcACekDDAkBD-IOMgUKAQ9cIggHmhgP7RoFrzEwMDE4NDI3NjQFJwEvNzbuGv8mnzI5MDMwMTk3MO4aHh80cg8AARQABhkHD5wYRZ80MzUyNjg5MzFqBQgHVAIP7hoED1MC_1gP7xoVHzSMCAIJ2wsPUwJFjzU3ODQxNDM3UwIJDwUWJg9qAh0BBxA_MDc2wislDwMn_ykOESI3NDM5RhQPMAk7nzQzNzg3MDkyMR0VCA92Av_RHzj7DwAPdgJRD9EQCA92Av_SD-wEDQwQDA8ZDTEE8gQPDxoJD3wC_9EAfxwjZW7SMhEw8AgKaAcMfAIPjA4yBX0CD_kECPEFcGVvcGxlLmFwaS5ib29tdHJhaW7xFPACaWRlbnRpZnkvcmVzb2x2ZT-tM_CUPWV5SmpiMjlyYVdVaU9uc2lZbk5wYmlJNklpSjlMQ0p4ZFdWeWVYTjBjbWx1WnlJNmUzMHNJbVY0ZEdWeWJtRnNYMmxrY3lJNmV5SjZlVzVqSWpvaVlXWmtNVGN4WWpndFl6WXhOQzAwWlRJd0xXSm1aR1V0T1RnMFltSm1ZVGcwWkdVeU9qRTJOelF3T0RFMU1EUXVNalExTmpBeEluMTkmczEaFWl1GlYtYmFua_gUP3hocmQXAC80NI0WAQAUAAXcDbJYSFJfTUFOQUdFUkEAAo8tDygeJ581Nzk3NTU3NjlQHQgPnAH0D9ESAADlEg-cAVAPlyUIAeweCTEDVHAxM24v_BoAdwIQLxIAD5sWGg_LGgAJ6gAPmxY8nzI5NjIzNzc4OA0ZCA_oAEEfNNIBDQ8OBUIE7gAPcgMKL3Vi8zUD9hthY3Rpdml0eTt4c3A9NDk1ODgwMztvcmQ9MTQyNzIzMTcxOTM0MDE5MT9tBA-lFgYP_wABCOUqD3UNOwCYAE84OTQwgwgJH3D4AFEfNIEJABg1-AAP9wFC0DM0MDE4OTQwNDN9XX0
63.34.68.24204 No Content 0 B URL HTTP/2 data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=2&c=1202&i=5bfp8m&p=regions-prod&s=15699&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTcUAPAmY2xpZW50SWQiOjEyMDIsInB1Ymxpc2hQYXRoIjoicmVnaW9ucy1wcm9kIiwiaW5zdGFuY2UvAPE0IjViZnA4bSIsInBhY2tldCI6MSwibW9kZSI6Im9ic2VydmUiLCJjb29raWVzIjp7fSwiZW52aXJvbm1lbnQiOiJSZVwAIiBQXADyBnJlcXVlc3RzIjpbeyJkZXN0aW5hdMAA8kZodHRwczovL3d3dy5nb29nbGUuY29tL3BhZ2VhZC8xcC11c2VyLWxpc3QvMTAxMzUzNjQwNi8_cmFuZG9tPTE2NzQwODE1MDQwNjYmY3Y9MTEmZnN0GABANzkyMAEAUSZiZz1mAQDxKSZndWlkPU9OJmFzeW5jPTEmZ3RtPTJvYTFhMSZ1X3c9MTI4MCZ1X2g9MTAyNCZmcm09MCZ1cmw9pQCQJTNBJTJGJTJGqwADPQEArADwASUyRmxvY2F0b3IlMkZtbG8GAPQmb3J0Z2FnZS1sb2FuLW9mZmljZXItbWFyeS1ob2FuZy1wZWFjaHRyZWUtY2l0eSZ0aWJhPVAUALMlMjBDaXR5JTIwTUgA8AAlMjBMZW5kZXIlMjAlN0MaACBhciEAEEhOAAUVAAN2AfAWJmRhdGE9ZXZlbnQlM0RndGFnLmNvbmZpZyZmbXQ9MyZpc192dP4AA0UB8BEyODI0MjQxNzQxJnJtdF90bGQ9MCZpcHI9eSIsInR5cPYBoGltZyIsInN0YXINAgV2ATAzNzX7AQBiAgoUAFNzb3VyYzkA8ABfRE9NQXR0ck1vZGlmaWVtAuFzdGF0dXMiOiJhbGxvdxMAYHJlYXNvbiMCMF0sIsIAZFBhdHRlchIAAAICcyI6W10sImluAL85MDExMTYxNDN9LFUCEC9ub1QC_24fMVQCFh82VAIAPzYsIlQCT681NDcxMjIyODk5VAIHAqUE9AZhZHMuZy5kb3VibGVjbGljay5uZXRiAuN2aWV3dGhyb3VnaGNvbqwFD78EHgXXBA-_BCQwaG49qgQFsABwZXJ2aWNlc7MED9sEpxBhwQXFMjA3OTU5MTA0OC4xdwQP9gQHEnL3BAAGABY00gRvc2NyaXB01QQBPzA3NIECABc4gQKpYXBwZW5kQ2hpbM0EMGxvYRAAD8oEHp82NTYxNDA2Mjh2Av_rLzg4dgIMMW11dDYJEk-CCSJyQb0CAkkHD3wCLC80MnwC_-wfOXwCHC9DTH0COQ_DCRMPGAwFfzk1OTU4MTgXDAJfMTU1JmMXDP8knzMwNDQxNTA1OBYMHy44MU8CABQAD8IJT0A2MjAy7Q4vNTHQBAcGFgkfLhYMBA9SAv9XDxQMFi84MlICABcykwk_aW1naA5DrzM1MDQ5NDAwOTVSAgcFZAsPFAwdD2kCHAETDADTBA8TDP9eLzE2EwwAJzg0gAIPEww7nzMyMzA4NzYzMpcJQQ91Av-YD10TAA91AlEPjwkID-oE_9EfN2oHAAjqBAyHDg8LDDIF8QQPZgcIcGJ0dHJhY2vBEvcEL1BpeGVsL1JldGFyZ2V0LzI0N9sRD60WBS45MNsAABQABZcK-AdIVE1MSW1hZ2VfU0VUQVRUUklCVVRF6gwPsBYnnzMzNzcwNjk1MuIACEhjZG4u5gAwdW5pPhSPYWwvNDQ5MTG9EhA_MzgzwAEAJzkzqgawaW5zZXJ0QmVmb3LGGQWLFw9CECZ_MDYwOTkwN3ILCA_YADEvNTO9AQAI2AAPmAJCIjQ23gAvODf-CQcQcIwCYS5xdWFudBsbAaECARUA8Qo7cj0xOTAwMTMyNDYyO2xhYmVscz1fZnAunRmhLlBhZ2VWaWV3Ow8A_xE9cmVmcmVzaDtyZj0zO2E9cC1BTXk3dzJ5N256UmczO4kaUNA7dWh0PTI7ZnBhbj0xBwDmPVAwLTgyNTgzMTA2MS1tFfAHNDIxO3BiYz07bnM9MDtjZT0xO3FqcwYA8QF2PTg1MDg3MzNjLTIwMjMwoxn3CDU1NTU7Y209O2dkcHI9MDtyZWY9O2Q9RRuSO2RzdD0wO2V0uxsB6QrgNDIyO3R6bz0wO29nbD1kG_MGbGUuZW5fVVMlMkNzaXRlX25hbWUu9hpwQmFuayUyQ7Aa_wIuYXJ0aWNsZSUyQ1RpdGxlLlsbNlIlMkNkZToWUGlvbi5MAh1gbmclMjBm_htmMGElMjBttBsUbLQbXWluJTIwhQAuM0bJG1NhdCUyMNIAMiUyMNUAMDBjYUEAfSUyQ3VybC6NHFMlMjUyRUwBAQwAP2NvbZUcFhBNlRwBRxwVLaEAYC1DJTJDaQgFD20AFhAt9hxxZWRpYSUyRkIFtXMlMkZXZWJTaXRlEAADpABRLWxvZ2-pAKBwbmclM0ZyZXZpzh72HiUzRDA7c2VzPWZiNzliNGJlLWQ2N2MtNDBiMy04ODllLWQ1Zjc5MzNjYTkxNwwFD-4FBC40MrMLARQABe4FDzMOR0A2MTU3kRIfNjUEB2xzZWN1cmU2BAFFBDYuanPeAAJtAgKDBgl8HT4zODMUDyg0MqcYD-oFPJ81MjI5MjY2MTnXAEseNaYHCtcAD-kFQgPdAD8yMTS0AQfxATIwODM5MjE4cC5yZmlodWLpBfQLY2EuaHRtbD92ZXI9OSZyYj00NjEyMSZjYT0vAG8mY3VzdDFFIA4_JnBlJAAOAAUFD2kgKfYIcGY9JnJhPTU5MTc0MDcxOTU3NDQ5MjVvAlNpZnJhbRcICW8CPjQ0M9UTARQABlADATwAD4YRQ581MzY1OTQ5ODgkGwgkYzGYAQCMHZ9qcy90Yy5taW5PAxM-NDEzgBkoNDNhCA9PAzyPNDUwMDI4MTRZEgkP0wAsHjQ0CQrTAA9LA0ID2QA_NTAwSwMHcWliLmFkbniOHvQiL3BpeGllP3BpPThkNWYzODlhLTJjMGMtNGM2Zi1iYzc4LTQ0NGVjM2EwODkwZSZlPTgJEiYdBRA97CQA-Ac_IjoiDQYDPjM4M0sPCgoBD8ARO482MDMxMTc2McARCQ8DAV0fNcADAQjgAgwNAg9gHDEECQEfM7gDCA8JAV4POAcACekDDAkBD-IOMgUKAQ9cIggHmhgP7RoFrzEwMDE4NDI3NjQFJwEvNzbuGv8mnzI5MDMwMTk3MO4aHh80cg8AARQABhkHD5wYRZ80MzUyNjg5MzFqBQgHVAIP7hoED1MC_1gP7xoVHzSMCAIJ2wsPUwJFjzU3ODQxNDM3UwIJDwUWJg9qAh0BBxA_MDc2wislDwMn_ykOESI3NDM5RhQPMAk7nzQzNzg3MDkyMR0VCA92Av_RHzj7DwAPdgJRD9EQCA92Av_SD-wEDQwQDA8ZDTEE8gQPDxoJD3wC_9EAfxwjZW7SMhEw8AgKaAcMfAIPjA4yBX0CD_kECPEFcGVvcGxlLmFwaS5ib29tdHJhaW7xFPACaWRlbnRpZnkvcmVzb2x2ZT-tM_CUPWV5SmpiMjlyYVdVaU9uc2lZbk5wYmlJNklpSjlMQ0p4ZFdWeWVYTjBjbWx1WnlJNmUzMHNJbVY0ZEdWeWJtRnNYMmxrY3lJNmV5SjZlVzVqSWpvaVlXWmtNVGN4WWpndFl6WXhOQzAwWlRJd0xXSm1aR1V0T1RnMFltSm1ZVGcwWkdVeU9qRTJOelF3T0RFMU1EUXVNalExTmpBeEluMTkmczEaFWl1GlYtYmFua_gUP3hocmQXAC80NI0WAQAUAAXcDbJYSFJfTUFOQUdFUkEAAo8tDygeJ581Nzk3NTU3NjlQHQgPnAH0D9ESAADlEg-cAVAPlyUIAeweCTEDVHAxM24v_BoAdwIQLxIAD5sWGg_LGgAJ6gAPmxY8nzI5NjIzNzc4OA0ZCA_oAEEfNNIBDQ8OBUIE7gAPcgMKL3Vi8zUD9hthY3Rpdml0eTt4c3A9NDk1ODgwMztvcmQ9MTQyNzIzMTcxOTM0MDE5MT9tBA-lFgYP_wABCOUqD3UNOwCYAE84OTQwgwgJH3D4AFEfNIEJABg1-AAP9wFC0DM0MDE4OTQwNDN9XX0
IP 63.34.68.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /privacy/v1/b/r.rnc?n=2&c=1202&i=5bfp8m&p=regions-prod&s=15699&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTcUAPAmY2xpZW50SWQiOjEyMDIsInB1Ymxpc2hQYXRoIjoicmVnaW9ucy1wcm9kIiwiaW5zdGFuY2UvAPE0IjViZnA4bSIsInBhY2tldCI6MSwibW9kZSI6Im9ic2VydmUiLCJjb29raWVzIjp7fSwiZW52aXJvbm1lbnQiOiJSZVwAIiBQXADyBnJlcXVlc3RzIjpbeyJkZXN0aW5hdMAA8kZodHRwczovL3d3dy5nb29nbGUuY29tL3BhZ2VhZC8xcC11c2VyLWxpc3QvMTAxMzUzNjQwNi8_cmFuZG9tPTE2NzQwODE1MDQwNjYmY3Y9MTEmZnN0GABANzkyMAEAUSZiZz1mAQDxKSZndWlkPU9OJmFzeW5jPTEmZ3RtPTJvYTFhMSZ1X3c9MTI4MCZ1X2g9MTAyNCZmcm09MCZ1cmw9pQCQJTNBJTJGJTJGqwADPQEArADwASUyRmxvY2F0b3IlMkZtbG8GAPQmb3J0Z2FnZS1sb2FuLW9mZmljZXItbWFyeS1ob2FuZy1wZWFjaHRyZWUtY2l0eSZ0aWJhPVAUALMlMjBDaXR5JTIwTUgA8AAlMjBMZW5kZXIlMjAlN0MaACBhciEAEEhOAAUVAAN2AfAWJmRhdGE9ZXZlbnQlM0RndGFnLmNvbmZpZyZmbXQ9MyZpc192dP4AA0UB8BEyODI0MjQxNzQxJnJtdF90bGQ9MCZpcHI9eSIsInR5cPYBoGltZyIsInN0YXINAgV2ATAzNzX7AQBiAgoUAFNzb3VyYzkA8ABfRE9NQXR0ck1vZGlmaWVtAuFzdGF0dXMiOiJhbGxvdxMAYHJlYXNvbiMCMF0sIsIAZFBhdHRlchIAAAICcyI6W10sImluAL85MDExMTYxNDN9LFUCEC9ub1QC_24fMVQCFh82VAIAPzYsIlQCT681NDcxMjIyODk5VAIHAqUE9AZhZHMuZy5kb3VibGVjbGljay5uZXRiAuN2aWV3dGhyb3VnaGNvbqwFD78EHgXXBA-_BCQwaG49qgQFsABwZXJ2aWNlc7MED9sEpxBhwQXFMjA3OTU5MTA0OC4xdwQP9gQHEnL3BAAGABY00gRvc2NyaXB01QQBPzA3NIECABc4gQKpYXBwZW5kQ2hpbM0EMGxvYRAAD8oEHp82NTYxNDA2Mjh2Av_rLzg4dgIMMW11dDYJEk-CCSJyQb0CAkkHD3wCLC80MnwC_-wfOXwCHC9DTH0COQ_DCRMPGAwFfzk1OTU4MTgXDAJfMTU1JmMXDP8knzMwNDQxNTA1OBYMHy44MU8CABQAD8IJT0A2MjAy7Q4vNTHQBAcGFgkfLhYMBA9SAv9XDxQMFi84MlICABcykwk_aW1naA5DrzM1MDQ5NDAwOTVSAgcFZAsPFAwdD2kCHAETDADTBA8TDP9eLzE2EwwAJzg0gAIPEww7nzMyMzA4NzYzMpcJQQ91Av-YD10TAA91AlEPjwkID-oE_9EfN2oHAAjqBAyHDg8LDDIF8QQPZgcIcGJ0dHJhY2vBEvcEL1BpeGVsL1JldGFyZ2V0LzI0N9sRD60WBS45MNsAABQABZcK-AdIVE1MSW1hZ2VfU0VUQVRUUklCVVRF6gwPsBYnnzMzNzcwNjk1MuIACEhjZG4u5gAwdW5pPhSPYWwvNDQ5MTG9EhA_MzgzwAEAJzkzqgawaW5zZXJ0QmVmb3LGGQWLFw9CECZ_MDYwOTkwN3ILCA_YADEvNTO9AQAI2AAPmAJCIjQ23gAvODf-CQcQcIwCYS5xdWFudBsbAaECARUA8Qo7cj0xOTAwMTMyNDYyO2xhYmVscz1fZnAunRmhLlBhZ2VWaWV3Ow8A_xE9cmVmcmVzaDtyZj0zO2E9cC1BTXk3dzJ5N256UmczO4kaUNA7dWh0PTI7ZnBhbj0xBwDmPVAwLTgyNTgzMTA2MS1tFfAHNDIxO3BiYz07bnM9MDtjZT0xO3FqcwYA8QF2PTg1MDg3MzNjLTIwMjMwoxn3CDU1NTU7Y209O2dkcHI9MDtyZWY9O2Q9RRuSO2RzdD0wO2V0uxsB6QrgNDIyO3R6bz0wO29nbD1kG_MGbGUuZW5fVVMlMkNzaXRlX25hbWUu9hpwQmFuayUyQ7Aa_wIuYXJ0aWNsZSUyQ1RpdGxlLlsbNlIlMkNkZToWUGlvbi5MAh1gbmclMjBm_htmMGElMjBttBsUbLQbXWluJTIwhQAuM0bJG1NhdCUyMNIAMiUyMNUAMDBjYUEAfSUyQ3VybC6NHFMlMjUyRUwBAQwAP2NvbZUcFhBNlRwBRxwVLaEAYC1DJTJDaQgFD20AFhAt9hxxZWRpYSUyRkIFtXMlMkZXZWJTaXRlEAADpABRLWxvZ2-pAKBwbmclM0ZyZXZpzh72HiUzRDA7c2VzPWZiNzliNGJlLWQ2N2MtNDBiMy04ODllLWQ1Zjc5MzNjYTkxNwwFD-4FBC40MrMLARQABe4FDzMOR0A2MTU3kRIfNjUEB2xzZWN1cmU2BAFFBDYuanPeAAJtAgKDBgl8HT4zODMUDyg0MqcYD-oFPJ81MjI5MjY2MTnXAEseNaYHCtcAD-kFQgPdAD8yMTS0AQfxATIwODM5MjE4cC5yZmlodWLpBfQLY2EuaHRtbD92ZXI9OSZyYj00NjEyMSZjYT0vAG8mY3VzdDFFIA4_JnBlJAAOAAUFD2kgKfYIcGY9JnJhPTU5MTc0MDcxOTU3NDQ5MjVvAlNpZnJhbRcICW8CPjQ0M9UTARQABlADATwAD4YRQ581MzY1OTQ5ODgkGwgkYzGYAQCMHZ9qcy90Yy5taW5PAxM-NDEzgBkoNDNhCA9PAzyPNDUwMDI4MTRZEgkP0wAsHjQ0CQrTAA9LA0ID2QA_NTAwSwMHcWliLmFkbniOHvQiL3BpeGllP3BpPThkNWYzODlhLTJjMGMtNGM2Zi1iYzc4LTQ0NGVjM2EwODkwZSZlPTgJEiYdBRA97CQA-Ac_IjoiDQYDPjM4M0sPCgoBD8ARO482MDMxMTc2McARCQ8DAV0fNcADAQjgAgwNAg9gHDEECQEfM7gDCA8JAV4POAcACekDDAkBD-IOMgUKAQ9cIggHmhgP7RoFrzEwMDE4NDI3NjQFJwEvNzbuGv8mnzI5MDMwMTk3MO4aHh80cg8AARQABhkHD5wYRZ80MzUyNjg5MzFqBQgHVAIP7hoED1MC_1gP7xoVHzSMCAIJ2wsPUwJFjzU3ODQxNDM3UwIJDwUWJg9qAh0BBxA_MDc2wislDwMn_ykOESI3NDM5RhQPMAk7nzQzNzg3MDkyMR0VCA92Av_RHzj7DwAPdgJRD9EQCA92Av_SD-wEDQwQDA8ZDTEE8gQPDxoJD3wC_9EAfxwjZW7SMhEw8AgKaAcMfAIPjA4yBX0CD_kECPEFcGVvcGxlLmFwaS5ib29tdHJhaW7xFPACaWRlbnRpZnkvcmVzb2x2ZT-tM_CUPWV5SmpiMjlyYVdVaU9uc2lZbk5wYmlJNklpSjlMQ0p4ZFdWeWVYTjBjbWx1WnlJNmUzMHNJbVY0ZEdWeWJtRnNYMmxrY3lJNmV5SjZlVzVqSWpvaVlXWmtNVGN4WWpndFl6WXhOQzAwWlRJd0xXSm1aR1V0T1RnMFltSm1ZVGcwWkdVeU9qRTJOelF3T0RFMU1EUXVNalExTmpBeEluMTkmczEaFWl1GlYtYmFua_gUP3hocmQXAC80NI0WAQAUAAXcDbJYSFJfTUFOQUdFUkEAAo8tDygeJ581Nzk3NTU3NjlQHQgPnAH0D9ESAADlEg-cAVAPlyUIAeweCTEDVHAxM24v_BoAdwIQLxIAD5sWGg_LGgAJ6gAPmxY8nzI5NjIzNzc4OA0ZCA_oAEEfNNIBDQ8OBUIE7gAPcgMKL3Vi8zUD9hthY3Rpdml0eTt4c3A9NDk1ODgwMztvcmQ9MTQyNzIzMTcxOTM0MDE5MT9tBA-lFgYP_wABCOUqD3UNOwCYAE84OTQwgwgJH3D4AFEfNIEJABg1-AAP9wFC0DM0MDE4OTQwNDN9XX0 HTTP/1.1
Host: data.privacy.ensighten.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 18 Jan 2023 22:38:26 GMT
expires: Wed, 18 Jan 2023 22:38:25 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2
ps.eyeota.net/match?uid=5134455420723537309&bid=omt9pi0
52.57.150.20200 OK 0 B URL HTTP/1.1 ps.eyeota.net/match?uid=5134455420723537309&bid=omt9pi0
IP 52.57.150.20:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?uid=5134455420723537309&bid=omt9pi0 HTTP/1.1
Host: ps.eyeota.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20839218p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Set-Cookie: SERVERID=22647~DM; Domain=eyeota.net; Path=/; Expires=Wed, 18 Jan 2023 22:48:26 GMT; Secure; SameSite=None;
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
Content-Length: 0
Date: Wed, 18 Jan 2023 22:38:26 GMT
insight.adsrvr.org/track/up?adv=u4lrxod&ref=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&upid=3e7kzj5&upv=1.1.0
35.71.131.137200 OK 42 B URL HTTP/2 insight.adsrvr.org/track/up?adv=u4lrxod&ref=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&upid=3e7kzj5&upv=1.1.0
IP 35.71.131.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash accba0b69f352b4c9440f05891b015c5
9d01cc5dc8e042c0d4ad6cfb8b3ac38e84a5ef9f
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
GET /track/up?adv=u4lrxod&ref=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&upid=3e7kzj5&upv=1.1.0 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 22:38:26 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&d_nsid=0&ts=1674081505793
52.30.252.118302 Found 0 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&d_nsid=0&ts=1674081505793
IP 52.30.252.118:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&d_nsid=0&ts=1674081505793 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://www.regions.com
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.regions.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v045-040129606.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&d_nsid=0&ts=1674081505793
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=39952718516393939971774976862062667487; Max-Age=15552000; Expires=Mon, 17 Jul 2023 22:38:26 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: SxjyMtAlRyQ=
Content-Length: 0
Connection: keep-alive
www.youtube.com/iframe_api
172.217.21.174200 OK 1.3 kB URL HTTP/2 www.youtube.com/iframe_api
IP 172.217.21.174:0
File type ASCII text, with very long lines (509)
Hash 80967fa1879e7a8bca7b0c1e7ad79b5d
6137012a8ee7ceeda04bba10d8729769f93ac127
b29ad64dabc0d9e1f4c153309c490c9a04d4123182c65e1c8b341018d44b1904
GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Wed, 18 Jan 2023 22:38:26 GMT
date: Wed, 18 Jan 2023 22:38:26 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=gPu7Kew8ttc; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TURFeU5UTXhPVGd3TmpBeU1qRXlOUT09EOLpoZ4GGOLpoZ4G; Domain=.youtube.com; Expires=Mon, 17-Jul-2023 22:38:26 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=uX6NPswKqng; Domain=.youtube.com; Expires=Mon, 17-Jul-2023 22:38:26 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+677; expires=Fri, 17-Jan-2025 22:38:26 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/4248d311/www-widgetapi.vflset/www-widgetapi.js
172.217.21.174200 OK 63 kB URL HTTP/2 www.youtube.com/s/player/4248d311/www-widgetapi.vflset/www-widgetapi.js
IP 172.217.21.174:0
File type ASCII text, with very long lines (817)
Hash f02565101c5e23455bc9cb529917079f
d191ba22867a37580b73c62e85cafec8934445cc
adbc433ec3318badba117cecfe624154f8211ca424260f8626f1c5aa97340e6a
GET /s/player/4248d311/www-widgetapi.vflset/www-widgetapi.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 62798
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 18 Jan 2023 09:13:11 GMT
expires: Thu, 18 Jan 2024 09:13:11 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
content-type: text/javascript
age: 48315
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 0700e0eb991cc0ceaec1566034f951ae
1748938aa93c99a794f8de43b0f48e4c5a4949e1
414851e62a501c7173686aac659d185dc5633d6b2d1d13b1c327a356e9b181c3
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 18 Jan 2023 22:38:26 GMT
Last-Modified: Wed, 18 Jan 2023 21:58:57 GMT
Server: ECS (bsa/EB1D)
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: CdN8xCDs8geJaxFTwjBsoFHuK2GpHj1TEJffmCEtJEwloXvB-KMOIg==
Age: 2369
dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&d_nsid=0&ts=1674081505793
52.30.252.118200 OK 124 B URL HTTP/1.1 dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&d_nsid=0&ts=1674081505793
IP 52.30.252.118:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1f6783349ac4177ec3b3845fd520dca6
d84e7a43a8c8ff6f1a568ad6cb4162767f5b32b7
64bc30aa6a9d9e5396bb67c6af32c31f5ca6610641f0bdea10d759281df6adca
GET /id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&d_nsid=0&ts=1674081505793 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.regions.com
Content-Type: application/x-www-form-urlencoded
Referer: https://www.regions.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.regions.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v045-0e6039550.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-Error: 172
X-TID: mXrqjWBMT6U=
Content-Length: 124
Connection: keep-alive
data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=3&c=1202&i=5bfp8m&p=regions-prod&s=15929&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTcUAPAmY2xpZW50SWQiOjEyMDIsInB1Ymxpc2hQYXRoIjoicmVnaW9ucy1wcm9kIiwiaW5zdGFuY2UvAPE0IjViZnA4bSIsInBhY2tldCI6MSwibW9kZSI6Im9ic2VydmUiLCJjb29raWVzIjp7fSwiZW52aXJvbm1lbnQiOiJSZVwAIiBQXADyBnJlcXVlc3RzIjpbeyJkZXN0aW5hdMAA8ypodHRwczovL2dvb2dsZWFkcy5nLmRvdWJsZWNsaWNrLm5ldC9wYWdlYWQvdmlld3Rocm91Z2hjb24DAfAOLzEwMTM1MzY0MDYvP3JhbmRvbT0xNjc0MDgxNTAGAKsmY3Y9MTEmZnN0GAChZm10PTMmYmc9ZgEA8UImZ3VpZD1PTiZhc3luYz0xJmd0bT0yb2ExYTEmdV93PTEyODAmdV9oPTEwMjQmbGFiZWw9RjBrUUNJV0lncVlCRUphdHBlTUQmaG49d3d3LmfRAPEALmNvbSZmcm09MCZ1cmw97gDTJTNBJTJGJTJGd3d3LoYBACgA8AElMkZsb2NhdG9yJTJGbWxvBgD0Jm9ydGdhZ2UtbG9hbi1vZmZpY2VyLW1hcnktaG9hbmctcGVhY2h0cmVlLWNpdHkmdGliYT1QFACzJTIwQ2l0eSUyME1IAPAAJTIwTGVuZGVyJTIwJTdDGgAgYXIhABBITgAFFQADvwEAAwFwX2VlPTEmYRwBtjIwNzk1OTEwNDguYgHmJmRhdGE9ZXZlbnQlM0SYAaImZ2NwPTEmY3RfJwLwAV9wcmVzZW50PTEiLCJ0eXBLAqBpbWciLCJzdGFyYgIGtQEgOTBQAgC3AgUUAKA0NTIsInNvdXJjOQAxbXV0QAIST4wCInJBRwCQdHVzIjoibG9h0AJgcmVhc29ucwIwXSwipQBkUGF0dGVyEgCybGlzdCI6W10sImlpAM8yMzI3Njg0NTA5fSylAgWAYmF0LmJpbmeuATAvYWPDAvKaLzA_dGk9MjEwMTEyODImVmVyPTImbWlkPWI4YjkyMDUwLTI0MjctNDA1OC1iNDdiLTkyNmNmMDdiYWZmMSZzaWQ9ZDE2MTk5ODA5NzgwMTFlZDk1MDc3ZDAyNDI2Yjc2NDEmdmlkPWQxNjE5MTkwOTc4MDExZWRhNTU3NmQ0ZWVlMDMwY2E5JnZpZHM9MSZtc2Nsa2lkPU4mcGk9MCZsZz1lbi1VUyZzd8ECE3PAAo9zYz0yNCZ0bC0COC9rd00AOB9wKwNO8AByPSZsdD0zMzQxJmV2dD1kBP8DTG9hZCZzdj0xJnJuPTQ5NzkzrQIPPzI4M60CAB8zrQIVj2Vycm9yIiwirgIenzExOTUwMTA4Mq4CB7FjZG4uYnR0cmFja7EC9gdqcy8xNTk2NS9hbmFseXRpY3MvMS4wDgB2Lm1pbi5qc6ADYnNjcmlwdFwDCqMDHzOjAwEnNzX2AKBhcHBlbmRDaGlsjQM_c3RhnQMqrzE5NDA0OTk2NTTvAGQeMeUBD-8AUR817wBkHzLvAAwPgQVBBeQBHzb1AGQPyQMACeQBDPUAIkNMGwMP2gIzHzf2AAe9OTEwMDU3Ni5mbHMcCQCGBqN2aXR5aTtzcmM9KgAQO2EHgT1wdjtjYXQ9YgiQMDtkY19sYXQ9CADwAHJkaWQ9O3RhZ19mb3JfY6QD8ABfZGlyZWN0ZWRfdHJlYXTHCfEEPTt0ZnVhPTtucGE9O2dkcHI9MAcAQV9jb27KB_YIMDtvcmQ9ODkyOTQxNjg2NzEyMS41MjNABFBpZnJhbSoKDOMHPzM4MlEDAC84MEAERp80NDc0MzMwMDFABAgDPAEPZgG6D8gDAC84MWYBTw-3BAgPZgHALjQ3LgUJZgEPOQRCBNMCLzQwOQQHAGEMAlkNAQEIAOQIsGFkLzFwLXVzZXItAwsPPw0MOzY2Jj8NQDc5MjABAA85DSUPDA2mAEMMBegMMGd0YQUMUm5maWcmSA5QaXNfdnQ3DgOEDvcLMjgyNDI0MTc0MSZybXRfdGxkPTAmaXByPXkgBQ8ADQMvMzdRAgEXNrcDDFECDwANMZ80OTAxMTE2MTS9AwgPUAIQfzk1OTU4MTiODwI_MTU1TwL_Jp8zMDQ0MTUwNThOAh8PoQwBLzg3TgJMQDYyMDJ1Ei81M54EBwlODxRwUA8ESw8PigwULjI3twkoNTCADQ-KDDuvNjIyNTE0MTAzMdkATh00VwYP2QBSD1IOCA-yATMPkQIACtkADN8ED2kLMgS5AR80uQEIBRkPQC50d2kuEgE3B-JpL2Fkc2N0P3BfaWQ9VBkAMCZwX0QHABIAUDAmdHhuCQBhbzFyeHQmCxNQcz0lNUIDACAyMnUHALoU8BIlMjIlMkNudWxsJTVEJTVEJnR3X3NhbGVfYW1vdW50PTARAPAAb3JkZXJfcXVhbnRpdHk9xRUAyws_IjoiLBMDPjM4MiwGLzUwiQ9HnzQ1NjY0MjgyNiYCCA9GAaAvNDhsAwAIRgEPkwJCBE0BHzglBQgHcwckbm8KFwvCCY8wMTg0Mjc2NAEXAR83wgn_KIU5MDMwMTk3MHMHHzHBCRQ-NDM5TwIfM8EWTZ81Nzg0MTQzNzHhBAgPTgIRD08ZCQ8QDP87D08CFS8zN54EABgz4wgMngQPEAwxnzU0NzEyMjI5ME8CEz9jb22eBP9tD18OFS80M08CAB80ngRNjzQzNTI2ODkzngQUCk8CBlccD7AQDCw4MWEOBQceD-kd_01Ac3NjdCoeD_EdACImciMRAAYAFjT-EA9eGgc-MDg1QAcYNI8JD9QNO580NTg1OTA4MzfrBCEPnAL_3g_6HAAZNZwCDI0HD74OMgWjAg8dGwhhcGl4ZWwuPQ4BoyMBvQ4BFQDhO3I9MTkwMDEzMjQ2Mju8ImFzPV9mcC6tDqEuUGFnZVZpZXc7DwD_ET1yZWZyZXNoO3JmPTM7YT1wLUFNeTd3Mnk3bnpSZzM7yCJQ0Dt1aHQ9MjtmcGFuPTEHAOY9UDAtODI1ODMxMDYxLX4i8Ac0MjE7cGJjPTtucz0wO2NlPTE7cWpzBgDyAXY9ODUwODczM2MtMjAyMzDbFGU1NTU7Y23PGmJyZWY9O2QiGyBuczABiDtkc3Q9MDtlLSTgNDIyO3R6bz0wO29nbD2jI_MGbGUuZW5fVVMlMkNzaXRlX25hbWUuNSNwQmFuayUyQ7cP_wIuYXJ0aWNsZSUyQ1RpdGxlLpojNlIlMkNkZUEFUGlvbi5MiiVgbmclMjBmPSRmMGElMjBt8yMUbPMjXWluJTIwhQAuM0YIJFNhdCUyMNIAMiUyMNUAMDBjYUEAfSUyQ3VybC7MJFElMjUyRW4cIW5zDAA_Y29t1CQWEE3UJAGGJBUtoQCvLUMlMkNpbWFnZW0AFhAtNSWAZWRpYSUyRkk6ALVzJTJGV2ViU2l0ZRAAA6QAUS1sb2dvqQCgcG5nJTNGcmV2aVYn9h4lM0QwO3Nlcz1mYjc5YjRiZS1kNjdjLTQwYjMtODg5ZS1kNWY3OTMzY2E5MTfQBg-iEQM_NDQybwkBCM0GDDEED74LMZ8zNjE1NzE4MDceGhMPWxAED80X_1cPCw4WDzwVAS81NM0XTJ8zNTA0OTQwMDl9BggAWhByZmFjZWJvb24k9At0ci8_aWQ9NDk5MTA4NTMxNzc1NzE0JmV2PW8GLyZkESlP9wBybD0maWY9ZmFsc2UmdHMDKkw2MTImFif3FXY9Mi45LjkyJnI9c3RhYmxlJmVjPTAmbz0zMCZmYnA9ZmIuMfwo-AA2MDguODkzNzc3NzU0Jmk0BnMzNjgmY29veQB_cnFtPUdFVCwEDi42MfkKARQABfoo-QNpbWdfRE9NQXR0ck1vZGlmaWVfJVFhbGxvdxMAD1EmHZ81NjQ4NTc4MDTZFQiFY29ubmVjdC7oAQCdK6BzaWduYWxzL2NvDh0bL_ABHT9TAQYFAQLABgJEIwtfJh43Aio3NjE55wKzaW5zZXJ0QmVmb3JhIg-GIyqPNDczMjQ1NzmKFQkP_gBYDh0jCv4ADzIGQQUDAQ8jIwgPAwFYDroiDwMBCw9mCzMEBwIPBB8IUnJ1bGVzZgsQY7kZADYKES8VABstKgsPwhwUPTQyNu4OEDY1CAb1Aw_tAjufMjg1OTc5ODE57w4IAdEAD-YAOw4HCSg2MtMDDNUCD9IBMgXsAA9jGQiRcHhsLmppdm94ywExdGFnzQTwHHYvcHhyZS5waHA_cHg9MjYwMTlhZGVjNTc1NjAmdXNfcHJpdmFjeT10cnWCBADwCw-nGwgPdBMAEDZ1GgXkAQ_SEDsQMnUuPzQxML0VCQ_3AFIOCRkP9wBSD8UGCA_3AFEeNZQgCvcAD-wCQwP1AR8xpwkIMXQudGUzMXR2LxkuED9AKiFvbv8uAAMQwCZlbnY9anMtd2ViJiEqA2Yz8Qc9Ni4xMS4wXzM0Yzg4ZTYmYnV5ZXJfXBAA-h7PNTk5NSZyZWZlcmVyuS9OAXgfMHNlc6sNAH0A9hUzOWRjZjFhNC1iNWI2LTQ1YWQtOTBkNC1mMjNkNDZkNTQxZTZ1CA-mDQQvNjZ0BwAAFAAFoQMPeglGnzIxNDAxMzQ4ObUCGyByZaEEFGOhBPAKMDYwMzQyNGJkOTkwNGEmcmV0PWltZyZjRJ8zMFVuackBMGFsX3wLEV_pAQ_DBB4fNJQJABg2liYPwwQ8jzUwMDc3MTU2kAgID8wDAA8XAV4Afg0iZW5ENABwNl81MDQ2Nl8lCQ_YBjMDHgEvNziHJAcPkw3_NQ-4CAAfN3IPFg_gMyUFjw0PigoID8wF_wgOPQwQN7cXBcwFDH8HD3ITMQXHBQ9qCggPsgH_CA4xCSg3OakwDLIBD0UFMwR6Bw9jBggwZGMulTyBbGlua2VkaW4jDOBjb2xsZWN0Lz9waWQ9NmIeETYGLj9naWZpCA0-Mzgy4xEoODRQBA9HBzvQNDA2MzMzMTU0M31dfQ
63.34.68.24204 No Content 0 B URL HTTP/2 data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=3&c=1202&i=5bfp8m&p=regions-prod&s=15929&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTcUAPAmY2xpZW50SWQiOjEyMDIsInB1Ymxpc2hQYXRoIjoicmVnaW9ucy1wcm9kIiwiaW5zdGFuY2UvAPE0IjViZnA4bSIsInBhY2tldCI6MSwibW9kZSI6Im9ic2VydmUiLCJjb29raWVzIjp7fSwiZW52aXJvbm1lbnQiOiJSZVwAIiBQXADyBnJlcXVlc3RzIjpbeyJkZXN0aW5hdMAA8ypodHRwczovL2dvb2dsZWFkcy5nLmRvdWJsZWNsaWNrLm5ldC9wYWdlYWQvdmlld3Rocm91Z2hjb24DAfAOLzEwMTM1MzY0MDYvP3JhbmRvbT0xNjc0MDgxNTAGAKsmY3Y9MTEmZnN0GAChZm10PTMmYmc9ZgEA8UImZ3VpZD1PTiZhc3luYz0xJmd0bT0yb2ExYTEmdV93PTEyODAmdV9oPTEwMjQmbGFiZWw9RjBrUUNJV0lncVlCRUphdHBlTUQmaG49d3d3LmfRAPEALmNvbSZmcm09MCZ1cmw97gDTJTNBJTJGJTJGd3d3LoYBACgA8AElMkZsb2NhdG9yJTJGbWxvBgD0Jm9ydGdhZ2UtbG9hbi1vZmZpY2VyLW1hcnktaG9hbmctcGVhY2h0cmVlLWNpdHkmdGliYT1QFACzJTIwQ2l0eSUyME1IAPAAJTIwTGVuZGVyJTIwJTdDGgAgYXIhABBITgAFFQADvwEAAwFwX2VlPTEmYRwBtjIwNzk1OTEwNDguYgHmJmRhdGE9ZXZlbnQlM0SYAaImZ2NwPTEmY3RfJwLwAV9wcmVzZW50PTEiLCJ0eXBLAqBpbWciLCJzdGFyYgIGtQEgOTBQAgC3AgUUAKA0NTIsInNvdXJjOQAxbXV0QAIST4wCInJBRwCQdHVzIjoibG9h0AJgcmVhc29ucwIwXSwipQBkUGF0dGVyEgCybGlzdCI6W10sImlpAM8yMzI3Njg0NTA5fSylAgWAYmF0LmJpbmeuATAvYWPDAvKaLzA_dGk9MjEwMTEyODImVmVyPTImbWlkPWI4YjkyMDUwLTI0MjctNDA1OC1iNDdiLTkyNmNmMDdiYWZmMSZzaWQ9ZDE2MTk5ODA5NzgwMTFlZDk1MDc3ZDAyNDI2Yjc2NDEmdmlkPWQxNjE5MTkwOTc4MDExZWRhNTU3NmQ0ZWVlMDMwY2E5JnZpZHM9MSZtc2Nsa2lkPU4mcGk9MCZsZz1lbi1VUyZzd8ECE3PAAo9zYz0yNCZ0bC0COC9rd00AOB9wKwNO8AByPSZsdD0zMzQxJmV2dD1kBP8DTG9hZCZzdj0xJnJuPTQ5NzkzrQIPPzI4M60CAB8zrQIVj2Vycm9yIiwirgIenzExOTUwMTA4Mq4CB7FjZG4uYnR0cmFja7EC9gdqcy8xNTk2NS9hbmFseXRpY3MvMS4wDgB2Lm1pbi5qc6ADYnNjcmlwdFwDCqMDHzOjAwEnNzX2AKBhcHBlbmRDaGlsjQM_c3RhnQMqrzE5NDA0OTk2NTTvAGQeMeUBD-8AUR817wBkHzLvAAwPgQVBBeQBHzb1AGQPyQMACeQBDPUAIkNMGwMP2gIzHzf2AAe9OTEwMDU3Ni5mbHMcCQCGBqN2aXR5aTtzcmM9KgAQO2EHgT1wdjtjYXQ9YgiQMDtkY19sYXQ9CADwAHJkaWQ9O3RhZ19mb3JfY6QD8ABfZGlyZWN0ZWRfdHJlYXTHCfEEPTt0ZnVhPTtucGE9O2dkcHI9MAcAQV9jb27KB_YIMDtvcmQ9ODkyOTQxNjg2NzEyMS41MjNABFBpZnJhbSoKDOMHPzM4MlEDAC84MEAERp80NDc0MzMwMDFABAgDPAEPZgG6D8gDAC84MWYBTw-3BAgPZgHALjQ3LgUJZgEPOQRCBNMCLzQwOQQHAGEMAlkNAQEIAOQIsGFkLzFwLXVzZXItAwsPPw0MOzY2Jj8NQDc5MjABAA85DSUPDA2mAEMMBegMMGd0YQUMUm5maWcmSA5QaXNfdnQ3DgOEDvcLMjgyNDI0MTc0MSZybXRfdGxkPTAmaXByPXkgBQ8ADQMvMzdRAgEXNrcDDFECDwANMZ80OTAxMTE2MTS9AwgPUAIQfzk1OTU4MTiODwI_MTU1TwL_Jp8zMDQ0MTUwNThOAh8PoQwBLzg3TgJMQDYyMDJ1Ei81M54EBwlODxRwUA8ESw8PigwULjI3twkoNTCADQ-KDDuvNjIyNTE0MTAzMdkATh00VwYP2QBSD1IOCA-yATMPkQIACtkADN8ED2kLMgS5AR80uQEIBRkPQC50d2kuEgE3B-JpL2Fkc2N0P3BfaWQ9VBkAMCZwX0QHABIAUDAmdHhuCQBhbzFyeHQmCxNQcz0lNUIDACAyMnUHALoU8BIlMjIlMkNudWxsJTVEJTVEJnR3X3NhbGVfYW1vdW50PTARAPAAb3JkZXJfcXVhbnRpdHk9xRUAyws_IjoiLBMDPjM4MiwGLzUwiQ9HnzQ1NjY0MjgyNiYCCA9GAaAvNDhsAwAIRgEPkwJCBE0BHzglBQgHcwckbm8KFwvCCY8wMTg0Mjc2NAEXAR83wgn_KIU5MDMwMTk3MHMHHzHBCRQ-NDM5TwIfM8EWTZ81Nzg0MTQzNzHhBAgPTgIRD08ZCQ8QDP87D08CFS8zN54EABgz4wgMngQPEAwxnzU0NzEyMjI5ME8CEz9jb22eBP9tD18OFS80M08CAB80ngRNjzQzNTI2ODkzngQUCk8CBlccD7AQDCw4MWEOBQceD-kd_01Ac3NjdCoeD_EdACImciMRAAYAFjT-EA9eGgc-MDg1QAcYNI8JD9QNO580NTg1OTA4MzfrBCEPnAL_3g_6HAAZNZwCDI0HD74OMgWjAg8dGwhhcGl4ZWwuPQ4BoyMBvQ4BFQDhO3I9MTkwMDEzMjQ2Mju8ImFzPV9mcC6tDqEuUGFnZVZpZXc7DwD_ET1yZWZyZXNoO3JmPTM7YT1wLUFNeTd3Mnk3bnpSZzM7yCJQ0Dt1aHQ9MjtmcGFuPTEHAOY9UDAtODI1ODMxMDYxLX4i8Ac0MjE7cGJjPTtucz0wO2NlPTE7cWpzBgDyAXY9ODUwODczM2MtMjAyMzDbFGU1NTU7Y23PGmJyZWY9O2QiGyBuczABiDtkc3Q9MDtlLSTgNDIyO3R6bz0wO29nbD2jI_MGbGUuZW5fVVMlMkNzaXRlX25hbWUuNSNwQmFuayUyQ7cP_wIuYXJ0aWNsZSUyQ1RpdGxlLpojNlIlMkNkZUEFUGlvbi5MiiVgbmclMjBmPSRmMGElMjBt8yMUbPMjXWluJTIwhQAuM0YIJFNhdCUyMNIAMiUyMNUAMDBjYUEAfSUyQ3VybC7MJFElMjUyRW4cIW5zDAA_Y29t1CQWEE3UJAGGJBUtoQCvLUMlMkNpbWFnZW0AFhAtNSWAZWRpYSUyRkk6ALVzJTJGV2ViU2l0ZRAAA6QAUS1sb2dvqQCgcG5nJTNGcmV2aVYn9h4lM0QwO3Nlcz1mYjc5YjRiZS1kNjdjLTQwYjMtODg5ZS1kNWY3OTMzY2E5MTfQBg-iEQM_NDQybwkBCM0GDDEED74LMZ8zNjE1NzE4MDceGhMPWxAED80X_1cPCw4WDzwVAS81NM0XTJ8zNTA0OTQwMDl9BggAWhByZmFjZWJvb24k9At0ci8_aWQ9NDk5MTA4NTMxNzc1NzE0JmV2PW8GLyZkESlP9wBybD0maWY9ZmFsc2UmdHMDKkw2MTImFif3FXY9Mi45LjkyJnI9c3RhYmxlJmVjPTAmbz0zMCZmYnA9ZmIuMfwo-AA2MDguODkzNzc3NzU0Jmk0BnMzNjgmY29veQB_cnFtPUdFVCwEDi42MfkKARQABfoo-QNpbWdfRE9NQXR0ck1vZGlmaWVfJVFhbGxvdxMAD1EmHZ81NjQ4NTc4MDTZFQiFY29ubmVjdC7oAQCdK6BzaWduYWxzL2NvDh0bL_ABHT9TAQYFAQLABgJEIwtfJh43Aio3NjE55wKzaW5zZXJ0QmVmb3JhIg-GIyqPNDczMjQ1NzmKFQkP_gBYDh0jCv4ADzIGQQUDAQ8jIwgPAwFYDroiDwMBCw9mCzMEBwIPBB8IUnJ1bGVzZgsQY7kZADYKES8VABstKgsPwhwUPTQyNu4OEDY1CAb1Aw_tAjufMjg1OTc5ODE57w4IAdEAD-YAOw4HCSg2MtMDDNUCD9IBMgXsAA9jGQiRcHhsLmppdm94ywExdGFnzQTwHHYvcHhyZS5waHA_cHg9MjYwMTlhZGVjNTc1NjAmdXNfcHJpdmFjeT10cnWCBADwCw-nGwgPdBMAEDZ1GgXkAQ_SEDsQMnUuPzQxML0VCQ_3AFIOCRkP9wBSD8UGCA_3AFEeNZQgCvcAD-wCQwP1AR8xpwkIMXQudGUzMXR2LxkuED9AKiFvbv8uAAMQwCZlbnY9anMtd2ViJiEqA2Yz8Qc9Ni4xMS4wXzM0Yzg4ZTYmYnV5ZXJfXBAA-h7PNTk5NSZyZWZlcmVyuS9OAXgfMHNlc6sNAH0A9hUzOWRjZjFhNC1iNWI2LTQ1YWQtOTBkNC1mMjNkNDZkNTQxZTZ1CA-mDQQvNjZ0BwAAFAAFoQMPeglGnzIxNDAxMzQ4ObUCGyByZaEEFGOhBPAKMDYwMzQyNGJkOTkwNGEmcmV0PWltZyZjRJ8zMFVuackBMGFsX3wLEV_pAQ_DBB4fNJQJABg2liYPwwQ8jzUwMDc3MTU2kAgID8wDAA8XAV4Afg0iZW5ENABwNl81MDQ2Nl8lCQ_YBjMDHgEvNziHJAcPkw3_NQ-4CAAfN3IPFg_gMyUFjw0PigoID8wF_wgOPQwQN7cXBcwFDH8HD3ITMQXHBQ9qCggPsgH_CA4xCSg3OakwDLIBD0UFMwR6Bw9jBggwZGMulTyBbGlua2VkaW4jDOBjb2xsZWN0Lz9waWQ9NmIeETYGLj9naWZpCA0-Mzgy4xEoODRQBA9HBzvQNDA2MzMzMTU0M31dfQ
IP 63.34.68.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /privacy/v1/b/r.rnc?n=3&c=1202&i=5bfp8m&p=regions-prod&s=15929&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTcUAPAmY2xpZW50SWQiOjEyMDIsInB1Ymxpc2hQYXRoIjoicmVnaW9ucy1wcm9kIiwiaW5zdGFuY2UvAPE0IjViZnA4bSIsInBhY2tldCI6MSwibW9kZSI6Im9ic2VydmUiLCJjb29raWVzIjp7fSwiZW52aXJvbm1lbnQiOiJSZVwAIiBQXADyBnJlcXVlc3RzIjpbeyJkZXN0aW5hdMAA8ypodHRwczovL2dvb2dsZWFkcy5nLmRvdWJsZWNsaWNrLm5ldC9wYWdlYWQvdmlld3Rocm91Z2hjb24DAfAOLzEwMTM1MzY0MDYvP3JhbmRvbT0xNjc0MDgxNTAGAKsmY3Y9MTEmZnN0GAChZm10PTMmYmc9ZgEA8UImZ3VpZD1PTiZhc3luYz0xJmd0bT0yb2ExYTEmdV93PTEyODAmdV9oPTEwMjQmbGFiZWw9RjBrUUNJV0lncVlCRUphdHBlTUQmaG49d3d3LmfRAPEALmNvbSZmcm09MCZ1cmw97gDTJTNBJTJGJTJGd3d3LoYBACgA8AElMkZsb2NhdG9yJTJGbWxvBgD0Jm9ydGdhZ2UtbG9hbi1vZmZpY2VyLW1hcnktaG9hbmctcGVhY2h0cmVlLWNpdHkmdGliYT1QFACzJTIwQ2l0eSUyME1IAPAAJTIwTGVuZGVyJTIwJTdDGgAgYXIhABBITgAFFQADvwEAAwFwX2VlPTEmYRwBtjIwNzk1OTEwNDguYgHmJmRhdGE9ZXZlbnQlM0SYAaImZ2NwPTEmY3RfJwLwAV9wcmVzZW50PTEiLCJ0eXBLAqBpbWciLCJzdGFyYgIGtQEgOTBQAgC3AgUUAKA0NTIsInNvdXJjOQAxbXV0QAIST4wCInJBRwCQdHVzIjoibG9h0AJgcmVhc29ucwIwXSwipQBkUGF0dGVyEgCybGlzdCI6W10sImlpAM8yMzI3Njg0NTA5fSylAgWAYmF0LmJpbmeuATAvYWPDAvKaLzA_dGk9MjEwMTEyODImVmVyPTImbWlkPWI4YjkyMDUwLTI0MjctNDA1OC1iNDdiLTkyNmNmMDdiYWZmMSZzaWQ9ZDE2MTk5ODA5NzgwMTFlZDk1MDc3ZDAyNDI2Yjc2NDEmdmlkPWQxNjE5MTkwOTc4MDExZWRhNTU3NmQ0ZWVlMDMwY2E5JnZpZHM9MSZtc2Nsa2lkPU4mcGk9MCZsZz1lbi1VUyZzd8ECE3PAAo9zYz0yNCZ0bC0COC9rd00AOB9wKwNO8AByPSZsdD0zMzQxJmV2dD1kBP8DTG9hZCZzdj0xJnJuPTQ5NzkzrQIPPzI4M60CAB8zrQIVj2Vycm9yIiwirgIenzExOTUwMTA4Mq4CB7FjZG4uYnR0cmFja7EC9gdqcy8xNTk2NS9hbmFseXRpY3MvMS4wDgB2Lm1pbi5qc6ADYnNjcmlwdFwDCqMDHzOjAwEnNzX2AKBhcHBlbmRDaGlsjQM_c3RhnQMqrzE5NDA0OTk2NTTvAGQeMeUBD-8AUR817wBkHzLvAAwPgQVBBeQBHzb1AGQPyQMACeQBDPUAIkNMGwMP2gIzHzf2AAe9OTEwMDU3Ni5mbHMcCQCGBqN2aXR5aTtzcmM9KgAQO2EHgT1wdjtjYXQ9YgiQMDtkY19sYXQ9CADwAHJkaWQ9O3RhZ19mb3JfY6QD8ABfZGlyZWN0ZWRfdHJlYXTHCfEEPTt0ZnVhPTtucGE9O2dkcHI9MAcAQV9jb27KB_YIMDtvcmQ9ODkyOTQxNjg2NzEyMS41MjNABFBpZnJhbSoKDOMHPzM4MlEDAC84MEAERp80NDc0MzMwMDFABAgDPAEPZgG6D8gDAC84MWYBTw-3BAgPZgHALjQ3LgUJZgEPOQRCBNMCLzQwOQQHAGEMAlkNAQEIAOQIsGFkLzFwLXVzZXItAwsPPw0MOzY2Jj8NQDc5MjABAA85DSUPDA2mAEMMBegMMGd0YQUMUm5maWcmSA5QaXNfdnQ3DgOEDvcLMjgyNDI0MTc0MSZybXRfdGxkPTAmaXByPXkgBQ8ADQMvMzdRAgEXNrcDDFECDwANMZ80OTAxMTE2MTS9AwgPUAIQfzk1OTU4MTiODwI_MTU1TwL_Jp8zMDQ0MTUwNThOAh8PoQwBLzg3TgJMQDYyMDJ1Ei81M54EBwlODxRwUA8ESw8PigwULjI3twkoNTCADQ-KDDuvNjIyNTE0MTAzMdkATh00VwYP2QBSD1IOCA-yATMPkQIACtkADN8ED2kLMgS5AR80uQEIBRkPQC50d2kuEgE3B-JpL2Fkc2N0P3BfaWQ9VBkAMCZwX0QHABIAUDAmdHhuCQBhbzFyeHQmCxNQcz0lNUIDACAyMnUHALoU8BIlMjIlMkNudWxsJTVEJTVEJnR3X3NhbGVfYW1vdW50PTARAPAAb3JkZXJfcXVhbnRpdHk9xRUAyws_IjoiLBMDPjM4MiwGLzUwiQ9HnzQ1NjY0MjgyNiYCCA9GAaAvNDhsAwAIRgEPkwJCBE0BHzglBQgHcwckbm8KFwvCCY8wMTg0Mjc2NAEXAR83wgn_KIU5MDMwMTk3MHMHHzHBCRQ-NDM5TwIfM8EWTZ81Nzg0MTQzNzHhBAgPTgIRD08ZCQ8QDP87D08CFS8zN54EABgz4wgMngQPEAwxnzU0NzEyMjI5ME8CEz9jb22eBP9tD18OFS80M08CAB80ngRNjzQzNTI2ODkzngQUCk8CBlccD7AQDCw4MWEOBQceD-kd_01Ac3NjdCoeD_EdACImciMRAAYAFjT-EA9eGgc-MDg1QAcYNI8JD9QNO580NTg1OTA4MzfrBCEPnAL_3g_6HAAZNZwCDI0HD74OMgWjAg8dGwhhcGl4ZWwuPQ4BoyMBvQ4BFQDhO3I9MTkwMDEzMjQ2Mju8ImFzPV9mcC6tDqEuUGFnZVZpZXc7DwD_ET1yZWZyZXNoO3JmPTM7YT1wLUFNeTd3Mnk3bnpSZzM7yCJQ0Dt1aHQ9MjtmcGFuPTEHAOY9UDAtODI1ODMxMDYxLX4i8Ac0MjE7cGJjPTtucz0wO2NlPTE7cWpzBgDyAXY9ODUwODczM2MtMjAyMzDbFGU1NTU7Y23PGmJyZWY9O2QiGyBuczABiDtkc3Q9MDtlLSTgNDIyO3R6bz0wO29nbD2jI_MGbGUuZW5fVVMlMkNzaXRlX25hbWUuNSNwQmFuayUyQ7cP_wIuYXJ0aWNsZSUyQ1RpdGxlLpojNlIlMkNkZUEFUGlvbi5MiiVgbmclMjBmPSRmMGElMjBt8yMUbPMjXWluJTIwhQAuM0YIJFNhdCUyMNIAMiUyMNUAMDBjYUEAfSUyQ3VybC7MJFElMjUyRW4cIW5zDAA_Y29t1CQWEE3UJAGGJBUtoQCvLUMlMkNpbWFnZW0AFhAtNSWAZWRpYSUyRkk6ALVzJTJGV2ViU2l0ZRAAA6QAUS1sb2dvqQCgcG5nJTNGcmV2aVYn9h4lM0QwO3Nlcz1mYjc5YjRiZS1kNjdjLTQwYjMtODg5ZS1kNWY3OTMzY2E5MTfQBg-iEQM_NDQybwkBCM0GDDEED74LMZ8zNjE1NzE4MDceGhMPWxAED80X_1cPCw4WDzwVAS81NM0XTJ8zNTA0OTQwMDl9BggAWhByZmFjZWJvb24k9At0ci8_aWQ9NDk5MTA4NTMxNzc1NzE0JmV2PW8GLyZkESlP9wBybD0maWY9ZmFsc2UmdHMDKkw2MTImFif3FXY9Mi45LjkyJnI9c3RhYmxlJmVjPTAmbz0zMCZmYnA9ZmIuMfwo-AA2MDguODkzNzc3NzU0Jmk0BnMzNjgmY29veQB_cnFtPUdFVCwEDi42MfkKARQABfoo-QNpbWdfRE9NQXR0ck1vZGlmaWVfJVFhbGxvdxMAD1EmHZ81NjQ4NTc4MDTZFQiFY29ubmVjdC7oAQCdK6BzaWduYWxzL2NvDh0bL_ABHT9TAQYFAQLABgJEIwtfJh43Aio3NjE55wKzaW5zZXJ0QmVmb3JhIg-GIyqPNDczMjQ1NzmKFQkP_gBYDh0jCv4ADzIGQQUDAQ8jIwgPAwFYDroiDwMBCw9mCzMEBwIPBB8IUnJ1bGVzZgsQY7kZADYKES8VABstKgsPwhwUPTQyNu4OEDY1CAb1Aw_tAjufMjg1OTc5ODE57w4IAdEAD-YAOw4HCSg2MtMDDNUCD9IBMgXsAA9jGQiRcHhsLmppdm94ywExdGFnzQTwHHYvcHhyZS5waHA_cHg9MjYwMTlhZGVjNTc1NjAmdXNfcHJpdmFjeT10cnWCBADwCw-nGwgPdBMAEDZ1GgXkAQ_SEDsQMnUuPzQxML0VCQ_3AFIOCRkP9wBSD8UGCA_3AFEeNZQgCvcAD-wCQwP1AR8xpwkIMXQudGUzMXR2LxkuED9AKiFvbv8uAAMQwCZlbnY9anMtd2ViJiEqA2Yz8Qc9Ni4xMS4wXzM0Yzg4ZTYmYnV5ZXJfXBAA-h7PNTk5NSZyZWZlcmVyuS9OAXgfMHNlc6sNAH0A9hUzOWRjZjFhNC1iNWI2LTQ1YWQtOTBkNC1mMjNkNDZkNTQxZTZ1CA-mDQQvNjZ0BwAAFAAFoQMPeglGnzIxNDAxMzQ4ObUCGyByZaEEFGOhBPAKMDYwMzQyNGJkOTkwNGEmcmV0PWltZyZjRJ8zMFVuackBMGFsX3wLEV_pAQ_DBB4fNJQJABg2liYPwwQ8jzUwMDc3MTU2kAgID8wDAA8XAV4Afg0iZW5ENABwNl81MDQ2Nl8lCQ_YBjMDHgEvNziHJAcPkw3_NQ-4CAAfN3IPFg_gMyUFjw0PigoID8wF_wgOPQwQN7cXBcwFDH8HD3ITMQXHBQ9qCggPsgH_CA4xCSg3OakwDLIBD0UFMwR6Bw9jBggwZGMulTyBbGlua2VkaW4jDOBjb2xsZWN0Lz9waWQ9NmIeETYGLj9naWZpCA0-Mzgy4xEoODRQBA9HBzvQNDA2MzMzMTU0M31dfQ HTTP/1.1
Host: data.privacy.ensighten.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Wed, 18 Jan 2023 22:38:26 GMT
expires: Wed, 18 Jan 2023 22:38:25 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2
sjc1.qualtrics.com/WRQualtricsSiteIntercept/Graphic.php?IM=IM_3Rb1cZVNRo1x9BA
2.18.173.116200 OK 2.1 kB URL HTTP/2 sjc1.qualtrics.com/WRQualtricsSiteIntercept/Graphic.php?IM=IM_3Rb1cZVNRo1x9BA
IP 2.18.173.116:0
File type PNG image data, 40 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 8589c169002370f528326cb492232e81
af7b67df6f182becf3708eb1363858326009a3a0
0055a4ba915b2740205b0823e65ecb2ad2e367938e8cf1fe7010dff9e9c6aeb2
GET /WRQualtricsSiteIntercept/Graphic.php?IM=IM_3Rb1cZVNRo1x9BA HTTP/1.1
Host: sjc1.qualtrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "8589c169002370f528326cb492232e81"
access-control-allow-origin: *
x-request-id: 77cd936c-cd9f-4437-a75a-c2fa769cef90
x-transaction-id: ed964401-e4bf-4e6c-8e52-ab6ad80dbb41
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
permissions-policy: camera=(), geolocation=(), microphone=()
x-edgeconnect-midmile-rtt: 18
x-edgeconnect-origin-mex-latency: 165
x-envoy-upstream-service-time: 30
server: envoy
content-disposition: inline; filename=Feedback+tab+-+dark+outline
content-length: 2098
content-type: image/png
x-robots-tag: noindex
cache-control: public, max-age=21
expires: Wed, 18 Jan 2023 22:38:47 GMT
date: Wed, 18 Jan 2023 22:38:26 GMT
content-security-policy-report-only: report-uri https://sjc1.qualtrics.com/csp-report
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash b4e32047ed8b25f2bbd354a3a0f1a0c5
b1d05afd1fe94b27313514f9a0692ac37afb3fbb
7386da34a9edf9b68a8a20ff0246c6bc0a0d119da0b2e150b41932544ff0590d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 22:38:26 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 18 Jan 2023 03:43:24 GMT
Expires: Wed, 25 Jan 2023 03:43:23 GMT
Etag: "b1d05afd1fe94b27313514f9a0692ac37afb3fbb"
Cache-Control: max-age=536096,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78bad228488cb4f7-OSL
regionsbank.mpeasylink.com/mpel/mpel?href=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&ref=&lang=&country=undefined&curr=undefined®ion=undefined&osl=en-US
44.197.47.122200 OK 641 B URL HTTP/2 regionsbank.mpeasylink.com/mpel/mpel?href=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&ref=&lang=&country=undefined&curr=undefined®ion=undefined&osl=en-US
IP 44.197.47.122:0
File type ASCII text, with very long lines (641), with no line terminators
Hash b3dd2edb5dfeee1a0529766c41957c67
447d5e8bf3cb4bf49aab01f12639afc933b8ff38
ef9ba31d511766efc2f207e993c8a1286ccddcf236fe5910ebbd70b38d324ecd
Analyzer Verdict Alert quad9 Sinkholed
GET /mpel/mpel?href=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&ref=&lang=&country=undefined&curr=undefined®ion=undefined&osl=en-US HTTP/1.1
Host: regionsbank.mpeasylink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 22:38:26 GMT
content-type: text/javascript;charset=UTF-8
content-length: 641
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa OUR IND COM NAV INT STA"
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 9a8fd0b3241bcf1ee875873e894dffa5
83b718b8f86a02f2bb2bf07c5ed20d5b267bf1ae
36ef11e6b7f16d416e2adb0b5075adf256ba43997742bd473cf2743d904eb3bc
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 22:38:26 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 18 Jan 2023 13:42:56 GMT
Expires: Wed, 25 Jan 2023 13:42:55 GMT
Etag: "83b718b8f86a02f2bb2bf07c5ed20d5b267bf1ae"
Cache-Control: max-age=572068,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78bad2285c300b31-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 8796e6a2b9ae3b266a776ede62580e69
c5740324bb0c3faee35f93e1a81bcf7dd4271a89
1dfee7ac16c08adcd6320bd503d9031d6b85b74d73cd81c19b299dfbba82037b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 22:38:26 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 17 Jan 2023 13:56:51 GMT
Expires: Tue, 24 Jan 2023 13:56:50 GMT
Etag: "c5740324bb0c3faee35f93e1a81bcf7dd4271a89"
Cache-Control: max-age=486503,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78bad227b9560b3d-OSL
lptag.liveperson.net/tag/tag.js?site=60208595
178.249.97.23200 OK 7.6 kB URL HTTP/2 lptag.liveperson.net/tag/tag.js?site=60208595
IP 178.249.97.23:0
File type ASCII text, with very long lines (21652), with no line terminators
Hash 6b675640425ec8551a433e26a377d954
7234f02cce1ccb2a4facf2b34b9185cfcf27299d
8c9716f14d2e964be7c93d3d8c28819cb35c529fce6206a79061cda509e05bfd
GET /tag/tag.js?site=60208595 HTTP/1.1
Host: lptag.liveperson.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 22:38:26 GMT
content-type: application/javascript
content-length: 7567
last-modified: Thu, 03 Sep 2020 08:27:49 GMT
etag: "5f50a905-1d8f"
content-encoding: gzip
server: ws
strict-transport-security: max-age=300; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
cache-control: public, max-age=630
x-content-type-options: nosniff
X-Firefox-Spdy: h2
x.bidswitch.net/sync?dsp_id=119&user_id=5144588522960336448&expires=30
18.159.74.210302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=119&user_id=5144588522960336448&expires=30
IP 18.159.74.210:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=119&user_id=5144588522960336448&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 18 Jan 2023 22:38:26 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5144588522960336448&expires=30
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=abef1816-24d4-44a2-947e-ad7ff1cf06e4; path=/; expires=Thu, 18-Jan-2024 22:38:26 GMT; domain=.bidswitch.net; samesite=none; secure
c=1674081506; path=/; expires=Thu, 18-Jan-2024 22:38:26 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1674081506; path=/; expires=Thu, 18-Jan-2024 22:38:26 GMT; domain=.bidswitch.net; samesite=none; secure
c=1674081506; path=/; expires=Thu, 18-Jan-2024 22:38:26 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5144588522960336448&expires=30
18.159.74.210200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5144588522960336448&expires=30
IP 18.159.74.210:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?dsp_id=119&user_id=5144588522960336448&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20839218p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 18 Jan 2023 22:38:27 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 43c0a0894af0e1646f31dfe80cacc4a6
e08c71d25a2554f04eb1309ee9ca39003bea75eb
98a53b265a3a00d2ec4a5aeb126ec589ba57d17111738d1558437dcd4c412ff4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=124111
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 22:38:27 GMT
Etag: "63c7b6b2-1d7"
Expires: Fri, 20 Jan 2023 09:06:58 GMT
Last-Modified: Wed, 18 Jan 2023 09:06:58 GMT
Server: nginx
Content-Length: 471
siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_2tbnXZsYSY6ZeF7&Q_CLIENTVERSION=1.83.0&Q_CLIENTTYPE=web
104.17.208.240200 OK 1.5 kB URL HTTP/2 siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_2tbnXZsYSY6ZeF7&Q_CLIENTVERSION=1.83.0&Q_CLIENTTYPE=web
IP 104.17.208.240:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (4878), with no line terminators
Hash 4f24cddd161e122dce9c35623fc09812
8c998242425f586f745b0432576f8df5be803bbd
46094e42e30dd767f36d8244f5e84b1893955ecc0e22c0dba4b3fef54830b238
POST /WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_2tbnXZsYSY6ZeF7&Q_CLIENTVERSION=1.83.0&Q_CLIENTTYPE=web HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 165
Origin: https://www.regions.com
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 18 Jan 2023 22:38:26 GMT
content-type: application/json
cf-ray: 78bad226dc7db4ff-OSL
access-control-allow-origin: https://www.regions.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
trace-id: 578d20dec0e2d36a
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
partners.tremorhub.com/sync?UIRF=5144588522960336448&r=x_ENqDzBopqT
18.233.216.139200 OK 1.3 kB URL HTTP/2 partners.tremorhub.com/sync?UIRF=5144588522960336448&r=x_ENqDzBopqT
IP 18.233.216.139:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash e235b7cd3f38a16f8986b4e4593c7565
29220942e67aa5bb06c28356a1bcf1463f8b9e2f
92c3f94fc1bde6207d51c48614723c30cd1a557982c298d8b401cf2c91f07159
GET /sync?UIRF=5144588522960336448&r=x_ENqDzBopqT HTTP/1.1
Host: partners.tremorhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 22:38:26 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
siteintercept.qualtrics.com/dxjsmodule/1.ca40fe67c92ba390e992.chunk.js?Q_CLIENTVERSION=1.83.0&Q_CLIENTTYPE=web&Q_BRANDID=regions
104.17.208.240200 OK 13 kB URL HTTP/2 siteintercept.qualtrics.com/dxjsmodule/1.ca40fe67c92ba390e992.chunk.js?Q_CLIENTVERSION=1.83.0&Q_CLIENTTYPE=web&Q_BRANDID=regions
IP 104.17.208.240:0
File type ASCII text, with very long lines (28843), with no line terminators
Hash 0d9e263198869ddbb258cfa320ef0c9e
ea1207857de9e86b9fb74af79fad87129ef9168d
d08d155008e2351fb54c866ff67d7a6b614375236a10b54c7c1c1f52601d7ee9
GET /dxjsmodule/1.ca40fe67c92ba390e992.chunk.js?Q_CLIENTVERSION=1.83.0&Q_CLIENTTYPE=web&Q_BRANDID=regions HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 18 Jan 2023 22:38:26 GMT
content-type: application/javascript
cf-ray: 78bad2284e14b4ff-OSL
access-control-allow-origin: *
age: 68194
cache-control: public, max-age=604800, s-maxage=604800
etag: W/"73bc-185c14f8808"
last-modified: Tue, 17 Jan 2023 19:58:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=29628
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
e1.emxdgt.com/put?d=d16&uid=5144588522960336448
3.75.3.113204 No Content 0 B URL HTTP/2 e1.emxdgt.com/put?d=d16&uid=5144588522960336448
IP 3.75.3.113:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /put?d=d16&uid=5144588522960336448 HTTP/1.1
Host: e1.emxdgt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
content-type: text/html
date: Wed, 18 Jan 2023 22:38:27 GMT
content-length: 0
X-Firefox-Spdy: h2
regions.demdex.net/dest5.html?d_nsid=undefined
52.30.252.118200 OK 2.8 kB URL HTTP/1.1 regions.demdex.net/dest5.html?d_nsid=undefined
IP 52.30.252.118:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=undefined HTTP/1.1
Host: regions.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Wed, 18 Jan 2023 22:38:27 GMT
DCS: dcs-prod-irl1-1-v045-0e6039550.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 28 Oct 2022 11:02:57 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: miLOvDpNR1M=
transfer-encoding: chunked
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 17f76473e4ab37ba38b71ac2391277d6
98a1821beebbb131dfb1fb122a847b1a9ea75531
3b551771d4d44a96b2ca1288323a9bd9bd9e64dfda13f0e6447604cbc0e6f750
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 18 Jan 2023 22:38:27 GMT
Last-Modified: Wed, 18 Jan 2023 21:11:14 GMT
Server: ECS (nyb/1D24)
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gOd2IQgThiATjBYlnvPLuItCNVvF4swdtRvvZVn3hy8NO99H0K6QUw==
Age: 5233
cm.everesttech.net/cm/dd?d_uuid=74189726394660622491681333173351758332
54.229.62.148302 0 B URL HTTP/1.1 cm.everesttech.net/cm/dd?d_uuid=74189726394660622491681333173351758332
IP 54.229.62.148:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/dd?d_uuid=74189726394660622491681333173351758332 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Date: Wed, 18 Jan 2023 22:38:27 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~Y8h04wAAANQMbwOY; Domain=.everesttech.net; Expires=Thu, 18-Jan-2024 22:38:27 GMT; Path=/
everest_session_v2=Y8h04wAAANQMcAOY; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y8h04wAAANQMbwOY
Server: AMO-cookiemap/1.1
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 4311913b8d01363a62c68733fb89ce44
cf0a885986aa8bcae2cb17a2c49a925d4dfd7bbe
b6e22a8e04a8c886f0ed766ef24025c3dc3e51e297f866613bb89a3ba02946c7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 22:38:27 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 17 Jan 2023 02:32:12 GMT
Expires: Tue, 24 Jan 2023 02:32:11 GMT
Etag: "cf0a885986aa8bcae2cb17a2c49a925d4dfd7bbe"
Cache-Control: max-age=445423,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78bad22e8a440b31-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 4311913b8d01363a62c68733fb89ce44
cf0a885986aa8bcae2cb17a2c49a925d4dfd7bbe
b6e22a8e04a8c886f0ed766ef24025c3dc3e51e297f866613bb89a3ba02946c7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 22:38:27 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 17 Jan 2023 02:32:12 GMT
Expires: Tue, 24 Jan 2023 02:32:11 GMT
Etag: "cf0a885986aa8bcae2cb17a2c49a925d4dfd7bbe"
Cache-Control: max-age=445423,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78bad22e9f6a0afe-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 4311913b8d01363a62c68733fb89ce44
cf0a885986aa8bcae2cb17a2c49a925d4dfd7bbe
b6e22a8e04a8c886f0ed766ef24025c3dc3e51e297f866613bb89a3ba02946c7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 22:38:27 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 17 Jan 2023 02:32:12 GMT
Expires: Tue, 24 Jan 2023 02:32:11 GMT
Etag: "cf0a885986aa8bcae2cb17a2c49a925d4dfd7bbe"
Cache-Control: max-age=445423,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78bad22e9958b4f9-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 4311913b8d01363a62c68733fb89ce44
cf0a885986aa8bcae2cb17a2c49a925d4dfd7bbe
b6e22a8e04a8c886f0ed766ef24025c3dc3e51e297f866613bb89a3ba02946c7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 22:38:27 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 17 Jan 2023 02:32:12 GMT
Expires: Tue, 24 Jan 2023 02:32:11 GMT
Etag: "cf0a885986aa8bcae2cb17a2c49a925d4dfd7bbe"
Cache-Control: max-age=445423,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78bad22dff850b3d-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 4311913b8d01363a62c68733fb89ce44
cf0a885986aa8bcae2cb17a2c49a925d4dfd7bbe
b6e22a8e04a8c886f0ed766ef24025c3dc3e51e297f866613bb89a3ba02946c7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 22:38:27 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 17 Jan 2023 02:32:12 GMT
Expires: Tue, 24 Jan 2023 02:32:11 GMT
Etag: "cf0a885986aa8bcae2cb17a2c49a925d4dfd7bbe"
Cache-Control: max-age=445423,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78bad22dfe59b4f7-OSL
dpm.demdex.net/ibs:dpid=411&dpuuid=Y8h04wAAANQMbwOY
52.30.252.118302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=411&dpuuid=Y8h04wAAANQMbwOY
IP 52.30.252.118:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=411&dpuuid=Y8h04wAAANQMbwOY HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.regions.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v045-073c16f88.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y8h04wAAANQMbwOY
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=03727799881817327152317137938724530083; Max-Age=15552000; Expires=Mon, 17 Jul 2023 22:38:27 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: CpCCROuyR5Q=
Content-Length: 0
Connection: keep-alive
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y8h04wAAANQMbwOY
52.30.252.118200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y8h04wAAANQMbwOY
IP 52.30.252.118:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y8h04wAAANQMbwOY HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.regions.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v045-0f2a7c28b.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: okBNRM2zTOg=
Content-Length: 59
Connection: keep-alive
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash fe7e2a1ce5a81b5f5eeeaef7f185c8fa
9c4ffcac95c28af9e6a333750ea2df7b4af06309
65649fe7ae3b3e4ee41bf87a000e4c9b200048d02f5baa30d3c4ad4a911ab360
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 18 Jan 2023 22:38:28 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 18 Jan 2023 21:01:35 GMT
Expires: Thu, 19 Jan 2023 21:01:35 GMT
ETag: "9c4ffcac95c28af9e6a333750ea2df7b4af06309"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
lptag.liveperson.net/lptag/api/account/60208595/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3
178.249.97.23200 OK 108 kB URL HTTP/2 lptag.liveperson.net/lptag/api/account/60208595/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3
IP 178.249.97.23:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 108 kB (107576 bytes)
Hash acf522f7402ea1ebd5458e3abed03ef0
67636afc61c91f3f0c5a0ba83bdd440e044ba7b5
cb98b1dbd3ffc2795ec5931bbf0813b1dae0222519f715b037bbbdccf864714c
GET /lptag/api/account/60208595/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3 HTTP/1.1
Host: lptag.liveperson.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 18 Jan 2023 22:38:27 GMT
content-type: application/x-javascript
set-cookie: ADRUM_BTa=R:24|g:d1a09633-04ed-4cf8-b609-2608ab5a8fe8; Max-Age=30; Expires=Wed, 18-Jan-2023 22:38:57 GMT; Path=/
ADRUM_BTa=R:24|g:d1a09633-04ed-4cf8-b609-2608ab5a8fe8|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Wed, 18-Jan-2023 22:38:57 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Wed, 18-Jan-2023 22:38:57 GMT; Path=/; Secure
ADRUM_BT1=R:24|i:1758181; Max-Age=30; Expires=Wed, 18-Jan-2023 22:38:57 GMT; Path=/
ADRUM_BT1=R:24|i:1758181|e:2; Max-Age=30; Expires=Wed, 18-Jan-2023 22:38:57 GMT; Path=/
ADRUM_BT1=R:24|i:1758181|e:2|d:3; Max-Age=30; Expires=Wed, 18-Jan-2023 22:38:57 GMT; Path=/
cache-control: public, max-age=630
server: ws
strict-transport-security: max-age=300; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: MISS
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/ui-framework.js?version=10.23.0.0-release_5549
178.249.97.98200 OK 29 kB URL HTTP/2 lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/ui-framework.js?version=10.23.0.0-release_5549
IP 178.249.97.98:0
File type ASCII text, with very long lines (33529)
Hash c2bbd7eea41ffc50cb7f3b17be7be2e6
016fdf5c7e25a53fd3e0fbaccc2ecf056313d0da
b40346be5e16bf97d99f3ea5f98d3ead4e84772a0ae2517dbf9f127aed28abe1
GET /le_unified_window/10.23.0.0-release_5549/ui-framework.js?version=10.23.0.0-release_5549 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 22:38:27 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 22:03:25 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Thu, 18 Jan 2024 22:38:27 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=5&c=1202&i=5bfp8m&p=regions-prod&s=15692&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTcUAPAmY2xpZW50SWQiOjEyMDIsInB1Ymxpc2hQYXRoIjoicmVnaW9ucy1wcm9kIiwiaW5zdGFuY2UvAPE0IjViZnA4bSIsInBhY2tldCI6NCwibW9kZSI6Im9ic2VydmUiLCJjb29raWVzIjp7fSwiZW52aXJvbm1lbnQiOiJSZVwAIiBQXADyBnJlcXVlc3RzIjpbeyJkZXN0aW5hdMAA8nhodHRwczovL3NpdGVpbnRlcmNlcHQucXVhbHRyaWNzLmNvbS9keGpzbW9kdWxlLzEzLjgwYjExNzQzMTEzMjNjYTVjMTVkLmNodW5rLmpzP1FfQ0xJRU5UVkVSU0lPTj0xLjgzLjAmUV9DTElFTlRUWVBFPXdlYiZRX0JSQU5ESUQ9d3d3LnIMAQBuAGAiLCJ0eXDqAPAOc2NyaXB0Iiwic3RhcnQiOjE2NzQwODE1MDU5MjHyAABZAQYUAJA4MCwic291cmM8AKBhcHBlbmRDaGlsXAHAc3RhdHVzIjoibG9hEABgcmVhc29uDwHUXSwiZGF0YVBhdHRlchIAsmxpc3QiOltdLCJpYwDPMzgxMzIyMDg1OH0sQQG0HzJBAQAXMUEBMW11dCMCEk9vAiJyQYgBD0cBMx85RwG2HzNHARwvQ0xIATgvNjBIAS5RQ29yZU3bAx8uvQMiA8UED7UDEEw2MzA1LQFHNjM2OHQCD7UDPJ85MjkyODg1MTQmAZsfNiYBDAyaAw9TAjMELQEfNS0BI3RXUlNpdGVJQQbyAkVuZ2luZS9Bc3NldC5waHA_ZALyBj1TSV85WlNmeWdqejlVbFpsQlAmVksH1D0zMiZRX09SSUdJTj2VBhp3GwYUJkYGH1ZdBgsGjgIyeGhycAMJQAZONjM3NGUBABQABUAGslhIUl9NQU5BR0VSQQAC-QRvYWxsb3dlQwYinzM2OTk1NDM5M2EB0w_sAwAnNzXsAw9hAUcP7wMkD8ICFPUDQ1JfZDZYSkFadFh3M0ZEcklwwgJFOSZRXwIDL0lE7QIBD-ICWA-BAV6vNTQxNzAyNDQ4MuICSg-BAf8sAFIFcHlvdXR1YmVtC7YvaWZyYW1lX2FwaTUFD3gLBy02OfAIRzYzODLXAw_DBzuvMjE0NTcxODEwN1MCBw_SAC0PCgYACdIAD28HQgXZAA9RDC__CDYuOTgwOGFmOGI2NTY2ODZhOThiNjQukQ0oD9QJGR03iQ1PNjQxNxECRp80MDA0MzMxNzRCDC8POAFsDuYJCjgBD3cCQgQ_AR81JAckBwkQwkZlZWRiYWNrTGlua90JD0EMTwCiCSJlbpMPAgoQPzY0MUEMR582MTU2NTMzMjUUCyQPLgFtD2MCAQguAQxjAg_jDzEFNAEPsgUID2sSFA9iAmIdNxgMCmICDDQBD30NMgU1AQ8OBi__BzEuY2E0MGZlNjdjOTJiYTM5MGU5OTIOBlYOHwg_NDM2DgZHjzUzMDAzMjU3oQMvDzgBbA-rAwAJOAEPdwJCFDQ_AQ93AggDDAjxAGJhbmsubXBlYXN5bGluazsKUG1wZWwvBQDyD19zdG9yYWdlLmh0bWw_Y21kPWdldHByZWYmaHJlZs0PkCUzQSUyRiUyRq8JA1UAAEYA8AElMkZsb2NhdG9yJTJGbWxvBgD2H29ydGdhZ2UtbG9hbi1vZmZpY2VyLW1hcnktaG9hbmctcGVhY2h0cmVlLWNpdHm4CgLMCgKvDwrwDx80pwgBABQABfAPAjwA4V9ET01BdHRyTW9kaWZp6A8FOxYP-w8nrzI3NjEwMjkyMTHGCgcDEwEPaAEKNi5qc-0AD6ULBz44ODjFBAl8Dw-lCzufNTQ3OTA2MzI28wUID98AOR05uxYpNjTfAAwtAw_YBjEE5QAfN8QBVA9pDQAP5QALD4kGMgXmAA_DDwk7amMxIBo0V1JRMBoJBhSBL0dyYXBoaWMCFPAFSU09SU1fM1JiMWNaVk5SbzF4OUKaAQPtGT9pbWe6AwEuNTHIEAEUAAW6A_IHSFRNTEltYWdlX1NFVEFUVFJJQlVURUwAD7UTLo84MjY0MTY3MDALJA9UEgPAP1FfSW1wcmVzcz0x0xQ_SUQ91RAAT1FfU0lFEgWAQVNJRD1BU1-cACE2NzoVAl8bDxkVDDUmcj1FGzA2NTKkHAN_AQ8pFQQeNWkbETYUAAV_AQ_IEz6fNTc1MDIxMTI2KRU6D3QB_zEibWUSHgPMBQC-B_dGL2lkP2RfdmlzaWRfdmVyPTQuNC4wJmRfZmllbGRncm91cD1NQyZtY29yZ2lkPURCOTYzOTcyNUJEMkZDNUIwQTQ5NUM2NSU0MEFkb2JlT3JnJnRzPaICHzOiAhAtMzDuBhA1FAAPogJIjzY4MDY5MTY3JgUJDy4B_xsAFQoIlhT7F3MvcGxheWVyLzQyNDhkMzExL3d3dy13aWRnZXRhcGkudmZsc2V0FQAPHgkSTjYzNzkwAic1M6QMsGluc2VydEJlZm9yZiEFAQoPPCAkjzI5MTI2NjA2PCAJDwABWR44shMZNQABDD8JD1oIMgQGAQ-zHgoPWghcDgkCNzYzNAkCDycLOxQzTAgPbg0IH3MCAVseMjsFDwIBUg-9FQkPAgFcDkwMCgIBDw0DQgQLAg8RDi0fP2APURAmxA_3DiZsYW5nPSZjb3VudHJ5PXVuZGVmaW5lZCZjdXJyDwACHAgHEQCfb3NsPWVuLVVTug4QPjY2MY8BKDcyXxoPnAU8nzYwOTc3MjM3McoHCALTAB9zmg8KD4kBvw7JEwqJAQwYAwDKDQ8qBy0FjgEP-gsID44B4w6kHA-OAQsPswcyBY8BD_0OCPAJbHB0YWcubGl2ZXBlcnNvbi5uZXQvdGFnBAAAEBoA6xcwPTYwOykvOTUDBBA-NTcxnwgQN9ESBc8LD5YHO58yMjIxNjU1MjDYEQgP5QBAD-gEAAnlAAxfAw_RATIF7AAP7gQsDvAVAAEWL2VQ8hVVECZWAjx1cmw6LAKlBiVlbqcGEiYuBBE9MQAA1SsMMgASLCEAAeYsECyFCwMQAEB0ZXN04A6IO2VzcGFub2ygLAHzBvADZW5jeT0mbm9uTVA9ZmFsc2Umni12PSZ1dWlkPegCAlYWAowSCpIWLjgy8xcoODI5HwI8AA-SFkOfNTg4MzQ0MDYwjAoIAwsBD_gGCk9fc3NklhYTPjY3MW8LGTioDw_cBzyfMjE0MTI2MDk4bgoID-QAPQCsCAuhHgrkAA_YA0MD6gAfOdgDCKFkcG0uZGVtZGV4owUfabgRDvIBQUFNJmRfcnRiZD1qc29uJuERTzImZF_NERdwZF9uc2lkPRISwG1pZD03OTk2MzY1OHgCkDA0NDI4MjAyMosC2jE3NzI4MjMzODY1MTMDEic5MzcGD6UUBC45MyQWARQABTQGD6UUP485Mzk0MTU5M6sICA9zAcsOvwQoOTO_BA9zAUcPjwgID9ADEwyuHA--Bv8iDmMcLzk1qQ1IACYEALEGHzHyMAgP_QH_WA7KBwr9AQzmBg8dDjEFAgIPqQsIDwIC_1cAuAkL6AgPAgILD8AMMgUDAg_oCAgAxQuSY2xvdWRmbGFy4yzAY2RuLWNnaS90cmFj0RcP8hwKPTcwMPsQAhQAD00IR582MjI2NjIxNDbHJAgP2ADFA7MDCJwKAKA6EjVMJANBCgVvFBEjGTQPTCQFD3gNEC43MGMUAhQABd8BD3gNSRAy_wpPOTU5NMcGCOFjbS5ldmVyZXN0dGVjaK4LQGNtL2SxCwFeDrA3NDE4OTcyNjM5NFcakDIyNDkxNjgxMxctpzMzNTE3NTgzMzIMAQ9ZIQIuNzBZIQIUAAYJAS9tZ34ORMAwNzQ0MzY3NjF9XX0
63.34.68.24204 No Content 0 B URL HTTP/2 data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=5&c=1202&i=5bfp8m&p=regions-prod&s=15692&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTcUAPAmY2xpZW50SWQiOjEyMDIsInB1Ymxpc2hQYXRoIjoicmVnaW9ucy1wcm9kIiwiaW5zdGFuY2UvAPE0IjViZnA4bSIsInBhY2tldCI6NCwibW9kZSI6Im9ic2VydmUiLCJjb29raWVzIjp7fSwiZW52aXJvbm1lbnQiOiJSZVwAIiBQXADyBnJlcXVlc3RzIjpbeyJkZXN0aW5hdMAA8nhodHRwczovL3NpdGVpbnRlcmNlcHQucXVhbHRyaWNzLmNvbS9keGpzbW9kdWxlLzEzLjgwYjExNzQzMTEzMjNjYTVjMTVkLmNodW5rLmpzP1FfQ0xJRU5UVkVSU0lPTj0xLjgzLjAmUV9DTElFTlRUWVBFPXdlYiZRX0JSQU5ESUQ9d3d3LnIMAQBuAGAiLCJ0eXDqAPAOc2NyaXB0Iiwic3RhcnQiOjE2NzQwODE1MDU5MjHyAABZAQYUAJA4MCwic291cmM8AKBhcHBlbmRDaGlsXAHAc3RhdHVzIjoibG9hEABgcmVhc29uDwHUXSwiZGF0YVBhdHRlchIAsmxpc3QiOltdLCJpYwDPMzgxMzIyMDg1OH0sQQG0HzJBAQAXMUEBMW11dCMCEk9vAiJyQYgBD0cBMx85RwG2HzNHARwvQ0xIATgvNjBIAS5RQ29yZU3bAx8uvQMiA8UED7UDEEw2MzA1LQFHNjM2OHQCD7UDPJ85MjkyODg1MTQmAZsfNiYBDAyaAw9TAjMELQEfNS0BI3RXUlNpdGVJQQbyAkVuZ2luZS9Bc3NldC5waHA_ZALyBj1TSV85WlNmeWdqejlVbFpsQlAmVksH1D0zMiZRX09SSUdJTj2VBhp3GwYUJkYGH1ZdBgsGjgIyeGhycAMJQAZONjM3NGUBABQABUAGslhIUl9NQU5BR0VSQQAC-QRvYWxsb3dlQwYinzM2OTk1NDM5M2EB0w_sAwAnNzXsAw9hAUcP7wMkD8ICFPUDQ1JfZDZYSkFadFh3M0ZEcklwwgJFOSZRXwIDL0lE7QIBD-ICWA-BAV6vNTQxNzAyNDQ4MuICSg-BAf8sAFIFcHlvdXR1YmVtC7YvaWZyYW1lX2FwaTUFD3gLBy02OfAIRzYzODLXAw_DBzuvMjE0NTcxODEwN1MCBw_SAC0PCgYACdIAD28HQgXZAA9RDC__CDYuOTgwOGFmOGI2NTY2ODZhOThiNjQukQ0oD9QJGR03iQ1PNjQxNxECRp80MDA0MzMxNzRCDC8POAFsDuYJCjgBD3cCQgQ_AR81JAckBwkQwkZlZWRiYWNrTGlua90JD0EMTwCiCSJlbpMPAgoQPzY0MUEMR582MTU2NTMzMjUUCyQPLgFtD2MCAQguAQxjAg_jDzEFNAEPsgUID2sSFA9iAmIdNxgMCmICDDQBD30NMgU1AQ8OBi__BzEuY2E0MGZlNjdjOTJiYTM5MGU5OTIOBlYOHwg_NDM2DgZHjzUzMDAzMjU3oQMvDzgBbA-rAwAJOAEPdwJCFDQ_AQ93AggDDAjxAGJhbmsubXBlYXN5bGluazsKUG1wZWwvBQDyD19zdG9yYWdlLmh0bWw_Y21kPWdldHByZWYmaHJlZs0PkCUzQSUyRiUyRq8JA1UAAEYA8AElMkZsb2NhdG9yJTJGbWxvBgD2H29ydGdhZ2UtbG9hbi1vZmZpY2VyLW1hcnktaG9hbmctcGVhY2h0cmVlLWNpdHm4CgLMCgKvDwrwDx80pwgBABQABfAPAjwA4V9ET01BdHRyTW9kaWZp6A8FOxYP-w8nrzI3NjEwMjkyMTHGCgcDEwEPaAEKNi5qc-0AD6ULBz44ODjFBAl8Dw-lCzufNTQ3OTA2MzI28wUID98AOR05uxYpNjTfAAwtAw_YBjEE5QAfN8QBVA9pDQAP5QALD4kGMgXmAA_DDwk7amMxIBo0V1JRMBoJBhSBL0dyYXBoaWMCFPAFSU09SU1fM1JiMWNaVk5SbzF4OUKaAQPtGT9pbWe6AwEuNTHIEAEUAAW6A_IHSFRNTEltYWdlX1NFVEFUVFJJQlVURUwAD7UTLo84MjY0MTY3MDALJA9UEgPAP1FfSW1wcmVzcz0x0xQ_SUQ91RAAT1FfU0lFEgWAQVNJRD1BU1-cACE2NzoVAl8bDxkVDDUmcj1FGzA2NTKkHAN_AQ8pFQQeNWkbETYUAAV_AQ_IEz6fNTc1MDIxMTI2KRU6D3QB_zEibWUSHgPMBQC-B_dGL2lkP2RfdmlzaWRfdmVyPTQuNC4wJmRfZmllbGRncm91cD1NQyZtY29yZ2lkPURCOTYzOTcyNUJEMkZDNUIwQTQ5NUM2NSU0MEFkb2JlT3JnJnRzPaICHzOiAhAtMzDuBhA1FAAPogJIjzY4MDY5MTY3JgUJDy4B_xsAFQoIlhT7F3MvcGxheWVyLzQyNDhkMzExL3d3dy13aWRnZXRhcGkudmZsc2V0FQAPHgkSTjYzNzkwAic1M6QMsGluc2VydEJlZm9yZiEFAQoPPCAkjzI5MTI2NjA2PCAJDwABWR44shMZNQABDD8JD1oIMgQGAQ-zHgoPWghcDgkCNzYzNAkCDycLOxQzTAgPbg0IH3MCAVseMjsFDwIBUg-9FQkPAgFcDkwMCgIBDw0DQgQLAg8RDi0fP2APURAmxA_3DiZsYW5nPSZjb3VudHJ5PXVuZGVmaW5lZCZjdXJyDwACHAgHEQCfb3NsPWVuLVVTug4QPjY2MY8BKDcyXxoPnAU8nzYwOTc3MjM3McoHCALTAB9zmg8KD4kBvw7JEwqJAQwYAwDKDQ8qBy0FjgEP-gsID44B4w6kHA-OAQsPswcyBY8BD_0OCPAJbHB0YWcubGl2ZXBlcnNvbi5uZXQvdGFnBAAAEBoA6xcwPTYwOykvOTUDBBA-NTcxnwgQN9ESBc8LD5YHO58yMjIxNjU1MjDYEQgP5QBAD-gEAAnlAAxfAw_RATIF7AAP7gQsDvAVAAEWL2VQ8hVVECZWAjx1cmw6LAKlBiVlbqcGEiYuBBE9MQAA1SsMMgASLCEAAeYsECyFCwMQAEB0ZXN04A6IO2VzcGFub2ygLAHzBvADZW5jeT0mbm9uTVA9ZmFsc2Umni12PSZ1dWlkPegCAlYWAowSCpIWLjgy8xcoODI5HwI8AA-SFkOfNTg4MzQ0MDYwjAoIAwsBD_gGCk9fc3NklhYTPjY3MW8LGTioDw_cBzyfMjE0MTI2MDk4bgoID-QAPQCsCAuhHgrkAA_YA0MD6gAfOdgDCKFkcG0uZGVtZGV4owUfabgRDvIBQUFNJmRfcnRiZD1qc29uJuERTzImZF_NERdwZF9uc2lkPRISwG1pZD03OTk2MzY1OHgCkDA0NDI4MjAyMosC2jE3NzI4MjMzODY1MTMDEic5MzcGD6UUBC45MyQWARQABTQGD6UUP485Mzk0MTU5M6sICA9zAcsOvwQoOTO_BA9zAUcPjwgID9ADEwyuHA--Bv8iDmMcLzk1qQ1IACYEALEGHzHyMAgP_QH_WA7KBwr9AQzmBg8dDjEFAgIPqQsIDwIC_1cAuAkL6AgPAgILD8AMMgUDAg_oCAgAxQuSY2xvdWRmbGFy4yzAY2RuLWNnaS90cmFj0RcP8hwKPTcwMPsQAhQAD00IR582MjI2NjIxNDbHJAgP2ADFA7MDCJwKAKA6EjVMJANBCgVvFBEjGTQPTCQFD3gNEC43MGMUAhQABd8BD3gNSRAy_wpPOTU5NMcGCOFjbS5ldmVyZXN0dGVjaK4LQGNtL2SxCwFeDrA3NDE4OTcyNjM5NFcakDIyNDkxNjgxMxctpzMzNTE3NTgzMzIMAQ9ZIQIuNzBZIQIUAAYJAS9tZ34ORMAwNzQ0MzY3NjF9XX0
IP 63.34.68.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /privacy/v1/b/r.rnc?n=5&c=1202&i=5bfp8m&p=regions-prod&s=15692&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTcUAPAmY2xpZW50SWQiOjEyMDIsInB1Ymxpc2hQYXRoIjoicmVnaW9ucy1wcm9kIiwiaW5zdGFuY2UvAPE0IjViZnA4bSIsInBhY2tldCI6NCwibW9kZSI6Im9ic2VydmUiLCJjb29raWVzIjp7fSwiZW52aXJvbm1lbnQiOiJSZVwAIiBQXADyBnJlcXVlc3RzIjpbeyJkZXN0aW5hdMAA8nhodHRwczovL3NpdGVpbnRlcmNlcHQucXVhbHRyaWNzLmNvbS9keGpzbW9kdWxlLzEzLjgwYjExNzQzMTEzMjNjYTVjMTVkLmNodW5rLmpzP1FfQ0xJRU5UVkVSU0lPTj0xLjgzLjAmUV9DTElFTlRUWVBFPXdlYiZRX0JSQU5ESUQ9d3d3LnIMAQBuAGAiLCJ0eXDqAPAOc2NyaXB0Iiwic3RhcnQiOjE2NzQwODE1MDU5MjHyAABZAQYUAJA4MCwic291cmM8AKBhcHBlbmRDaGlsXAHAc3RhdHVzIjoibG9hEABgcmVhc29uDwHUXSwiZGF0YVBhdHRlchIAsmxpc3QiOltdLCJpYwDPMzgxMzIyMDg1OH0sQQG0HzJBAQAXMUEBMW11dCMCEk9vAiJyQYgBD0cBMx85RwG2HzNHARwvQ0xIATgvNjBIAS5RQ29yZU3bAx8uvQMiA8UED7UDEEw2MzA1LQFHNjM2OHQCD7UDPJ85MjkyODg1MTQmAZsfNiYBDAyaAw9TAjMELQEfNS0BI3RXUlNpdGVJQQbyAkVuZ2luZS9Bc3NldC5waHA_ZALyBj1TSV85WlNmeWdqejlVbFpsQlAmVksH1D0zMiZRX09SSUdJTj2VBhp3GwYUJkYGH1ZdBgsGjgIyeGhycAMJQAZONjM3NGUBABQABUAGslhIUl9NQU5BR0VSQQAC-QRvYWxsb3dlQwYinzM2OTk1NDM5M2EB0w_sAwAnNzXsAw9hAUcP7wMkD8ICFPUDQ1JfZDZYSkFadFh3M0ZEcklwwgJFOSZRXwIDL0lE7QIBD-ICWA-BAV6vNTQxNzAyNDQ4MuICSg-BAf8sAFIFcHlvdXR1YmVtC7YvaWZyYW1lX2FwaTUFD3gLBy02OfAIRzYzODLXAw_DBzuvMjE0NTcxODEwN1MCBw_SAC0PCgYACdIAD28HQgXZAA9RDC__CDYuOTgwOGFmOGI2NTY2ODZhOThiNjQukQ0oD9QJGR03iQ1PNjQxNxECRp80MDA0MzMxNzRCDC8POAFsDuYJCjgBD3cCQgQ_AR81JAckBwkQwkZlZWRiYWNrTGlua90JD0EMTwCiCSJlbpMPAgoQPzY0MUEMR582MTU2NTMzMjUUCyQPLgFtD2MCAQguAQxjAg_jDzEFNAEPsgUID2sSFA9iAmIdNxgMCmICDDQBD30NMgU1AQ8OBi__BzEuY2E0MGZlNjdjOTJiYTM5MGU5OTIOBlYOHwg_NDM2DgZHjzUzMDAzMjU3oQMvDzgBbA-rAwAJOAEPdwJCFDQ_AQ93AggDDAjxAGJhbmsubXBlYXN5bGluazsKUG1wZWwvBQDyD19zdG9yYWdlLmh0bWw_Y21kPWdldHByZWYmaHJlZs0PkCUzQSUyRiUyRq8JA1UAAEYA8AElMkZsb2NhdG9yJTJGbWxvBgD2H29ydGdhZ2UtbG9hbi1vZmZpY2VyLW1hcnktaG9hbmctcGVhY2h0cmVlLWNpdHm4CgLMCgKvDwrwDx80pwgBABQABfAPAjwA4V9ET01BdHRyTW9kaWZp6A8FOxYP-w8nrzI3NjEwMjkyMTHGCgcDEwEPaAEKNi5qc-0AD6ULBz44ODjFBAl8Dw-lCzufNTQ3OTA2MzI28wUID98AOR05uxYpNjTfAAwtAw_YBjEE5QAfN8QBVA9pDQAP5QALD4kGMgXmAA_DDwk7amMxIBo0V1JRMBoJBhSBL0dyYXBoaWMCFPAFSU09SU1fM1JiMWNaVk5SbzF4OUKaAQPtGT9pbWe6AwEuNTHIEAEUAAW6A_IHSFRNTEltYWdlX1NFVEFUVFJJQlVURUwAD7UTLo84MjY0MTY3MDALJA9UEgPAP1FfSW1wcmVzcz0x0xQ_SUQ91RAAT1FfU0lFEgWAQVNJRD1BU1-cACE2NzoVAl8bDxkVDDUmcj1FGzA2NTKkHAN_AQ8pFQQeNWkbETYUAAV_AQ_IEz6fNTc1MDIxMTI2KRU6D3QB_zEibWUSHgPMBQC-B_dGL2lkP2RfdmlzaWRfdmVyPTQuNC4wJmRfZmllbGRncm91cD1NQyZtY29yZ2lkPURCOTYzOTcyNUJEMkZDNUIwQTQ5NUM2NSU0MEFkb2JlT3JnJnRzPaICHzOiAhAtMzDuBhA1FAAPogJIjzY4MDY5MTY3JgUJDy4B_xsAFQoIlhT7F3MvcGxheWVyLzQyNDhkMzExL3d3dy13aWRnZXRhcGkudmZsc2V0FQAPHgkSTjYzNzkwAic1M6QMsGluc2VydEJlZm9yZiEFAQoPPCAkjzI5MTI2NjA2PCAJDwABWR44shMZNQABDD8JD1oIMgQGAQ-zHgoPWghcDgkCNzYzNAkCDycLOxQzTAgPbg0IH3MCAVseMjsFDwIBUg-9FQkPAgFcDkwMCgIBDw0DQgQLAg8RDi0fP2APURAmxA_3DiZsYW5nPSZjb3VudHJ5PXVuZGVmaW5lZCZjdXJyDwACHAgHEQCfb3NsPWVuLVVTug4QPjY2MY8BKDcyXxoPnAU8nzYwOTc3MjM3McoHCALTAB9zmg8KD4kBvw7JEwqJAQwYAwDKDQ8qBy0FjgEP-gsID44B4w6kHA-OAQsPswcyBY8BD_0OCPAJbHB0YWcubGl2ZXBlcnNvbi5uZXQvdGFnBAAAEBoA6xcwPTYwOykvOTUDBBA-NTcxnwgQN9ESBc8LD5YHO58yMjIxNjU1MjDYEQgP5QBAD-gEAAnlAAxfAw_RATIF7AAP7gQsDvAVAAEWL2VQ8hVVECZWAjx1cmw6LAKlBiVlbqcGEiYuBBE9MQAA1SsMMgASLCEAAeYsECyFCwMQAEB0ZXN04A6IO2VzcGFub2ygLAHzBvADZW5jeT0mbm9uTVA9ZmFsc2Umni12PSZ1dWlkPegCAlYWAowSCpIWLjgy8xcoODI5HwI8AA-SFkOfNTg4MzQ0MDYwjAoIAwsBD_gGCk9fc3NklhYTPjY3MW8LGTioDw_cBzyfMjE0MTI2MDk4bgoID-QAPQCsCAuhHgrkAA_YA0MD6gAfOdgDCKFkcG0uZGVtZGV4owUfabgRDvIBQUFNJmRfcnRiZD1qc29uJuERTzImZF_NERdwZF9uc2lkPRISwG1pZD03OTk2MzY1OHgCkDA0NDI4MjAyMosC2jE3NzI4MjMzODY1MTMDEic5MzcGD6UUBC45MyQWARQABTQGD6UUP485Mzk0MTU5M6sICA9zAcsOvwQoOTO_BA9zAUcPjwgID9ADEwyuHA--Bv8iDmMcLzk1qQ1IACYEALEGHzHyMAgP_QH_WA7KBwr9AQzmBg8dDjEFAgIPqQsIDwIC_1cAuAkL6AgPAgILD8AMMgUDAg_oCAgAxQuSY2xvdWRmbGFy4yzAY2RuLWNnaS90cmFj0RcP8hwKPTcwMPsQAhQAD00IR582MjI2NjIxNDbHJAgP2ADFA7MDCJwKAKA6EjVMJANBCgVvFBEjGTQPTCQFD3gNEC43MGMUAhQABd8BD3gNSRAy_wpPOTU5NMcGCOFjbS5ldmVyZXN0dGVjaK4LQGNtL2SxCwFeDrA3NDE4OTcyNjM5NFcakDIyNDkxNjgxMxctpzMzNTE3NTgzMzIMAQ9ZIQIuNzBZIQIUAAYJAS9tZ34ORMAwNzQ0MzY3NjF9XX0 HTTP/1.1
Host: data.privacy.ensighten.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 18 Jan 2023 22:38:28 GMT
expires: Wed, 18 Jan 2023 22:38:27 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 720 B IP 172.64.155.188:0
Hash 71f28d165349ecb66f8b0629f8f6f50e
a211f47dac2b5015ab395ef912cef36bcb02477d
ad876db57cddb8c537d50d75e7c57ac216bc709857f856669a44ec384e225ebc
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 22:38:28 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 16 Jan 2023 23:37:45 GMT
Expires: Mon, 23 Jan 2023 23:37:44 GMT
Etag: "ff7e84bf7c6697e400ea88b728e45b397654b083"
Cache-Control: max-age=434955,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78bad2349d7c0b3d-OSL
siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.83.0&Q_CLIENTTYPE=web&Q_BRANDID=regions
104.17.208.240200 OK 0 B URL HTTP/2 siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.83.0&Q_CLIENTTYPE=web&Q_BRANDID=regions
IP 104.17.208.240:0
GET /dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.83.0&Q_CLIENTTYPE=web&Q_BRANDID=regions HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 18 Jan 2023 22:38:26 GMT
content-type: application/javascript
cf-ray: 78bad227cd8fb4ff-OSL
access-control-allow-origin: *
age: 68195
cache-control: public, max-age=604800, s-maxage=604800
etag: W/"19ba5-185c14f8808"
last-modified: Tue, 17 Jan 2023 19:58:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=105381
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/surveylogicinstance.min.js?version=10.23.0.0-release_5549
178.249.97.98200 OK 0 B URL HTTP/2 lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/surveylogicinstance.min.js?version=10.23.0.0-release_5549
IP 178.249.97.98:0
GET /le_unified_window/10.23.0.0-release_5549/surveylogicinstance.min.js?version=10.23.0.0-release_5549 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 22:38:27 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 22:03:25 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Thu, 18 Jan 2024 22:38:27 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
insight.adsrvr.org/track/up?adv=pkkjyal&ref=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&upid=xzxny28&upv=1.1.0
35.71.131.137200 OK 0 B URL HTTP/2 insight.adsrvr.org/track/up?adv=pkkjyal&ref=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&upid=xzxny28&upv=1.1.0
IP 35.71.131.137:0
GET /track/up?adv=pkkjyal&ref=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&upid=xzxny28&upv=1.1.0 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 22:38:26 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
siteintercept.qualtrics.com/dxjsmodule/FeedbackLinkModule.js?Q_CLIENTVERSION=1.83.0&Q_CLIENTTYPE=web&Q_BRANDID=regions
104.17.208.240200 OK 0 B URL HTTP/2 siteintercept.qualtrics.com/dxjsmodule/FeedbackLinkModule.js?Q_CLIENTVERSION=1.83.0&Q_CLIENTTYPE=web&Q_BRANDID=regions
IP 104.17.208.240:0
GET /dxjsmodule/FeedbackLinkModule.js?Q_CLIENTVERSION=1.83.0&Q_CLIENTTYPE=web&Q_BRANDID=regions HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 18 Jan 2023 22:38:26 GMT
content-type: application/javascript
cf-ray: 78bad2284e16b4ff-OSL
access-control-allow-origin: *
age: 61505
cache-control: public, max-age=604800, s-maxage=604800
etag: W/"de0-185c14f8808"
last-modified: Tue, 17 Jan 2023 19:58:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=3552
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
accdn.lpsnmedia.net/api/account/60208595/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
178.249.101.99200 OK 0 B URL HTTP/2 accdn.lpsnmedia.net/api/account/60208595/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
IP 178.249.101.99:0
GET /api/account/60208595/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 22:38:27 GMT
content-type: application/javascript
set-cookie: ADRUM_BTa=R:24|g:9765d170-6237-40f7-87fb-b53c1ed3f052; Max-Age=30; Expires=Wed, 18-Jan-2023 22:38:57 GMT; Path=/
ADRUM_BTa=R:24|g:9765d170-6237-40f7-87fb-b53c1ed3f052|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Wed, 18-Jan-2023 22:38:57 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Wed, 18-Jan-2023 22:38:57 GMT; Path=/; Secure
ADRUM_BT1=R:24|i:2241585; Max-Age=30; Expires=Wed, 18-Jan-2023 22:38:57 GMT; Path=/
ADRUM_BT1=R:24|i:2241585|e:14; Max-Age=30; Expires=Wed, 18-Jan-2023 22:38:57 GMT; Path=/
vary: Accept
expires: Wed, 18 Jan 2023 22:39:27 GMT
x-envoy-upstream-service-time: 2
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: EXPIRED
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/lpChatV3.min.js?version=10.23.0.0-release_5549
178.249.97.98200 OK 0 B URL HTTP/2 lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/lpChatV3.min.js?version=10.23.0.0-release_5549
IP 178.249.97.98:0
GET /le_unified_window/10.23.0.0-release_5549/lpChatV3.min.js?version=10.23.0.0-release_5549 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 22:38:27 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 22:03:25 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Thu, 18 Jan 2024 22:38:27 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
zn2tbnxzsysy6zef7-regions.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_2tbnXZsYSY6ZeF7&Q_LOC=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&t=1674081505701
104.17.208.240200 OK 0 B URL HTTP/2 zn2tbnxzsysy6zef7-regions.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_2tbnXZsYSY6ZeF7&Q_LOC=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&t=1674081505701
IP 104.17.208.240:0
GET /WRSiteInterceptEngine/?Q_ZID=ZN_2tbnXZsYSY6ZeF7&Q_LOC=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city&t=1674081505701 HTTP/1.1
Host: zn2tbnxzsysy6zef7-regions.siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 22:38:26 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 78bad2250a34b4ff-OSL
access-control-allow-origin: *
age: 70907
cache-control: public, max-age=3600, s-maxage=604800
etag: W/"2127-JLLMm3HT1Szx1UqGDx03PG5vdw4"
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=8487
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
nexus.ensighten.com/regions/regions-prod/code/9f03a3e7937c053896a68223b73487e8.js?conditionId0=423026
54.230.111.35200 OK 0 B URL HTTP/2 nexus.ensighten.com/regions/regions-prod/code/9f03a3e7937c053896a68223b73487e8.js?conditionId0=423026
IP 54.230.111.35:0
GET /regions/regions-prod/code/9f03a3e7937c053896a68223b73487e8.js?conditionId0=423026 HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Mon, 12 Dec 2022 19:16:36 GMT
x-amz-replication-status: COMPLETED
last-modified: Mon, 12 Dec 2022 19:12:14 GMT
etag: W/"c38a168205b786ced0ff4666c6cb5d2d"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: ckGiZof7hApqWyJn03Bcz3vtKX0VBTkZ
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cWo5Ahg_iQUqpOxi-dt8GDyrmZHHvFHkwLtYWZBlNcXh2aJTl5lRuA==
age: 3208908
X-Firefox-Spdy: h2
siteintercept.qualtrics.com/dxjsmodule/13.80b1174311323ca5c15d.chunk.js?Q_CLIENTVERSION=1.83.0&Q_CLIENTTYPE=web&Q_BRANDID=www.regions.com
104.17.208.240200 OK 0 B URL HTTP/2 siteintercept.qualtrics.com/dxjsmodule/13.80b1174311323ca5c15d.chunk.js?Q_CLIENTVERSION=1.83.0&Q_CLIENTTYPE=web&Q_BRANDID=www.regions.com
IP 104.17.208.240:0
GET /dxjsmodule/13.80b1174311323ca5c15d.chunk.js?Q_CLIENTVERSION=1.83.0&Q_CLIENTTYPE=web&Q_BRANDID=www.regions.com HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 18 Jan 2023 22:38:26 GMT
content-type: application/javascript
cf-ray: 78bad2255ab2b4ff-OSL
access-control-allow-origin: *
age: 68196
cache-control: public, max-age=604800, s-maxage=604800
etag: W/"fcba-185c14f8808"
last-modified: Tue, 17 Jan 2023 19:58:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=64698
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/UMSClientAPI.min.js?version=10.23.0.0-release_5549
178.249.97.98200 OK 0 B URL HTTP/2 lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/UMSClientAPI.min.js?version=10.23.0.0-release_5549
IP 178.249.97.98:0
GET /le_unified_window/10.23.0.0-release_5549/UMSClientAPI.min.js?version=10.23.0.0-release_5549 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 22:38:27 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 22:03:24 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Thu, 18 Jan 2024 22:38:27 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
regionsbank.mpeasylink.com/mpel/mpel_storage.html?cmd=getpref&href=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city
44.197.47.122200 OK 0 B URL HTTP/2 regionsbank.mpeasylink.com/mpel/mpel_storage.html?cmd=getpref&href=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city
IP 44.197.47.122:0
Analyzer Verdict Alert quad9 Sinkholed
GET /mpel/mpel_storage.html?cmd=getpref&href=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-mary-hoang-peachtree-city HTTP/1.1
Host: regionsbank.mpeasylink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 22:38:26 GMT
content-type: text/html
accept-ranges: bytes
etag: W/"2762-1664222686000"
last-modified: Mon, 26 Sep 2022 20:04:46 GMT
vary: accept-encoding
content-encoding: gzip
X-Firefox-Spdy: h2
regionsbank.mpeasylink.com/mpel/mpel.js
44.197.47.122200 OK 0 B URL HTTP/2 regionsbank.mpeasylink.com/mpel/mpel.js
IP 44.197.47.122:0
Analyzer Verdict Alert quad9 Sinkholed
GET /mpel/mpel.js HTTP/1.1
Host: regionsbank.mpeasylink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 22:38:26 GMT
content-type: application/javascript
accept-ranges: bytes
etag: W/"5096-1664222686000"
last-modified: Mon, 26 Sep 2022 20:04:46 GMT
cache-control: max-age=86400
expires: Thu, 19 Jan 2023 22:38:26 GMT
vary: accept-encoding
content-encoding: gzip
X-Firefox-Spdy: h2
siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_d6XJAZtXw3FDrIp&Q_SIID=SI_9ZSfygjz9UlZlBP&Q_ASID=AS_41676732&Q_CLIENTVERSION=1.83.0&Q_CLIENTTYPE=web&r=1674081506520
104.17.208.240200 OK 0 B URL HTTP/2 siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_d6XJAZtXw3FDrIp&Q_SIID=SI_9ZSfygjz9UlZlBP&Q_ASID=AS_41676732&Q_CLIENTVERSION=1.83.0&Q_CLIENTTYPE=web&r=1674081506520
IP 104.17.208.240:0
POST /WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_d6XJAZtXw3FDrIp&Q_SIID=SI_9ZSfygjz9UlZlBP&Q_ASID=AS_41676732&Q_CLIENTVERSION=1.83.0&Q_CLIENTTYPE=web&r=1674081506520 HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 82
Origin: https://www.regions.com
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 18 Jan 2023 22:38:27 GMT
content-type: text/plain; charset=UTF-8
cf-ray: 78bad22a58f3b4ff-OSL
access-control-allow-origin: https://www.regions.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
trace-id: f8efc4808677065a
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/desktopEmbedded.js?version=10.23.0.0-release_5549
178.249.97.98200 OK 0 B URL HTTP/2 lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/desktopEmbedded.js?version=10.23.0.0-release_5549
IP 178.249.97.98:0
GET /le_unified_window/10.23.0.0-release_5549/desktopEmbedded.js?version=10.23.0.0-release_5549 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 18 Jan 2023 22:38:27 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 22:03:25 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Thu, 18 Jan 2024 22:38:27 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
www.regionsmortgage.com/maryhoang
205.255.102.40301 Moved permanently 0 B URL HTTP/1.1 www.regionsmortgage.com/maryhoang
IP 205.255.102.40:0
GET /maryhoang HTTP/1.1
Host: www.regionsmortgage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved permanently
Location: https://www.regionsmortgage.com/maryhoang
Connection: close
Cache-Control: no-cache
Pragma: no-cache
regionsbank.mpeasylink.com/mpel/mpel_ssd.js
44.197.47.122200 OK 0 B URL HTTP/2 regionsbank.mpeasylink.com/mpel/mpel_ssd.js
IP 44.197.47.122:0
Analyzer Verdict Alert quad9 Sinkholed
GET /mpel/mpel_ssd.js HTTP/1.1
Host: regionsbank.mpeasylink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 22:38:26 GMT
content-type: application/javascript
accept-ranges: bytes
etag: W/"3276-1664222686000"
last-modified: Mon, 26 Sep 2022 20:04:46 GMT
cache-control: max-age=86400
expires: Thu, 19 Jan 2023 22:38:26 GMT
vary: accept-encoding
content-encoding: gzip
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/storage.secure.min.html?loc=https%3A%2F%2Fwww.regions.com&site=60208595&env=prod
178.249.97.98200 OK 0 B URL HTTP/2 lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/storage.secure.min.html?loc=https%3A%2F%2Fwww.regions.com&site=60208595&env=prod
IP 178.249.97.98:0
GET /le_secure_storage/3.19.0.0-release_5079/storage.secure.min.html?loc=https%3A%2F%2Fwww.regions.com&site=60208595&env=prod HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 18 Jan 2023 22:38:27 GMT
content-type: text/html
last-modified: Thu, 03 Nov 2022 22:00:32 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Thu, 18 Jan 2024 22:38:27 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2