firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 804f8bbb7f556d51a5f52d5ebd5b6eef
922cd7e06df278615a04abb81d811d14596c8180
ef4804d381a34ab67873a7755621081c49c646310e085a9b2356ae07098f6021
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Length, Backoff, Retry-After, Content-Type
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 21 Sep 2022 20:13:43 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: uYS-RiYML_BlNJmxbZm5tkLL1BmyzHVZD5rF9USHgAw0PzijbQg-6Q==
Age: 3220
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7374
Expires: Wed, 21 Sep 2022 23:10:18 GMT
Date: Wed, 21 Sep 2022 21:07:24 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 21 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZNa0OQ7UCy9EvWWFO9TyD1d4u2CgjmWvuNj4VTJ-9mrhMuwH4ZYdww==
age: 59531
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 21:07:24 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.usertrust.com/
172.64.155.188200 OK 2.2 kB IP 172.64.155.188:0
Hash 2c4f80099702bca09e880eb8b215916a
3f02d51cb154d7c8e5b8bdd064d8a0e14214be46
45dc6d75badbef75d483e2d6048c6f5aa165b05f1b0c519725a38b9f58a9b3ea
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:07:24 GMT
Content-Type: application/ocsp-response
Content-Length: 2236
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 10:12:16 GMT
Expires: Wed, 28 Sep 2022 10:12:15 GMT
Etag: "3f02d51cb154d7c8e5b8bdd064d8a0e14214be46"
Cache-Control: max-age=603858,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 541
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e5c52dce6ab50b-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 21 Sep 2022 21:03:22 GMT
Expires: Wed, 21 Sep 2022 21:55:43 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: kOfiH5fnNjNUZ1-llAobmagQL3fN1xUR_3FFmZI1HjEgVkw1_hEGpw==
Age: 242
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ff6d50919e56aed75c47feb45ee2f2ec
98f558a4b2d4f3c271abc93d0b74ece4ad7a59ef
b1b6f0e78b5a1e2092cba6d71d0d5a918066c0486176cef0a19f51e2d5a9962e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4735
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:07:24 GMT
Last-Modified: Wed, 21 Sep 2022 19:48:29 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash f37313bbe7cf7c7c6e5334d8868de02f
7c74398e975238168960fae88b4d8f7dc9184a29
1daa2ed3034aaa6cc95c9529883a6a3d03880c6f33a1c0b3b1fbaaefd586e449
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:07:24 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 19 Sep 2022 21:57:50 GMT
Expires: Mon, 26 Sep 2022 21:57:49 GMT
Etag: "7c74398e975238168960fae88b4d8f7dc9184a29"
Cache-Control: max-age=434424,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74e5c52e1c8eb518-OSL
push.services.mozilla.com/
54.186.209.73101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.186.209.73:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TMcvbcSNdbYQWNcb+nyvpg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 1ATCkmj+oT/Or4bxZujPrfIjYv4=
ocsp.usertrust.com/
172.64.155.188200 OK 2.2 kB IP 172.64.155.188:0
Hash 2c4f80099702bca09e880eb8b215916a
3f02d51cb154d7c8e5b8bdd064d8a0e14214be46
45dc6d75badbef75d483e2d6048c6f5aa165b05f1b0c519725a38b9f58a9b3ea
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:07:25 GMT
Content-Type: application/ocsp-response
Content-Length: 2236
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 10:12:16 GMT
Expires: Wed, 28 Sep 2022 10:12:15 GMT
Etag: "3f02d51cb154d7c8e5b8bdd064d8a0e14214be46"
Cache-Control: max-age=603858,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 542
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e5c5336caab50b-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 68d048a7bfbb69bf3b262014644bebb9
ec351a3789f39facc164af4ed9068f0649e14461
e9c5b864add4d5518c97aa2445949154f481677d988b211e435a0034459d8cbb
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:07:25 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 17:23:29 GMT
Expires: Tue, 27 Sep 2022 17:23:28 GMT
Etag: "ec351a3789f39facc164af4ed9068f0649e14461"
Cache-Control: max-age=504362,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74e5c5337a66b518-OSL
www.regions.com/MLO/matthewlewis
205.255.103.100301 Moved Permanently 0 B URL HTTP/1.1 www.regions.com/MLO/matthewlewis
IP 205.255.103.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /MLO/matthewlewis HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Location: /locator/mlo/mortgage-loan-officer-Matthew-Lewis-Little-Rock
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Date: Wed, 21 Sep 2022 21:07:25 GMT
Content-Length: 0
Set-Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660;path=/;httponly
Strict-Transport-Security: max-age=157680000
www.regions.com/locator/mlo/mortgage-loan-officer-Matthew-Lewis-Little-Rock
205.255.103.100302 Found 199 B URL HTTP/1.1 www.regions.com/locator/mlo/mortgage-loan-officer-Matthew-Lewis-Little-Rock
IP 205.255.103.100:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash eea3b348cb68efa39d89f832fb0a2c52
b4ec7deb5de4be54e21a75aa6ba5a78b1f8d4e30
4cf30744faaf9cc8ad96cbfcc00d62ffe5425733e1135bcc1a408a75f048c9cd
GET /locator/mlo/mortgage-loan-officer-Matthew-Lewis-Little-Rock HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Location: http://www.regions.com/locator/mlo/mortgage-loan-officer-matthew-lewis-little-rock
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Date: Wed, 21 Sep 2022 21:07:25 GMT
Content-Length: 199
Strict-Transport-Security: max-age=157680000
www.regions.com/locator/mlo/mortgage-loan-officer-matthew-lewis-little-rock
205.255.103.100200 OK 18 kB URL HTTP/1.1 www.regions.com/locator/mlo/mortgage-loan-officer-matthew-lewis-little-rock
IP 205.255.103.100:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (415), with CRLF line terminators
Hash 34b2ea8a9ce165f0113bb707c5813d5b
1e9c8f8f6786870e33a6451befce10224bbd0c43
04698c8c6137efcdbb83a2c277d74562f1681d19e6d635bedd213f2e65b2d36d
GET /locator/mlo/mortgage-loan-officer-matthew-lewis-little-rock HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: br
Vary: Accept-Encoding
Set-Cookie: ASP.NET_SessionId=zblx5nihrvgab5wmmnybpymg; path=/; HttpOnly; SameSite=Lax
SC_ANALYTICS_GLOBAL_COOKIE=d436bf3b696f49b1bde9deedb0af3e5d|False; expires=Sat, 18-Sep-2032 21:07:25 GMT; path=/; HttpOnly
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Date: Wed, 21 Sep 2022 21:07:25 GMT
Content-Length: 18325
Strict-Transport-Security: max-age=157680000
www.regionsmortgage.com/matthewlewis
205.255.102.40302 Found : Moved Temporarily 127 kB URL HTTP/1.1 www.regionsmortgage.com/matthewlewis
IP 205.255.102.40:0
File type OpenPGP Public Key\012- data
Size 127 kB (126702 bytes)
Hash da3cd2f86ca8b7d05327fafd460aced4
ec18661d3be7932a10391760a81b5fbab6e160a7
e371192f0e3e490d2154ae5ea94f4fd2d8223779d7356944933f1d49cd652482
GET /matthewlewis HTTP/1.1
Host: www.regionsmortgage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found : Moved Temporarily
Location: https://www.regions.com/MLO/matthewlewis
Connection: close
Cache-Control: no-cache
Pragma: no-cache
www.regions.com/rdcresources/content/fonts/source-sans-pro-regular-webfont.woff2
205.255.103.100200 OK 13 kB URL HTTP/1.1 www.regions.com/rdcresources/content/fonts/source-sans-pro-regular-webfont.woff2
IP 205.255.103.100:0
File type Web Open Font Format (Version 2), TrueType, length 13080, version 1.0\012- data
Hash 834648c5f6f2f73c3df33def9348d879
7385e4868c41fb1e4ba48503a16235ddb8cd8a6c
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
GET /rdcresources/content/fonts/source-sans-pro-regular-webfont.woff2 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-matthew-lewis-little-rock
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=zblx5nihrvgab5wmmnybpymg; SC_ANALYTICS_GLOBAL_COOKIE=d436bf3b696f49b1bde9deedb0af3e5d|False
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 529100
Date: Thu, 15 Sep 2022 18:09:05 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "30d1f2609ab8d81:0"
Content-Type: font/woff2
Last-Modified: Thu, 25 Aug 2022 15:50:19 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 13080
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/fonts/source-sans-pro-300-webfont.woff2
205.255.103.100200 OK 13 kB URL HTTP/1.1 www.regions.com/rdcresources/content/fonts/source-sans-pro-300-webfont.woff2
IP 205.255.103.100:0
File type Web Open Font Format (Version 2), TrueType, length 12936, version 1.0\012- data
Hash 6d4b2348a4f8f255a2bfd1ab35e30618
72a7e20b49379ccab237d004a3506e22b3b7934b
0d14a3a656216743eb1e133b5af93d6eaa98c6260b411a01894323e62166f80f
GET /rdcresources/content/fonts/source-sans-pro-300-webfont.woff2 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-matthew-lewis-little-rock
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=zblx5nihrvgab5wmmnybpymg; SC_ANALYTICS_GLOBAL_COOKIE=d436bf3b696f49b1bde9deedb0af3e5d|False
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 529100
Date: Thu, 15 Sep 2022 18:09:05 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "9015e5609ab8d81:0"
Content-Type: font/woff2
Last-Modified: Thu, 25 Aug 2022 15:50:19 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 12936
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/fonts/source-sans-pro-600-webfont.woff2
205.255.103.100200 OK 13 kB URL HTTP/1.1 www.regions.com/rdcresources/content/fonts/source-sans-pro-600-webfont.woff2
IP 205.255.103.100:0
File type Web Open Font Format (Version 2), TrueType, length 13072, version 1.0\012- data
Hash 595d5c1e2d877c3a50a77158e977ede4
0564953f05d57246c240796c5ba2bbec8c8ba93c
72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652
GET /rdcresources/content/fonts/source-sans-pro-600-webfont.woff2 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-matthew-lewis-little-rock
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=zblx5nihrvgab5wmmnybpymg; SC_ANALYTICS_GLOBAL_COOKIE=d436bf3b696f49b1bde9deedb0af3e5d|False
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 529100
Date: Thu, 15 Sep 2022 18:09:05 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "805fe7609ab8d81:0"
Content-Type: font/woff2
Last-Modified: Thu, 25 Aug 2022 15:50:19 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 13072
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/fonts/source-sans-pro-300italic-webfont.woff2
205.255.103.100200 OK 13 kB URL HTTP/1.1 www.regions.com/rdcresources/content/fonts/source-sans-pro-300italic-webfont.woff2
IP 205.255.103.100:0
File type Web Open Font Format (Version 2), TrueType, length 12592, version 1.0\012- data
Hash 48e38952d86d1b849b4e7e79c109a116
d8c9466e811876438d3e1d900943e3fa3d9625c1
0007bd27c6755494aa1b4fdebf9f019db02b59e5f02222148e136c75ccef026e
GET /rdcresources/content/fonts/source-sans-pro-300italic-webfont.woff2 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-matthew-lewis-little-rock
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=zblx5nihrvgab5wmmnybpymg; SC_ANALYTICS_GLOBAL_COOKIE=d436bf3b696f49b1bde9deedb0af3e5d|False
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 504073
Date: Fri, 16 Sep 2022 01:06:13 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "307eeb609ab8d81:0"
Content-Type: font/woff2
Last-Modified: Thu, 25 Aug 2022 15:50:19 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 12592
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/fonts/source-sans-pro-italic-webfont.woff2
205.255.103.100200 OK 13 kB URL HTTP/1.1 www.regions.com/rdcresources/content/fonts/source-sans-pro-italic-webfont.woff2
IP 205.255.103.100:0
File type Web Open Font Format (Version 2), TrueType, length 12580, version 1.0\012- data
Hash 0408305af8e45ff50aa09d3d3732fc01
3ff33e34998c68f480305e1d91adcd1ed8a2a7ee
6b49f18370ab654be0367fb969d5015649fdf5406bcbec33e5b0644f4bb7fe0a
GET /rdcresources/content/fonts/source-sans-pro-italic-webfont.woff2 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-matthew-lewis-little-rock
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=zblx5nihrvgab5wmmnybpymg; SC_ANALYTICS_GLOBAL_COOKIE=d436bf3b696f49b1bde9deedb0af3e5d|False
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 529100
Date: Thu, 15 Sep 2022 18:09:05 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "508e2609ab8d81:0"
Content-Type: font/woff2
Last-Modified: Thu, 25 Aug 2022 15:50:19 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 12580
Strict-Transport-Security: max-age=157680000
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7510
Expires: Wed, 21 Sep 2022 23:12:36 GMT
Date: Wed, 21 Sep 2022 21:07:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7510
Expires: Wed, 21 Sep 2022 23:12:36 GMT
Date: Wed, 21 Sep 2022 21:07:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7510
Expires: Wed, 21 Sep 2022 23:12:36 GMT
Date: Wed, 21 Sep 2022 21:07:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7510
Expires: Wed, 21 Sep 2022 23:12:36 GMT
Date: Wed, 21 Sep 2022 21:07:26 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2ed7323b395e757f7766ea0045efdaca
8b91bc3069a3217bc719c27959d578b353b5d9dc
8daf8cb1464daa5f72bc4f1049adb4aba00b2c2dec11cb3ade3454ec2ebbfb63
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11832
x-amzn-requestid: 75065a71-5f2d-4987-915b-9bddc772c76a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI_EsLIAMFdmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-1248d25405209da3353d4a4a;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gLh2EBTPdXvFtZuYKH1NVZebvnz4Rhs-f_rZPtfJpIWNemEk0upeOQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:07:08 GMT
age: 82818
etag: "8b91bc3069a3217bc719c27959d578b353b5d9dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a692964324dbb9c460a1b855808d02e6
1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54
3fa9e780d62fffb635064aeed542c8e04923ff943c6080476836fab6c24e2426
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9201
x-amzn-requestid: 6dbfae76-f9ab-4f31-9b62-bcf5d9ce4515
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YxzxlEYcoAMFaQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a333d-7d147481402cc46a751b72ed;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:40:13 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JEb0g486u6AjYFbf8rSbreKjh0m1GsAGbvykHl0oahmVN2ciqe5FOw==
via: 1.1 7dcaa43cd0535d889b549e6a30a57aa0.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:14:57 GMT
etag: "1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54"
content-type: image/jpeg
age: 82349
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14e6ddceb639a5f4875aecb796f95c79
b1cd04a66852694284eeef16a1cde38896e33c03
4c0657a00d7fb4caefa64c28340cad94a306cc393cffe692fcc69c65a80f2391
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10244
x-amzn-requestid: 71f08b9e-e977-48de-ad60-5192a43db517
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYwBkGqjIAMFz0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202d3d-0af3334d085ca4a764e31bb5;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7FaZfI_iYUANPdxGBld5NfneWwKJeX2nYA_gmvF9NjML5YOVhZIIoA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 19:20:13 GMT
age: 6433
etag: "b1cd04a66852694284eeef16a1cde38896e33c03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6b35a1c-f445-4b05-b56e-ce2ad0ef2a9a.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6b35a1c-f445-4b05-b56e-ce2ad0ef2a9a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8bae3a7a80ff40df1d701dfc925ddeff
91df60162a8322469cada0dd8eb93619f28aec1a
fab10c7ad4658bc191621d9f2042236a7b6e34448ce5215dde5b8d6a64b52952
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6b35a1c-f445-4b05-b56e-ce2ad0ef2a9a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6897
x-amzn-requestid: 509dc368-dd1c-4be7-94ff-64dbd53c199f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YoqoRG2WIAMFw6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63268b01-1cb916c251fd5f2f3cf10435;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 03:05:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: vs0CTuiAdjRtfJD9qX9S5R07Hw6BWfiOAT50GwTdiSETdoqr2FNsyw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 04:14:25 GMT
age: 60781
etag: "91df60162a8322469cada0dd8eb93619f28aec1a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc349860f-d61d-42ea-8638-7ebcefe23e00.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc349860f-d61d-42ea-8638-7ebcefe23e00.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1976af26c5d4a671c8298bffafc90ce3
9b17ad091f936a8dd50126ce9ad5f9a7fd7d55f8
2349b9e1233d43cf8d0ff273f8bf6147dda00314fd631a81cb278ce0b8e32684
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc349860f-d61d-42ea-8638-7ebcefe23e00.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12545
x-amzn-requestid: 6720348a-0245-486b-a978-2df18eb4bd43
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yl7YKHayIAMFo1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6325729a-2601f775219651777cba839c;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 07:09:14 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NdQpOGtyA7AxpmkvFf3K3IrkgSku9QQzQ4BvpoRfTv16Kj1Gr6n7oA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 07:34:13 GMT
age: 48793
etag: "9b17ad091f936a8dd50126ce9ad5f9a7fd7d55f8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dab1f2cd68979d2004ba4449d759a341
54ed14436a75ba2aeb8459bad2ce70229aff4203
e782fb5ede547e1b167719068c6821c62414dcb0991bf9ac38285cb3ce8894e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10038
x-amzn-requestid: 4cf38a70-a706-4e6a-b854-9404727c599d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yxy1mHDCIAMF5-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a31bd-5aba5b0640221b302a19781b;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:33:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NzOpixfxr2pFiDhF5WUGmjD8r2CTn1grSkCEyWvthxRq0djbDKjknA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:15:05 GMT
age: 82341
etag: "54ed14436a75ba2aeb8459bad2ce70229aff4203"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.regions.com/rdcresources/content/fonts/droidserif-regular-webfont.woff2
205.255.103.100200 OK 25 kB URL HTTP/1.1 www.regions.com/rdcresources/content/fonts/droidserif-regular-webfont.woff2
IP 205.255.103.100:0
File type Web Open Font Format (Version 2), TrueType, length 25180, version 1.0\012- data
Hash ed97ad0179a7e320488aabe236a03029
4d605ccfe533eb243f6c3ca403785960d8b5cff9
3913c00225825b9de4b6f6f292d6222b4328c5e8ae85bbe7c8929660ab0f8dee
GET /rdcresources/content/fonts/droidserif-regular-webfont.woff2 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-matthew-lewis-little-rock
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=zblx5nihrvgab5wmmnybpymg; SC_ANALYTICS_GLOBAL_COOKIE=d436bf3b696f49b1bde9deedb0af3e5d|False
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 504073
Date: Fri, 16 Sep 2022 01:06:13 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "309ce6609ab8d81:0"
Content-Type: font/woff2
Last-Modified: Thu, 25 Aug 2022 15:50:19 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 25180
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/fonts/droidserif-italic-webfont.woff2
205.255.103.100200 OK 23 kB URL HTTP/1.1 www.regions.com/rdcresources/content/fonts/droidserif-italic-webfont.woff2
IP 205.255.103.100:0
File type Web Open Font Format (Version 2), TrueType, length 22988, version 1.0\012- data
Hash fe84712f81388dfad5f48e4de801ec44
1c3e195be8306df1edc70d4abfa9270876093640
98213150300a378382c71ad9eff1538120dd8f9f29780c475feead2add55d80d
GET /rdcresources/content/fonts/droidserif-italic-webfont.woff2 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-matthew-lewis-little-rock
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=zblx5nihrvgab5wmmnybpymg; SC_ANALYTICS_GLOBAL_COOKIE=d436bf3b696f49b1bde9deedb0af3e5d|False
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 509864
Date: Thu, 15 Sep 2022 23:29:42 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "b098f1609ab8d81:0"
Content-Type: font/woff2
Last-Modified: Thu, 25 Aug 2022 15:50:19 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 22988
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/fonts/droidserif-bold-webfont.woff2
205.255.103.100200 OK 28 kB URL HTTP/1.1 www.regions.com/rdcresources/content/fonts/droidserif-bold-webfont.woff2
IP 205.255.103.100:0
File type Web Open Font Format (Version 2), TrueType, length 28520, version 1.0\012- data
Hash 4a80ddcba4cef2129dec8753762ac8f1
44f352414c76a8f84c27d6240fa3634fd248f4fa
1fa9dc815c95ac07bd2badeacc086f16ea92051db9818ca26c2f7bf048ae8b40
GET /rdcresources/content/fonts/droidserif-bold-webfont.woff2 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-matthew-lewis-little-rock
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=zblx5nihrvgab5wmmnybpymg; SC_ANALYTICS_GLOBAL_COOKIE=d436bf3b696f49b1bde9deedb0af3e5d|False
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 504073
Date: Fri, 16 Sep 2022 01:06:13 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "c0fbe7609ab8d81:0"
Content-Type: font/woff2
Last-Modified: Thu, 25 Aug 2022 15:50:19 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 28520
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/media/img/regions-logo-no-r.svg
205.255.103.100200 OK 2.2 kB URL HTTP/1.1 www.regions.com/rdcresources/content/media/img/regions-logo-no-r.svg
IP 205.255.103.100:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1024)
Hash a1f74587948b0dd3ba17bc85e8e17cf8
73c00bb48f58bc146754ff1e38e82367e62b623c
54d76bbd9a1b94ddf025374da0c8f6072f47c4b83305fa54773b348d99f2b184
GET /rdcresources/content/media/img/regions-logo-no-r.svg HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-matthew-lewis-little-rock
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=zblx5nihrvgab5wmmnybpymg; SC_ANALYTICS_GLOBAL_COOKIE=d436bf3b696f49b1bde9deedb0af3e5d|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 534950
Date: Thu, 15 Sep 2022 16:31:35 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "70af715f9ab8d81:0"
Content-Type: image/svg+xml
Content-Encoding: br
Last-Modified: Thu, 25 Aug 2022 15:50:17 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 2183
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/Logo/Desktop/header-logo-desktop-regions-standard.svg?revision=5073573a-233c-4471-a6dc-112e6b2cc767
205.255.103.100200 OK 2.8 kB URL HTTP/1.1 www.regions.com/-/media/Images/Logo/Desktop/header-logo-desktop-regions-standard.svg?revision=5073573a-233c-4471-a6dc-112e6b2cc767
IP 205.255.103.100:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1307)
Hash d58bee0aa7945d823a1107e530c1b91c
9030ba67d5b1bfbee85569b75f72e6a6c8de52af
7f9fe1eefa9793fa369be97036bb01cc78d3fad97d30579ac51d5a98d60cd36f
GET /-/media/Images/Logo/Desktop/header-logo-desktop-regions-standard.svg?revision=5073573a-233c-4471-a6dc-112e6b2cc767 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-matthew-lewis-little-rock
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=zblx5nihrvgab5wmmnybpymg; SC_ANALYTICS_GLOBAL_COOKIE=d436bf3b696f49b1bde9deedb0af3e5d|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 534950
Date: Thu, 15 Sep 2022 16:31:35 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 2587ba95fc7a4fcfacd83d243f8c881d
Content-Type: image/svg+xml
Content-Encoding: br
Last-Modified: Fri, 03 Apr 2020 23:05:47 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Disposition: inline; filename="header-logo-desktop-regions-standard.svg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 2771
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/1px.gif
205.255.103.100200 OK 119 B URL HTTP/1.1 www.regions.com/-/media/Images/1px.gif
IP 205.255.103.100:0
File type PNG image data, 1 x 1, 8-bit/color RGB, non-interlaced\012- data
Hash ce21cbdd9b894e6af794813eb3fdaf60
d324efa2b5648eaca4a376c87a01808eb63cc18f
603506996b902b8797cbc1dc4bf350440caad5c59feb97c39344fd7648403b5d
GET /-/media/Images/1px.gif HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-matthew-lewis-little-rock
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=zblx5nihrvgab5wmmnybpymg; SC_ANALYTICS_GLOBAL_COOKIE=d436bf3b696f49b1bde9deedb0af3e5d|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 534889
Date: Thu, 15 Sep 2022 16:32:36 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: abb54fb4cab64b92b52e12f5fa9df56a
Content-Type: image/png
Last-Modified: Fri, 11 Feb 2022 18:54:06 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="1px.png"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 119
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/WebSiteImages/avatar-branch.png?revision=04722475-1946-4ca4-8a8b-d8ca60b1b2e4
205.255.103.100200 OK 32 kB URL HTTP/1.1 www.regions.com/-/media/Images/WebSiteImages/avatar-branch.png?revision=04722475-1946-4ca4-8a8b-d8ca60b1b2e4
IP 205.255.103.100:0
File type PNG image data, 300 x 300, 8-bit/color RGB, non-interlaced\012- data
Hash 6fc369a602a8d0b803844cb324804c7d
415c94e7e9528cfcf2706ff599a72d148283384d
ae0ed41222aa8d4f4203f7734202032e84de9df5807b92ae3cc0fd26953e9b9e
GET /-/media/Images/WebSiteImages/avatar-branch.png?revision=04722475-1946-4ca4-8a8b-d8ca60b1b2e4 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-matthew-lewis-little-rock
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=zblx5nihrvgab5wmmnybpymg; SC_ANALYTICS_GLOBAL_COOKIE=d436bf3b696f49b1bde9deedb0af3e5d|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 534869
Date: Thu, 15 Sep 2022 16:32:56 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: f785d9fe41924d3d829e9becc9f49ec4
Content-Length: 32529
Content-Type: image/png
Last-Modified: Wed, 29 Jun 2016 16:37:41 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="avatar-branch.png"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/media/img/icon-header-chevron-down.svg
205.255.103.100200 OK 517 B URL HTTP/1.1 www.regions.com/rdcresources/content/media/img/icon-header-chevron-down.svg
IP 205.255.103.100:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text
Hash 6fe592877f7dfdf762e54c6897eb7b82
e938188ad794631774fc4f3c9164c00007d50efd
879055122ad0f1083f2205e4e45871dfdbba85a5d1015fd62caef18ff002cd17
GET /rdcresources/content/media/img/icon-header-chevron-down.svg HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/RDCResources/Content/rdc-ui.min.css?v=1.0.0.30012
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=zblx5nihrvgab5wmmnybpymg; SC_ANALYTICS_GLOBAL_COOKIE=d436bf3b696f49b1bde9deedb0af3e5d|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 534950
Date: Thu, 15 Sep 2022 16:31:35 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "90464b609ab8d81:0"
Content-Type: image/svg+xml
Content-Encoding: br
Last-Modified: Thu, 25 Aug 2022 15:50:18 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 517
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/media/img/icon-help.svg
205.255.103.100200 OK 1.6 kB URL HTTP/1.1 www.regions.com/rdcresources/content/media/img/icon-help.svg
IP 205.255.103.100:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (2810)
Hash 1e87abefd0a276764c34a02b603b55db
726453b4422b74ff47e7219c823e809bc2dc0763
f00319af3c6c500e1707cb37995e13782710bc08ec0e2bc68a4e6ea28053c25b
GET /rdcresources/content/media/img/icon-help.svg HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/RDCResources/Content/rdc-ui.min.css?v=1.0.0.30012
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=zblx5nihrvgab5wmmnybpymg; SC_ANALYTICS_GLOBAL_COOKIE=d436bf3b696f49b1bde9deedb0af3e5d|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 534950
Date: Thu, 15 Sep 2022 16:31:35 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "0e82609ab8d81:0"
Content-Type: image/svg+xml
Content-Encoding: br
Last-Modified: Thu, 25 Aug 2022 15:50:19 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 1604
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/media/images/websiteimages/icon-locator-mlo-badge.svg
205.255.103.100200 OK 288 B URL HTTP/1.1 www.regions.com/rdcresources/content/media/images/websiteimages/icon-locator-mlo-badge.svg
IP 205.255.103.100:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (352)
Hash 644bd0cb57824821768ad81bc24a44af
2e2a8af1795c6b25db1565a3cdbda4d7cc91195a
116ed69e7888779413c0a65cb95b9c09e01d4340e802d2f7800918a3572bf39f
GET /rdcresources/content/media/images/websiteimages/icon-locator-mlo-badge.svg HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/RDCResources/Content/rdc-ui.min.css?v=1.0.0.30012
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=zblx5nihrvgab5wmmnybpymg; SC_ANALYTICS_GLOBAL_COOKIE=d436bf3b696f49b1bde9deedb0af3e5d|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 534787
Date: Thu, 15 Sep 2022 16:34:18 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "f095cd609ab8d81:0"
Content-Type: image/svg+xml
Content-Encoding: br
Last-Modified: Thu, 25 Aug 2022 15:50:19 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 288
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/media/images/websiteimages/icon-diploma.svg
205.255.103.100200 OK 999 B URL HTTP/1.1 www.regions.com/rdcresources/content/media/images/websiteimages/icon-diploma.svg
IP 205.255.103.100:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2436)
Hash 3f7ebf0a903242cf3f25bc1bc160577a
93687981f9912dbb442c5ff91757ef2794457f7b
1ffe8b84b0938826970ed87dd87578870553bf2e21b56d91cfba29a269bfd335
GET /rdcresources/content/media/images/websiteimages/icon-diploma.svg HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/RDCResources/Content/rdc-ui.min.css?v=1.0.0.30012
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=zblx5nihrvgab5wmmnybpymg; SC_ANALYTICS_GLOBAL_COOKIE=d436bf3b696f49b1bde9deedb0af3e5d|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 534859
Date: Thu, 15 Sep 2022 16:33:07 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "20bce609ab8d81:0"
Content-Type: image/svg+xml
Content-Encoding: br
Last-Modified: Thu, 25 Aug 2022 15:50:19 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 999
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/media/images/websiteimages/icon-star-full.svg
205.255.103.100200 OK 182 B URL HTTP/1.1 www.regions.com/rdcresources/content/media/images/websiteimages/icon-star-full.svg
IP 205.255.103.100:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 9f82b92e5ae5303f02f70f2866dc5770
76549bf7d83cfaf3eed0b2358cd4ced6a0d42799
b702cce1853091ca3940463fe67ba239ee335af3acd5e20b18ce3890156701e2
GET /rdcresources/content/media/images/websiteimages/icon-star-full.svg HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/RDCResources/Content/rdc-ui.min.css?v=1.0.0.30012
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=zblx5nihrvgab5wmmnybpymg; SC_ANALYTICS_GLOBAL_COOKIE=d436bf3b696f49b1bde9deedb0af3e5d|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 534787
Date: Thu, 15 Sep 2022 16:34:18 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "0bdcd609ab8d81:0"
Content-Type: image/svg+xml
Content-Encoding: br
Last-Modified: Thu, 25 Aug 2022 15:50:19 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 182
Strict-Transport-Security: max-age=157680000
www.regions.com/RDCResources/Scripts/rdc-ui.min.js?v=1.0.0.30012
205.255.103.100200 OK 152 kB URL HTTP/1.1 www.regions.com/RDCResources/Scripts/rdc-ui.min.js?v=1.0.0.30012
IP 205.255.103.100:0
File type Unicode text, UTF-8 text, with very long lines (60936)
Size 152 kB (152472 bytes)
Hash 2a9f15958185b4f994c972abc957498f
2cb3a68eeadd9ccd669ca37bb19d2c71fe9fde21
6d293278c7819ea252248629add5e0b13684b5ca1750e8eca66aaf3ef0696d34
GET /RDCResources/Scripts/rdc-ui.min.js?v=1.0.0.30012 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-matthew-lewis-little-rock
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=zblx5nihrvgab5wmmnybpymg; SC_ANALYTICS_GLOBAL_COOKIE=d436bf3b696f49b1bde9deedb0af3e5d|False
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 534927
Date: Thu, 15 Sep 2022 16:31:58 GMT
Cache-Control: max-age= 31536000,public
Content-Length: 152472
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "0733619ab8d81:0"
Content-Type: application/javascript
Content-Encoding: br
Last-Modified: Thu, 25 Aug 2022 15:50:19 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/WebSiteImages/loader.gif
205.255.103.100200 OK 8.4 kB URL HTTP/1.1 www.regions.com/-/media/Images/WebSiteImages/loader.gif
IP 205.255.103.100:0
File type GIF image data, version 89a, 80 x 80\012- data
Hash 0eb0c1bdfdc4a4bd352121f51fec9149
d19adfb29240f0e08accaa483fc00c83c795f369
94a9405de974c3a6ea53616c60777c091e1330fb1b07549d5bdba4168cd19e70
GET /-/media/Images/WebSiteImages/loader.gif HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/RDCResources/Content/rdc-ui.min.css?v=1.0.0.30012
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=zblx5nihrvgab5wmmnybpymg; SC_ANALYTICS_GLOBAL_COOKIE=d436bf3b696f49b1bde9deedb0af3e5d|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 534889
Date: Thu, 15 Sep 2022 16:32:36 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 7cfa43f033c942d7a4dbec8b73001e6b
Content-Type: image/gif
Last-Modified: Fri, 03 Apr 2020 23:05:54 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="loader.gif"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 8369
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/media/images/websiteimages/icon-arrow-right.svg
205.255.103.100200 OK 178 B URL HTTP/1.1 www.regions.com/rdcresources/content/media/images/websiteimages/icon-arrow-right.svg
IP 205.255.103.100:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 3fdfa195b0c473d29f63646ffc634e37
1269b3601af214b36e1215d781c1042b192333ad
14bd0be8cfd82397404fec404f48f9994b2dd47fceb8a4f6b004d59803cade17
GET /rdcresources/content/media/images/websiteimages/icon-arrow-right.svg HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/RDCResources/Content/rdc-ui.min.css?v=1.0.0.30012
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=zblx5nihrvgab5wmmnybpymg; SC_ANALYTICS_GLOBAL_COOKIE=d436bf3b696f49b1bde9deedb0af3e5d|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 534940
Date: Thu, 15 Sep 2022 16:31:45 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "c020cd609ab8d81:0"
Content-Type: image/svg+xml
Content-Encoding: br
Last-Modified: Thu, 25 Aug 2022 15:50:19 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 178
Strict-Transport-Security: max-age=157680000
www.regions.com/locator/mlo/-/media/Images/Icon/icon-calendar/icon-calendar.svg
205.255.103.100200 OK 940 B URL HTTP/1.1 www.regions.com/locator/mlo/-/media/Images/Icon/icon-calendar/icon-calendar.svg
IP 205.255.103.100:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2699), with no line terminators
Hash c83395d617c81d10166217b9351ddd3d
cc2faff006102f6fffddc4ad5455391471459233
e9c2910517c5105adba61d2001a7ab4ad1f36b90e059fdc8464c6f851310f899
GET /locator/mlo/-/media/Images/Icon/icon-calendar/icon-calendar.svg HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-matthew-lewis-little-rock
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=zblx5nihrvgab5wmmnybpymg; SC_ANALYTICS_GLOBAL_COOKIE=d436bf3b696f49b1bde9deedb0af3e5d|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 534857
Date: Thu, 15 Sep 2022 16:33:08 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 280096ce24584f08ae4f82ec6e1611c5
Content-Type: image/svg+xml
Content-Encoding: br
Last-Modified: Wed, 03 Mar 2021 23:16:47 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Disposition: inline; filename="icon-calendar.svg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 940
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/WebSiteImages/video-component-background.jpg
205.255.103.100200 OK 86 kB URL HTTP/1.1 www.regions.com/-/media/Images/WebSiteImages/video-component-background.jpg
IP 205.255.103.100:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2800x900, components 3\012- data
Hash 714ec83101dd539af3adda51008a05d1
e2532bb228b37f019f4c7e50a850cc10d3dc5d3a
7caee0314b38dbf2499e877aaf6fc68cc34521d63d55a08d8b8ea4cecb7f7990
GET /-/media/Images/WebSiteImages/video-component-background.jpg HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/RDCResources/Content/rdc-ui.min.css?v=1.0.0.30012
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=zblx5nihrvgab5wmmnybpymg; SC_ANALYTICS_GLOBAL_COOKIE=d436bf3b696f49b1bde9deedb0af3e5d|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 534907
Date: Thu, 15 Sep 2022 16:32:19 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 9d7b5cdd37ac4196bc046f22d89a7d60
Content-Type: image/jpeg
Last-Modified: Fri, 03 Apr 2020 23:05:56 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="video-component-background.jpg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 85802
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FH-Save-Money-Refinancing-Your-Mortgage.jpg?revision=d3ad0902-be59-443c-a8a8-980c0ba397cd
205.255.103.100200 OK 16 kB URL HTTP/1.1 www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FH-Save-Money-Refinancing-Your-Mortgage.jpg?revision=d3ad0902-be59-443c-a8a8-980c0ba397cd
IP 205.255.103.100:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 216x228, components 3\012- data
Hash 51dd85ef382069ec38904173a12e9812
e821e922c3f7a622b4d032032d8c13eaaa71013a
e0863c1bfa4b1cc0e2068765f09fc77f543a4caa33fdc6b41da08d3f28b9b6b0
GET /-/media/Images/Insights/Thumbnail/Personal/P-H-FH-Save-Money-Refinancing-Your-Mortgage.jpg?revision=d3ad0902-be59-443c-a8a8-980c0ba397cd HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-matthew-lewis-little-rock
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=zblx5nihrvgab5wmmnybpymg; SC_ANALYTICS_GLOBAL_COOKIE=d436bf3b696f49b1bde9deedb0af3e5d|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 534877
Date: Thu, 15 Sep 2022 16:32:48 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: ecc44ec6c3da494498bf2e82b723f903
Content-Type: image/jpeg
Last-Modified: Fri, 11 Sep 2020 15:58:15 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="P-H-FH-Save-Money-Refinancing-Your-Mortgage.jpg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 16468
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/DotCom/Locator/MLOs/mortgage-loan-officer-Matthew-Lewis-Little-Rock.ashx?revision=3a0b59ec-ebce-4bcf-bb88-d8554b23b9e1
205.255.103.100200 OK 39 kB URL HTTP/1.1 www.regions.com/-/media/Images/DotCom/Locator/MLOs/mortgage-loan-officer-Matthew-Lewis-Little-Rock.ashx?revision=3a0b59ec-ebce-4bcf-bb88-d8554b23b9e1
IP 205.255.103.100:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=14, height=3000, bps=182, PhotometricIntepretation=RGB, manufacturer=Canon, model=Canon EOS 7D, orientation=upper-left, width=2000], progressive, precision 8, 175x175, components 3\012- data
Hash 76711aecb5764810129593d090d87e82
ce5beacf214f5496871d92b4bbf91d6278600be6
c37b44c185ad32779f7c9710d82961ff7d45c276885d00b1a84640c4e40c1661
GET /-/media/Images/DotCom/Locator/MLOs/mortgage-loan-officer-Matthew-Lewis-Little-Rock.ashx?revision=3a0b59ec-ebce-4bcf-bb88-d8554b23b9e1 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-matthew-lewis-little-rock
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=zblx5nihrvgab5wmmnybpymg; SC_ANALYTICS_GLOBAL_COOKIE=d436bf3b696f49b1bde9deedb0af3e5d|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 534870
Date: Thu, 15 Sep 2022 16:32:55 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 91dacb4ff0ea47c3a9c5ae1631b9624c
Content-Length: 39058
Content-Type: application/octet-stream
Last-Modified: Thu, 02 Dec 2021 08:33:45 GMT
Accept-Ranges: bytes
Content-Disposition: attachment; filename="mortgage-loan-officer-Matthew-Lewis-Little-Rock"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FH-Questions_to_Ask_When_Considering_a_Home_Equity-Thumb.jpg?revision=bef24dc0-fea4-4d81-999e-3fcb5fc79dd3
205.255.103.100200 OK 34 kB URL HTTP/1.1 www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FH-Questions_to_Ask_When_Considering_a_Home_Equity-Thumb.jpg?revision=bef24dc0-fea4-4d81-999e-3fcb5fc79dd3
IP 205.255.103.100:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 432x456, components 3\012- data
Hash cddff7f07661de94582305c4455e96d7
e61aba41b7d7cc1b05560a1387824f82092cfd05
e6ddaffbc4e3f08ebe842ed529a3aaccbd23d6a140e5cc10db89b056f11e7105
GET /-/media/Images/Insights/Thumbnail/Personal/P-H-FH-Questions_to_Ask_When_Considering_a_Home_Equity-Thumb.jpg?revision=bef24dc0-fea4-4d81-999e-3fcb5fc79dd3 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-matthew-lewis-little-rock
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=zblx5nihrvgab5wmmnybpymg; SC_ANALYTICS_GLOBAL_COOKIE=d436bf3b696f49b1bde9deedb0af3e5d|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 534877
Date: Thu, 15 Sep 2022 16:32:48 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 73176d8e641740558ec2903100565b1b
Content-Type: image/jpeg
Last-Modified: Fri, 11 Sep 2020 15:58:15 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="P-H-FH-Questions_to_Ask_When_Considering_a_Home_Equity-Thumb.jpg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 33665
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-UYHE-Is_a_Home_Equity_Loan_or_Line_of_Credit_Right_for_you-Thumb.jpg?revision=015fa817-5dd3-4991-852e-0e106801180a
205.255.103.100200 OK 21 kB URL HTTP/1.1 www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-UYHE-Is_a_Home_Equity_Loan_or_Line_of_Credit_Right_for_you-Thumb.jpg?revision=015fa817-5dd3-4991-852e-0e106801180a
IP 205.255.103.100:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 432x456, components 3\012- data
Hash de1166a7dea4821e653419386f30ef80
849da63131c1f7333e790c7b8470beea90797a3d
73f81791ec41abc9a738979de0f83bd6c2efc70908e86047ff2b2aa5cdb62a60
GET /-/media/Images/Insights/Thumbnail/Personal/P-H-UYHE-Is_a_Home_Equity_Loan_or_Line_of_Credit_Right_for_you-Thumb.jpg?revision=015fa817-5dd3-4991-852e-0e106801180a HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-matthew-lewis-little-rock
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=zblx5nihrvgab5wmmnybpymg; SC_ANALYTICS_GLOBAL_COOKIE=d436bf3b696f49b1bde9deedb0af3e5d|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 534877
Date: Thu, 15 Sep 2022 16:32:48 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 8ca54c4c0b8e477093a82d2796b8587b
Content-Type: image/jpeg
Last-Modified: Fri, 11 Sep 2020 15:58:11 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="P-H-UYHE-Is_a_Home_Equity_Loan_or_Line_of_Credit_Right_for_you-Thumb.jpg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 20600
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FYH-Checklist_Closing_Costs_vs_Prepaid_Items-Thumb.jpg?revision=fd9cddf8-1e36-4d44-a1ee-5aeef8da81e8
205.255.103.100200 OK 22 kB URL HTTP/1.1 www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FYH-Checklist_Closing_Costs_vs_Prepaid_Items-Thumb.jpg?revision=fd9cddf8-1e36-4d44-a1ee-5aeef8da81e8
IP 205.255.103.100:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 432x456, components 3\012- data
Hash 43c3979dfaa872bee3d5ecd678b41551
efb2b3011959b7e59fdf8a0242fc69190eb85e4b
852995c5e7bd28d42e0086cac3de58ddbd9ef0161ade5267f3d16b09579dd6d4
GET /-/media/Images/Insights/Thumbnail/Personal/P-H-FYH-Checklist_Closing_Costs_vs_Prepaid_Items-Thumb.jpg?revision=fd9cddf8-1e36-4d44-a1ee-5aeef8da81e8 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-matthew-lewis-little-rock
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=zblx5nihrvgab5wmmnybpymg; SC_ANALYTICS_GLOBAL_COOKIE=d436bf3b696f49b1bde9deedb0af3e5d|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 534835
Date: Thu, 15 Sep 2022 16:33:32 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 0bad9f02bd23408ba9830e28065b7798
Content-Type: image/jpeg
Last-Modified: Fri, 11 Sep 2020 15:58:16 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="P-H-FYH-Checklist_Closing_Costs_vs_Prepaid_Items-Thumb.jpg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 21773
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/Insights/Thumbnail/Personal/H-FAH-preparing-for-a-major-home-remodel-thumb.jpg?revision=cea5c952-835f-4735-af18-4850d9b0646f
205.255.103.100200 OK 98 kB URL HTTP/1.1 www.regions.com/-/media/Images/Insights/Thumbnail/Personal/H-FAH-preparing-for-a-major-home-remodel-thumb.jpg?revision=cea5c952-835f-4735-af18-4850d9b0646f
IP 205.255.103.100:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 432x456, components 3\012- data
Hash 372bd7f2ff8ecf74e939d7d7e2ad94af
320244fbc60864b6662f3ae720817099bfaf3add
80d2097213a26f3ae12d5deae29efca6864f9cd0e7886a03812f0da841667207
GET /-/media/Images/Insights/Thumbnail/Personal/H-FAH-preparing-for-a-major-home-remodel-thumb.jpg?revision=cea5c952-835f-4735-af18-4850d9b0646f HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-matthew-lewis-little-rock
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=zblx5nihrvgab5wmmnybpymg; SC_ANALYTICS_GLOBAL_COOKIE=d436bf3b696f49b1bde9deedb0af3e5d|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 534877
Date: Thu, 15 Sep 2022 16:32:48 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: f78551ee84504eef883b8b40efb13011
Content-Type: image/jpeg
Last-Modified: Mon, 01 Mar 2021 14:39:24 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="H-FAH-preparing-for-a-major-home-remodel-thumb.jpg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 98074
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FAH-ThingsToKnowAboutAnAdjustableRateMortgage-Thumb.jpg?revision=7359873d-ce42-45c7-bef6-35604caaf84b
205.255.103.100200 OK 33 kB URL HTTP/1.1 www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FAH-ThingsToKnowAboutAnAdjustableRateMortgage-Thumb.jpg?revision=7359873d-ce42-45c7-bef6-35604caaf84b
IP 205.255.103.100:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 432x456, components 3\012- data
Hash a0fdb87f17a0891d20b4c7c7dd489ae3
e64540d9a8a47e946531663c1939a7595ac0da41
673948f25b84f697a6098cdb3880ed34ad8675ffd4b3c5b7c7c984a4a091a551
GET /-/media/Images/Insights/Thumbnail/Personal/P-H-FAH-ThingsToKnowAboutAnAdjustableRateMortgage-Thumb.jpg?revision=7359873d-ce42-45c7-bef6-35604caaf84b HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-matthew-lewis-little-rock
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=zblx5nihrvgab5wmmnybpymg; SC_ANALYTICS_GLOBAL_COOKIE=d436bf3b696f49b1bde9deedb0af3e5d|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 534832
Date: Thu, 15 Sep 2022 16:33:34 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 8058e759fc414eed969f8bd2f43e85a0
Content-Length: 33076
Content-Type: image/jpeg
Last-Modified: Fri, 11 Sep 2020 15:58:16 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="P-H-FAH-ThingsToKnowAboutAnAdjustableRateMortgage-Thumb.jpg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FAH-understanding-adjustable-rate-mortgages-podcast-Thumb.jpg?revision=123ce605-bb6a-45a2-bee4-cfab482b5041
205.255.103.100200 OK 89 kB URL HTTP/1.1 www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FAH-understanding-adjustable-rate-mortgages-podcast-Thumb.jpg?revision=123ce605-bb6a-45a2-bee4-cfab482b5041
IP 205.255.103.100:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.0 (Macintosh), datetime=2020:01:16 13:59:30 DIY-Thermocam raw data\012- (Lepton 2.x), scale 21870-29766, spot sensor temperature 74893065746301681918931676168192.000000, unit celsius, color scheme 0, calibration: offset 0.000000, slope 137438953472.000000], baseline, precision 8, 432x456, components 3\012- data
Hash 6f07089f352bd05fa11d90f30e6cc5e4
0cb2658df6969bd6b8be226965eb2c259f0ea20b
1d0f2941a7e38e37c07ab51df9d709e4711faee18fdba5382811abb70e061fa3
GET /-/media/Images/Insights/Thumbnail/Personal/P-H-FAH-understanding-adjustable-rate-mortgages-podcast-Thumb.jpg?revision=123ce605-bb6a-45a2-bee4-cfab482b5041 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-matthew-lewis-little-rock
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=zblx5nihrvgab5wmmnybpymg; SC_ANALYTICS_GLOBAL_COOKIE=d436bf3b696f49b1bde9deedb0af3e5d|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 534829
Date: Thu, 15 Sep 2022 16:33:37 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: fbff9ae4cc204417b09fbc41995b15f9
Content-Type: image/jpeg
Last-Modified: Fri, 11 Sep 2020 15:58:05 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="P-H-FAH-understanding-adjustable-rate-mortgages-podcast-Thumb.jpg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 88747
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FAH-applying-for-a-home-loan-podcast-Thumb.jpg?revision=69f08e28-6916-4f57-a2ed-a1f0ed32dc22
205.255.103.100200 OK 88 kB URL HTTP/1.1 www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FAH-applying-for-a-home-loan-podcast-Thumb.jpg?revision=69f08e28-6916-4f57-a2ed-a1f0ed32dc22
IP 205.255.103.100:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.0 (Macintosh), datetime=2020:01:16 13:19:44], baseline, precision 8, 432x456, components 3\012- data
Hash c8841785cd39c7400eb055f52f4fd395
dcb5859dc36c50ab2727e2a9366d5c59551a4b28
1d47fb60ed8a9217554a061f114f98265f0241adeec6b7ecfe58b98a9ca9f137
GET /-/media/Images/Insights/Thumbnail/Personal/P-H-FAH-applying-for-a-home-loan-podcast-Thumb.jpg?revision=69f08e28-6916-4f57-a2ed-a1f0ed32dc22 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-matthew-lewis-little-rock
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=zblx5nihrvgab5wmmnybpymg; SC_ANALYTICS_GLOBAL_COOKIE=d436bf3b696f49b1bde9deedb0af3e5d|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 534829
Date: Thu, 15 Sep 2022 16:33:38 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: db4a6978e622401bbde4a35d3c2b7841
Content-Length: 88363
Content-Type: image/jpeg
Last-Modified: Fri, 11 Sep 2020 15:58:05 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="P-H-FAH-applying-for-a-home-loan-podcast-Thumb.jpg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c8ac2005f83e8a3a9da1a9837b6c2ff3
7c05f49683e49232c1e11b91253e684d2f96ab83
b0b42743b4c7e4b528fd78aadc5429ef34c2e127f3d5147330d428a47203dc0a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:07:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.googleapis.com/maps/api/js?v=3.exp&libraries=places&client=gme-regionsbank&callback=REGIONS.maps.afterInit&_=1663794446795
142.250.74.74200 OK 56 kB URL HTTP/2 maps.googleapis.com/maps/api/js?v=3.exp&libraries=places&client=gme-regionsbank&callback=REGIONS.maps.afterInit&_=1663794446795
IP 142.250.74.74:0
File type ASCII text, with very long lines (2523)
Hash 0cabadca93273ecd5e121822cc3b1687
b16438f26f4c316f068085247fc282b1a242c2c1
a6bdb1642c572ed7b4cceb57f52a000f58ab2436b48e2b1bf503fea877939c96
GET /maps/api/js?v=3.exp&libraries=places&client=gme-regionsbank&callback=REGIONS.maps.afterInit&_=1663794446795 HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Wed, 21 Sep 2022 21:07:27 GMT
expires: Wed, 21 Sep 2022 21:37:27 GMT
cache-control: public, max-age=1800
vary: Accept-Language
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 56312
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=23
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.regions.com/-/media/Images/DotCom/Generic/video-component-background.jpg?revision=bd3405f8-01e8-4334-ab30-0fa6d90ca353
205.255.103.100200 OK 926 kB URL HTTP/1.1 www.regions.com/-/media/Images/DotCom/Generic/video-component-background.jpg?revision=bd3405f8-01e8-4334-ab30-0fa6d90ca353
IP 205.255.103.100:0
File type PNG image data, 1400 x 450, 8-bit/color RGBA, non-interlaced\012- data
Size 926 kB (926480 bytes)
Hash 869f6fce3cc41447159b757d89bc8ba7
e9e34caba119cb5727bf3324c4d897edd22ea1e6
8e8dcd035a49dabbf01d255019d0fca12bace4c39bbb8b3aa7373a1dadae49a5
GET /-/media/Images/DotCom/Generic/video-component-background.jpg?revision=bd3405f8-01e8-4334-ab30-0fa6d90ca353 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-matthew-lewis-little-rock
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=zblx5nihrvgab5wmmnybpymg; SC_ANALYTICS_GLOBAL_COOKIE=d436bf3b696f49b1bde9deedb0af3e5d|False; Regions_SessionId=f0996e15-b846-4966-8869-24359d2292d3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 534858
Date: Thu, 15 Sep 2022 16:33:08 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: f294c5922dab4c0da74893f259ffb939
Content-Type: image/png
Last-Modified: Tue, 04 Aug 2020 19:24:35 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="video-component-background.png"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 926480
Strict-Transport-Security: max-age=157680000
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c8ac2005f83e8a3a9da1a9837b6c2ff3
7c05f49683e49232c1e11b91253e684d2f96ab83
b0b42743b4c7e4b528fd78aadc5429ef34c2e127f3d5147330d428a47203dc0a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:07:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
142.250.74.74200 OK 23 B URL HTTP/2 maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
IP 142.250.74.74:0
File type JSON data\012- , ASCII text
Hash e3981ca10169a319d5aa062bf43a5fa1
2c6ed584767b65688ce99b1ebe1a3b7448a67421
8b0b8749aba12de93f3cf5d86f9fac9d6de7cac400a17473718f182a34ebb7e9
GET /maps/api/mapsjs/gen_204?csp_test=true HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.regions.com
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 21 Sep 2022 21:07:27 GMT
server: scaffolding on HTTPServer2
cache-control: private
content-length: 23
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.regions.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
nexus.ensighten.com/regions/regions-prod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/regions/regions-prod/code/&publishedOn=Mon%20Sep%2019%2016:07:04%20GMT%202022&ClientID=1202&PageID=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock
54.230.111.14200 OK 398 B URL HTTP/2 nexus.ensighten.com/regions/regions-prod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/regions/regions-prod/code/&publishedOn=Mon%20Sep%2019%2016:07:04%20GMT%202022&ClientID=1202&PageID=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock
IP 54.230.111.14:0
File type ASCII text, with very long lines (397)
Hash 1a275c00ad0b07d8cd3c6de7de8c795e
03e426631ec7f7d117e1aa4fc9030adb25e988fc
dc3660a1d2b1c817d2f343b029a8bddff56b7d51df7e7f699ad9b3928d71bbf2
GET /regions/regions-prod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/regions/regions-prod/code/&publishedOn=Mon%20Sep%2019%2016:07:04%20GMT%202022&ClientID=1202&PageID=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 398
server: nginx
date: Wed, 21 Sep 2022 21:07:27 GMT
expires: Wed, 21 Sep 2022 21:07:26 GMT
cache-control: no-cache, no-store
x-cache: Miss from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: O7CQmuKBXYfap85wkr3QAyXFibH28f46aMO9pLvdCqugzc9-BqgpKw==
X-Firefox-Spdy: h2
nexus.ensighten.com/error/e.gif?msg=Invalid%20data%20definition%20used%3A%2059857&lnn=54&fn=https%3A%2F%2Fnexus.ensighten.com%2Fregions%2Fregions-prod%2FBootstrap.js&cid=1202&client=regions&publishPath=regions-prod&rid=-1&did=-1&errorName=DataDefinitionException
54.230.111.14204 No Content 0 B URL HTTP/2 nexus.ensighten.com/error/e.gif?msg=Invalid%20data%20definition%20used%3A%2059857&lnn=54&fn=https%3A%2F%2Fnexus.ensighten.com%2Fregions%2Fregions-prod%2FBootstrap.js&cid=1202&client=regions&publishPath=regions-prod&rid=-1&did=-1&errorName=DataDefinitionException
IP 54.230.111.14:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /error/e.gif?msg=Invalid%20data%20definition%20used%3A%2059857&lnn=54&fn=https%3A%2F%2Fnexus.ensighten.com%2Fregions%2Fregions-prod%2FBootstrap.js&cid=1202&client=regions&publishPath=regions-prod&rid=-1&did=-1&errorName=DataDefinitionException HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: CloudFront
date: Wed, 21 Sep 2022 01:05:17 GMT
cache-control: no-cache, no-store
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cgJ0Psv1CtBRMFjFm1C2SHHOil9yN53LDyqEEw8j0CDbhbGdHs2kXA==
age: 72130
X-Firefox-Spdy: h2
maps.googleapis.com/maps/api/staticmap?center=34.7465639999999,%20-92.394266&zoom=15&markers=icon:https://www.regions.com/~/media/Images/WebSiteImages/branch-locator-marker.png%7C34.7465639999999,%20-92.394266&style=hue:%23333333%7Csaturation:-100&size=400x400&maptype=roadmap&key=AIzaSyBs0hqYfNYsYPYOtcZrYli6j0K8B-wO9mc
142.250.74.74200 OK 22 kB URL HTTP/2 maps.googleapis.com/maps/api/staticmap?center=34.7465639999999,%20-92.394266&zoom=15&markers=icon:https://www.regions.com/~/media/Images/WebSiteImages/branch-locator-marker.png%7C34.7465639999999,%20-92.394266&style=hue:%23333333%7Csaturation:-100&size=400x400&maptype=roadmap&key=AIzaSyBs0hqYfNYsYPYOtcZrYli6j0K8B-wO9mc
IP 142.250.74.74:0
File type PNG image data, 400 x 400, 8-bit colormap, non-interlaced\012- data
Hash be1cd2f550bfd073761ca8661cc9e3d1
0d72a54f2ce960509db4e5e76a69f035f7105aa5
ccf37bd96424e99ff42c8416cd15deed886633a9abb8702ee14affd3a538a72b
GET /maps/api/staticmap?center=34.7465639999999,%20-92.394266&zoom=15&markers=icon:https://www.regions.com/~/media/Images/WebSiteImages/branch-locator-marker.png%7C34.7465639999999,%20-92.394266&style=hue:%23333333%7Csaturation:-100&size=400x400&maptype=roadmap&key=AIzaSyBs0hqYfNYsYPYOtcZrYli6j0K8B-wO9mc HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
date: Wed, 21 Sep 2022 21:07:27 GMT
expires: Thu, 22 Sep 2022 21:07:27 GMT
cache-control: public, max-age=86400
vary: Accept-Language
access-control-allow-origin: *
server: scaffolding on HTTPServer2
content-length: 22093
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=126
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.regions.com/-/media/Images/WebSiteImages/favicon.ico
205.255.103.100200 OK 9.7 kB URL HTTP/1.1 www.regions.com/-/media/Images/WebSiteImages/favicon.ico
IP 205.255.103.100:0
File type MS Windows icon resource - 1 icon, 48x48, 32 bits/pixel\012- data
Hash 770326a3949eeac3b1b32f636a435b24
34e947c7883865ed4982b1108ff1d8d3225edaaf
d40069d6602b8db241d15a18513f0d26f783b9b012a46b7fca2bd4a23ccb5be1
GET /-/media/Images/WebSiteImages/favicon.ico HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-matthew-lewis-little-rock
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=zblx5nihrvgab5wmmnybpymg; SC_ANALYTICS_GLOBAL_COOKIE=d436bf3b696f49b1bde9deedb0af3e5d|False; Regions_SessionId=f0996e15-b846-4966-8869-24359d2292d3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 534946
Date: Thu, 15 Sep 2022 16:31:40 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: c8a67602af18477991e64598d71384a6
Content-Type: image/x-icon
Last-Modified: Wed, 26 Jan 2022 21:49:47 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="favicon.ico"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 9662
Strict-Transport-Security: max-age=157680000
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c3dc89ea2daeec65f3255371661f2b1b
42d925fc09fe78ce664ba07b49883f027a024c5b
055a012e5b0c2d2f0c633da56e79db5744a2aad1d43fd52237fac385128fc7df
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5855
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:07:27 GMT
Last-Modified: Wed, 21 Sep 2022 19:29:52 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f85caa32cfc5c68ae9d37dac5075d086
d98cb95e042dfdf7fcfe0bef3d83624a970ee7ab
c1d5882e2ccbee35dfb5d42d78ef6fd843882cbbbe5653cd686ff768e697ac84
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:07:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/bat.js
204.79.197.200200 OK 11 kB IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Hash 293ae3e0fc8b0d5c143fdf9d8490228d
3976c659b908e70818a3a1ac71860b497fe2d1a9
04a840d967ae836e14179bde574cabf14a1fc871182ca0f8193e7a0b06c727ab
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11367
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ranges: bytes
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
set-cookie: MUID=214659CF6BA063B30C204BE96A5562C1; domain=.bing.com; expires=Mon, 16-Oct-2023 21:07:27 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 328322A690C64FF0B998147350465589 Ref B: OSL30EDGE0213 Ref C: 2022-09-21T21:07:27Z
date: Wed, 21 Sep 2022 21:07:27 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 550873cb45a2d2ed0299458b54ba1b6a
a9f389991f13a8572b982374ea10197e90c97b1b
fd04fa2429d758cafbcead095e6d1080c16d00d6838eb67f66aeb046e516bb49
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6029
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:07:27 GMT
Last-Modified: Wed, 21 Sep 2022 19:26:58 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 313
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 35343b6981ed4c9eb2cd90bc8c2146cd
4e49432e50195a2bc528fb1745a2899306c79db8
cf55f53534e3e8b62513618cda90832a7b9bcd0d15b1a8f6bb51db6eb60daefd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:07:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
157.240.200.14200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (64348)
Hash 9ecd89752214ef749272eef344b9089a
70a58a49c08934265ee34c74efb01d6b3124095d
f76c51487e348977288fcaf83984cd8fe4e73758cc352402774d9eb94680d528
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: I/xQE8pQ97gOKblExW0AkSYbF/Y0kbwDprPzx+5zd75OcXNyMC1MGbqS6uHxMDALLBVx1TLhJSUQsYJ1+inIew==
content-length: 26839
x-fb-trip-id: 1679558926
date: Wed, 21 Sep 2022 21:07:27 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10175658&he=start&auid=regio0
212.82.100.181200 OK 43 B URL HTTP/2 sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10175658&he=start&auid=regio0
IP 212.82.100.181:0
ASN #34010 Yahoo! UK Services Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /spp.pl?a=10000&.yp=10175658&he=start&auid=regio0 HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:07:27 GMT
expires: Wed, 21 Sep 2022 21:07:27 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBA99K2MCEC1oFt6FAXlFBmKt3B4lgNMFEgEBAQHOLGM1YwAAAAAA_eMAAA&S=AQAAAi7kruVtNVVpCOrJqgSiHZw; Expires=Fri, 22 Sep 2023 03:07:27 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c3dc89ea2daeec65f3255371661f2b1b
42d925fc09fe78ce664ba07b49883f027a024c5b
055a012e5b0c2d2f0c633da56e79db5744a2aad1d43fd52237fac385128fc7df
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5855
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:07:27 GMT
Last-Modified: Wed, 21 Sep 2022 19:29:52 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
www.googletagmanager.com/gtag/js?id=AW-1013536406&l=regionsDataLayer
142.250.74.72200 OK 46 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-1013536406&l=regionsDataLayer
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash 9e0fb623733ce223d6265d0e0fed81d5
966ec401aa731795253a5db3b7ec86753b597e90
225c3a4888222d69afb76df23d7672071dd434b42625403b8b4da7c6e1589450
GET /gtag/js?id=AW-1013536406&l=regionsDataLayer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 21 Sep 2022 21:07:27 GMT
expires: Wed, 21 Sep 2022 21:07:27 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46480
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 35343b6981ed4c9eb2cd90bc8c2146cd
4e49432e50195a2bc528fb1745a2899306c79db8
cf55f53534e3e8b62513618cda90832a7b9bcd0d15b1a8f6bb51db6eb60daefd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:07:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f85caa32cfc5c68ae9d37dac5075d086
d98cb95e042dfdf7fcfe0bef3d83624a970ee7ab
c1d5882e2ccbee35dfb5d42d78ef6fd843882cbbbe5653cd686ff768e697ac84
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:07:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=2f522f2cbc0fecebadd20f961aabdb13&k=regions-bank-pixel-8219&zmpID=regions-bank&cache_buster=3834449186095473&PageUrl=https://www.regions.com/locator/mlo/mortgage-loan-officer-matthew-lewis-little-rock
143.204.55.106200 OK 1.9 kB URL HTTP/2 live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=2f522f2cbc0fecebadd20f961aabdb13&k=regions-bank-pixel-8219&zmpID=regions-bank&cache_buster=3834449186095473&PageUrl=https://www.regions.com/locator/mlo/mortgage-loan-officer-matthew-lewis-little-rock
IP 143.204.55.106:0
File type HTML document, ASCII text, with very long lines (1202)
Hash a20f1f52b54babd568309a740424fb92
c8b2f6bb02d95b6ffb09b536659e6428f7517408
ff69b1855cc494202d2408c48dd71eacdac51093875e54d68c5ba765717da251
GET /sync?c=16b6410431b6374e780104abb0443ca8&p=2f522f2cbc0fecebadd20f961aabdb13&k=regions-bank-pixel-8219&zmpID=regions-bank&cache_buster=3834449186095473&PageUrl=https://www.regions.com/locator/mlo/mortgage-loan-officer-matthew-lewis-little-rock HTTP/1.1
Host: live.rezync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 1876
date: Wed, 21 Sep 2022 21:07:27 GMT
set-cookie: zync-uuid=c241a481-f6ac-4bff-86f3-4bad5d3df66e:1663794447.9478784; Domain=rezync.com; Expires=Mon, 20 Mar 2023 14:07:27 GMT; Path=/; SameSite=None; Secure
sd-session-id=eyJfcGVybWFuZW50Ijp0cnVlLCJzZXNzaW9uX2lkIjoiYzI0MWE0ODEtZjZhYy00YmZmLTg2ZjMtNGJhZDVkM2RmNjZlOjE2NjM3OTQ0NDcuOTQ3ODc4NCJ9.Yyt9Dw.2Ibzr8xsPZeX1RZ4K--yJxHCEu4; Expires=Mon, 20 Mar 2023 21:07:27 GMT; HttpOnly; Path=/; SameSite=None; Secure
vary: Cookie
server: lighttpd/1.4.59
x-cache: Miss from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: xrBOPr0waomkTYtKTum6H5WIzt8xeW2in8xSNMppllKRXwIXPflAPw==
X-Firefox-Spdy: h2
t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o1rxt&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0
104.244.42.69200 OK 43 B URL HTTP/2 t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o1rxt&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0
IP 104.244.42.69:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?p_id=Twitter&p_user_id=0&txn_id=o1rxt&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:07:27 GMT
server: tsa_o
set-cookie: muc_ads=256d67a0-6fe3-4b9e-b125-d8e58545f875; Max-Age=63072000; Expires=Fri, 20 Sep 2024 21:07:27 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
strict-transport-security: max-age=0
x-response-time: 110
x-connection-hash: 2cc330c9196372a59bc1499c4f7f37c500daf4b10c8a578c0a64427b1138237b
X-Firefox-Spdy: h2
cdn.boomtrain.com/p13n/regions-bank/p13n.min.js
143.204.55.27200 OK 25 kB URL HTTP/1.1 cdn.boomtrain.com/p13n/regions-bank/p13n.min.js
IP 143.204.55.27:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 3a4ab947ede525e04d80f5c565ed0d68
9cae902c51c8b5d48f7fd4afa10562ab53005873
03cc6df07c79c896c5cfda9a4a266e21675def309b2206ae9a564d79a012eec7
GET /p13n/regions-bank/p13n.min.js HTTP/1.1
Host: cdn.boomtrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 19 Sep 2022 07:49:29 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: DC7s1HXAceEBizfm89ymKy_1oi9XLF7g
Server: AmazonS3
Content-Encoding: gzip
Date: Wed, 21 Sep 2022 20:15:03 GMT
Cache-Control: public, max-age=3600
ETag: W/"b5c7a6912795e6d385f5e9a8b245f7dd"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: upIWAQovQdvy6N1e5EERSPw1HjDoFT-zOanL4G9E3FmBqlLiJgOPfA==
Age: 3146
bat.bing.com/action/0?ti=21011282&Ver=2&mid=cb085f23-04b2-42f7-a85e-132c3b9934e7&sid=65df419039f111ed82be71931f0b6023&vid=65df56b039f111edb9056be00c42975a&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Little%20Rock%20Mortgage%20Lender%20%7C%20Matthew%20Lewis%20%7C%20Regions&kw=Little%20Rock%20Mortgage%20Lender%20%7C%20Matthew%20Lewis%20%7C%20Regions&p=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock&r=<=3306&evt=pageLoad&sv=1&rn=991349
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=21011282&Ver=2&mid=cb085f23-04b2-42f7-a85e-132c3b9934e7&sid=65df419039f111ed82be71931f0b6023&vid=65df56b039f111edb9056be00c42975a&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Little%20Rock%20Mortgage%20Lender%20%7C%20Matthew%20Lewis%20%7C%20Regions&kw=Little%20Rock%20Mortgage%20Lender%20%7C%20Matthew%20Lewis%20%7C%20Regions&p=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock&r=<=3306&evt=pageLoad&sv=1&rn=991349
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=21011282&Ver=2&mid=cb085f23-04b2-42f7-a85e-132c3b9934e7&sid=65df419039f111ed82be71931f0b6023&vid=65df56b039f111edb9056be00c42975a&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Little%20Rock%20Mortgage%20Lender%20%7C%20Matthew%20Lewis%20%7C%20Regions&kw=Little%20Rock%20Mortgage%20Lender%20%7C%20Matthew%20Lewis%20%7C%20Regions&p=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock&r=<=3306&evt=pageLoad&sv=1&rn=991349 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=1A8A1A8F3C916F60376B08A93D646E46; domain=.bing.com; expires=Mon, 16-Oct-2023 21:07:28 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 51AEF306728945348A7960160F1E3BB9 Ref B: OSL30EDGE0213 Ref C: 2022-09-21T21:07:28Z
date: Wed, 21 Sep 2022 21:07:27 GMT
X-Firefox-Spdy: h2
js.adsrvr.org/up_loader.1.1.0.js
143.204.45.46200 OK 1.9 kB URL HTTP/1.1 js.adsrvr.org/up_loader.1.1.0.js
IP 143.204.45.46:0
File type ASCII text, with very long lines (4593), with no line terminators
Hash 10c8dff7ca8a73c1b632d15cd7304b95
622aee6182568f9a9f425685bc3e1fd209bcddd2
48c115bd9a1ac4ac45eed3e2d7e6c98ed8451f5c546c3f71997c9365b253614f
GET /up_loader.1.1.0.js HTTP/1.1
Host: js.adsrvr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Wed, 21 Sep 2022 01:54:47 GMT
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: OSUJiU4Z8ceuk-xrBfe-9OlQRyC1NZkI3bETf7LDgu1mN7075UcR1g==
Age: 69161
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5af22e39b225120461ea5dc341b14321
38a609c3fa222ded0cfe61ff6ed446561f92d10d
ba3362176a7e67ea61abf9de1e8104df80614b02ce23ab7ab0ab75480b65fd38
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:07:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
p.teads.tv/teads-fellow.js
23.195.255.234200 OK 6.2 kB URL HTTP/1.1 p.teads.tv/teads-fellow.js
IP 23.195.255.234:0
File type ASCII text, with very long lines (19114), with no line terminators
Hash 8da91fbfe18ecc5173abf679aae05fe2
0e94aaabfd66c7ea2eb66ccb7e93f8b6f1f1a219
122ebe16c25b2f6f7aa76683d75c503e6a4aabc6056d66376ed234f19003e8d3
GET /teads-fellow.js HTTP/1.1
Host: p.teads.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: xGNjXHtFKKDpQoYdhdstQKkTNdp5yq0Fe+klSlF/I787G9ks4qpk3dmtE7rzyRSvu4TYyJyez4o=
x-amz-request-id: MAK285P1EZWB9B1K
Last-Modified: Wed, 21 Sep 2022 14:24:38 GMT
ETag: "395e11a1f85497bb2060c45c54303e44"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Encoding: gzip
Content-Length: 6195
Cache-Control: max-age=493
Date: Wed, 21 Sep 2022 21:07:28 GMT
Connection: keep-alive
Vary: Accept-Encoding
c1.rfihub.net/js/tc.min.js
54.230.111.29200 OK 6.2 kB URL HTTP/2 c1.rfihub.net/js/tc.min.js
IP 54.230.111.29:0
File type C source, ASCII text, with very long lines (19497)
Hash ab5a2e3f2414c0a2b622e48c0b6da2fd
1a894787bde6cbf9b58d47b8f4245607420112ad
a5ef19cf7ca85f760c462ed2f228430c8d0a6d9daf3aa34894a5c42113cfdb8f
GET /js/tc.min.js HTTP/1.1
Host: c1.rfihub.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 6162
date: Wed, 21 Sep 2022 21:03:58 GMT
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: public, max-age=3600
expires: Wed, 21 Sep 2022 22:03:58 GMT
last-modified: Wed, 21 Sep 2022 21:03:48 GMT
content-encoding: gzip
server: Jetty(9.3.29.v20201019)
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2R8hrFHFkbuyif6SpVyZwLNeZMY_S2fvErTBIwZUCkoexMM5lFOaHQ==
age: 210
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 3ecd92ddcb5a1e93fd43b968f002e5d0
e88db3017eb9969c758bca8f48b14f5fb6e7cd93
0113db4a7496f8a8c6138d4f5824697f5b90c082763fb770a827b403448b6540
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 198
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:07:28 GMT
Last-Modified: Wed, 21 Sep 2022 21:04:11 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 313
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 15af330272b65861c93c7f989a284e90
e3cf4e4108bc8e68819f82722fb6ca11392cdb34
7ebccd17f3283cfcd086121a089c9de4699284acf5809695d7a364835518ec1a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:07:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/p/action/21011282.js
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/21011282.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/21011282.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=1B78AF856DDF67F61F92BDA36C2A667B; domain=.bing.com; expires=Mon, 16-Oct-2023 21:07:28 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6CB853107D8046D098EC418F8F2600C8 Ref B: OSL30EDGE0213 Ref C: 2022-09-21T21:07:28Z
date: Wed, 21 Sep 2022 21:07:27 GMT
X-Firefox-Spdy: h2
cdn.bttrack.com/js/44911/analytics/1.0/analytics.min.js
69.16.175.42200 OK 369 B URL HTTP/1.1 cdn.bttrack.com/js/44911/analytics/1.0/analytics.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (599), with no line terminators
Hash ad0eb0570078f9251ad5b5f6bde73010
c8787129ce4b915314a5c05be6812f74fb148945
80a9e2602c17d221fe8d16a24af2a9a7b477d0ce22e3e5e124575cea35953026
GET /js/44911/analytics/1.0/analytics.min.js HTTP/1.1
Host: cdn.bttrack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:07:28 GMT
Connection: Keep-Alive
Cache-Control: max-age=70207
Content-Encoding: gzip
Content-Length: 369
Content-Type: text/javascript; charset=utf-8
Accept-Ranges: bytes
X-HW: 1663794448.dop072.sk1.t,1663794448.cds229.sk1.shn,1663794448.cds229.sk1.c
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1cd3b80c01c05a7a491111e947a728de
157c9925b274c2f476c1e6baaef89fd81cdc1fe4
66b7e1425690ba57d56f7f19b62d8572114753569c1ec400d9b7cb6d48f32342
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6050
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:07:28 GMT
Last-Modified: Wed, 21 Sep 2022 19:26:38 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 41630fb2c7ef9e435a8762b0943e0980
04b6c8bfe97bc5408e1450b5921331c6ae6de682
e9e83895eef14a5a26e91c9574fc9f60eb2f47959406eabe87b4618412519476
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:07:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ib.adnxs.com/pixie?pi=8d5f389a-2c0c-4c6f-bc78-444ec3a0890e=PageView&script=0
185.89.211.12400 Bad Request 200 B URL HTTP/1.1 ib.adnxs.com/pixie?pi=8d5f389a-2c0c-4c6f-bc78-444ec3a0890e=PageView&script=0
IP 185.89.211.12:0
Hash fefdd5c33b3c8085f2c5b9293595122f
cdd78b96794eab7b50a4c41553a79b00dbe9da58
f918345e81bc13de00d6fa8ec2c395a454340493c9fc84c479648aebb23443eb
GET /pixie?pi=8d5f389a-2c0c-4c6f-bc78-444ec3a0890e=PageView&script=0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 400 Bad Request
Server: nginx/1.21.3
Date: Wed, 21 Sep 2022 21:07:28 GMT
Content-Type: text/plain
Content-Length: 200
Connection: keep-alive
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
pubads.g.doubleclick.net/activity;xsp=4958803;ord=9434021816517222?
216.58.211.2200 OK 42 B URL HTTP/2 pubads.g.doubleclick.net/activity;xsp=4958803;ord=9434021816517222?
IP 216.58.211.2:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /activity;xsp=4958803;ord=9434021816517222? HTTP/1.1
Host: pubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 21:07:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 21-Sep-2022 21:22:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b1fcd968410cdcce6e4efe960e601426
60826de9d1b62657ad779b48daea502dbebeb73d
cd967bb41f3c220d74d8963beac4f5f9361062e2c1692c7a262ce652af281077
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5865
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:07:28 GMT
Last-Modified: Wed, 21 Sep 2022 19:29:43 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
ct.pinterest.com/v3/?tid=2613483917557&noscript=1
151.101.84.84200 OK 35 B URL HTTP/2 ct.pinterest.com/v3/?tid=2613483917557&noscript=1
IP 151.101.84.84:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9b8d19f4310c758344e40bf17fbc7e85
2290ef058812d5f5e398736e2316cba8cf8093cf
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
GET /v3/?tid=2613483917557&noscript=1 HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: image/gif
access-control-allow-origin: *
set-cookie: _pinterest_ct_ua="TWc9PSZsSHZHcWJOei9QTWtmQUxrWnNaeW93ZU1LSUs1eTNrRXVFaEYrNTQ1N0g5SS9Ea1NFNU5oV1UwdkVYOXY3c250a00zNE5WSWhEWDMvMU03VC9ETFkyTXhHYWswM1YwL3ZKQ05hdlFUcXFzWT0meThjMTYrNTBaVTRpZ0Y1Z0pMSjFlTUNuRnVZPQ=="; Expires=Thu, 21 Sep 2023 21:07:28 GMT; Path=/; Domain=ct.pinterest.com; Secure; SameSite=None
x-envoy-upstream-service-time: 2
referrer-policy: origin
x-pinterest-rid: 1651003563627358
date: Wed, 21 Sep 2022 21:07:28 GMT
x-cdn: fastly
content-length: 35
X-Firefox-Spdy: h2
www.google.com/pagead/conversion_async.js
142.250.74.164200 OK 16 kB URL HTTP/2 www.google.com/pagead/conversion_async.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (1654)
Hash 890f716858b5f72587e47c5eca121cb5
91871a0acd9a0ab644d51036bb5ca0c3bdc5e687
7a3629e375468328b3fb25e1a6cc5749604f09099e8d2109f366e7e0226aee4a
GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 21 Sep 2022 21:07:28 GMT
expires: Wed, 21 Sep 2022 21:07:28 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 3080337328058561381
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 15693
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 15af330272b65861c93c7f989a284e90
e3cf4e4108bc8e68819f82722fb6ca11392cdb34
7ebccd17f3283cfcd086121a089c9de4699284acf5809695d7a364835518ec1a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:07:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&d_nsid=0&ts=1663794447717
52.51.99.30302 Found 0 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&d_nsid=0&ts=1663794447717
IP 52.51.99.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&d_nsid=0&ts=1663794447717 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://www.regions.com
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.regions.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v041-0bb85fc15.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&d_nsid=0&ts=1663794447717
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=06916604634025358373393030938656420031; Max-Age=15552000; Expires=Mon, 20 Mar 2023 21:07:28 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: GdwlmIMERgY=
Content-Length: 0
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5af22e39b225120461ea5dc341b14321
38a609c3fa222ded0cfe61ff6ed446561f92d10d
ba3362176a7e67ea61abf9de1e8104df80614b02ce23ab7ab0ab75480b65fd38
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:07:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dc.ads.linkedin.com/collect/?pid=681506&fmt=gif
13.107.42.14302 Found 0 B URL HTTP/2 dc.ads.linkedin.com/collect/?pid=681506&fmt=gif
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect/?pid=681506&fmt=gif HTTP/1.1
Host: dc.ads.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fpid%3D681506%26fmt%3Dgif%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQJlT0hEXnUy-wAAAYNh4IdcM-iimFZQiMnFSBVFmtcBYB5Syb69JUbrVLPXKwI9vGtPX9z34E6Xzw; Max-Age=2592000; Expires=Fri, 21 Oct 2022 21:07:28 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQICTn6q9F6hegAAAYNh4Idce7oC2V3w-v5oH5laR_2tnZphRpEnBMLKbWVH5_RoeGuGLCFcNksp23GVxrG42g; Max-Age=2592000; Expires=Fri, 21 Oct 2022 21:07:28 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&95c83358-6476-4c13-8d70-7fc01c514841"; domain=.linkedin.com; Path=/; Secure; Expires=Thu, 21-Sep-2023 21:07:28 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2387:u=1:x=1:i=1663794448:t=1663880848:v=2:sig=AQEDfwTvxYq1lR-fC9sl-QQL2sG6Kqgd"; Expires=Thu, 22 Sep 2022 21:07:28 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXpNlUQjakp4mtKSuop+Q==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 996BE5CEF47047AFB9C23D399D2F1C16 Ref B: OSL30EDGE0219 Ref C: 2022-09-21T21:07:28Z
date: Wed, 21 Sep 2022 21:07:27 GMT
content-length: 0
X-Firefox-Spdy: h2
adservice.google.com/ddm/fls/p/src=9100576;type=pv;cat=regio0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?4420447334957.442&~oref=https://www.regions.com/
216.58.207.194302 Found 0 B URL HTTP/2 adservice.google.com/ddm/fls/p/src=9100576;type=pv;cat=regio0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?4420447334957.442&~oref=https://www.regions.com/
IP 216.58.207.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ddm/fls/p/src=9100576;type=pv;cat=regio0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?4420447334957.442&~oref=https://www.regions.com/ HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.regions.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 21:07:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://adservice.google.no/ddm/fls/p/src=9100576;type=pv;cat=regio0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?4420447334957.442&~oref=https://www.regions.com/
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1b33d59cf038a3fe7273f78fda2cce3a
0b367731ef6df8e1f6c1b8774198daa9959d7cf5
b02b1756112479f92786994de8e884986b0a7eb3d5885300bfd8a64f597f7cc4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:07:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cm.teads.tv/v2/advertiser?referer=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock&buyer_pixel_id=5995
23.195.255.234200 OK 82 B URL HTTP/1.1 cm.teads.tv/v2/advertiser?referer=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock&buyer_pixel_id=5995
IP 23.195.255.234:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 669b85d39cbaf491467a2f594c37a276
43b6c9f872ea750afc50329acb8a47cd46588295
fa10b271504d790905396d9315306150a550072c628611f73bb5784773ff93cf
GET /v2/advertiser?referer=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock&buyer_pixel_id=5995 HTTP/1.1
Host: cm.teads.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.regions.com/
Origin: https://www.regions.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Content-Length: 82
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.regions.com
Expires: Wed, 21 Sep 2022 21:07:28 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 21 Sep 2022 21:07:28 GMT
Connection: keep-alive
pixel.quantserve.com/pixel;r=1475280679;labels=_fp.event.PageView;rf=3;a=p-AMy7w2y7nzRg3;url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock;uht=2;fpan=1;fpa=P0-10606558-1663794448085;pbc=;ns=0;ce=1;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;ref=;d=regions.com;dst=0;et=1663794448085;tzo=0;ogl=locale.en_US%2Csite_name.RegionsBank%2Ctype.article%2CTitle.Little%20Rock%20Mortgage%20Lender%20%7C%20Matthew%20Lewis%20%7C%20Regions%2Cdescription.Looking%20for%20a%20mortgage%20lender%20in%20Little%20Rock%3F%20Matthew%20Lewis%20at%20Regions%20Bank%20can%20%2Curl.https%3A%2F%2Fwww%252Eregions%252Ecom%2Flocator%2Fmlo%2Fmortgage-loan-officer-Matthew-Lewis-Little-R%2Cimage.https%3A%2F%2Fwww%252Eregions%252Ecom%2F-%2Fmedia%2FImages%2FWebSiteImages%2Fregions-logo%252Epng%3Frevision%3D0;ses=58c9cdcb-13da-4e06-83a8-e335d13e287a
91.228.74.168200 OK 35 B URL HTTP/2 pixel.quantserve.com/pixel;r=1475280679;labels=_fp.event.PageView;rf=3;a=p-AMy7w2y7nzRg3;url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock;uht=2;fpan=1;fpa=P0-10606558-1663794448085;pbc=;ns=0;ce=1;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;ref=;d=regions.com;dst=0;et=1663794448085;tzo=0;ogl=locale.en_US%2Csite_name.RegionsBank%2Ctype.article%2CTitle.Little%20Rock%20Mortgage%20Lender%20%7C%20Matthew%20Lewis%20%7C%20Regions%2Cdescription.Looking%20for%20a%20mortgage%20lender%20in%20Little%20Rock%3F%20Matthew%20Lewis%20at%20Regions%20Bank%20can%20%2Curl.https%3A%2F%2Fwww%252Eregions%252Ecom%2Flocator%2Fmlo%2Fmortgage-loan-officer-Matthew-Lewis-Little-R%2Cimage.https%3A%2F%2Fwww%252Eregions%252Ecom%2F-%2Fmedia%2FImages%2FWebSiteImages%2Fregions-logo%252Epng%3Frevision%3D0;ses=58c9cdcb-13da-4e06-83a8-e335d13e287a
IP 91.228.74.168:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
GET /pixel;r=1475280679;labels=_fp.event.PageView;rf=3;a=p-AMy7w2y7nzRg3;url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock;uht=2;fpan=1;fpa=P0-10606558-1663794448085;pbc=;ns=0;ce=1;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;ref=;d=regions.com;dst=0;et=1663794448085;tzo=0;ogl=locale.en_US%2Csite_name.RegionsBank%2Ctype.article%2CTitle.Little%20Rock%20Mortgage%20Lender%20%7C%20Matthew%20Lewis%20%7C%20Regions%2Cdescription.Looking%20for%20a%20mortgage%20lender%20in%20Little%20Rock%3F%20Matthew%20Lewis%20at%20Regions%20Bank%20can%20%2Curl.https%3A%2F%2Fwww%252Eregions%252Ecom%2Flocator%2Fmlo%2Fmortgage-loan-officer-Matthew-Lewis-Little-R%2Cimage.https%3A%2F%2Fwww%252Eregions%252Ecom%2F-%2Fmedia%2FImages%2FWebSiteImages%2Fregions-logo%252Epng%3Frevision%3D0;ses=58c9cdcb-13da-4e06-83a8-e335d13e287a HTTP/1.1
Host: pixel.quantserve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:07:28 GMT
content-type: image/gif
content-length: 35
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: mc=632b7d10-4b9a9-4f7fb-067ca; expires=Sun, 22-Oct-2023 21:07:28 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2
analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o1rxt&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0
104.244.42.195200 OK 43 B URL HTTP/2 analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o1rxt&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0
IP 104.244.42.195:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?p_id=Twitter&p_user_id=0&txn_id=o1rxt&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:07:27 GMT
server: tsa_o
set-cookie: personalization_id="v1_ngBuwq8GKBQ740gQPVpOwQ=="; Max-Age=63072000; Expires=Fri, 20 Sep 2024 21:07:28 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
strict-transport-security: max-age=631138519
x-response-time: 103
x-connection-hash: 9030dff34bfc6cb5837db99d72feca99849284a7f0bb692cf9d4f06da9b54c2b
X-Firefox-Spdy: h2
dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&d_nsid=0&ts=1663794447717
52.51.99.30200 OK 124 B URL HTTP/1.1 dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&d_nsid=0&ts=1663794447717
IP 52.51.99.30:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1f6783349ac4177ec3b3845fd520dca6
d84e7a43a8c8ff6f1a568ad6cb4162767f5b32b7
64bc30aa6a9d9e5396bb67c6af32c31f5ca6610641f0bdea10d759281df6adca
GET /id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&d_nsid=0&ts=1663794447717 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.regions.com
Content-Type: application/x-www-form-urlencoded
Referer: https://www.regions.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.regions.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v041-0558c7618.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-Error: 172
X-TID: KIw8Oe7bQGA=
Content-Length: 124
Connection: keep-alive
rules.quantcount.com/rules-p-AMy7w2y7nzRg3.js
54.230.111.33200 OK 271 B URL HTTP/2 rules.quantcount.com/rules-p-AMy7w2y7nzRg3.js
IP 54.230.111.33:0
Hash c3aea86cfb633cfbbc5016b7c212fbc1
89934f12847b20c8d992007ab07494977f56ce84
b6d7b217464fd3d4447c18b0c1df4bb42e458c41841e9d2a5ab780f853943884
GET /rules-p-AMy7w2y7nzRg3.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 271
last-modified: Fri, 26 Aug 2022 12:05:44 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
date: Wed, 21 Sep 2022 21:07:28 GMT
cache-control: max-age=3600
etag: "c3aea86cfb633cfbbc5016b7c212fbc1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ruPPYJuucO_xfKpuJsZcCiuce7YCAqCUz7eTBjiUvJQdXbxWS4viUg==
age: 1539
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/959581806/?random=1663794448122&cv=9&fst=1663794448122&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9j0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock&tiba=Little%20Rock%20Mortgage%20Lender%20%7C%20Matthew%20Lewis%20%7C%20Regions&auid=1215022803.1663794448&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.162200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/959581806/?random=1663794448122&cv=9&fst=1663794448122&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9j0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock&tiba=Little%20Rock%20Mortgage%20Lender%20%7C%20Matthew%20Lewis%20%7C%20Regions&auid=1215022803.1663794448&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.162:0
File type ASCII text, with very long lines (2468), with no line terminators
Hash 4d7ea318476d068c6b1510bb89fc3b2a
519f7290568cde03037d7163957851b1b42ff1ce
bc12b03dd35be4c85ba07c6c707391e99e066eafecbac361a237baccfb1e93f9
GET /pagead/viewthroughconversion/959581806/?random=1663794448122&cv=9&fst=1663794448122&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9j0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock&tiba=Little%20Rock%20Mortgage%20Lender%20%7C%20Matthew%20Lewis%20%7C%20Regions&auid=1215022803.1663794448&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 21:07:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1095
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 21-Sep-2022 21:22:28 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
secure.quantserve.com/quant.js
91.228.74.168200 OK 10 kB URL HTTP/2 secure.quantserve.com/quant.js
IP 91.228.74.168:0
Hash dd087f34368b9383d39cb2e99ad24eba
f3e5f0c18184dcdbc8330616fc3354a1646ad146
6237fc31eea8139035f80e3653325c25a02d4b3692323e6245b11153b26b64e0
GET /quant.js HTTP/1.1
Host: secure.quantserve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:07:28 GMT
content-type: application/javascript
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "eN3sxSgaav0x5wHLxGB1gQ=="
expires: Wed, 28 Sep 2022 21:07:28 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1013536406/?random=1663794448132&cv=9&fst=1663794448132&num=1&fmt=3&label=F0kQCIWIgqYBEJatpeMD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9j0&sendb=1&ig=0&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock&tiba=Little%20Rock%20Mortgage%20Lender%20%7C%20Matthew%20Lewis%20%7C%20Regions&auid=1215022803.1663794448>m_ee=1&hn=www.google.com&gcp=1&ct_cookie_present=1&async=1
142.250.74.162200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1013536406/?random=1663794448132&cv=9&fst=1663794448132&num=1&fmt=3&label=F0kQCIWIgqYBEJatpeMD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9j0&sendb=1&ig=0&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock&tiba=Little%20Rock%20Mortgage%20Lender%20%7C%20Matthew%20Lewis%20%7C%20Regions&auid=1215022803.1663794448>m_ee=1&hn=www.google.com&gcp=1&ct_cookie_present=1&async=1
IP 142.250.74.162:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/1013536406/?random=1663794448132&cv=9&fst=1663794448132&num=1&fmt=3&label=F0kQCIWIgqYBEJatpeMD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9j0&sendb=1&ig=0&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock&tiba=Little%20Rock%20Mortgage%20Lender%20%7C%20Matthew%20Lewis%20%7C%20Regions&auid=1215022803.1663794448>m_ee=1&hn=www.google.com&gcp=1&ct_cookie_present=1&async=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 21:07:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 21-Sep-2022 21:22:28 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1013536406/?random=1663794448130&cv=9&fst=1663794448130&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9j0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock&tiba=Little%20Rock%20Mortgage%20Lender%20%7C%20Matthew%20Lewis%20%7C%20Regions&auid=1215022803.1663794448&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.162200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1013536406/?random=1663794448130&cv=9&fst=1663794448130&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9j0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock&tiba=Little%20Rock%20Mortgage%20Lender%20%7C%20Matthew%20Lewis%20%7C%20Regions&auid=1215022803.1663794448&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.162:0
File type ASCII text, with very long lines (2470), with no line terminators
Hash 4e53c5b388827f91c369cb2ca2ebc57d
5e259e79b762e0da35a7afd9cb04e32227ea425d
52e2ecb1b1f6a3d6a5d22a8faa7da47e3a8e4c279f74ac9edad7cda9f1850125
GET /pagead/viewthroughconversion/1013536406/?random=1663794448130&cv=9&fst=1663794448130&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9j0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock&tiba=Little%20Rock%20Mortgage%20Lender%20%7C%20Matthew%20Lewis%20%7C%20Regions&auid=1215022803.1663794448&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 21:07:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1095
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 21-Sep-2022 21:22:28 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f675396b1827a50c78e358358f256144
451b788273e06a08f762735c23c13028e32a3f3c
6bd9e2ec423bf8f0f681a92f4ad0b28cdb53f5df6ca4b571c9697b678c20c126
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:07:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pxl.qccerttest.com/pixel?r=648849287;fpan=0;fpa=P0-10606558-1663794448085;pbc=;ns=0;ce=1;qjs=1;qv=d18171e5-20220913105912;ref=;cm=;gdpr=0;d=regions.com;dst=0;et=1663794448222;tzo=0;url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock;ogl=locale.en_US%2Csite_name.RegionsBank%2Ctype.article%2CTitle.Little%20Rock%20Mortgage%20Lender%20%7C%20Matthew%20Lewis%20%7C%20Regions%2Cdescription.Looking%20for%20a%20mortgage%20lender%20in%20Little%20Rock%3F%20Matthew%20Lewis%20at%20Regions%20Bank%20can%20%2Curl.https%3A%2F%2Fwww%252Eregions%252Ecom%2Flocator%2Fmlo%2Fmortgage-loan-officer-Matthew-Lewis-Little-R%2Cimage.https%3A%2F%2Fwww%252Eregions%252Ecom%2F-%2Fmedia%2FImages%2FWebSiteImages%2Fregions-logo%252Epng%3Frevision%3D0
143.204.55.93200 OK 35 B URL HTTP/2 pxl.qccerttest.com/pixel?r=648849287;fpan=0;fpa=P0-10606558-1663794448085;pbc=;ns=0;ce=1;qjs=1;qv=d18171e5-20220913105912;ref=;cm=;gdpr=0;d=regions.com;dst=0;et=1663794448222;tzo=0;url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock;ogl=locale.en_US%2Csite_name.RegionsBank%2Ctype.article%2CTitle.Little%20Rock%20Mortgage%20Lender%20%7C%20Matthew%20Lewis%20%7C%20Regions%2Cdescription.Looking%20for%20a%20mortgage%20lender%20in%20Little%20Rock%3F%20Matthew%20Lewis%20at%20Regions%20Bank%20can%20%2Curl.https%3A%2F%2Fwww%252Eregions%252Ecom%2Flocator%2Fmlo%2Fmortgage-loan-officer-Matthew-Lewis-Little-R%2Cimage.https%3A%2F%2Fwww%252Eregions%252Ecom%2F-%2Fmedia%2FImages%2FWebSiteImages%2Fregions-logo%252Epng%3Frevision%3D0
IP 143.204.55.93:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
GET /pixel?r=648849287;fpan=0;fpa=P0-10606558-1663794448085;pbc=;ns=0;ce=1;qjs=1;qv=d18171e5-20220913105912;ref=;cm=;gdpr=0;d=regions.com;dst=0;et=1663794448222;tzo=0;url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock;ogl=locale.en_US%2Csite_name.RegionsBank%2Ctype.article%2CTitle.Little%20Rock%20Mortgage%20Lender%20%7C%20Matthew%20Lewis%20%7C%20Regions%2Cdescription.Looking%20for%20a%20mortgage%20lender%20in%20Little%20Rock%3F%20Matthew%20Lewis%20at%20Regions%20Bank%20can%20%2Curl.https%3A%2F%2Fwww%252Eregions%252Ecom%2Flocator%2Fmlo%2Fmortgage-loan-officer-Matthew-Lewis-Little-R%2Cimage.https%3A%2F%2Fwww%252Eregions%252Ecom%2F-%2Fmedia%2FImages%2FWebSiteImages%2Fregions-logo%252Epng%3Frevision%3D0 HTTP/1.1
Host: pxl.qccerttest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 35
last-modified: Thu, 04 Aug 2022 16:01:04 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Wed, 21 Sep 2022 01:48:50 GMT
etag: "55d25e9dc950d5db4d53a3b195c046c6"
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jN7Wpp_5kmovzpMM6wgP0qSvFktYiN-PTB6tn3-MsIP-gXPOFJCjWA==
age: 69519
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f675396b1827a50c78e358358f256144
451b788273e06a08f762735c23c13028e32a3f3c
6bd9e2ec423bf8f0f681a92f4ad0b28cdb53f5df6ca4b571c9697b678c20c126
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:07:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
t.teads.tv/track?action=pageView&env=js-web&tag_version=6.0.0_2864ca5&buyer_pixel_id=5995&referer=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock
23.38.201.50200 OK 23 B URL HTTP/2 t.teads.tv/track?action=pageView&env=js-web&tag_version=6.0.0_2864ca5&buyer_pixel_id=5995&referer=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock
IP 23.38.201.50:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash da5b449fff36752a93779fa4067cd2eb
71a96eea77f21ab5f1819b96c4cedd5cd34476ca
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
GET /track?action=pageView&env=js-web&tag_version=6.0.0_2864ca5&buyer_pixel_id=5995&referer=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock HTTP/1.1
Host: t.teads.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 23
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Wed, 21 Sep 2022 21:07:28 GMT
X-Firefox-Spdy: h2
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fpid%3D681506%26fmt%3Dgif%26liSync%3Dtrue
13.107.42.14302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fpid%3D681506%26fmt%3Dgif%26liSync%3Dtrue
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fpid%3D681506%26fmt%3Dgif%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.regions.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?pid=681506&fmt=gif&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&7a257548-cb92-4c14-8cc9-fb93a6bcca63"; Domain=.linkedin.com; Expires=Thu, 21-Sep-2023 21:07:28 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&20220921210728a9dbf76b-c008-4b4d-8459-4ba4604080acAQHwZoX4c4Fic6VMRMzATH3jbalKR2kp"; Domain=.www.linkedin.com; Expires=Thu, 21-Sep-2023 21:07:28 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NjM3OTQ0NDg7MjswMjH18jVKRqfy2hRFq37Fi47C7zas5xmq3ZJOi3hc2QBx9g==; Domain=.linkedin.com; Expires=Mon, 20 Mar 2023 21:07:28 GMT; Path=/; Secure; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2391:u=1:x=1:i=1663794448:t=1663880848:v=2:sig=AQFgIc7YHgBqPGpPU6WwEd7kj8tRRaA5"; Expires=Thu, 22 Sep 2022 21:07:28 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com https://*.qualtrics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri /security/csp?e=p&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXpNlUTb9EEtss1SoZKSg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: C3BC0E3E282C4D73AF117174A3849274 Ref B: OSL30EDGE0219 Ref C: 2022-09-21T21:07:28Z
date: Wed, 21 Sep 2022 21:07:27 GMT
content-length: 0
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/p/src=9100576;type=pv;cat=regio0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?4420447334957.442&~oref=https://www.regions.com/
216.58.207.194200 OK 42 B URL HTTP/2 adservice.google.no/ddm/fls/p/src=9100576;type=pv;cat=regio0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?4420447334957.442&~oref=https://www.regions.com/
IP 216.58.207.194:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ddm/fls/p/src=9100576;type=pv;cat=regio0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?4420447334957.442&~oref=https://www.regions.com/ HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.regions.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 21:07:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/959581806/?random=1663794448122&cv=9&fst=1663794000000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock&tiba=Little%20Rock%20Mortgage%20Lender%20%7C%20Matthew%20Lewis%20%7C%20Regions&async=1&fmt=3&is_vtc=1&random=1876497237&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/959581806/?random=1663794448122&cv=9&fst=1663794000000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock&tiba=Little%20Rock%20Mortgage%20Lender%20%7C%20Matthew%20Lewis%20%7C%20Regions&async=1&fmt=3&is_vtc=1&random=1876497237&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/959581806/?random=1663794448122&cv=9&fst=1663794000000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock&tiba=Little%20Rock%20Mortgage%20Lender%20%7C%20Matthew%20Lewis%20%7C%20Regions&async=1&fmt=3&is_vtc=1&random=1876497237&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 21:07:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-conversion/1013536406/?random=1663794448132&cv=9&fst=1663794448132&num=1&label=F0kQCIWIgqYBEJatpeMD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9j0&sendb=1&ig=0&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock&tiba=Little%20Rock%20Mortgage%20Lender%20%7C%20Matthew%20Lewis%20%7C%20Regions&auid=1215022803.1663794448>m_ee=1&hn=www.google.com&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0
142.250.74.3200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/1013536406/?random=1663794448132&cv=9&fst=1663794448132&num=1&label=F0kQCIWIgqYBEJatpeMD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9j0&sendb=1&ig=0&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock&tiba=Little%20Rock%20Mortgage%20Lender%20%7C%20Matthew%20Lewis%20%7C%20Regions&auid=1215022803.1663794448>m_ee=1&hn=www.google.com&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP 142.250.74.3:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/1013536406/?random=1663794448132&cv=9&fst=1663794448132&num=1&label=F0kQCIWIgqYBEJatpeMD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9j0&sendb=1&ig=0&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock&tiba=Little%20Rock%20Mortgage%20Lender%20%7C%20Matthew%20Lewis%20%7C%20Regions&auid=1215022803.1663794448>m_ee=1&hn=www.google.com&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.regions.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 21:07:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1013536406/?random=1663794448130&cv=9&fst=1663794000000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock&tiba=Little%20Rock%20Mortgage%20Lender%20%7C%20Matthew%20Lewis%20%7C%20Regions&async=1&fmt=3&is_vtc=1&random=2733146819&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1013536406/?random=1663794448130&cv=9&fst=1663794000000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock&tiba=Little%20Rock%20Mortgage%20Lender%20%7C%20Matthew%20Lewis%20%7C%20Regions&async=1&fmt=3&is_vtc=1&random=2733146819&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1013536406/?random=1663794448130&cv=9&fst=1663794000000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock&tiba=Little%20Rock%20Mortgage%20Lender%20%7C%20Matthew%20Lewis%20%7C%20Regions&async=1&fmt=3&is_vtc=1&random=2733146819&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 21:07:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 5278634c99a4ed40fba9fd6a6dcba9e2
40c13f10b03da8ff38463e48581f4ae4702185a5
6e026c34658c66523bcfaab5d1efd92dfd1bf90258659bab764791e633e8dae7
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 21:07:28 GMT
Last-Modified: Wed, 21 Sep 2022 19:31:46 GMT
Server: ECS (nyb/1D05)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: erv8oqeNt3QIqnf0Wt28M4CqcKABHMySQMd2Jq8SSSP6cf6S7JCXCw==
Age: 5742
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 51ca5853da6ab1b45b9b9d8425056853
b912e4d1ee63203030fa6efd1a77b5f02f4f86e0
a5dd1386ea0a4adc2678a71557841daec7a91a80330c7cf3dc845963c4addd3f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:07:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f675396b1827a50c78e358358f256144
451b788273e06a08f762735c23c13028e32a3f3c
6bd9e2ec423bf8f0f681a92f4ad0b28cdb53f5df6ca4b571c9697b678c20c126
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:07:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 6db6c560a3def8d8aa108fb8deb61eaa
31c1836a706646c034e26d16ca2d26b68af029a8
1367ca195edf44c4958e32d34035732d34e48849516d8eaf6c24c75b22c97916
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:07:28 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 02:15:45 GMT
Expires: Wed, 28 Sep 2022 02:15:44 GMT
Etag: "31c1836a706646c034e26d16ca2d26b68af029a8"
Cache-Control: max-age=536295,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74e5c5469ac6b518-OSL
people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e30sImV4dGVybmFsX2lkcyI6eyJ6eW5jIjoiYzI0MWE0ODEtZjZhYy00YmZmLTg2ZjMtNGJhZDVkM2RmNjZlOjE2NjM3OTQ0NDcuOTQ3ODc4NCJ9fQ%3D%3D&site_id=regions-bank
52.45.201.131200 OK 146 B URL HTTP/1.1 people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e30sImV4dGVybmFsX2lkcyI6eyJ6eW5jIjoiYzI0MWE0ODEtZjZhYy00YmZmLTg2ZjMtNGJhZDVkM2RmNjZlOjE2NjM3OTQ0NDcuOTQ3ODc4NCJ9fQ%3D%3D&site_id=regions-bank
IP 52.45.201.131:0
File type JSON data\012- , ASCII text
Hash aa3c4659a6211c80b3526db8ec95d16f
100f597f8df3faf14ab86087abbcdd845910381b
868c69e6aced181520419f1b298d11e9d459f23ad80d793939b24bfb3eb3f140
GET /identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e30sImV4dGVybmFsX2lkcyI6eyJ6eW5jIjoiYzI0MWE0ODEtZjZhYy00YmZmLTg2ZjMtNGJhZDVkM2RmNjZlOjE2NjM3OTQ0NDcuOTQ3ODc4NCJ9fQ%3D%3D&site_id=regions-bank HTTP/1.1
Host: people.api.boomtrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.regions.com
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Authorization,x-app-id
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Origin: *
Content-Type: application/json
Date: Wed, 21 Sep 2022 21:07:28 GMT
Server: nginx
Content-Length: 146
Connection: keep-alive
20839218p.rfihub.com/ca.html?ver=9&rb=46121&ca=20839218&cust1=https%3A%2F%2Fwww.regions.com%2F&pe=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock&pf=&ra=890981422336977
193.0.160.128200 OK 2.7 kB URL HTTP/1.1 20839218p.rfihub.com/ca.html?ver=9&rb=46121&ca=20839218&cust1=https%3A%2F%2Fwww.regions.com%2F&pe=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock&pf=&ra=890981422336977
IP 193.0.160.128:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (2674), with no line terminators
Hash 6363de51e16ab49fa7146b7eba246749
83ba22b393b6b6188e5d3c67571f9bde604b08ec
777ec1badc293d0d010f61dc7fc9db77e94285b146141f807b500d0638f37130
GET /ca.html?ver=9&rb=46121&ca=20839218&cust1=https%3A%2F%2Fwww.regions.com%2F&pe=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock&pf=&ra=890981422336977 HTTP/1.1
Host: 20839218p.rfihub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:07:28 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: eud=H4sIAAAAAAAA_5vFyGtoZmZsbmliYmJhZmyyCo1_Co3_Co3_C40_iQmVPwuNvwiNvwqNvwmNvwtdPQsq_xYafxMrmn5uNPei8RcJo_IfofEBMCtDeiABAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 16 Oct 2023 21:07:28 GMT; Secure; SameSite=None
ruds=H4sIAAAAAAAA_-MSNjU0sDA1tTQ3MjGxMDayMDYxNBDiM9QNz3R2TXe2CHD3DfEHAECJgBElAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
rud=H4sIAAAAAAAA_-MSNjU0sDA1tTQ3MjGxMDayMDYxNBDiM9QNz3R2TXe2CHD3DfEHAECJgBElAAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 16 Oct 2023 21:07:28 GMT; Secure; SameSite=None
Cache-Control: no-cache
Content-Type: text/html;charset=utf-8
Content-Length: 2674
Server: Jetty(9.3.29.v20201019)
px.ads.linkedin.com/collect?pid=681506&fmt=gif&liSync=true
13.107.42.14200 OK 65 B URL HTTP/2 px.ads.linkedin.com/collect?pid=681506&fmt=gif&liSync=true
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 8b0d5b18476ae12e2476f3621d54c4a5
2ad669e9d207fbb37e84dda25766dbaeb66d792c
2d7244b6960d26ae56f048f162f02949ca7858be19d9349ec82906e56dfa3cfe
GET /collect?pid=681506&fmt=gif&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.regions.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 65
content-type: image/gif
content-encoding: gzip
vary: Accept-Encoding
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&c053dbf3-4e43-42f8-8d3a-92725265ce2f"; domain=.linkedin.com; Path=/; Secure; Expires=Thu, 21-Sep-2023 21:07:28 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2387:u=1:x=1:i=1663794448:t=1663880848:v=2:sig=AQEDfwTvxYq1lR-fC9sl-QQL2sG6Kqgd"; Expires=Thu, 22 Sep 2022 21:07:28 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXpNlUWHw4PghTU3IuUag==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 1791A96CF742456DA0D0F69F21543D6C Ref B: OSL30EDGE0219 Ref C: 2022-09-21T21:07:28Z
date: Wed, 21 Sep 2022 21:07:27 GMT
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwODU1OTcyNDQ4MzI4MzQxMA==&forward=
142.250.74.34302 Found 369 B URL HTTP/2 cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwODU1OTcyNDQ4MzI4MzQxMA==&forward=
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash a4c119b2735840086634227845e99b04
a64715de0903fe9c37556d43e154d533f98ddefd
a177701c733d3c3052cafdf7fbe5975a8849f591efc0b32b3a8ba7000fbd8b0b
GET /pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwODU1OTcyNDQ4MzI4MzQxMA==&forward= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwODU1OTcyNDQ4MzI4MzQxMA==&forward=&google_tc=
date: Wed, 21 Sep 2022 21:07:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 369
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 21-Sep-2022 21:22:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.regions.com/-/media/js/mp_linkcode.js
205.255.103.100200 OK 681 B URL HTTP/1.1 www.regions.com/-/media/js/mp_linkcode.js
IP 205.255.103.100:0
File type exported SGML document, ASCII text, with CRLF line terminators
Hash 662fd21e25a8269185df8c993bfd251d
4da619e51fa6a54e5ffcdd7d826c1e5550a67840
f9465098d4cfa9edb9fed28c3eceb6bd3251c3fb011e86d1fa8f27bf1a680ceb
GET /-/media/js/mp_linkcode.js HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-matthew-lewis-little-rock
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=zblx5nihrvgab5wmmnybpymg; SC_ANALYTICS_GLOBAL_COOKIE=d436bf3b696f49b1bde9deedb0af3e5d|False; Regions_SessionId=f0996e15-b846-4966-8869-24359d2292d3; _uetsid=65df419039f111ed82be71931f0b6023; _uetvid=65df56b039f111edb9056be00c42975a; _gcl_au=1.1.1215022803.1663794448; btIdentify=0588d832-02be-4256-f3ed-a3ff314262a9; _bti=%7B%22app_id%22%3A%22regions-bank%22%2C%22bsin%22%3A%226QyUoK%2Fx2hc4MxZTqLJkDEUtkJ7Q0PfudKTi4lJf%2BhqYM5pVHiyn0Qc4AKvox7jcLoGwXvqsSqhrEc1j8to%2BWg%3D%3D%22%2C%22is_identified%22%3Afalse%7D; _bts=79118364-b529-49f3-f85b-95b4d95936ef; qcSxc=1663794448090; _fbp=fb.1.1663794448117.2032191492; __qca=P0-10606558-1663794448085
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 534949
Date: Thu, 15 Sep 2022 16:31:39 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 32fbff40b5ed4dcfb4de06b0179c338b
Content-Type: application/x-javascript
Content-Encoding: br
Last-Modified: Thu, 25 Aug 2016 21:09:38 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Disposition: inline; filename="mp_linkcode.js"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 681
Strict-Transport-Security: max-age=157680000
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e1b3d60c72ff8b4d09d38ff5635489e3
ef4be572205288dd2727561762b561888061261c
e523c4e56f4c14c4d7f75e20b6bf90afc6fadd022503f5e0da3c958e9169c195
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:07:28 GMT
Server: ECS (amb/6B74)
Content-Length: 471
dpm.demdex.net/ibs:dpid=1121&dpuuid=5108559724483283410&redir=
52.51.99.30302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=1121&dpuuid=5108559724483283410&redir=
IP 52.51.99.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=1121&dpuuid=5108559724483283410&redir= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v041-01880140b.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5108559724483283410&redir=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=31202447558513990662032291377408919223; Max-Age=15552000; Expires=Mon, 20 Mar 2023 21:07:28 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: c27C+8cgTug=
Content-Length: 0
Connection: keep-alive
ib.adnxs.com/setuid?entity=18&code=5108559724483283410
185.89.211.12307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/setuid?entity=18&code=5108559724483283410
IP 185.89.211.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /setuid?entity=18&code=5108559724483283410 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 21 Sep 2022 21:07:28 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5108559724483283410
AN-X-Request-Uuid: 8862a46c-63c7-495a-99bc-359946afa9a5
Set-Cookie: uuid2=5401345969029026325; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 20-Dec-2022 21:07:28 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
smetrics.regions.com/id?d_visid_ver=4.4.0&d_fieldgroup=MC&mcorgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&ts=1663794448261
15.188.95.229200 OK 48 B URL HTTP/2 smetrics.regions.com/id?d_visid_ver=4.4.0&d_fieldgroup=MC&mcorgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&ts=1663794448261
IP 15.188.95.229:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0dd835d622277656c27e527cb08edd91
02bd8a7d6ef51a668cd3f5ae069dc19af82ed98d
37c1313d4d4a039b543140d262ca67ebc4ab905f7fc0d8778771460e48a976d3
GET /id?d_visid_ver=4.4.0&d_fieldgroup=MC&mcorgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&ts=1663794448261 HTTP/1.1
Host: smetrics.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://www.regions.com
Connection: keep-alive
Referer: https://www.regions.com/
Cookie: _uetsid=65df419039f111ed82be71931f0b6023; _uetvid=65df56b039f111edb9056be00c42975a; _gcl_au=1.1.1215022803.1663794448; btIdentify=0588d832-02be-4256-f3ed-a3ff314262a9; _bti=%7B%22bsin%22%3A%22%22%7D; _bts=79118364-b529-49f3-f85b-95b4d95936ef; _fbp=fb.1.1663794448117.2032191492; __qca=P0-10606558-1663794448085
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
access-control-allow-origin: https://www.regions.com
access-control-allow-credentials: true
date: Wed, 21 Sep 2022 21:07:28 GMT
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: AMCV_DB9639725BD2FC5B0A495C65%40AdobeOrg=0%7CMCMID%7C86565777423148841842514128234168820797; Path=/; Domain=regions.com; Max-Age=63072000; Expires=Fri, 20 Sep 2024 21:07:07 GMT;
s_ecid=MCMID%7C86565777423148841842514128234168820797; Path=/; Domain=regions.com; Max-Age=63072000; Expires=Fri, 20 Sep 2024 21:07:07 GMT; SameSite=Lax;
vary: Origin
content-type: application/x-javascript;charset=utf-8
content-length: 48
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.regions.com/-/media/js/oo_engine.js
205.255.103.100200 OK 15 kB URL HTTP/1.1 www.regions.com/-/media/js/oo_engine.js
IP 205.255.103.100:0
Hash 54216df51ccc54b91647f46e6324a5d1
35cf90a9b3fe6579456b237653cd652dd86fc347
7e268465893e047076cb3331536cd5762cebc6f6e96a5d17a7c16165fda220d0
GET /-/media/js/oo_engine.js HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-matthew-lewis-little-rock
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae128f45525d5f4f58455e445a4a423660; ASP.NET_SessionId=zblx5nihrvgab5wmmnybpymg; SC_ANALYTICS_GLOBAL_COOKIE=d436bf3b696f49b1bde9deedb0af3e5d|False; Regions_SessionId=f0996e15-b846-4966-8869-24359d2292d3; _uetsid=65df419039f111ed82be71931f0b6023; _uetvid=65df56b039f111edb9056be00c42975a; _gcl_au=1.1.1215022803.1663794448; btIdentify=0588d832-02be-4256-f3ed-a3ff314262a9; _bti=%7B%22app_id%22%3A%22regions-bank%22%2C%22bsin%22%3A%226QyUoK%2Fx2hc4MxZTqLJkDEUtkJ7Q0PfudKTi4lJf%2BhqYM5pVHiyn0Qc4AKvox7jcLoGwXvqsSqhrEc1j8to%2BWg%3D%3D%22%2C%22is_identified%22%3Afalse%7D; _bts=79118364-b529-49f3-f85b-95b4d95936ef; qcSxc=1663794448090; _fbp=fb.1.1663794448117.2032191492; __qca=P0-10606558-1663794448085
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 534949
Date: Thu, 15 Sep 2022 16:31:39 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 6bf959c8100849ea8da66ecf3fc7ab49
Content-Type: application/x-javascript
Content-Encoding: br
Last-Modified: Thu, 25 Aug 2016 21:09:39 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Disposition: inline; filename="oo_engine.js"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 15048
Strict-Transport-Security: max-age=157680000
live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559724483283410&referrer=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock
143.204.55.106302 Found 661 B URL HTTP/2 live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559724483283410&referrer=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock
IP 143.204.55.106:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (575)
Hash d5364875e345ddfd0b8987c7c7ed8aae
4834658b67dab8229bebc1e37586c0c26c7d1e4b
57e64b170a619174e7d8872851b92f562a3934bbdbb415e2d7da51fad70c5635
GET /pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559724483283410&referrer=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock HTTP/1.1
Host: live.rezync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Cookie: zync-uuid=c241a481-f6ac-4bff-86f3-4bad5d3df66e:1663794447.9478784; sd-session-id=eyJfcGVybWFuZW50Ijp0cnVlLCJzZXNzaW9uX2lkIjoiYzI0MWE0ODEtZjZhYy00YmZmLTg2ZjMtNGJhZDVkM2RmNjZlOjE2NjM3OTQ0NDcuOTQ3ODc4NCJ9.Yyt9Dw.2Ibzr8xsPZeX1RZ4K--yJxHCEu4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=utf-8
content-length: 661
location: https://p.rfihub.com/cm?pub=39342&in=0&userid=c241a481-f6ac-4bff-86f3-4bad5d3df66e%3A1663794447.9478784&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc241a481-f6ac-4bff-86f3-4bad5d3df66e%253A1663794447.9478784
date: Wed, 21 Sep 2022 21:07:28 GMT
set-cookie: zync-uuid=c241a481-f6ac-4bff-86f3-4bad5d3df66e:1663794447.9478784; Domain=rezync.com; Expires=Mon, 20 Mar 2023 14:07:28 GMT; Path=/; SameSite=None; Secure
sd-session-id=.eJwNykEOgyAQQNG7zFobgWEYuIyhMCSklTaimxrvXnb_Jf-C9Sv7Fpu0A8KxnzJBetehDuGCXn-bvCCAVQtb651GZKPZoFrgnqBL7_XT1prHkzSqiKzmQjHN-CxlZipmVMw2m1yIJCgi4zwiuodHx44R7j_KUSZ3.Yyt9EA.K6X0SlLbD9eCugkFTq_owmzU9p4; Expires=Mon, 20 Mar 2023 21:07:28 GMT; HttpOnly; Path=/; SameSite=None; Secure
vary: Cookie
server: lighttpd/1.4.59
x-cache: Miss from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KUY4z6yhPWAIo7yeTXTQNOvrtcqG02w0NwsyrPvb2ibK1JzzVKLsDg==
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash a46374ea01a83fa11682c6f71512e2fd
da6c17f1deaa4d1506486fc1efdcfdfbced3ca32
9cd6b1d3f6e1cac4c9e35a23609e46c1a357a262700ae797d421707e17c1efe4
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 21:07:28 GMT
Last-Modified: Wed, 21 Sep 2022 20:26:52 GMT
Server: ECS (nyb/1D1F)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: gFCfxbMfXLFULSTMJOe-q7Hzg-KaVb-whQVETWjf38eO35liERj1-g==
Age: 2436
contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5108559724483283410
23.38.200.22200 OK 45 B URL HTTP/2 contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5108559724483283410
IP 23.38.200.22:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash 99cceceaed4d575484b69ddaf9ed66a7
1e3a3b15296b585833a22d987a387aa58aa1642d
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
GET /cksync.php?cs=3&type=rkt&ovsid=5108559724483283410 HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
content-length: 45
content-type: image/gif
set-cookie: visitor-id=3067960483580264000V10; Expires=Thu, 21 Sep 2023 21:07:28 GMT; domain=.media.net; Path=/;
data-rk=5108559724483283410~~3;Expires=Wed, 20 Sep 2023 21:07:28 GMT;path=/;domain=.media.net;
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=31536000
x-mnet-hl2: E
expires: Wed, 21 Sep 2022 21:07:29 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 21 Sep 2022 21:07:29 GMT
X-Firefox-Spdy: h2
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5108559724483283410&redir=
52.51.99.30200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5108559724483283410&redir=
IP 52.51.99.30:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5108559724483283410&redir= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20839218p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v041-021eeb8c9.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: tue/T9aKSmo=
Content-Length: 59
Connection: keep-alive
dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5108559724483283410&forward=
104.18.18.126302 Found 86 kB URL HTTP/2 dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5108559724483283410&forward=
IP 104.18.18.126:0
File type gzip compressed data, from Unix\012- data
Hash 4a2764f8aebdb36382653c1c962e2eef
1082a03a276d7a924474105b9ebf022e9a3af3cb
2e61d6014c74c69c2575426945cd1ad89f83cb62d82018d0ff1156d07b1759bf
GET /rum?cm_dsp_id=57&external_user_id=5108559724483283410&forward= HTTP/1.1
Host: dsum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 21 Sep 2022 21:07:29 GMT
content-length: 0
location: /rum?cm_dsp_id=57&external_user_id=5108559724483283410&forward=&C=1
cf-ray: 74e5c54a3c58fac0-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMID=Yyt9EfaIbR3zC5olaUXuOgAA; Path=/; Domain=casalemedia.com; Expires=Thu, 21 Sep 2023 21:07:29 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=4333; Path=/; Domain=casalemedia.com; Expires=Tue, 20 Dec 2022 21:07:29 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=4333; Path=/; Domain=casalemedia.com; Expires=Tue, 20 Dec 2022 21:07:29 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yfc7Bh2Y0KlLzPkHlBsFsT2E7EkLVjTNJ%2B%2F41jH7qwrGrFb7BP3%2FNlMdQPxi1fpB%2BSp9lGTT6RQX%2BYKOB6A4XV%2BWDacRBNd6rfmP1rqsiqCbdZhJ5AOogFXv6hVu4oVG2O8YORPbRsbszQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3423ede4e385b098f165a74c5866fbd9
93c10d1e17d52b5a776c9db81e0edeefee332534
16fe3d4ac2f3f66754d28da5da6fa16d1cf9ff0b7ecfa139daffea89a7e1e623
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1669
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:07:29 GMT
Last-Modified: Wed, 21 Sep 2022 20:39:40 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5108559724483283410
185.89.211.12200 OK 43 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5108559724483283410
IP 185.89.211.12:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fsetuid%3Fentity%3D18%26code%3D5108559724483283410 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20839218p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 21 Sep 2022 21:07:29 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: ddf16677-60b2-4bfb-8dac-9c228f2ae067
Set-Cookie: anj=dTM7k!M4/YErk#WF']wIg2GVOgS(#i!]tbPl1MNu::wpAk`W=edYV+elwVJTdYzwLk^q0'D/jEy4^J$o!_6-zQEVk`!*>=0q5Yjf; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 20-Dec-2022 21:07:29 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
zn2tbnxzsysy6zef7-regions.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_2tbnXZsYSY6ZeF7&Q_LOC=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock&t=1663794448561
104.17.209.240200 OK 3.1 kB URL HTTP/2 zn2tbnxzsysy6zef7-regions.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_2tbnXZsYSY6ZeF7&Q_LOC=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock&t=1663794448561
IP 104.17.209.240:0
File type ASCII text, with very long lines (6801)
Hash 9991c40e08ed7aa54278b9773fdd6e3f
fa898e3848847b326fc9f8580f3c995908a4f916
59318c7775bf0383be4eb1bc4941b43c63d77d34ea1370273ff7f223c4a77a55
GET /WRSiteInterceptEngine/?Q_ZID=ZN_2tbnXZsYSY6ZeF7&Q_LOC=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock&t=1663794448561 HTTP/1.1
Host: zn2tbnxzsysy6zef7-regions.siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:07:28 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 74e5c5491f3bb4fd-OSL
access-control-allow-origin: *
age: 483462
cache-control: public, max-age=3600, s-maxage=604800
etag: W/"2127-VrFrN4b27frFkCMw5F5UrW3+Nq8"
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=8487
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
p.rfihub.com/cm?pub=24472&in=1
193.0.160.128302 Found 0 B URL HTTP/1.1 p.rfihub.com/cm?pub=24472&in=1
IP 193.0.160.128:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm?pub=24472&in=1 HTTP/1.1
Host: p.rfihub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 302 Found
Date: Wed, 21 Sep 2022 21:07:29 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: eud=H4sIAAAAAAAA_7vFwmtoZmZsbmliYmJpaGAKAFYrAbUQAAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 16 Oct 2023 21:07:29 GMT; Secure; SameSite=None
rud=H4sIAAAAAAAA_-MSNjU0NjExNTUxtDQyNTEwNrcwNBPiM9Q1rLSs8i0rcXcuK8oGADnLGkElAAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 16 Oct 2023 21:07:29 GMT; Secure; SameSite=None
ruds=H4sIAAAAAAAA_-MSNjU0NjExNTUxtDQyNTEwNrcwNBPiM9Q1rLSs8i0rcXcuK8oGADnLGkElAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Location: https://ps.eyeota.net/match?uid=5134455419254037816&bid=omt9pi0
Content-Length: 0
Server: Jetty(9.3.29.v20201019)
events.api.boomtrain.com/event/track
52.45.50.76200 OK 2 B URL HTTP/2 events.api.boomtrain.com/event/track
IP 52.45.50.76:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /event/track HTTP/1.1
Host: events.api.boomtrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 565
Origin: https://www.regions.com
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:07:29 GMT
content-length: 2
server: nginx
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type, Authorization, x-app-id
access-control-allow-methods: GET, PUT, POST, DELETE
X-Firefox-Spdy: h2
bpi.rtactivate.com/tag/?id=11017&user_id=5108559724483283410
34.204.34.148200 OK 43 B URL HTTP/2 bpi.rtactivate.com/tag/?id=11017&user_id=5108559724483283410
IP 34.204.34.148:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /tag/?id=11017&user_id=5108559724483283410 HTTP/1.1
Host: bpi.rtactivate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: awselb/2.0
date: Wed, 21 Sep 2022 21:07:29 GMT
content-type: image/gif
content-length: 43
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash f063bbd1a226bdf35ade640dfc0feb9c
f283887ccb81439f581836dbee09ff8db70ac3a3
fcf3146dcd0da35f4a24f5cc7cf73a028a2b16df6f84bdcedaf94fb3eab298f2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4199
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:07:29 GMT
Last-Modified: Wed, 21 Sep 2022 19:57:31 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 727
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 09984dfda414469279844f37bf0a4e3b
c113476ce34a4843b7b91e3141fe4c1fa6bc9216
342ecb19ad9a7a05b6882d860ef025cbfe52b7fb2f307e5cac208a99585e7416
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5446
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:07:29 GMT
Last-Modified: Wed, 21 Sep 2022 19:36:44 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash b8bfc9958399c5e100b7af786b26e7af
273cf130821602bb6f0991a3e9f6a43e766fcc66
273e564a30ee9c9912553c0ef3b3e5d2857e9f31228948e29f5053fade480fe0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 21:07:29 GMT
Last-Modified: Wed, 21 Sep 2022 20:03:19 GMT
Server: ECS (nyb/1D29)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: y1BfohPur-W88vNzuIplniahP6ep_U6MTe5TVOWHC6N-axEmU8bvEg==
Age: 3850
dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&d_nsid=0&d_mid=86565777423148841842514128234168820797&ts=1663794448833
52.51.99.30200 OK 1.3 kB URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&d_nsid=0&d_mid=86565777423148841842514128234168820797&ts=1663794448833
IP 52.51.99.30:0
File type JSON data\012- , ASCII text, with very long lines (3731), with no line terminators
Hash 815e6ba6f178b1b59f3405319d03a113
6ff60c1a0e372c96a3e34b01f151cd878b7cbcd8
6d3109dff2294b2b767e41daa0549f821c0c6b44af32beedbe2051fc1a84bc02
GET /id?d_visid_ver=4.4.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&d_nsid=0&d_mid=86565777423148841842514128234168820797&ts=1663794448833 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://www.regions.com
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.regions.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v041-0a24ddc8f.edge-irl1.demdex.com 3 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=80839344487460731413093491725623059536; Max-Age=15552000; Expires=Mon, 20 Mar 2023 21:07:29 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: avE8TsSPTLA=
Content-Length: 1274
Connection: keep-alive
x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5108559724483283410
23.38.201.22200 OK 43 B URL HTTP/2 x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5108559724483283410
IP 23.38.201.22:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /e/rocketfuel_sync?na_exid=5108559724483283410 HTTP/1.1
Host: x.dlx.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 43
expires: Wed, 21 Sep 2022 21:07:29 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 21 Sep 2022 21:07:29 GMT
strict-transport-security: max-age=2628000
X-Firefox-Spdy: h2
sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
151.101.86.49503 Service Unavailable 0 B URL HTTP/2 sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
IP 151.101.86.49:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP/1.1
Host: sync-tm.everesttech.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 503 Service Unavailable
server: Varnish
retry-after: 0
accept-ranges: bytes
date: Wed, 21 Sep 2022 21:07:29 GMT
via: 1.1 varnish
x-served-by: cache-bma1648-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1663794449.164949,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1a6ba8b99be5dbe186929b9f38510167
90e6447b57bcdd0bb7d7ada783370ff4a73ff870
c9f2ec28f0d4c8c42218f838f9165001cfa50262c1520bd58c78ae9e1176948c
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2480
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:07:29 GMT
Last-Modified: Wed, 21 Sep 2022 20:26:09 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
p.rfihub.com/cm?pub=39342&in=0&userid=c241a481-f6ac-4bff-86f3-4bad5d3df66e%3A1663794447.9478784&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc241a481-f6ac-4bff-86f3-4bad5d3df66e%253A1663794447.9478784
193.0.160.128302 Found 0 B URL HTTP/1.1 p.rfihub.com/cm?pub=39342&in=0&userid=c241a481-f6ac-4bff-86f3-4bad5d3df66e%3A1663794447.9478784&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc241a481-f6ac-4bff-86f3-4bad5d3df66e%253A1663794447.9478784
IP 193.0.160.128:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm?pub=39342&in=0&userid=c241a481-f6ac-4bff-86f3-4bad5d3df66e%3A1663794447.9478784&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc241a481-f6ac-4bff-86f3-4bad5d3df66e%253A1663794447.9478784 HTTP/1.1
Host: p.rfihub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20839218p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Wed, 21 Sep 2022 21:07:29 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: euds=H4sIAAAAAAAA_w3GwRGAMAgEwI_t4AxyHsRuMEghqTzua9fh84ImQqWZU_B2S7DtX9ZdVk1-j5LmA4CfAx4e2EAv5u46AAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
eud=H4sIAAAAAAAA_z3IsQ2AMAwEwAmoMkeQTD5vm22SGA9EybRQ0Z3uLroOyIBJTY5VMTOrMdunET1aJHmdQjZ1ALo71NTwlO1PF_YX-nTaOkoAAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 16 Oct 2023 21:07:29 GMT; Secure; SameSite=None
ruds=H4sIAAAAAAAA_-MSNjU0NjY2sjQ1MjIxtDQzMTU2NRXiM9R1NXPxyStzzDGNTAoEADoiFWolAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
rud=H4sIAAAAAAAA_-MSNjU0NjY2sjQ1MjIxtDQzMTU2NRXiM9R1NXPxyStzzDGNTAoEADoiFWolAAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 16 Oct 2023 21:07:29 GMT; Secure; SameSite=None
Location: https://idsync.rlcdn.com/501709.gif?partner_uid=c241a481-f6ac-4bff-86f3-4bad5d3df66e%3A1663794447.9478784
Content-Length: 0
Server: Jetty(9.3.29.v20201019)
bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D
18.159.84.131200 OK 0 B URL HTTP/2 bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D
IP 18.159.84.131:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D HTTP/1.1
Host: bs.serving-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:07:29 GMT
content-length: 0
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NOI DEVa OUR BUS UNI"
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?adv_id=7180&uid=5108559724483283410&img=1
185.94.180.125302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?adv_id=7180&uid=5108559724483283410&img=1
IP 185.94.180.125:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?adv_id=7180&uid=5108559724483283410&img=1 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 21 Sep 2022 21:07:29 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=66bdbbaf-39f1-11ed-af71-1189f5600306; expires=Wed, 19-Oct-2022 21:07:29 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?adv_id=7180&uid=5108559724483283410&img=1&__user_check__=1&sync_id=66bdbc3a-39f1-11ed-af71-1189f5600306
X-fe: 99
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5108559724483283410
52.212.110.18200 OK 43 B URL HTTP/2 aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5108559724483283410
IP 52.212.110.18:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash db04c7b378cb2db912c3ba8a5a774ee3
dee34bd86c3484d31002182aa2b7caa4699126b8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
GET /adscores/g.pixel?sid=9212192898&rf=5108559724483283410 HTTP/1.1
Host: aa.agkn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:07:29 GMT
content-type: image/gif
content-length: 43
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
X-Firefox-Spdy: h2
beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5108559724483283410
52.213.108.198204 No Content 0 B URL HTTP/2 beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5108559724483283410
IP 52.213.108.198:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatch.gif?partner_id=rfuel&partner_user_id=5108559724483283410 HTTP/1.1
Host: beacon.krxd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 21 Sep 2022 21:07:29 GMT
set-cookie: _kuid_=PF8rPBzz; Expires=Mon, 20-Mar-23 21:07:29 GMT; Max-Age=15552000; Domain=.krxd.net; Path=/
cache-control: private, no-cache, no-store
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by: beacon-n017-dub-prod.krxd.net
x-request-time: D=32 t=1663794449
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash a3b00c4674ee0386430e963a8ca3a040
f2cb59ace17ff9d8c7273a3f5d76887700f457a0
17d6cf90b88f4e2897173116ca300b3dbd613af3aca9bfcdbf69adbb3883aa38
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:07:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 13:42:56 GMT
Expires: Wed, 28 Sep 2022 13:42:55 GMT
Etag: "f2cb59ace17ff9d8c7273a3f5d76887700f457a0"
Cache-Control: max-age=577525,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74e5c54a5f2cb518-OSL
bttrack.com/engagement/event?input=%7B%22globalId%22%3A%2200000000-0000-0000-0000-000000000042%22%2C%22creativeId%22%3A%22%22%2C%22placementId%22%3A%22%22%2C%22goalId%22%3A%2244911%22%2C%22sessionId%22%3A%22eeebc932-bc9f-4536-b1e9-17552df9747c%22%2C%22parentPublisherId%22%3A%22%22%2C%22publisherId%22%3A%22%22%2C%22siteId%22%3A%22%22%2C%22commonId%22%3A%22%22%2C%22heartbeat%22%3A1%2C%22url%22%3A%22https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock%22%2C%22fingerprint%22%3A%22%22%2C%22fingerprintProvider%22%3A%22%22%7D
192.132.33.46200 OK 0 B URL HTTP/2 bttrack.com/engagement/event?input=%7B%22globalId%22%3A%2200000000-0000-0000-0000-000000000042%22%2C%22creativeId%22%3A%22%22%2C%22placementId%22%3A%22%22%2C%22goalId%22%3A%2244911%22%2C%22sessionId%22%3A%22eeebc932-bc9f-4536-b1e9-17552df9747c%22%2C%22parentPublisherId%22%3A%22%22%2C%22publisherId%22%3A%22%22%2C%22siteId%22%3A%22%22%2C%22commonId%22%3A%22%22%2C%22heartbeat%22%3A1%2C%22url%22%3A%22https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock%22%2C%22fingerprint%22%3A%22%22%2C%22fingerprintProvider%22%3A%22%22%7D
IP 192.132.33.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /engagement/event?input=%7B%22globalId%22%3A%2200000000-0000-0000-0000-000000000042%22%2C%22creativeId%22%3A%22%22%2C%22placementId%22%3A%22%22%2C%22goalId%22%3A%2244911%22%2C%22sessionId%22%3A%22eeebc932-bc9f-4536-b1e9-17552df9747c%22%2C%22parentPublisherId%22%3A%22%22%2C%22publisherId%22%3A%22%22%2C%22siteId%22%3A%22%22%2C%22commonId%22%3A%22%22%2C%22heartbeat%22%3A1%2C%22url%22%3A%22https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock%22%2C%22fingerprint%22%3A%22%22%2C%22fingerprintProvider%22%3A%22%22%7D HTTP/1.1
Host: bttrack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.regions.com
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,no-cache
pragma: no-cache
content-type: text/plain
content-encoding: gzip
expires: -1
server: Microsoft-IIS/8.5
x-aspnetmvc-version: 5.2
access-control-allow-origin: *
x-aspnet-version: 4.0.30319
p3p: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
x-servername: Track004-iad
date: Wed, 21 Sep 2022 21:07:00 GMT
content-length: 0
X-Firefox-Spdy: h2
a.rfihub.com/cm?pub=445&in=0&forward=&google_error=3
193.0.160.128200 OK 42 B URL HTTP/1.1 a.rfihub.com/cm?pub=445&in=0&forward=&google_error=3
IP 193.0.160.128:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash accba0b69f352b4c9440f05891b015c5
9d01cc5dc8e042c0d4ad6cfb8b3ac38e84a5ef9f
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
GET /cm?pub=445&in=0&forward=&google_error=3 HTTP/1.1
Host: a.rfihub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20839218p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:07:29 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: eud=H4sIAAAAAAAA_-NicjUO4jU0MzM2tzQxMbE0MrAAAGrMyDoTAAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 16 Oct 2023 21:07:29 GMT; Secure; SameSite=None
rud=H4sIAAAAAAAA_-MSNjU0NjExNTUxtDQyNTEwNrcwNhDiM9Q1qLQwN4twNovwqygHAK01u0glAAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 16 Oct 2023 21:07:29 GMT; Secure; SameSite=None
ruds=H4sIAAAAAAAA_-MSNjU0NjExNTUxtDQyNTEwNrcwNhDiM9Q1qLQwN4twNovwqygHAK01u0glAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
euds=H4sIAAAAAAAA_-NicjUGAEAxo38EAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Cache-Control: no-cache
Content-Type: image/gif
Content-Length: 42
Server: Jetty(9.3.29.v20201019)
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f68324bff0a6a9b79ef6fa84254982f3
c144294cf0a86bb98207c5b4d05b350556c0006d
2bbeb9cec143aff4b7c70381bdf41dba862712015412cfe75bd7249a9706a419
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2473
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:07:29 GMT
Last-Modified: Wed, 21 Sep 2022 20:26:16 GMT
Server: ECS (amb/6B74)
X-Cache: HIT
Content-Length: 471
ocsp.usertrust.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 5206b78759fabe72774270f31d67d957
60fa5106620042c1a8ab74b1909f416df1381dbb
53feba3af85487a91bf1b13afed1faef280c9b340414dce620b244ea3c01a236
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:07:29 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 09:01:01 GMT
Expires: Wed, 28 Sep 2022 09:01:00 GMT
Etag: "60fa5106620042c1a8ab74b1909f416df1381dbb"
Cache-Control: max-age=602213,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1508
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e5c54bcee4b50b-OSL
bttrack.com/engagement/getpixels?gid=44911
192.132.33.46200 OK 0 B URL HTTP/2 bttrack.com/engagement/getpixels?gid=44911
IP 192.132.33.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /engagement/getpixels?gid=44911 HTTP/1.1
Host: bttrack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.regions.com
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,no-cache
pragma: no-cache
content-type: text/html
content-encoding: gzip
expires: -1
server: Microsoft-IIS/8.5
x-aspnetmvc-version: 5.2
access-control-allow-origin: *
x-aspnet-version: 4.0.30319
p3p: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
x-servername: Track001-iad
date: Wed, 21 Sep 2022 21:07:01 GMT
content-length: 0
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?adv_id=7180&uid=5108559724483283410&img=1&__user_check__=1&sync_id=66bdbc3a-39f1-11ed-af71-1189f5600306
185.94.180.125200 OK 43 B URL HTTP/1.1 sync.search.spotxchange.com/partner?adv_id=7180&uid=5108559724483283410&img=1&__user_check__=1&sync_id=66bdbc3a-39f1-11ed-af71-1189f5600306
IP 185.94.180.125:0
ASN #35220 SpotXchange, INC
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55fade2068e7503eae8d7ddf5eb6bd09
317496a096d6c86486a71d4521994bcd171a6bb3
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
GET /partner?adv_id=7180&uid=5108559724483283410&img=1&__user_check__=1&sync_id=66bdbc3a-39f1-11ed-af71-1189f5600306 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20839218p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 21:07:29 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Set-Cookie: audience=66c6a9dd-39f1-11ed-a991-1bce7de30306; expires=Wed, 19-Oct-2022 21:07:29 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 95
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
idsync.rlcdn.com/501709.gif?partner_uid=c241a481-f6ac-4bff-86f3-4bad5d3df66e%3A1663794447.9478784
35.244.174.68307 Temporary Redirect 0 B URL HTTP/2 idsync.rlcdn.com/501709.gif?partner_uid=c241a481-f6ac-4bff-86f3-4bad5d3df66e%3A1663794447.9478784
IP 35.244.174.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /501709.gif?partner_uid=c241a481-f6ac-4bff-86f3-4bad5d3df66e%3A1663794447.9478784 HTTP/1.1
Host: idsync.rlcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20839218p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 307 Temporary Redirect
cache-control: no-cache, no-store
location: https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjdjMjQxYTQ4MS1mNmFjLTRiZmYtODZmMy00YmFkNWQzZGY2NmU6MTY2Mzc5NDQ0Ny45NDc4Nzg0EAAaDQiR-q2ZBhIFCOgHEABCAEoA
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: rlas3=qCxS4qabUCXIdnyEVBSOPmKnkKbkbPr3EoTpHtU4muc=; Path=/; Domain=rlcdn.com; Expires=Thu, 21 Sep 2023 21:07:29 GMT; Secure; SameSite=None
pxrc=CAA=; Path=/; Domain=rlcdn.com; Expires=Sun, 20 Nov 2022 21:07:29 GMT; Secure; SameSite=None
timing-allow-origin: *
date: Wed, 21 Sep 2022 21:07:29 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
idsync.rlcdn.com/360947.gif?partner_uid=5108559724483283410
35.244.174.68200 OK 42 B URL HTTP/2 idsync.rlcdn.com/360947.gif?partner_uid=5108559724483283410
IP 35.244.174.68:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /360947.gif?partner_uid=5108559724483283410 HTTP/1.1
Host: idsync.rlcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: pxrc=CAA=; Path=/; Domain=rlcdn.com; Expires=Sun, 20 Nov 2022 21:07:29 GMT; Secure; SameSite=None
timing-allow-origin: *
date: Wed, 21 Sep 2022 21:07:29 GMT
content-length: 42
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
smetrics.regions.com/b/ss/regionsbankprod/10/JS-2.22.3/s55447599585723?AQB=1&ndh=1&pf=1&callback=s_c_il[0].doPostbacks&et=1&t=21%2F8%2F2022%2021%3A7%3A28%203%200&d.&nsid=0&jsonv=1&.d&mid=86565777423148841842514128234168820797&aamlh=6&ce=UTF-8&ns=regions&cdp=2&pageName=rdc%7Clocator%7Cmortgage%20loan%20officer%20matthew%20lewis%20little%20rock&g=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock&c.&apl=4.0&getPreviousValue=3.0&getPercentPageViewed=5.0&manageVars=3.0&.c&cc=USD&ch=locator&server=www.regions.com&events=event1&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&c1=D%3Dv1&v1=rdc&h1=D%3Dv1&c2=D%3Dv2&v2=mlo&h2=D%3Dch&c3=D%3DpageName&v3=D%3DpageName&h3=mortgage%20loan%20officer%20matthew%20lewis%20little%20rock&c4=D%3Dg&v4=D%3Dg&c6=D%3Dv6&v6=en&c7=D%3Dv7&v7=desktop%20layout%7C1280x939&c8=D%3Dv8&c9=D%3Dv9&v9=%7C&v10=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock&v12=D%3Dmid&v18=anonymous&c19=D%3DpageName&c23=D%3Dv10&v68=22.3.2%7C2.22.3%7C4.4.0%7C20220801&c75=D%3Dv68&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&AQE=1
15.188.95.229200 OK 3.7 kB URL HTTP/2 smetrics.regions.com/b/ss/regionsbankprod/10/JS-2.22.3/s55447599585723?AQB=1&ndh=1&pf=1&callback=s_c_il[0].doPostbacks&et=1&t=21%2F8%2F2022%2021%3A7%3A28%203%200&d.&nsid=0&jsonv=1&.d&mid=86565777423148841842514128234168820797&aamlh=6&ce=UTF-8&ns=regions&cdp=2&pageName=rdc%7Clocator%7Cmortgage%20loan%20officer%20matthew%20lewis%20little%20rock&g=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock&c.&apl=4.0&getPreviousValue=3.0&getPercentPageViewed=5.0&manageVars=3.0&.c&cc=USD&ch=locator&server=www.regions.com&events=event1&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&c1=D%3Dv1&v1=rdc&h1=D%3Dv1&c2=D%3Dv2&v2=mlo&h2=D%3Dch&c3=D%3DpageName&v3=D%3DpageName&h3=mortgage%20loan%20officer%20matthew%20lewis%20little%20rock&c4=D%3Dg&v4=D%3Dg&c6=D%3Dv6&v6=en&c7=D%3Dv7&v7=desktop%20layout%7C1280x939&c8=D%3Dv8&c9=D%3Dv9&v9=%7C&v10=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock&v12=D%3Dmid&v18=anonymous&c19=D%3DpageName&c23=D%3Dv10&v68=22.3.2%7C2.22.3%7C4.4.0%7C20220801&c75=D%3Dv68&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&AQE=1
IP 15.188.95.229:0
File type ASCII text, with very long lines (3687)
Hash 54e106909973981e413bec9885bbc96a
d6631ea28d6c2f62fea649d00a4d2197be101a53
426405b3326c81e36a92eee4824893eec51bb27d1b16049d64a3ccae6ac64b19
GET /b/ss/regionsbankprod/10/JS-2.22.3/s55447599585723?AQB=1&ndh=1&pf=1&callback=s_c_il[0].doPostbacks&et=1&t=21%2F8%2F2022%2021%3A7%3A28%203%200&d.&nsid=0&jsonv=1&.d&mid=86565777423148841842514128234168820797&aamlh=6&ce=UTF-8&ns=regions&cdp=2&pageName=rdc%7Clocator%7Cmortgage%20loan%20officer%20matthew%20lewis%20little%20rock&g=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock&c.&apl=4.0&getPreviousValue=3.0&getPercentPageViewed=5.0&manageVars=3.0&.c&cc=USD&ch=locator&server=www.regions.com&events=event1&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&c1=D%3Dv1&v1=rdc&h1=D%3Dv1&c2=D%3Dv2&v2=mlo&h2=D%3Dch&c3=D%3DpageName&v3=D%3DpageName&h3=mortgage%20loan%20officer%20matthew%20lewis%20little%20rock&c4=D%3Dg&v4=D%3Dg&c6=D%3Dv6&v6=en&c7=D%3Dv7&v7=desktop%20layout%7C1280x939&c8=D%3Dv8&c9=D%3Dv9&v9=%7C&v10=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock&v12=D%3Dmid&v18=anonymous&c19=D%3DpageName&c23=D%3Dv10&v68=22.3.2%7C2.22.3%7C4.4.0%7C20220801&c75=D%3Dv68&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&AQE=1 HTTP/1.1
Host: smetrics.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Cookie: _uetsid=65df419039f111ed82be71931f0b6023; _uetvid=65df56b039f111edb9056be00c42975a; _gcl_au=1.1.1215022803.1663794448; btIdentify=0588d832-02be-4256-f3ed-a3ff314262a9; _bti=%7B%22app_id%22%3A%22regions-bank%22%2C%22bsin%22%3A%226QyUoK%2Fx2hc4MxZTqLJkDEUtkJ7Q0PfudKTi4lJf%2BhqYM5pVHiyn0Qc4AKvox7jcLoGwXvqsSqhrEc1j8to%2BWg%3D%3D%22%2C%22is_identified%22%3Afalse%7D; _bts=79118364-b529-49f3-f85b-95b4d95936ef; _fbp=fb.1.1663794448117.2032191492; __qca=P0-10606558-1663794448085; AMCV_DB9639725BD2FC5B0A495C65%40AdobeOrg=1585540135%7CMCMID%7C86565777423148841842514128234168820797%7CMCAID%7CNONE%7CMCOPTOUT-1663801649s%7CNONE%7CMCAAMLH-1664399248%7C6%7CMCAAMB-1664399248%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C4.4.0; s_ecid=MCMID%7C86565777423148841842514128234168820797; AMCVS_DB9639725BD2FC5B0A495C65%40AdobeOrg=1; s_lang=en; gpv_pn=rdc%7Clocator%7Cmortgage%20loan%20officer%20matthew%20lewis%20little%20rock; s_ips=939; s_tp=2821; s_ppv=rdc%257Clocator%257Cmortgage%2520loan%2520officer%2520matthew%2520lewis%2520little%2520rock%2C33%2C33%2C939%2C1%2C3; s_cc=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
date: Wed, 21 Sep 2022 21:07:29 GMT
expires: Tue, 20 Sep 2022 21:07:29 GMT
last-modified: Thu, 22 Sep 2022 21:07:29 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_ecid=MCMID%7C86565777423148841842514128234168820797; Path=/; Domain=regions.com; Max-Age=63072000; Expires=Fri, 20 Sep 2024 21:07:07 GMT;
etag: 3572971373898006528-4619905024430273235
vary: *
dcs: dcs-prod-irl1-1-v041-03f748cbb.edge-irl1.demdex.com 4 ms
x-aam-tid: YWjUsBo6Q1A=
content-type: application/x-javascript;charset=utf-8
content-length: 3688
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
insight.adsrvr.org/track/up?adv=pkkjyal&ref=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock&upid=xzxny28&upv=1.1.0
15.197.193.217200 OK 0 B URL HTTP/2 insight.adsrvr.org/track/up?adv=pkkjyal&ref=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock&upid=xzxny28&upv=1.1.0
IP 15.197.193.217:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /track/up?adv=pkkjyal&ref=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock&upid=xzxny28&upv=1.1.0 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:07:28 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
ps.eyeota.net/match?uid=5134455419254037816&bid=omt9pi0
3.127.178.105200 OK 0 B URL HTTP/1.1 ps.eyeota.net/match?uid=5134455419254037816&bid=omt9pi0
IP 3.127.178.105:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?uid=5134455419254037816&bid=omt9pi0 HTTP/1.1
Host: ps.eyeota.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20839218p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Set-Cookie: SERVERID=16859~DM; Domain=eyeota.net; Path=/; Expires=Wed, 21 Sep 2022 21:17:29 GMT; Secure; SameSite=None;
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
Content-Length: 0
Date: Wed, 21 Sep 2022 21:07:29 GMT
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 4c2459fba54e2151404e47950670d6ba
d082d2dabb20cae92ac130ddebaa606958962f9d
df1f46f76c59326e0c5002768f81bdaa2a32f214862e13b0625e9ef31e134f08
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 21:07:29 GMT
Last-Modified: Wed, 21 Sep 2022 20:18:01 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 3rF4ArUqNR4JOAyK2ha6V-IOs043CoYhZ_YzO_eol7H0cKUlNM50KA==
Age: 2968
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash c9de0b3c34611b80510bd3f1fa6ae0fd
5ce7d6e4360594b160ca764b6d02aa7e5e291dea
4dac3fb1beb37ae1d7e386702dc79343a75fc05378376709a40777198a3c134b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:07:29 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 03:43:25 GMT
Expires: Wed, 28 Sep 2022 03:43:24 GMT
Etag: "5ce7d6e4360594b160ca764b6d02aa7e5e291dea"
Cache-Control: max-age=541554,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74e5c54bd931b518-OSL
idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjdjMjQxYTQ4MS1mNmFjLTRiZmYtODZmMy00YmFkNWQzZGY2NmU6MTY2Mzc5NDQ0Ny45NDc4Nzg0EAAaDQiR-q2ZBhIFCOgHEABCAEoA
35.244.174.68307 Temporary Redirect 0 B URL HTTP/2 idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjdjMjQxYTQ4MS1mNmFjLTRiZmYtODZmMy00YmFkNWQzZGY2NmU6MTY2Mzc5NDQ0Ny45NDc4Nzg0EAAaDQiR-q2ZBhIFCOgHEABCAEoA
IP 35.244.174.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1000.gif?memo=CM3PHhJBCj0IARAFGjdjMjQxYTQ4MS1mNmFjLTRiZmYtODZmMy00YmFkNWQzZGY2NmU6MTY2Mzc5NDQ0Ny45NDc4Nzg0EAAaDQiR-q2ZBhIFCOgHEABCAEoA HTTP/1.1
Host: idsync.rlcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20839218p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 307 Temporary Redirect
cache-control: no-cache, no-store
location: https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: pxrc=CJH6rZkGEgUI6AcQABIGCLrqARAA; Path=/; Domain=rlcdn.com; Expires=Sun, 20 Nov 2022 21:07:29 GMT; Secure; SameSite=None
timing-allow-origin: *
date: Wed, 21 Sep 2022 21:07:29 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lptag.liveperson.net/tag/tag.js?site=60208595
178.249.101.23200 OK 7.6 kB URL HTTP/2 lptag.liveperson.net/tag/tag.js?site=60208595
IP 178.249.101.23:0
File type ASCII text, with very long lines (21652), with no line terminators
Hash 6b675640425ec8551a433e26a377d954
7234f02cce1ccb2a4facf2b34b9185cfcf27299d
8c9716f14d2e964be7c93d3d8c28819cb35c529fce6206a79061cda509e05bfd
GET /tag/tag.js?site=60208595 HTTP/1.1
Host: lptag.liveperson.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:07:29 GMT
content-type: application/javascript
content-length: 7567
last-modified: Thu, 03 Sep 2020 08:27:49 GMT
etag: "5f50a905-1d8f"
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
cache-control: public, max-age=630
x-content-type-options: nosniff
X-Firefox-Spdy: h2
regionsbank.mpeasylink.com/mpel/mpel.js
54.174.98.17200 1.7 kB URL HTTP/1.1 regionsbank.mpeasylink.com/mpel/mpel.js
IP 54.174.98.17:0
File type ASCII text, with very long lines (515)
Hash 6fdd7985388a9a91f458c96ece692409
c655f98e175824e81802934d717e0607b25d906f
17936884b849d8d2f051fa0b88d5cb58466d78931b687900b1b90aecde32d977
Analyzer Verdict Alert quad9 Sinkholed
GET /mpel/mpel.js HTTP/1.1
Host: regionsbank.mpeasylink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: nginx
Date: Wed, 21 Sep 2022 21:07:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"5096-1630605988000"
Last-Modified: Thu, 02 Sep 2021 18:06:28 GMT
Cache-Control: max-age=86400
Expires: Thu, 22 Sep 2022 21:07:29 GMT
vary: accept-encoding
Content-Encoding: gzip
regions.demdex.net/dest5.html?d_nsid=undefined
34.248.26.113200 OK 2.8 kB URL HTTP/1.1 regions.demdex.net/dest5.html?d_nsid=undefined
IP 34.248.26.113:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=undefined HTTP/1.1
Host: regions.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Wed, 21 Sep 2022 21:07:29 GMT
DCS: dcs-prod-irl1-2-v041-0f8dc3078.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Mon, 19 Sep 2022 09:55:27 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: xrCuNnkOROQ=
Content-Length: 2791
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash ef22746354dc8b5189d4e6c76270b510
f8d168a64fa6aef7421e33fccbfa57ec0721c412
9b039b092a421e633ef47389c9213751f5cc1d881df3154b95c808eb9f742249
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:07:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 13:56:50 GMT
Expires: Tue, 27 Sep 2022 13:56:49 GMT
Etag: "f8d168a64fa6aef7421e33fccbfa57ec0721c412"
Cache-Control: max-age=491959,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74e5c54b8b7db52d-OSL
x.bidswitch.net/sync?dsp_id=119&user_id=5108559724483283410&expires=30
3.124.87.80200 OK 43 B URL HTTP/1.1 x.bidswitch.net/sync?dsp_id=119&user_id=5108559724483283410&expires=30
IP 3.124.87.80:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?dsp_id=119&user_id=5108559724483283410&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Wed, 21 Sep 2022 21:07:29 GMT
Content-Length: 43
Connection: keep-alive
partners.tremorhub.com/sync?UIRF=5108559724483283410&r=PhJR6xeGo_AC
44.211.106.239200 OK 323 B URL HTTP/2 partners.tremorhub.com/sync?UIRF=5108559724483283410&r=PhJR6xeGo_AC
IP 44.211.106.239:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 26d43bb61e21afe3dba56679a66692bc
3668463bcb86591528e05d24074f8f3a85183648
ad66a5596e02e43ea2404113055e908b5cee4f673b8bbeb171f2efbc1a36df2f
GET /sync?UIRF=5108559724483283410&r=PhJR6xeGo_AC HTTP/1.1
Host: partners.tremorhub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:07:29 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
idsync.rlcdn.com/362358.gif?google_error=3
35.244.174.68200 OK 42 B URL HTTP/2 idsync.rlcdn.com/362358.gif?google_error=3
IP 35.244.174.68:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /362358.gif?google_error=3 HTTP/1.1
Host: idsync.rlcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20839218p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: pxrc=CAA=; Path=/; Domain=rlcdn.com; Expires=Sun, 20 Nov 2022 21:07:29 GMT; Secure; SameSite=None
timing-allow-origin: *
date: Wed, 21 Sep 2022 21:07:29 GMT
content-length: 42
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash a3b00c4674ee0386430e963a8ca3a040
f2cb59ace17ff9d8c7273a3f5d76887700f457a0
17d6cf90b88f4e2897173116ca300b3dbd613af3aca9bfcdbf69adbb3883aa38
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:07:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 13:42:56 GMT
Expires: Wed, 28 Sep 2022 13:42:55 GMT
Etag: "f2cb59ace17ff9d8c7273a3f5d76887700f457a0"
Cache-Control: max-age=577525,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74e5c54c29bcb518-OSL
regionsbank.mpeasylink.com/mpel/mpel_storage.html?cmd=getpref&href=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock
54.174.98.17200 1.2 kB URL HTTP/1.1 regionsbank.mpeasylink.com/mpel/mpel_storage.html?cmd=getpref&href=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock
IP 54.174.98.17:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (650)
Hash 4e15b50697a74d423a6d9933b24a00a3
56185b17a5a18f75c8269f522a6f6e65dfd5a0f2
daccffddc4a2db0ebc4a2461a23cd60cabf64c5f60c9c099fc157ba2278f9dc7
Analyzer Verdict Alert quad9 Sinkholed
GET /mpel/mpel_storage.html?cmd=getpref&href=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock HTTP/1.1
Host: regionsbank.mpeasylink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: nginx
Date: Wed, 21 Sep 2022 21:07:29 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"2762-1630605988000"
Last-Modified: Thu, 02 Sep 2021 18:06:28 GMT
vary: accept-encoding
Content-Encoding: gzip
sjc1.qualtrics.com/WRQualtricsSiteIntercept/Graphic.php?IM=IM_3Rb1cZVNRo1x9BA
23.38.201.123200 OK 2.1 kB URL HTTP/2 sjc1.qualtrics.com/WRQualtricsSiteIntercept/Graphic.php?IM=IM_3Rb1cZVNRo1x9BA
IP 23.38.201.123:0
File type PNG image data, 40 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 8589c169002370f528326cb492232e81
af7b67df6f182becf3708eb1363858326009a3a0
0055a4ba915b2740205b0823e65ecb2ad2e367938e8cf1fe7010dff9e9c6aeb2
GET /WRQualtricsSiteIntercept/Graphic.php?IM=IM_3Rb1cZVNRo1x9BA HTTP/1.1
Host: sjc1.qualtrics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "8589c169002370f528326cb492232e81"
access-control-allow-origin: *
x-request-id: e4dd0125-b486-4074-8c83-56d62549e421
x-transaction-id: c5d6906e-1e59-4c92-80e7-8cb34c39a097
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
permissions-policy: camera=(), geolocation=(), microphone=()
x-edgeconnect-midmile-rtt: 23
x-edgeconnect-origin-mex-latency: 182
x-envoy-upstream-service-time: 17
server: envoy
content-disposition: inline; filename=Feedback+tab+-+dark+outline
content-length: 2098
content-type: image/png
x-robots-tag: noindex
cache-control: public, max-age=49
expires: Wed, 21 Sep 2022 21:08:18 GMT
date: Wed, 21 Sep 2022 21:07:29 GMT
content-security-policy-report-only: report-uri https://sjc1.qualtrics.com/csp-report
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 95a705cf80c3f66edf69c8acc0e66fb6
e600da395e35e9fd92e6cd0d787ff50cb1b8d104
8055e43bda5c6e4d93011728db61e68de262cb5a1e2048c86c3fdc0c05e2d42b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 21:07:29 GMT
Last-Modified: Wed, 21 Sep 2022 19:35:29 GMT
Server: ECS (nyb/1D1F)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: MMGXlFXPWHpLusVIJzYSaDovGInJbRR4i9OQdGA0nJD1zS-IuU3-Xg==
Age: 5520
siteintercept.qualtrics.com/dxjsmodule/4.1fa8baa6e7b1d7777fa4.chunk.js?Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web&Q_BRANDID=regions
104.17.209.240200 OK 803 B URL HTTP/2 siteintercept.qualtrics.com/dxjsmodule/4.1fa8baa6e7b1d7777fa4.chunk.js?Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web&Q_BRANDID=regions
IP 104.17.209.240:0
File type ASCII text, with very long lines (1754), with no line terminators
Hash e1c6bab9868272b47b576f8813bee812
2dc7da7fbef54266b58ee3b0fb9ce0a22895e774
ac740a6b3736d342829fec135dc4f873327c8051104321daf353c63dcd797573
GET /dxjsmodule/4.1fa8baa6e7b1d7777fa4.chunk.js?Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web&Q_BRANDID=regions HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:07:29 GMT
content-type: application/javascript
cf-ray: 74e5c54c9ac7b4fd-OSL
access-control-allow-origin: *
age: 155549
cache-control: public, max-age=604800, s-maxage=604800
etag: W/"9eb-18333011708"
last-modified: Mon, 12 Sep 2022 18:40:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=2539
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
regionsbank.mpeasylink.com/mpel/mpel?href=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock&ref=&lang=&country=undefined&curr=undefined®ion=undefined&osl=en-US
54.174.98.17200 641 B URL HTTP/1.1 regionsbank.mpeasylink.com/mpel/mpel?href=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock&ref=&lang=&country=undefined&curr=undefined®ion=undefined&osl=en-US
IP 54.174.98.17:0
File type ASCII text, with very long lines (641), with no line terminators
Hash b3dd2edb5dfeee1a0529766c41957c67
447d5e8bf3cb4bf49aab01f12639afc933b8ff38
ef9ba31d511766efc2f207e993c8a1286ccddcf236fe5910ebbd70b38d324ecd
Analyzer Verdict Alert quad9 Sinkholed
GET /mpel/mpel?href=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock&ref=&lang=&country=undefined&curr=undefined®ion=undefined&osl=en-US HTTP/1.1
Host: regionsbank.mpeasylink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: nginx
Date: Wed, 21 Sep 2022 21:07:29 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 641
Connection: keep-alive
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa OUR IND COM NAV INT STA"
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
regionsbank.mpeasylink.com/mpel/mpel_ssd.js
54.174.98.17200 1.3 kB URL HTTP/1.1 regionsbank.mpeasylink.com/mpel/mpel_ssd.js
IP 54.174.98.17:0
File type ASCII text, with very long lines (502)
Hash d2bb2d87021ee3565a99e3a9931bcde4
108222707532738b19ec38f7d76400a42b64c638
88020687f4c733cb981045c3a507745f234a477ad13caf8c17192344c649f480
Analyzer Verdict Alert quad9 Sinkholed
GET /mpel/mpel_ssd.js HTTP/1.1
Host: regionsbank.mpeasylink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: nginx
Date: Wed, 21 Sep 2022 21:07:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"3276-1630605988000"
Last-Modified: Thu, 02 Sep 2021 18:06:28 GMT
Cache-Control: max-age=86400
Expires: Thu, 22 Sep 2022 21:07:29 GMT
vary: accept-encoding
Content-Encoding: gzip
siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_2tbnXZsYSY6ZeF7&Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web
104.17.209.240200 OK 1.8 kB URL HTTP/2 siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_2tbnXZsYSY6ZeF7&Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web
IP 104.17.209.240:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (4765), with no line terminators
Hash 9497c83855d417b361f977b21ac0efeb
ff629be941b36b4ff910cb71c1640d9fa71941c3
99f066da9ec3f133cf31e004d06893870f80578ee32cf718361d36819f2e9d6f
POST /WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_2tbnXZsYSY6ZeF7&Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 140
Origin: https://www.regions.com
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:07:29 GMT
content-type: application/json
cf-ray: 74e5c54b0929b4fd-OSL
access-control-allow-origin: https://www.regions.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
trace-id: 9b241369432357be
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 44002a6e6b338defadbd7083ee955851
fb400534e6c640426b4562ab88a081221232084a
e6784eb9510065132bfdbfd2044636bd30ef64be60d0549f5884ed659f4f5adb
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:07:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 04:31:54 GMT
Expires: Tue, 27 Sep 2022 04:31:53 GMT
Etag: "fb400534e6c640426b4562ab88a081221232084a"
Cache-Control: max-age=458063,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74e5c54f1eba0b41-OSL
regionsbank.mpeasylink.com/mpel/mpel_storage.html?cmd=storePref&href=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock&siteurl=www.regions.com&lang=en&country=®ion=&sitelist=www.regions.com,regions.com,www.regionstest.com;espanol.regions.com¤cy=&nonMP=false&mode=&uuid=
54.174.98.17200 1.2 kB URL HTTP/1.1 regionsbank.mpeasylink.com/mpel/mpel_storage.html?cmd=storePref&href=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock&siteurl=www.regions.com&lang=en&country=®ion=&sitelist=www.regions.com,regions.com,www.regionstest.com;espanol.regions.com¤cy=&nonMP=false&mode=&uuid=
IP 54.174.98.17:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (650)
Hash 4e15b50697a74d423a6d9933b24a00a3
56185b17a5a18f75c8269f522a6f6e65dfd5a0f2
daccffddc4a2db0ebc4a2461a23cd60cabf64c5f60c9c099fc157ba2278f9dc7
Analyzer Verdict Alert quad9 Sinkholed
GET /mpel/mpel_storage.html?cmd=storePref&href=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock&siteurl=www.regions.com&lang=en&country=®ion=&sitelist=www.regions.com,regions.com,www.regionstest.com;espanol.regions.com¤cy=&nonMP=false&mode=&uuid= HTTP/1.1
Host: regionsbank.mpeasylink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: nginx
Date: Wed, 21 Sep 2022 21:07:29 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"2762-1630605988000"
Last-Modified: Thu, 02 Sep 2021 18:06:28 GMT
vary: accept-encoding
Content-Encoding: gzip
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 44002a6e6b338defadbd7083ee955851
fb400534e6c640426b4562ab88a081221232084a
e6784eb9510065132bfdbfd2044636bd30ef64be60d0549f5884ed659f4f5adb
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:07:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 04:31:54 GMT
Expires: Tue, 27 Sep 2022 04:31:53 GMT
Etag: "fb400534e6c640426b4562ab88a081221232084a"
Cache-Control: max-age=458063,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74e5c54ece75b52d-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 44002a6e6b338defadbd7083ee955851
fb400534e6c640426b4562ab88a081221232084a
e6784eb9510065132bfdbfd2044636bd30ef64be60d0549f5884ed659f4f5adb
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:07:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 04:31:54 GMT
Expires: Tue, 27 Sep 2022 04:31:53 GMT
Etag: "fb400534e6c640426b4562ab88a081221232084a"
Cache-Control: max-age=458063,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74e5c54f1a210b51-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 44002a6e6b338defadbd7083ee955851
fb400534e6c640426b4562ab88a081221232084a
e6784eb9510065132bfdbfd2044636bd30ef64be60d0549f5884ed659f4f5adb
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:07:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 04:31:54 GMT
Expires: Tue, 27 Sep 2022 04:31:53 GMT
Etag: "fb400534e6c640426b4562ab88a081221232084a"
Cache-Control: max-age=458063,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74e5c54f1d26b505-OSL
siteintercept.qualtrics.com/dxjsmodule/1.646b5a7aa96ac3ade1d5.chunk.js?Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web&Q_BRANDID=regions
104.17.209.240200 OK 8.5 kB URL HTTP/2 siteintercept.qualtrics.com/dxjsmodule/1.646b5a7aa96ac3ade1d5.chunk.js?Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web&Q_BRANDID=regions
IP 104.17.209.240:0
File type ASCII text, with very long lines (28783), with no line terminators
Hash 10f44a57fdae98ef558e63a96f870361
9ff5d97f63954ddb78e48df6d10ae89991b606bb
807a2902bbe44b9e5cb2035aa9ce72d44bc38610e573097b173842d135d844e0
GET /dxjsmodule/1.646b5a7aa96ac3ade1d5.chunk.js?Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web&Q_BRANDID=regions HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:07:29 GMT
content-type: application/javascript
cf-ray: 74e5c54c9ac9b4fd-OSL
access-control-allow-origin: *
age: 155548
cache-control: public, max-age=604800, s-maxage=604800
etag: W/"7380-18333011708"
last-modified: Mon, 12 Sep 2022 18:40:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=29568
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_secure_storage/3.18.0.0-release_5078/storage.secure.min.js?loc=https%3A%2F%2Fwww.regions.com&site=60208595&force=1&env=prod
178.249.97.98200 OK 15 kB URL HTTP/2 lpcdn.lpsnmedia.net/le_secure_storage/3.18.0.0-release_5078/storage.secure.min.js?loc=https%3A%2F%2Fwww.regions.com&site=60208595&force=1&env=prod
IP 178.249.97.98:0
File type ASCII text, with very long lines (38345), with no line terminators
Hash 050b36a844ee4aaf0952234a22f35dc4
38fcc7b87571ee37af2d8204d1f38db2ea93c76e
d995f73840e1a36ca2726f5a572dc5723b9c149ea76bd15480d7f11ac8e524f5
GET /le_secure_storage/3.18.0.0-release_5078/storage.secure.min.js?loc=https%3A%2F%2Fwww.regions.com&site=60208595&force=1&env=prod HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:07:30 GMT
content-type: application/javascript
last-modified: Mon, 08 Aug 2022 03:15:58 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Thu, 21 Sep 2023 21:07:30 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web&Q_BRANDID=regions
104.17.209.240200 OK 348 kB URL HTTP/2 siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web&Q_BRANDID=regions
IP 104.17.209.240:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 348 kB (348521 bytes)
Hash c7a0867f35b9e5aa6b71e5c4e6e737de
013f3e4beb36fb657e68911e19828673f9bff5aa
b8f7d5a7354a479a83787deb553023ba5fd9d59befc64df32340b357f127f886
GET /dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web&Q_BRANDID=regions HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:07:29 GMT
content-type: application/javascript
cf-ray: 74e5c54c1a47b4fd-OSL
access-control-allow-origin: *
age: 155549
cache-control: public, max-age=604800, s-maxage=604800
etag: W/"19abd-18333011708"
last-modified: Mon, 12 Sep 2022 18:40:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=105149
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_d6XJAZtXw3FDrIp&Version=9&Q_InterceptID=SI_9ZSfygjz9UlZlBP&Q_ORIGIN=https://www.regions.com&Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web
104.17.209.240200 OK 3.0 kB URL HTTP/2 siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_d6XJAZtXw3FDrIp&Version=9&Q_InterceptID=SI_9ZSfygjz9UlZlBP&Q_ORIGIN=https://www.regions.com&Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web
IP 104.17.209.240:0
File type JSON data\012- , ASCII text, with very long lines (349), with no line terminators
Hash 77ff8c93cb0734b38d8e14ec3a1aa03a
5716b1eb3c0957d9b127c02fdff557d45d550464
0a94636213020e16e5153a86968dde92efcca65b40aac54590fdbcbf156fec82
GET /WRSiteInterceptEngine/Asset.php?Module=CR_d6XJAZtXw3FDrIp&Version=9&Q_InterceptID=SI_9ZSfygjz9UlZlBP&Q_ORIGIN=https://www.regions.com&Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.regions.com
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:07:29 GMT
content-type: application/json
cf-ray: 74e5c54cdb12b4fd-OSL
access-control-allow-origin: *
age: 2206
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
expires: Sat, 18 Sep 2032 18:08:07 GMT
last-modified: Wed, 21 Sep 2022 18:08:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: false
edge-control: max-age=604800
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
servershortname:
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_unified_window/10.20.1.9-release_5536/UMSClientAPI.min.js?version=10.20.1.9-release_5536
178.249.97.98200 OK 30 kB URL HTTP/2 lpcdn.lpsnmedia.net/le_unified_window/10.20.1.9-release_5536/UMSClientAPI.min.js?version=10.20.1.9-release_5536
IP 178.249.97.98:0
File type ASCII text, with very long lines (32003)
Hash befb347da25fe637c8445f45be42315d
6b81f86df41a44dc3fca13a75aa27383b59e5249
742aa454ef95535912e157bb1991dd23474191a9fae856ac0f7bc33c8de8c724
GET /le_unified_window/10.20.1.9-release_5536/UMSClientAPI.min.js?version=10.20.1.9-release_5536 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:07:29 GMT
content-type: application/javascript
last-modified: Wed, 31 Aug 2022 14:50:34 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Thu, 21 Sep 2023 21:07:29 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash f27748e868da21c4fe9f35ae5eb5c6bb
f737c964012b0bfebf742553122117c617b0de4f
8c6d135480700b1655425ff57b2e6c1f4a4f5e46419429a5e0d9b6dc3fe62cd1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:07:30 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 19 Sep 2022 23:37:42 GMT
Expires: Mon, 26 Sep 2022 23:37:41 GMT
Etag: "f737c964012b0bfebf742553122117c617b0de4f"
Cache-Control: max-age=440410,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74e5c5541b4cb518-OSL
siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_d6XJAZtXw3FDrIp&Q_SIID=SI_9ZSfygjz9UlZlBP&Q_ASID=AS_41676732&Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web&r=1663794449275
104.17.209.240200 OK 16 kB URL HTTP/2 siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_d6XJAZtXw3FDrIp&Q_SIID=SI_9ZSfygjz9UlZlBP&Q_ASID=AS_41676732&Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web&r=1663794449275
IP 104.17.209.240:0
File type ASCII text, with no line terminators
Hash 968bd539dfc8cb7f2d77cb27ca03a303
e478b71ea8b6f6a14aeefb0059b28d8e8e9e8784
ebbdeb108bba833b0eefdfe958a4438ba8dd36b0a6375768e54ebf034ee3e569
POST /WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_d6XJAZtXw3FDrIp&Q_SIID=SI_9ZSfygjz9UlZlBP&Q_ASID=AS_41676732&Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web&r=1663794449275 HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 82
Origin: https://www.regions.com
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:07:29 GMT
content-type: text/plain; charset=UTF-8
cf-ray: 74e5c54d9be0b4fd-OSL
access-control-allow-origin: https://www.regions.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
trace-id: 590cf85cd13ac5fa
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
va.v.liveperson.net/api/js/60208595?sid=VWM5sO85R4unnePsUDmGqA&cb=lpCb71711x1163&t=pl&ts=1663794450017&pid=5127338659&tid=2892912277&vid=kzZDYxY2FkOWZlZTFlYzky
208.89.12.87200 OK 123 B URL HTTP/2 va.v.liveperson.net/api/js/60208595?sid=VWM5sO85R4unnePsUDmGqA&cb=lpCb71711x1163&t=pl&ts=1663794450017&pid=5127338659&tid=2892912277&vid=kzZDYxY2FkOWZlZTFlYzky
IP 208.89.12.87:0
File type ASCII text, with no line terminators
Hash a1fae2a172886f4ab40336f4b5e5d38e
fd6cac7c667f759a5aa1eff7847cde59839b9c97
11b2fe15424c90ed9d8e0247487bc50cab01af0059dd9193f16bf19ba460efaf
GET /api/js/60208595?sid=VWM5sO85R4unnePsUDmGqA&cb=lpCb71711x1163&t=pl&ts=1663794450017&pid=5127338659&tid=2892912277&vid=kzZDYxY2FkOWZlZTFlYzky HTTP/1.1
Host: va.v.liveperson.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:07:31 GMT
content-type: application/javascript
cache-control: no-store
server: ws
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
va.v.liveperson.net/api/js/60208595?sid=VWM5sO85R4unnePsUDmGqA&cb=lpCb44561x32801&t=uc&ts=1663794449654&pid=5127338659&tid=2892912277&sdes=%5B%7B%22type%22%3A%22pagediv%22%2C%22divId%22%3A%22liveperson-chat-btn-container%22%7D%5D&vid=kzZDYxY2FkOWZlZTFlYzky
208.89.12.87200 OK 62 B URL HTTP/2 va.v.liveperson.net/api/js/60208595?sid=VWM5sO85R4unnePsUDmGqA&cb=lpCb44561x32801&t=uc&ts=1663794449654&pid=5127338659&tid=2892912277&sdes=%5B%7B%22type%22%3A%22pagediv%22%2C%22divId%22%3A%22liveperson-chat-btn-container%22%7D%5D&vid=kzZDYxY2FkOWZlZTFlYzky
IP 208.89.12.87:0
File type ASCII text, with no line terminators
Hash 8e2c31ccd30ecd0ce528d87f2ca651f1
8f5b115accb4d40807f2c794034a9616e3824762
4bdb8e6a9ec405bb964f74df59670c74e74b1cd59b4af3ac9b275a54e8296466
GET /api/js/60208595?sid=VWM5sO85R4unnePsUDmGqA&cb=lpCb44561x32801&t=uc&ts=1663794449654&pid=5127338659&tid=2892912277&sdes=%5B%7B%22type%22%3A%22pagediv%22%2C%22divId%22%3A%22liveperson-chat-btn-container%22%7D%5D&vid=kzZDYxY2FkOWZlZTFlYzky HTTP/1.1
Host: va.v.liveperson.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:07:31 GMT
content-type: application/javascript
cache-control: no-store
server: ws
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
www.regionsmortgage.com/matthewlewis
205.255.102.40301 Moved permanently 0 B URL HTTP/1.1 www.regionsmortgage.com/matthewlewis
IP 205.255.102.40:0
GET /matthewlewis HTTP/1.1
Host: www.regionsmortgage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved permanently
Location: https://www.regionsmortgage.com/matthewlewis
Connection: close
Cache-Control: no-cache
Pragma: no-cache
bttrack.com/engagement/js?goalId=44911&cb=1663794448026
192.132.33.46200 OK 0 B URL HTTP/2 bttrack.com/engagement/js?goalId=44911&cb=1663794448026
IP 192.132.33.46:0
GET /engagement/js?goalId=44911&cb=1663794448026 HTTP/1.1
Host: bttrack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,no-cache
pragma: no-cache
content-type: text/javascript; charset=utf-8
content-encoding: gzip
expires: -1
server: Microsoft-IIS/8.5
x-aspnetmvc-version: 5.2
x-aspnet-version: 4.0.30319
set-cookie: bt-es-44911=eeebc932-bc9f-4536-b1e9-17552df9747c; path=/
p3p: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
x-servername: Track003-iad
date: Wed, 21 Sep 2022 21:07:00 GMT
X-Firefox-Spdy: h2
nexus.ensighten.com/regions/regions-prod/code/d0926462b4b934495d1ca90e04ce7977.js?conditionId0=423026
54.230.111.14200 OK 0 B URL HTTP/2 nexus.ensighten.com/regions/regions-prod/code/d0926462b4b934495d1ca90e04ce7977.js?conditionId0=423026
IP 54.230.111.14:0
GET /regions/regions-prod/code/d0926462b4b934495d1ca90e04ce7977.js?conditionId0=423026 HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Mon, 19 Sep 2022 16:09:12 GMT
x-amz-replication-status: PENDING
last-modified: Mon, 19 Sep 2022 16:07:06 GMT
etag: W/"8c4fd186b8e2c9bda992a34762b4986c"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: HqfDr7Q1rE4L0B5sGZ_NUDheybZt4G84
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FQx8wszzNUbvO4z55qpCVbbpDVN-NKfF6zT6TXXkxU_zzaMsMxyA9Q==
age: 190696
X-Firefox-Spdy: h2
nexus.ensighten.com/regions/regions-prod/Bootstrap.js
54.230.111.14200 OK 0 B URL HTTP/2 nexus.ensighten.com/regions/regions-prod/Bootstrap.js
IP 54.230.111.14:0
GET /regions/regions-prod/Bootstrap.js HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Mon, 19 Sep 2022 16:09:11 GMT
x-amz-replication-status: COMPLETED
last-modified: Mon, 19 Sep 2022 16:07:06 GMT
etag: W/"bd4cc1f165d8268b3ef42410d5eef180"
x-amz-server-side-encryption: AES256
cache-control: max-age=300
x-amz-version-id: pkWvcHky0GFZCd50wglhuUODckz_uh37
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -a3GJYgKzrUX4Rk-zniPtZQDSFO4UhPkruOkcWLELW6T9JjZAOmhng==
age: 190697
X-Firefox-Spdy: h2
siteintercept.qualtrics.com/dxjsmodule/11.6d774a6a642c7cb91435.chunk.js?Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web&Q_BRANDID=www.regions.com
104.17.209.240200 OK 0 B URL HTTP/2 siteintercept.qualtrics.com/dxjsmodule/11.6d774a6a642c7cb91435.chunk.js?Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web&Q_BRANDID=www.regions.com
IP 104.17.209.240:0
GET /dxjsmodule/11.6d774a6a642c7cb91435.chunk.js?Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web&Q_BRANDID=www.regions.com HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:07:28 GMT
content-type: application/javascript
cf-ray: 74e5c5495f69b4fd-OSL
access-control-allow-origin: *
age: 155818
cache-control: public, max-age=604800, s-maxage=604800
etag: W/"f79a-18333011708"
last-modified: Mon, 12 Sep 2022 18:40:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=63386
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
insight.adsrvr.org/track/up?adv=u4lrxod&ref=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock&upid=3e7kzj5&upv=1.1.0
15.197.193.217200 OK 0 B URL HTTP/2 insight.adsrvr.org/track/up?adv=u4lrxod&ref=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock&upid=3e7kzj5&upv=1.1.0
IP 15.197.193.217:0
GET /track/up?adv=u4lrxod&ref=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-matthew-lewis-little-rock&upid=3e7kzj5&upv=1.1.0 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:07:28 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_9ZSfygjz9UlZlBP&Version=32&Q_ORIGIN=https://www.regions.com&Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web
104.17.209.240200 OK 0 B URL HTTP/2 siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_9ZSfygjz9UlZlBP&Version=32&Q_ORIGIN=https://www.regions.com&Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web
IP 104.17.209.240:0
GET /WRSiteInterceptEngine/Asset.php?Module=SI_9ZSfygjz9UlZlBP&Version=32&Q_ORIGIN=https://www.regions.com&Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.regions.com
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:07:29 GMT
content-type: application/json
cf-ray: 74e5c54cdb0fb4fd-OSL
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
expires: Wed, 15 Sep 2032 06:53:17 GMT
last-modified: Sun, 18 Sep 2022 06:53:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: false
edge-control: max-age=604800
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
servershortname:
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_unified_window/10.20.1.9-release_5536/lpChatV3.min.js?version=10.20.1.9-release_5536
178.249.97.98200 OK 0 B URL HTTP/2 lpcdn.lpsnmedia.net/le_unified_window/10.20.1.9-release_5536/lpChatV3.min.js?version=10.20.1.9-release_5536
IP 178.249.97.98:0
GET /le_unified_window/10.20.1.9-release_5536/lpChatV3.min.js?version=10.20.1.9-release_5536 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:07:29 GMT
content-type: application/javascript
last-modified: Wed, 31 Aug 2022 14:50:35 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Thu, 21 Sep 2023 21:07:29 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
accdn.lpsnmedia.net/api/account/60208595/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
178.249.101.99200 OK 0 B URL HTTP/2 accdn.lpsnmedia.net/api/account/60208595/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
IP 178.249.101.99:0
GET /api/account/60208595/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:07:29 GMT
content-type: application/javascript
set-cookie: ADRUM_BTa=R:24|g:83dd8b94-22d8-4233-914a-553e3585c2be; Max-Age=30; Expires=Wed, 21-Sep-2022 21:07:59 GMT; Path=/
ADRUM_BTa=R:24|g:83dd8b94-22d8-4233-914a-553e3585c2be|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Wed, 21-Sep-2022 21:07:59 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Wed, 21-Sep-2022 21:07:59 GMT; Path=/; Secure
ADRUM_BT1=R:24|i:2241585; Max-Age=30; Expires=Wed, 21-Sep-2022 21:07:59 GMT; Path=/
ADRUM_BT1=R:24|i:2241585|e:7; Max-Age=30; Expires=Wed, 21-Sep-2022 21:07:59 GMT; Path=/
vary: Accept
expires: Wed, 21 Sep 2022 21:08:29 GMT
x-envoy-upstream-service-time: 1
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: EXPIRED
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
siteintercept.qualtrics.com/dxjsmodule/FeedbackLinkModule.js?Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web&Q_BRANDID=regions
104.17.209.240200 OK 0 B URL HTTP/2 siteintercept.qualtrics.com/dxjsmodule/FeedbackLinkModule.js?Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web&Q_BRANDID=regions
IP 104.17.209.240:0
GET /dxjsmodule/FeedbackLinkModule.js?Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web&Q_BRANDID=regions HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:07:29 GMT
content-type: application/javascript
cf-ray: 74e5c54c9acfb4fd-OSL
access-control-allow-origin: *
age: 146031
cache-control: public, max-age=604800, s-maxage=604800
etag: W/"de0-18333011708"
last-modified: Mon, 12 Sep 2022 18:40:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=3552
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2