firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 21 Sep 2022 21:23:54 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bHZaPZSTDBHsL3Rm9Z1nCC9sMWQ3aY6My5ZT3baQdObyCe1EYYu6hg==
Age: 1871
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4513
Expires: Wed, 21 Sep 2022 23:10:18 GMT
Date: Wed, 21 Sep 2022 21:55:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash afb65a07bf7214addf83d17a53acba32
a8e973204431320aa7b362a4e73944520c4b51b9
46e1a9e6c98245afb7fa84bc6d9ba6844105024e2d3f56e28748e6c321475d02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46E1A9E6C98245AFB7FA84BC6D9BA6844105024E2D3F56E28748E6C321475D02"
Last-Modified: Wed, 21 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4483
Expires: Wed, 21 Sep 2022 23:09:48 GMT
Date: Wed, 21 Sep 2022 21:55:05 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: +ovKVBS/5o4xxvaXmLcpk9V+Hyb4GFmcSylGTj8PGFyBjUklc64NXgjsQZ1JRdNxTM9YH7ZvNtgqpmCl0BcK2A==
x-amz-request-id: MPYABEE102RR9AFH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 21 Sep 2022 21:43:27 GMT
age: 698
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 21:55:05 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.usertrust.com/
104.18.32.68200 OK 2.2 kB IP 104.18.32.68:0
Hash 2c4f80099702bca09e880eb8b215916a
3f02d51cb154d7c8e5b8bdd064d8a0e14214be46
45dc6d75badbef75d483e2d6048c6f5aa165b05f1b0c519725a38b9f58a9b3ea
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:55:06 GMT
Content-Type: application/ocsp-response
Content-Length: 2236
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 10:12:16 GMT
Expires: Wed, 28 Sep 2022 10:12:15 GMT
Etag: "3f02d51cb154d7c8e5b8bdd064d8a0e14214be46"
Cache-Control: max-age=603858,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1585
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e60b0bb9f0b505-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash f37313bbe7cf7c7c6e5334d8868de02f
7c74398e975238168960fae88b4d8f7dc9184a29
1daa2ed3034aaa6cc95c9529883a6a3d03880c6f33a1c0b3b1fbaaefd586e449
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:55:06 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 19 Sep 2022 21:57:50 GMT
Expires: Mon, 26 Sep 2022 21:57:49 GMT
Etag: "7c74398e975238168960fae88b4d8f7dc9184a29"
Cache-Control: max-age=431562,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74e60b0bea891c02-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 21 Sep 2022 21:03:22 GMT
Expires: Wed, 21 Sep 2022 21:55:43 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8KFwIP8i_NGVLqX6IZBLOUTtMxcl_PVRh_laaXoXp0acXYGMzSHYXw==
Age: 3104
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ff6d50919e56aed75c47feb45ee2f2ec
98f558a4b2d4f3c271abc93d0b74ece4ad7a59ef
b1b6f0e78b5a1e2092cba6d71d0d5a918066c0486176cef0a19f51e2d5a9962e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4638
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:55:06 GMT
Last-Modified: Wed, 21 Sep 2022 20:37:48 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
ocsp.usertrust.com/
104.18.32.68200 OK 2.2 kB IP 104.18.32.68:0
Hash 2c4f80099702bca09e880eb8b215916a
3f02d51cb154d7c8e5b8bdd064d8a0e14214be46
45dc6d75badbef75d483e2d6048c6f5aa165b05f1b0c519725a38b9f58a9b3ea
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:55:06 GMT
Content-Type: application/ocsp-response
Content-Length: 2236
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 10:12:16 GMT
Expires: Wed, 28 Sep 2022 10:12:15 GMT
Etag: "3f02d51cb154d7c8e5b8bdd064d8a0e14214be46"
Cache-Control: max-age=603858,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1585
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e60b0eecc4b505-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 68d048a7bfbb69bf3b262014644bebb9
ec351a3789f39facc164af4ed9068f0649e14461
e9c5b864add4d5518c97aa2445949154f481677d988b211e435a0034459d8cbb
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:55:06 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 17:23:29 GMT
Expires: Tue, 27 Sep 2022 17:23:28 GMT
Etag: "ec351a3789f39facc164af4ed9068f0649e14461"
Cache-Control: max-age=501501,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74e60b0eed8d1c02-OSL
push.services.mozilla.com/
35.162.35.244101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.35.244:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: bas/tY/FybHcE/OLrXSk1w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: R6E1ETPvmHl4maMkvB0+BWwd+58=
www.regions.com/MLO/sampittman
205.255.103.100301 Moved Permanently 0 B URL HTTP/1.1 www.regions.com/MLO/sampittman
IP 205.255.103.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /MLO/sampittman HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Location: /locator/mlo/mortgage-loan-officer-Sam-Pittman-Atlanta
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Date: Wed, 21 Sep 2022 21:55:06 GMT
Content-Length: 0
Set-Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae120545525d5f4f58455e445a4a423660;path=/;httponly
Strict-Transport-Security: max-age=157680000
www.regions.com/locator/mlo/mortgage-loan-officer-Sam-Pittman-Atlanta
205.255.103.100302 Found 193 B URL HTTP/1.1 www.regions.com/locator/mlo/mortgage-loan-officer-Sam-Pittman-Atlanta
IP 205.255.103.100:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash b8bb8c8fc4aec5c174396cc10acef703
29f329a8eb200e5c815ca53e2b3365d83d2de682
5a81f153df6ea2aedb3cb4568e5d5203d20a0c247914989389def28b337bf581
GET /locator/mlo/mortgage-loan-officer-Sam-Pittman-Atlanta HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae120545525d5f4f58455e445a4a423660
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Location: http://www.regions.com/locator/mlo/mortgage-loan-officer-sam-pittman-atlanta
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Date: Wed, 21 Sep 2022 21:55:06 GMT
Content-Length: 193
Strict-Transport-Security: max-age=157680000
www.regions.com/locator/mlo/mortgage-loan-officer-sam-pittman-atlanta
205.255.103.100200 OK 18 kB URL HTTP/1.1 www.regions.com/locator/mlo/mortgage-loan-officer-sam-pittman-atlanta
IP 205.255.103.100:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (415), with CRLF line terminators
Hash 56a65eaf4bb6a71ff01d8e89ea2b59e6
17a401220d1dacf7d073d34ea008d8c90afac7e3
ed9e759d7d7b146dc959d884f81794b5352a0b463dc5af195c9a02f2e7db2688
GET /locator/mlo/mortgage-loan-officer-sam-pittman-atlanta HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae120545525d5f4f58455e445a4a423660
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: br
Vary: Accept-Encoding
Set-Cookie: ASP.NET_SessionId=im2s2ialuwbddasbza4zzea0; path=/; HttpOnly; SameSite=Lax
SC_ANALYTICS_GLOBAL_COOKIE=61ad4a2733e64dc3b4681dad6df71a00|False; expires=Sat, 18-Sep-2032 21:55:07 GMT; path=/; HttpOnly
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Date: Wed, 21 Sep 2022 21:55:06 GMT
Content-Length: 18010
Strict-Transport-Security: max-age=157680000
www.regions.com/RDCResources/Content/rdc-ui.min.css?v=1.0.0.30012
205.255.103.100200 OK 127 kB URL HTTP/1.1 www.regions.com/RDCResources/Content/rdc-ui.min.css?v=1.0.0.30012
IP 205.255.103.100:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 127 kB (126702 bytes)
Hash da3cd2f86ca8b7d05327fafd460aced4
ec18661d3be7932a10391760a81b5fbab6e160a7
e371192f0e3e490d2154ae5ea94f4fd2d8223779d7356944933f1d49cd652482
GET /RDCResources/Content/rdc-ui.min.css?v=1.0.0.30012 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-sam-pittman-atlanta
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae120545525d5f4f58455e445a4a423660; ASP.NET_SessionId=im2s2ialuwbddasbza4zzea0; SC_ANALYTICS_GLOBAL_COOKIE=61ad4a2733e64dc3b4681dad6df71a00|False
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 537788
Date: Thu, 15 Sep 2022 16:31:58 GMT
Cache-Control: max-age= 31536000,public
Content-Length: 126702
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "60c4675f9ab8d81:0"
Content-Type: text/css
Content-Encoding: br
Last-Modified: Thu, 25 Aug 2022 15:50:17 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/fonts/source-sans-pro-300-webfont.woff2
205.255.103.100200 OK 13 kB URL HTTP/1.1 www.regions.com/rdcresources/content/fonts/source-sans-pro-300-webfont.woff2
IP 205.255.103.100:0
File type Web Open Font Format (Version 2), TrueType, length 12936, version 1.0\012- data
Hash 6d4b2348a4f8f255a2bfd1ab35e30618
72a7e20b49379ccab237d004a3506e22b3b7934b
0d14a3a656216743eb1e133b5af93d6eaa98c6260b411a01894323e62166f80f
GET /rdcresources/content/fonts/source-sans-pro-300-webfont.woff2 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-sam-pittman-atlanta
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae120545525d5f4f58455e445a4a423660; ASP.NET_SessionId=im2s2ialuwbddasbza4zzea0; SC_ANALYTICS_GLOBAL_COOKIE=61ad4a2733e64dc3b4681dad6df71a00|False
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 531961
Date: Thu, 15 Sep 2022 18:09:05 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "9015e5609ab8d81:0"
Content-Type: font/woff2
Last-Modified: Thu, 25 Aug 2022 15:50:19 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 12936
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/fonts/source-sans-pro-regular-webfont.woff2
205.255.103.100200 OK 13 kB URL HTTP/1.1 www.regions.com/rdcresources/content/fonts/source-sans-pro-regular-webfont.woff2
IP 205.255.103.100:0
File type Web Open Font Format (Version 2), TrueType, length 13080, version 1.0\012- data
Hash 834648c5f6f2f73c3df33def9348d879
7385e4868c41fb1e4ba48503a16235ddb8cd8a6c
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
GET /rdcresources/content/fonts/source-sans-pro-regular-webfont.woff2 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-sam-pittman-atlanta
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae120545525d5f4f58455e445a4a423660; ASP.NET_SessionId=im2s2ialuwbddasbza4zzea0; SC_ANALYTICS_GLOBAL_COOKIE=61ad4a2733e64dc3b4681dad6df71a00|False
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 531961
Date: Thu, 15 Sep 2022 18:09:05 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "30d1f2609ab8d81:0"
Content-Type: font/woff2
Last-Modified: Thu, 25 Aug 2022 15:50:19 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 13080
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/fonts/source-sans-pro-600-webfont.woff2
205.255.103.100200 OK 13 kB URL HTTP/1.1 www.regions.com/rdcresources/content/fonts/source-sans-pro-600-webfont.woff2
IP 205.255.103.100:0
File type Web Open Font Format (Version 2), TrueType, length 13072, version 1.0\012- data
Hash 595d5c1e2d877c3a50a77158e977ede4
0564953f05d57246c240796c5ba2bbec8c8ba93c
72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652
GET /rdcresources/content/fonts/source-sans-pro-600-webfont.woff2 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-sam-pittman-atlanta
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae120545525d5f4f58455e445a4a423660; ASP.NET_SessionId=im2s2ialuwbddasbza4zzea0; SC_ANALYTICS_GLOBAL_COOKIE=61ad4a2733e64dc3b4681dad6df71a00|False
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 531961
Date: Thu, 15 Sep 2022 18:09:05 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "805fe7609ab8d81:0"
Content-Type: font/woff2
Last-Modified: Thu, 25 Aug 2022 15:50:19 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 13072
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/fonts/source-sans-pro-300italic-webfont.woff2
205.255.103.100200 OK 13 kB URL HTTP/1.1 www.regions.com/rdcresources/content/fonts/source-sans-pro-300italic-webfont.woff2
IP 205.255.103.100:0
File type Web Open Font Format (Version 2), TrueType, length 12592, version 1.0\012- data
Hash 48e38952d86d1b849b4e7e79c109a116
d8c9466e811876438d3e1d900943e3fa3d9625c1
0007bd27c6755494aa1b4fdebf9f019db02b59e5f02222148e136c75ccef026e
GET /rdcresources/content/fonts/source-sans-pro-300italic-webfont.woff2 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-sam-pittman-atlanta
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae120545525d5f4f58455e445a4a423660; ASP.NET_SessionId=im2s2ialuwbddasbza4zzea0; SC_ANALYTICS_GLOBAL_COOKIE=61ad4a2733e64dc3b4681dad6df71a00|False
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 506934
Date: Fri, 16 Sep 2022 01:06:13 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "307eeb609ab8d81:0"
Content-Type: font/woff2
Last-Modified: Thu, 25 Aug 2022 15:50:19 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 12592
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/fonts/source-sans-pro-italic-webfont.woff2
205.255.103.100200 OK 13 kB URL HTTP/1.1 www.regions.com/rdcresources/content/fonts/source-sans-pro-italic-webfont.woff2
IP 205.255.103.100:0
File type Web Open Font Format (Version 2), TrueType, length 12580, version 1.0\012- data
Hash 0408305af8e45ff50aa09d3d3732fc01
3ff33e34998c68f480305e1d91adcd1ed8a2a7ee
6b49f18370ab654be0367fb969d5015649fdf5406bcbec33e5b0644f4bb7fe0a
GET /rdcresources/content/fonts/source-sans-pro-italic-webfont.woff2 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-sam-pittman-atlanta
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae120545525d5f4f58455e445a4a423660; ASP.NET_SessionId=im2s2ialuwbddasbza4zzea0; SC_ANALYTICS_GLOBAL_COOKIE=61ad4a2733e64dc3b4681dad6df71a00|False
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 531961
Date: Thu, 15 Sep 2022 18:09:05 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "508e2609ab8d81:0"
Content-Type: font/woff2
Last-Modified: Thu, 25 Aug 2022 15:50:19 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 12580
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/fonts/droidserif-regular-webfont.woff2
205.255.103.100200 OK 25 kB URL HTTP/1.1 www.regions.com/rdcresources/content/fonts/droidserif-regular-webfont.woff2
IP 205.255.103.100:0
File type Web Open Font Format (Version 2), TrueType, length 25180, version 1.0\012- data
Hash ed97ad0179a7e320488aabe236a03029
4d605ccfe533eb243f6c3ca403785960d8b5cff9
3913c00225825b9de4b6f6f292d6222b4328c5e8ae85bbe7c8929660ab0f8dee
GET /rdcresources/content/fonts/droidserif-regular-webfont.woff2 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-sam-pittman-atlanta
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae120545525d5f4f58455e445a4a423660; ASP.NET_SessionId=im2s2ialuwbddasbza4zzea0; SC_ANALYTICS_GLOBAL_COOKIE=61ad4a2733e64dc3b4681dad6df71a00|False
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 506934
Date: Fri, 16 Sep 2022 01:06:13 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "309ce6609ab8d81:0"
Content-Type: font/woff2
Last-Modified: Thu, 25 Aug 2022 15:50:19 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 25180
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/fonts/droidserif-bold-webfont.woff2
205.255.103.100200 OK 28 kB URL HTTP/1.1 www.regions.com/rdcresources/content/fonts/droidserif-bold-webfont.woff2
IP 205.255.103.100:0
File type Web Open Font Format (Version 2), TrueType, length 28520, version 1.0\012- data
Hash 4a80ddcba4cef2129dec8753762ac8f1
44f352414c76a8f84c27d6240fa3634fd248f4fa
1fa9dc815c95ac07bd2badeacc086f16ea92051db9818ca26c2f7bf048ae8b40
GET /rdcresources/content/fonts/droidserif-bold-webfont.woff2 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-sam-pittman-atlanta
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae120545525d5f4f58455e445a4a423660; ASP.NET_SessionId=im2s2ialuwbddasbza4zzea0; SC_ANALYTICS_GLOBAL_COOKIE=61ad4a2733e64dc3b4681dad6df71a00|False
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 506934
Date: Fri, 16 Sep 2022 01:06:13 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "c0fbe7609ab8d81:0"
Content-Type: font/woff2
Last-Modified: Thu, 25 Aug 2022 15:50:19 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 28520
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/fonts/droidserif-italic-webfont.woff2
205.255.103.100200 OK 23 kB URL HTTP/1.1 www.regions.com/rdcresources/content/fonts/droidserif-italic-webfont.woff2
IP 205.255.103.100:0
File type Web Open Font Format (Version 2), TrueType, length 22988, version 1.0\012- data
Hash fe84712f81388dfad5f48e4de801ec44
1c3e195be8306df1edc70d4abfa9270876093640
98213150300a378382c71ad9eff1538120dd8f9f29780c475feead2add55d80d
GET /rdcresources/content/fonts/droidserif-italic-webfont.woff2 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-sam-pittman-atlanta
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae120545525d5f4f58455e445a4a423660; ASP.NET_SessionId=im2s2ialuwbddasbza4zzea0; SC_ANALYTICS_GLOBAL_COOKIE=61ad4a2733e64dc3b4681dad6df71a00|False
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 512725
Date: Thu, 15 Sep 2022 23:29:42 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "b098f1609ab8d81:0"
Content-Type: font/woff2
Last-Modified: Thu, 25 Aug 2022 15:50:19 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 22988
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/Logo/Desktop/header-logo-desktop-regions-standard.svg?revision=5073573a-233c-4471-a6dc-112e6b2cc767
205.255.103.100200 OK 2.8 kB URL HTTP/1.1 www.regions.com/-/media/Images/Logo/Desktop/header-logo-desktop-regions-standard.svg?revision=5073573a-233c-4471-a6dc-112e6b2cc767
IP 205.255.103.100:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1307)
Hash d58bee0aa7945d823a1107e530c1b91c
9030ba67d5b1bfbee85569b75f72e6a6c8de52af
7f9fe1eefa9793fa369be97036bb01cc78d3fad97d30579ac51d5a98d60cd36f
GET /-/media/Images/Logo/Desktop/header-logo-desktop-regions-standard.svg?revision=5073573a-233c-4471-a6dc-112e6b2cc767 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-sam-pittman-atlanta
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae120545525d5f4f58455e445a4a423660; ASP.NET_SessionId=im2s2ialuwbddasbza4zzea0; SC_ANALYTICS_GLOBAL_COOKIE=61ad4a2733e64dc3b4681dad6df71a00|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 537811
Date: Thu, 15 Sep 2022 16:31:35 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 2587ba95fc7a4fcfacd83d243f8c881d
Content-Type: image/svg+xml
Content-Encoding: br
Last-Modified: Fri, 03 Apr 2020 23:05:47 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Disposition: inline; filename="header-logo-desktop-regions-standard.svg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 2771
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/media/img/regions-logo-no-r.svg
205.255.103.100200 OK 2.2 kB URL HTTP/1.1 www.regions.com/rdcresources/content/media/img/regions-logo-no-r.svg
IP 205.255.103.100:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1024)
Hash a1f74587948b0dd3ba17bc85e8e17cf8
73c00bb48f58bc146754ff1e38e82367e62b623c
54d76bbd9a1b94ddf025374da0c8f6072f47c4b83305fa54773b348d99f2b184
GET /rdcresources/content/media/img/regions-logo-no-r.svg HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-sam-pittman-atlanta
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae120545525d5f4f58455e445a4a423660; ASP.NET_SessionId=im2s2ialuwbddasbza4zzea0; SC_ANALYTICS_GLOBAL_COOKIE=61ad4a2733e64dc3b4681dad6df71a00|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 537811
Date: Thu, 15 Sep 2022 16:31:35 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "70af715f9ab8d81:0"
Content-Type: image/svg+xml
Content-Encoding: br
Last-Modified: Thu, 25 Aug 2022 15:50:17 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 2183
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/DotCom/Locator/MLOs/mortgage-loan-officer-Sam-Pittman-Atlanta.ashx?revision=7a7fd425-9208-40f7-9c0f-06d1a74f16a7
205.255.103.100200 OK 43 kB URL HTTP/1.1 www.regions.com/-/media/Images/DotCom/Locator/MLOs/mortgage-loan-officer-Sam-Pittman-Atlanta.ashx?revision=7a7fd425-9208-40f7-9c0f-06d1a74f16a7
IP 205.255.103.100:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2017 (Windows), datetime=2019:06:06 16:14:08], progressive, precision 8, 175x175, components 3\012- data
Hash 32397022d69e7b0ac4477b80b20da343
bc1289007e641d0581332da77a105f2f86e222fa
7bf2fb9bcd447b91cd2e20f875325a4a0f3369e2abe830284a1f5ac7aee2488c
GET /-/media/Images/DotCom/Locator/MLOs/mortgage-loan-officer-Sam-Pittman-Atlanta.ashx?revision=7a7fd425-9208-40f7-9c0f-06d1a74f16a7 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-sam-pittman-atlanta
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae120545525d5f4f58455e445a4a423660; ASP.NET_SessionId=im2s2ialuwbddasbza4zzea0; SC_ANALYTICS_GLOBAL_COOKIE=61ad4a2733e64dc3b4681dad6df71a00|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 503011
Date: Fri, 16 Sep 2022 02:11:35 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: beb7aa3c1f7b4ed2bb4efbcfd723e7e5
Content-Length: 43429
Content-Type: application/octet-stream
Last-Modified: Tue, 04 May 2021 18:07:42 GMT
Accept-Ranges: bytes
Content-Disposition: attachment; filename="mortgage-loan-officer-Sam-Pittman-Atlanta"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/1px.gif
205.255.103.100200 OK 119 B URL HTTP/1.1 www.regions.com/-/media/Images/1px.gif
IP 205.255.103.100:0
File type PNG image data, 1 x 1, 8-bit/color RGB, non-interlaced\012- data
Hash ce21cbdd9b894e6af794813eb3fdaf60
d324efa2b5648eaca4a376c87a01808eb63cc18f
603506996b902b8797cbc1dc4bf350440caad5c59feb97c39344fd7648403b5d
GET /-/media/Images/1px.gif HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-sam-pittman-atlanta
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae120545525d5f4f58455e445a4a423660; ASP.NET_SessionId=im2s2ialuwbddasbza4zzea0; SC_ANALYTICS_GLOBAL_COOKIE=61ad4a2733e64dc3b4681dad6df71a00|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 537750
Date: Thu, 15 Sep 2022 16:32:36 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: abb54fb4cab64b92b52e12f5fa9df56a
Content-Type: image/png
Last-Modified: Fri, 11 Feb 2022 18:54:06 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="1px.png"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 119
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/WebSiteImages/avatar-branch.png?revision=04722475-1946-4ca4-8a8b-d8ca60b1b2e4
205.255.103.100200 OK 32 kB URL HTTP/1.1 www.regions.com/-/media/Images/WebSiteImages/avatar-branch.png?revision=04722475-1946-4ca4-8a8b-d8ca60b1b2e4
IP 205.255.103.100:0
File type PNG image data, 300 x 300, 8-bit/color RGB, non-interlaced\012- data
Hash 6fc369a602a8d0b803844cb324804c7d
415c94e7e9528cfcf2706ff599a72d148283384d
ae0ed41222aa8d4f4203f7734202032e84de9df5807b92ae3cc0fd26953e9b9e
GET /-/media/Images/WebSiteImages/avatar-branch.png?revision=04722475-1946-4ca4-8a8b-d8ca60b1b2e4 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-sam-pittman-atlanta
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae120545525d5f4f58455e445a4a423660; ASP.NET_SessionId=im2s2ialuwbddasbza4zzea0; SC_ANALYTICS_GLOBAL_COOKIE=61ad4a2733e64dc3b4681dad6df71a00|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 537730
Date: Thu, 15 Sep 2022 16:32:56 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: f785d9fe41924d3d829e9becc9f49ec4
Content-Length: 32529
Content-Type: image/png
Last-Modified: Wed, 29 Jun 2016 16:37:41 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="avatar-branch.png"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/media/img/icon-help.svg
205.255.103.100200 OK 1.6 kB URL HTTP/1.1 www.regions.com/rdcresources/content/media/img/icon-help.svg
IP 205.255.103.100:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (2810)
Hash 1e87abefd0a276764c34a02b603b55db
726453b4422b74ff47e7219c823e809bc2dc0763
f00319af3c6c500e1707cb37995e13782710bc08ec0e2bc68a4e6ea28053c25b
GET /rdcresources/content/media/img/icon-help.svg HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/RDCResources/Content/rdc-ui.min.css?v=1.0.0.30012
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae120545525d5f4f58455e445a4a423660; ASP.NET_SessionId=im2s2ialuwbddasbza4zzea0; SC_ANALYTICS_GLOBAL_COOKIE=61ad4a2733e64dc3b4681dad6df71a00|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 537811
Date: Thu, 15 Sep 2022 16:31:35 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "0e82609ab8d81:0"
Content-Type: image/svg+xml
Content-Encoding: br
Last-Modified: Thu, 25 Aug 2022 15:50:19 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 1604
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/media/img/icon-header-chevron-down.svg
205.255.103.100200 OK 517 B URL HTTP/1.1 www.regions.com/rdcresources/content/media/img/icon-header-chevron-down.svg
IP 205.255.103.100:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text
Hash 6fe592877f7dfdf762e54c6897eb7b82
e938188ad794631774fc4f3c9164c00007d50efd
879055122ad0f1083f2205e4e45871dfdbba85a5d1015fd62caef18ff002cd17
GET /rdcresources/content/media/img/icon-header-chevron-down.svg HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/RDCResources/Content/rdc-ui.min.css?v=1.0.0.30012
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae120545525d5f4f58455e445a4a423660; ASP.NET_SessionId=im2s2ialuwbddasbza4zzea0; SC_ANALYTICS_GLOBAL_COOKIE=61ad4a2733e64dc3b4681dad6df71a00|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 537811
Date: Thu, 15 Sep 2022 16:31:35 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "90464b609ab8d81:0"
Content-Type: image/svg+xml
Content-Encoding: br
Last-Modified: Thu, 25 Aug 2022 15:50:18 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 517
Strict-Transport-Security: max-age=157680000
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4648
Expires: Wed, 21 Sep 2022 23:12:36 GMT
Date: Wed, 21 Sep 2022 21:55:08 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dab1f2cd68979d2004ba4449d759a341
54ed14436a75ba2aeb8459bad2ce70229aff4203
e782fb5ede547e1b167719068c6821c62414dcb0991bf9ac38285cb3ce8894e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10038
x-amzn-requestid: 4cf38a70-a706-4e6a-b854-9404727c599d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yxy1mHDCIAMF5-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a31bd-5aba5b0640221b302a19781b;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:33:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NzOpixfxr2pFiDhF5WUGmjD8r2CTn1grSkCEyWvthxRq0djbDKjknA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:15:05 GMT
age: 85203
etag: "54ed14436a75ba2aeb8459bad2ce70229aff4203"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14e6ddceb639a5f4875aecb796f95c79
b1cd04a66852694284eeef16a1cde38896e33c03
4c0657a00d7fb4caefa64c28340cad94a306cc393cffe692fcc69c65a80f2391
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10244
x-amzn-requestid: 71f08b9e-e977-48de-ad60-5192a43db517
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYwBkGqjIAMFz0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202d3d-0af3334d085ca4a764e31bb5;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7FaZfI_iYUANPdxGBld5NfneWwKJeX2nYA_gmvF9NjML5YOVhZIIoA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 19:20:13 GMT
age: 9295
etag: "b1cd04a66852694284eeef16a1cde38896e33c03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.regions.com/rdcresources/content/media/images/websiteimages/icon-diploma.svg
205.255.103.100200 OK 999 B URL HTTP/1.1 www.regions.com/rdcresources/content/media/images/websiteimages/icon-diploma.svg
IP 205.255.103.100:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2436)
Hash 3f7ebf0a903242cf3f25bc1bc160577a
93687981f9912dbb442c5ff91757ef2794457f7b
1ffe8b84b0938826970ed87dd87578870553bf2e21b56d91cfba29a269bfd335
GET /rdcresources/content/media/images/websiteimages/icon-diploma.svg HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/RDCResources/Content/rdc-ui.min.css?v=1.0.0.30012
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae120545525d5f4f58455e445a4a423660; ASP.NET_SessionId=im2s2ialuwbddasbza4zzea0; SC_ANALYTICS_GLOBAL_COOKIE=61ad4a2733e64dc3b4681dad6df71a00|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 537721
Date: Thu, 15 Sep 2022 16:33:07 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "20bce609ab8d81:0"
Content-Type: image/svg+xml
Content-Encoding: br
Last-Modified: Thu, 25 Aug 2022 15:50:19 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 999
Strict-Transport-Security: max-age=157680000
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc349860f-d61d-42ea-8638-7ebcefe23e00.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc349860f-d61d-42ea-8638-7ebcefe23e00.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1976af26c5d4a671c8298bffafc90ce3
9b17ad091f936a8dd50126ce9ad5f9a7fd7d55f8
2349b9e1233d43cf8d0ff273f8bf6147dda00314fd631a81cb278ce0b8e32684
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc349860f-d61d-42ea-8638-7ebcefe23e00.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 12545
x-amzn-requestid: 6720348a-0245-486b-a978-2df18eb4bd43
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yl7YKHayIAMFo1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6325729a-2601f775219651777cba839c;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 07:09:14 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NdQpOGtyA7AxpmkvFf3K3IrkgSku9QQzQ4BvpoRfTv16Kj1Gr6n7oA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 07:34:13 GMT
age: 51655
etag: "9b17ad091f936a8dd50126ce9ad5f9a7fd7d55f8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2ed7323b395e757f7766ea0045efdaca
8b91bc3069a3217bc719c27959d578b353b5d9dc
8daf8cb1464daa5f72bc4f1049adb4aba00b2c2dec11cb3ade3454ec2ebbfb63
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11832
x-amzn-requestid: 75065a71-5f2d-4987-915b-9bddc772c76a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI_EsLIAMFdmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-1248d25405209da3353d4a4a;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gLh2EBTPdXvFtZuYKH1NVZebvnz4Rhs-f_rZPtfJpIWNemEk0upeOQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:07:08 GMT
age: 85680
etag: "8b91bc3069a3217bc719c27959d578b353b5d9dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf057f43-44fd-440b-bd96-67b16eb4eb13.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf057f43-44fd-440b-bd96-67b16eb4eb13.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f7b780d39877eea116277625aaa01f1b
d8ac8a7e19b06e38070a0319cde24b5bf0eaa7db
ca9d59056e0a3f512d36db11f4a4bd3109c2ce1e13b29b5f40dce84df079e71f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf057f43-44fd-440b-bd96-67b16eb4eb13.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12654
x-amzn-requestid: efc99152-2b51-462d-b48b-67ba8263b1cf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YpOJOGVYoAMFcvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6326c3d4-00eeb6913e06ac151f293263;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 07:08:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: nSWUmBqJPIBYNoLtyrfAN7CK4367b6TEku9eki8BGJVdTWW3dSyckw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 06:45:55 GMT
age: 54553
etag: "d8ac8a7e19b06e38070a0319cde24b5bf0eaa7db"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a692964324dbb9c460a1b855808d02e6
1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54
3fa9e780d62fffb635064aeed542c8e04923ff943c6080476836fab6c24e2426
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9201
x-amzn-requestid: 6dbfae76-f9ab-4f31-9b62-bcf5d9ce4515
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YxzxlEYcoAMFaQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a333d-7d147481402cc46a751b72ed;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:40:13 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JEb0g486u6AjYFbf8rSbreKjh0m1GsAGbvykHl0oahmVN2ciqe5FOw==
via: 1.1 7dcaa43cd0535d889b549e6a30a57aa0.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:14:57 GMT
etag: "1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54"
content-type: image/jpeg
age: 85211
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.regions.com/rdcresources/content/media/images/websiteimages/icon-arrow-left.svg
205.255.103.100200 OK 182 B URL HTTP/1.1 www.regions.com/rdcresources/content/media/images/websiteimages/icon-arrow-left.svg
IP 205.255.103.100:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 3d6e93f26cbed5c0aa513bf999390324
2eba3877db3b6e7628432bac0ddaa87bb15e0964
16bf21ce7515f635f6001facdc834a464e4f33ee66f8107a6d9c591b652d8945
GET /rdcresources/content/media/images/websiteimages/icon-arrow-left.svg HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/RDCResources/Content/rdc-ui.min.css?v=1.0.0.30012
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae120545525d5f4f58455e445a4a423660; ASP.NET_SessionId=im2s2ialuwbddasbza4zzea0; SC_ANALYTICS_GLOBAL_COOKIE=61ad4a2733e64dc3b4681dad6df71a00|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 537802
Date: Thu, 15 Sep 2022 16:31:45 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "c020cd609ab8d81:0"
Content-Type: image/svg+xml
Content-Encoding: br
Last-Modified: Thu, 25 Aug 2022 15:50:19 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 182
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/WebSiteImages/loader.gif
205.255.103.100200 OK 8.4 kB URL HTTP/1.1 www.regions.com/-/media/Images/WebSiteImages/loader.gif
IP 205.255.103.100:0
File type GIF image data, version 89a, 80 x 80\012- data
Hash 0eb0c1bdfdc4a4bd352121f51fec9149
d19adfb29240f0e08accaa483fc00c83c795f369
94a9405de974c3a6ea53616c60777c091e1330fb1b07549d5bdba4168cd19e70
GET /-/media/Images/WebSiteImages/loader.gif HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/RDCResources/Content/rdc-ui.min.css?v=1.0.0.30012
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae120545525d5f4f58455e445a4a423660; ASP.NET_SessionId=im2s2ialuwbddasbza4zzea0; SC_ANALYTICS_GLOBAL_COOKIE=61ad4a2733e64dc3b4681dad6df71a00|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 537751
Date: Thu, 15 Sep 2022 16:32:36 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 7cfa43f033c942d7a4dbec8b73001e6b
Content-Type: image/gif
Last-Modified: Fri, 03 Apr 2020 23:05:54 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="loader.gif"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 8369
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/media/images/websiteimages/icon-search.svg
205.255.103.100200 OK 383 B URL HTTP/1.1 www.regions.com/rdcresources/content/media/images/websiteimages/icon-search.svg
IP 205.255.103.100:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (885)
Hash 5a496f703b488debeff9e2a3ffb15431
45c6bcfbba5d287d4ab934f1be58936ce02b07f1
cccd3510527cc3dba2e9549bfafc7d5adcc841c85ac5adc3ece5e929e5110521
GET /rdcresources/content/media/images/websiteimages/icon-search.svg HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/RDCResources/Content/rdc-ui.min.css?v=1.0.0.30012
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae120545525d5f4f58455e445a4a423660; ASP.NET_SessionId=im2s2ialuwbddasbza4zzea0; SC_ANALYTICS_GLOBAL_COOKIE=61ad4a2733e64dc3b4681dad6df71a00|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 537731
Date: Thu, 15 Sep 2022 16:32:56 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "f095cd609ab8d81:0"
Content-Type: image/svg+xml
Content-Encoding: br
Last-Modified: Thu, 25 Aug 2022 15:50:19 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 383
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/media/images/websiteimages/icon-arrow-right.svg
205.255.103.100200 OK 178 B URL HTTP/1.1 www.regions.com/rdcresources/content/media/images/websiteimages/icon-arrow-right.svg
IP 205.255.103.100:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 3fdfa195b0c473d29f63646ffc634e37
1269b3601af214b36e1215d781c1042b192333ad
14bd0be8cfd82397404fec404f48f9994b2dd47fceb8a4f6b004d59803cade17
GET /rdcresources/content/media/images/websiteimages/icon-arrow-right.svg HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/RDCResources/Content/rdc-ui.min.css?v=1.0.0.30012
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae120545525d5f4f58455e445a4a423660; ASP.NET_SessionId=im2s2ialuwbddasbza4zzea0; SC_ANALYTICS_GLOBAL_COOKIE=61ad4a2733e64dc3b4681dad6df71a00|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 537802
Date: Thu, 15 Sep 2022 16:31:45 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "c020cd609ab8d81:0"
Content-Type: image/svg+xml
Content-Encoding: br
Last-Modified: Thu, 25 Aug 2022 15:50:19 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 178
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/WebSiteImages/video-component-background.jpg
205.255.103.100200 OK 86 kB URL HTTP/1.1 www.regions.com/-/media/Images/WebSiteImages/video-component-background.jpg
IP 205.255.103.100:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2800x900, components 3\012- data
Hash 714ec83101dd539af3adda51008a05d1
e2532bb228b37f019f4c7e50a850cc10d3dc5d3a
7caee0314b38dbf2499e877aaf6fc68cc34521d63d55a08d8b8ea4cecb7f7990
GET /-/media/Images/WebSiteImages/video-component-background.jpg HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/RDCResources/Content/rdc-ui.min.css?v=1.0.0.30012
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae120545525d5f4f58455e445a4a423660; ASP.NET_SessionId=im2s2ialuwbddasbza4zzea0; SC_ANALYTICS_GLOBAL_COOKIE=61ad4a2733e64dc3b4681dad6df71a00|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 537769
Date: Thu, 15 Sep 2022 16:32:19 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 9d7b5cdd37ac4196bc046f22d89a7d60
Content-Type: image/jpeg
Last-Modified: Fri, 03 Apr 2020 23:05:56 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="video-component-background.jpg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 85802
Strict-Transport-Security: max-age=157680000
www.regions.com/RDCResources/Scripts/rdc-ui.min.js?v=1.0.0.30012
205.255.103.100200 OK 152 kB URL HTTP/1.1 www.regions.com/RDCResources/Scripts/rdc-ui.min.js?v=1.0.0.30012
IP 205.255.103.100:0
File type Unicode text, UTF-8 text, with very long lines (60936)
Size 152 kB (152472 bytes)
Hash 2a9f15958185b4f994c972abc957498f
2cb3a68eeadd9ccd669ca37bb19d2c71fe9fde21
6d293278c7819ea252248629add5e0b13684b5ca1750e8eca66aaf3ef0696d34
GET /RDCResources/Scripts/rdc-ui.min.js?v=1.0.0.30012 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-sam-pittman-atlanta
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae120545525d5f4f58455e445a4a423660; ASP.NET_SessionId=im2s2ialuwbddasbza4zzea0; SC_ANALYTICS_GLOBAL_COOKIE=61ad4a2733e64dc3b4681dad6df71a00|False
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 537788
Date: Thu, 15 Sep 2022 16:31:58 GMT
Cache-Control: max-age= 31536000,public
Content-Length: 152472
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "0733619ab8d81:0"
Content-Type: application/javascript
Content-Encoding: br
Last-Modified: Thu, 25 Aug 2022 15:50:19 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FH-Save-Money-Refinancing-Your-Mortgage.jpg?revision=d3ad0902-be59-443c-a8a8-980c0ba397cd
205.255.103.100200 OK 16 kB URL HTTP/1.1 www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FH-Save-Money-Refinancing-Your-Mortgage.jpg?revision=d3ad0902-be59-443c-a8a8-980c0ba397cd
IP 205.255.103.100:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 216x228, components 3\012- data
Hash 51dd85ef382069ec38904173a12e9812
e821e922c3f7a622b4d032032d8c13eaaa71013a
e0863c1bfa4b1cc0e2068765f09fc77f543a4caa33fdc6b41da08d3f28b9b6b0
GET /-/media/Images/Insights/Thumbnail/Personal/P-H-FH-Save-Money-Refinancing-Your-Mortgage.jpg?revision=d3ad0902-be59-443c-a8a8-980c0ba397cd HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-sam-pittman-atlanta
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae120545525d5f4f58455e445a4a423660; ASP.NET_SessionId=im2s2ialuwbddasbza4zzea0; SC_ANALYTICS_GLOBAL_COOKIE=61ad4a2733e64dc3b4681dad6df71a00|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 537739
Date: Thu, 15 Sep 2022 16:32:48 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: ecc44ec6c3da494498bf2e82b723f903
Content-Type: image/jpeg
Last-Modified: Fri, 11 Sep 2020 15:58:15 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="P-H-FH-Save-Money-Refinancing-Your-Mortgage.jpg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 16468
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FH-Questions_to_Ask_When_Considering_a_Home_Equity-Thumb.jpg?revision=bef24dc0-fea4-4d81-999e-3fcb5fc79dd3
205.255.103.100200 OK 34 kB URL HTTP/1.1 www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FH-Questions_to_Ask_When_Considering_a_Home_Equity-Thumb.jpg?revision=bef24dc0-fea4-4d81-999e-3fcb5fc79dd3
IP 205.255.103.100:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 432x456, components 3\012- data
Hash cddff7f07661de94582305c4455e96d7
e61aba41b7d7cc1b05560a1387824f82092cfd05
e6ddaffbc4e3f08ebe842ed529a3aaccbd23d6a140e5cc10db89b056f11e7105
GET /-/media/Images/Insights/Thumbnail/Personal/P-H-FH-Questions_to_Ask_When_Considering_a_Home_Equity-Thumb.jpg?revision=bef24dc0-fea4-4d81-999e-3fcb5fc79dd3 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-sam-pittman-atlanta
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae120545525d5f4f58455e445a4a423660; ASP.NET_SessionId=im2s2ialuwbddasbza4zzea0; SC_ANALYTICS_GLOBAL_COOKIE=61ad4a2733e64dc3b4681dad6df71a00|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 537739
Date: Thu, 15 Sep 2022 16:32:48 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 73176d8e641740558ec2903100565b1b
Content-Type: image/jpeg
Last-Modified: Fri, 11 Sep 2020 15:58:15 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="P-H-FH-Questions_to_Ask_When_Considering_a_Home_Equity-Thumb.jpg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 33665
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-UYHE-Is_a_Home_Equity_Loan_or_Line_of_Credit_Right_for_you-Thumb.jpg?revision=015fa817-5dd3-4991-852e-0e106801180a
205.255.103.100200 OK 21 kB URL HTTP/1.1 www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-UYHE-Is_a_Home_Equity_Loan_or_Line_of_Credit_Right_for_you-Thumb.jpg?revision=015fa817-5dd3-4991-852e-0e106801180a
IP 205.255.103.100:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 432x456, components 3\012- data
Hash de1166a7dea4821e653419386f30ef80
849da63131c1f7333e790c7b8470beea90797a3d
73f81791ec41abc9a738979de0f83bd6c2efc70908e86047ff2b2aa5cdb62a60
GET /-/media/Images/Insights/Thumbnail/Personal/P-H-UYHE-Is_a_Home_Equity_Loan_or_Line_of_Credit_Right_for_you-Thumb.jpg?revision=015fa817-5dd3-4991-852e-0e106801180a HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-sam-pittman-atlanta
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae120545525d5f4f58455e445a4a423660; ASP.NET_SessionId=im2s2ialuwbddasbza4zzea0; SC_ANALYTICS_GLOBAL_COOKIE=61ad4a2733e64dc3b4681dad6df71a00|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 537739
Date: Thu, 15 Sep 2022 16:32:48 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 8ca54c4c0b8e477093a82d2796b8587b
Content-Type: image/jpeg
Last-Modified: Fri, 11 Sep 2020 15:58:11 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="P-H-UYHE-Is_a_Home_Equity_Loan_or_Line_of_Credit_Right_for_you-Thumb.jpg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 20600
Strict-Transport-Security: max-age=157680000
www.regions.com/locator/mlo/-/media/Images/Icon/icon-calendar/icon-calendar.svg
205.255.103.100200 OK 940 B URL HTTP/1.1 www.regions.com/locator/mlo/-/media/Images/Icon/icon-calendar/icon-calendar.svg
IP 205.255.103.100:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2699), with no line terminators
Hash c83395d617c81d10166217b9351ddd3d
cc2faff006102f6fffddc4ad5455391471459233
e9c2910517c5105adba61d2001a7ab4ad1f36b90e059fdc8464c6f851310f899
GET /locator/mlo/-/media/Images/Icon/icon-calendar/icon-calendar.svg HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-sam-pittman-atlanta
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae120545525d5f4f58455e445a4a423660; ASP.NET_SessionId=im2s2ialuwbddasbza4zzea0; SC_ANALYTICS_GLOBAL_COOKIE=61ad4a2733e64dc3b4681dad6df71a00|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 537719
Date: Thu, 15 Sep 2022 16:33:08 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 280096ce24584f08ae4f82ec6e1611c5
Content-Type: image/svg+xml
Content-Encoding: br
Last-Modified: Wed, 03 Mar 2021 23:16:47 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Disposition: inline; filename="icon-calendar.svg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 940
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FAH-ThingsToKnowAboutAnAdjustableRateMortgage-Thumb.jpg?revision=7359873d-ce42-45c7-bef6-35604caaf84b
205.255.103.100200 OK 33 kB URL HTTP/1.1 www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FAH-ThingsToKnowAboutAnAdjustableRateMortgage-Thumb.jpg?revision=7359873d-ce42-45c7-bef6-35604caaf84b
IP 205.255.103.100:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 432x456, components 3\012- data
Hash a0fdb87f17a0891d20b4c7c7dd489ae3
e64540d9a8a47e946531663c1939a7595ac0da41
673948f25b84f697a6098cdb3880ed34ad8675ffd4b3c5b7c7c984a4a091a551
GET /-/media/Images/Insights/Thumbnail/Personal/P-H-FAH-ThingsToKnowAboutAnAdjustableRateMortgage-Thumb.jpg?revision=7359873d-ce42-45c7-bef6-35604caaf84b HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-sam-pittman-atlanta
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae120545525d5f4f58455e445a4a423660; ASP.NET_SessionId=im2s2ialuwbddasbza4zzea0; SC_ANALYTICS_GLOBAL_COOKIE=61ad4a2733e64dc3b4681dad6df71a00|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 537693
Date: Thu, 15 Sep 2022 16:33:34 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 8058e759fc414eed969f8bd2f43e85a0
Content-Length: 33076
Content-Type: image/jpeg
Last-Modified: Fri, 11 Sep 2020 15:58:16 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="P-H-FAH-ThingsToKnowAboutAnAdjustableRateMortgage-Thumb.jpg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FAH-applying-for-a-home-loan-podcast-Thumb.jpg?revision=69f08e28-6916-4f57-a2ed-a1f0ed32dc22
205.255.103.100200 OK 88 kB URL HTTP/1.1 www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FAH-applying-for-a-home-loan-podcast-Thumb.jpg?revision=69f08e28-6916-4f57-a2ed-a1f0ed32dc22
IP 205.255.103.100:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.0 (Macintosh), datetime=2020:01:16 13:19:44], baseline, precision 8, 432x456, components 3\012- data
Hash c8841785cd39c7400eb055f52f4fd395
dcb5859dc36c50ab2727e2a9366d5c59551a4b28
1d47fb60ed8a9217554a061f114f98265f0241adeec6b7ecfe58b98a9ca9f137
GET /-/media/Images/Insights/Thumbnail/Personal/P-H-FAH-applying-for-a-home-loan-podcast-Thumb.jpg?revision=69f08e28-6916-4f57-a2ed-a1f0ed32dc22 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-sam-pittman-atlanta
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae120545525d5f4f58455e445a4a423660; ASP.NET_SessionId=im2s2ialuwbddasbza4zzea0; SC_ANALYTICS_GLOBAL_COOKIE=61ad4a2733e64dc3b4681dad6df71a00|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 537690
Date: Thu, 15 Sep 2022 16:33:38 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: db4a6978e622401bbde4a35d3c2b7841
Content-Length: 88363
Content-Type: image/jpeg
Last-Modified: Fri, 11 Sep 2020 15:58:05 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="P-H-FAH-applying-for-a-home-loan-podcast-Thumb.jpg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/Insights/Thumbnail/Personal/H-FAH-preparing-for-a-major-home-remodel-thumb.jpg?revision=cea5c952-835f-4735-af18-4850d9b0646f
205.255.103.100200 OK 98 kB URL HTTP/1.1 www.regions.com/-/media/Images/Insights/Thumbnail/Personal/H-FAH-preparing-for-a-major-home-remodel-thumb.jpg?revision=cea5c952-835f-4735-af18-4850d9b0646f
IP 205.255.103.100:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 432x456, components 3\012- data
Hash 372bd7f2ff8ecf74e939d7d7e2ad94af
320244fbc60864b6662f3ae720817099bfaf3add
80d2097213a26f3ae12d5deae29efca6864f9cd0e7886a03812f0da841667207
GET /-/media/Images/Insights/Thumbnail/Personal/H-FAH-preparing-for-a-major-home-remodel-thumb.jpg?revision=cea5c952-835f-4735-af18-4850d9b0646f HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-sam-pittman-atlanta
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae120545525d5f4f58455e445a4a423660; ASP.NET_SessionId=im2s2ialuwbddasbza4zzea0; SC_ANALYTICS_GLOBAL_COOKIE=61ad4a2733e64dc3b4681dad6df71a00|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 537739
Date: Thu, 15 Sep 2022 16:32:48 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: f78551ee84504eef883b8b40efb13011
Content-Type: image/jpeg
Last-Modified: Mon, 01 Mar 2021 14:39:24 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="H-FAH-preparing-for-a-major-home-remodel-thumb.jpg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 98074
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FAH-understanding-adjustable-rate-mortgages-podcast-Thumb.jpg?revision=123ce605-bb6a-45a2-bee4-cfab482b5041
205.255.103.100200 OK 89 kB URL HTTP/1.1 www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FAH-understanding-adjustable-rate-mortgages-podcast-Thumb.jpg?revision=123ce605-bb6a-45a2-bee4-cfab482b5041
IP 205.255.103.100:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.0 (Macintosh), datetime=2020:01:16 13:59:30 DIY-Thermocam raw data\012- (Lepton 2.x), scale 21870-29766, spot sensor temperature 74893065746301681918931676168192.000000, unit celsius, color scheme 0, calibration: offset 0.000000, slope 137438953472.000000], baseline, precision 8, 432x456, components 3\012- data
Hash 6f07089f352bd05fa11d90f30e6cc5e4
0cb2658df6969bd6b8be226965eb2c259f0ea20b
1d0f2941a7e38e37c07ab51df9d709e4711faee18fdba5382811abb70e061fa3
GET /-/media/Images/Insights/Thumbnail/Personal/P-H-FAH-understanding-adjustable-rate-mortgages-podcast-Thumb.jpg?revision=123ce605-bb6a-45a2-bee4-cfab482b5041 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-sam-pittman-atlanta
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae120545525d5f4f58455e445a4a423660; ASP.NET_SessionId=im2s2ialuwbddasbza4zzea0; SC_ANALYTICS_GLOBAL_COOKIE=61ad4a2733e64dc3b4681dad6df71a00|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 537690
Date: Thu, 15 Sep 2022 16:33:37 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: fbff9ae4cc204417b09fbc41995b15f9
Content-Type: image/jpeg
Last-Modified: Fri, 11 Sep 2020 15:58:05 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="P-H-FAH-understanding-adjustable-rate-mortgages-podcast-Thumb.jpg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 88747
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FYH-Checklist_Closing_Costs_vs_Prepaid_Items-Thumb.jpg?revision=fd9cddf8-1e36-4d44-a1ee-5aeef8da81e8
205.255.103.100200 OK 22 kB URL HTTP/1.1 www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FYH-Checklist_Closing_Costs_vs_Prepaid_Items-Thumb.jpg?revision=fd9cddf8-1e36-4d44-a1ee-5aeef8da81e8
IP 205.255.103.100:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 432x456, components 3\012- data
Hash 43c3979dfaa872bee3d5ecd678b41551
efb2b3011959b7e59fdf8a0242fc69190eb85e4b
852995c5e7bd28d42e0086cac3de58ddbd9ef0161ade5267f3d16b09579dd6d4
GET /-/media/Images/Insights/Thumbnail/Personal/P-H-FYH-Checklist_Closing_Costs_vs_Prepaid_Items-Thumb.jpg?revision=fd9cddf8-1e36-4d44-a1ee-5aeef8da81e8 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-sam-pittman-atlanta
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae120545525d5f4f58455e445a4a423660; ASP.NET_SessionId=im2s2ialuwbddasbza4zzea0; SC_ANALYTICS_GLOBAL_COOKIE=61ad4a2733e64dc3b4681dad6df71a00|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 537696
Date: Thu, 15 Sep 2022 16:33:32 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 0bad9f02bd23408ba9830e28065b7798
Content-Type: image/jpeg
Last-Modified: Fri, 11 Sep 2020 15:58:16 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="P-H-FYH-Checklist_Closing_Costs_vs_Prepaid_Items-Thumb.jpg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 21773
Strict-Transport-Security: max-age=157680000
nexus.ensighten.com/regions/regions-prod/Bootstrap.js
54.230.111.74200 OK 76 kB URL HTTP/2 nexus.ensighten.com/regions/regions-prod/Bootstrap.js
IP 54.230.111.74:0
File type ASCII text, with very long lines (1435)
Hash 9281320bc94bfc0ce760817395021a80
2d8e2eee52cf6c78c9a989371d605b68c02dbf3c
04eda5773f4dfeac8064c7421370f01831d38c0aa0f6a93540d150a4c3173fb5
GET /regions/regions-prod/Bootstrap.js HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Mon, 19 Sep 2022 16:09:11 GMT
x-amz-replication-status: COMPLETED
last-modified: Mon, 19 Sep 2022 16:07:06 GMT
etag: W/"bd4cc1f165d8268b3ef42410d5eef180"
x-amz-server-side-encryption: AES256
cache-control: max-age=300
x-amz-version-id: pkWvcHky0GFZCd50wglhuUODckz_uh37
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BWNyMQtRgW6-T02L3luELFaTvSvf98jeISayhNoYZPXr-d1ARgogbA==
age: 193558
X-Firefox-Spdy: h2
www.regions.com/-/media/Images/WebSiteImages/favicon.ico
205.255.103.100200 OK 9.7 kB URL HTTP/1.1 www.regions.com/-/media/Images/WebSiteImages/favicon.ico
IP 205.255.103.100:0
File type MS Windows icon resource - 1 icon, 48x48, 32 bits/pixel\012- data
Hash 770326a3949eeac3b1b32f636a435b24
34e947c7883865ed4982b1108ff1d8d3225edaaf
d40069d6602b8db241d15a18513f0d26f783b9b012a46b7fca2bd4a23ccb5be1
GET /-/media/Images/WebSiteImages/favicon.ico HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-sam-pittman-atlanta
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae120545525d5f4f58455e445a4a423660; ASP.NET_SessionId=im2s2ialuwbddasbza4zzea0; SC_ANALYTICS_GLOBAL_COOKIE=61ad4a2733e64dc3b4681dad6df71a00|False; Regions_SessionId=33a91391-5855-4d19-8ed4-dfdcbab1e318
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 537807
Date: Thu, 15 Sep 2022 16:31:40 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: c8a67602af18477991e64598d71384a6
Content-Type: image/x-icon
Last-Modified: Wed, 26 Jan 2022 21:49:47 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="favicon.ico"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 9662
Strict-Transport-Security: max-age=157680000
maps.googleapis.com/maps/api/js?v=3.exp&libraries=places&client=gme-regionsbank&callback=REGIONS.maps.afterInit&_=1663797308240
216.58.207.234200 OK 56 kB URL HTTP/2 maps.googleapis.com/maps/api/js?v=3.exp&libraries=places&client=gme-regionsbank&callback=REGIONS.maps.afterInit&_=1663797308240
IP 216.58.207.234:0
File type ASCII text, with very long lines (2523)
Hash 0cabadca93273ecd5e121822cc3b1687
b16438f26f4c316f068085247fc282b1a242c2c1
a6bdb1642c572ed7b4cceb57f52a000f58ab2436b48e2b1bf503fea877939c96
GET /maps/api/js?v=3.exp&libraries=places&client=gme-regionsbank&callback=REGIONS.maps.afterInit&_=1663797308240 HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Wed, 21 Sep 2022 21:55:08 GMT
expires: Wed, 21 Sep 2022 22:25:08 GMT
cache-control: public, max-age=1800
vary: Accept-Language
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 56312
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=20
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c8ac2005f83e8a3a9da1a9837b6c2ff3
7c05f49683e49232c1e11b91253e684d2f96ab83
b0b42743b4c7e4b528fd78aadc5429ef34c2e127f3d5147330d428a47203dc0a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:55:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.regions.com/-/media/Images/DotCom/Generic/video-component-background.jpg?revision=bd3405f8-01e8-4334-ab30-0fa6d90ca353
205.255.103.100200 OK 926 kB URL HTTP/1.1 www.regions.com/-/media/Images/DotCom/Generic/video-component-background.jpg?revision=bd3405f8-01e8-4334-ab30-0fa6d90ca353
IP 205.255.103.100:0
File type PNG image data, 1400 x 450, 8-bit/color RGBA, non-interlaced\012- data
Size 926 kB (926480 bytes)
Hash 869f6fce3cc41447159b757d89bc8ba7
e9e34caba119cb5727bf3324c4d897edd22ea1e6
8e8dcd035a49dabbf01d255019d0fca12bace4c39bbb8b3aa7373a1dadae49a5
GET /-/media/Images/DotCom/Generic/video-component-background.jpg?revision=bd3405f8-01e8-4334-ab30-0fa6d90ca353 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-sam-pittman-atlanta
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae120545525d5f4f58455e445a4a423660; ASP.NET_SessionId=im2s2ialuwbddasbza4zzea0; SC_ANALYTICS_GLOBAL_COOKIE=61ad4a2733e64dc3b4681dad6df71a00|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 537719
Date: Thu, 15 Sep 2022 16:33:08 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: f294c5922dab4c0da74893f259ffb939
Content-Type: image/png
Last-Modified: Tue, 04 Aug 2020 19:24:35 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="video-component-background.png"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 926480
Strict-Transport-Security: max-age=157680000
nexus.ensighten.com/regions/regions-prod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/regions/regions-prod/code/&publishedOn=Mon%20Sep%2019%2016:07:04%20GMT%202022&ClientID=1202&PageID=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta
54.230.111.74200 OK 398 B URL HTTP/2 nexus.ensighten.com/regions/regions-prod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/regions/regions-prod/code/&publishedOn=Mon%20Sep%2019%2016:07:04%20GMT%202022&ClientID=1202&PageID=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta
IP 54.230.111.74:0
File type ASCII text, with very long lines (397)
Hash eca5f4d7adad9454eb43709ab73e24ad
cca1cf81a2bc2bf929cfa86de5cd07b29af98562
3e0db043daba53abb2d745a1047a9585cd636e9cf579afcf43192d9064172d1d
GET /regions/regions-prod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/regions/regions-prod/code/&publishedOn=Mon%20Sep%2019%2016:07:04%20GMT%202022&ClientID=1202&PageID=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 398
server: nginx
date: Wed, 21 Sep 2022 21:55:09 GMT
expires: Wed, 21 Sep 2022 21:55:08 GMT
cache-control: no-cache, no-store
x-cache: Miss from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: llQIdkbFwDvBdXQ_7aJ6UR_SkjiQ_X7n8zYDN8A5-os98tveDpHKbA==
X-Firefox-Spdy: h2
nexus.ensighten.com/regions/regions-prod/code/d0926462b4b934495d1ca90e04ce7977.js?conditionId0=423026
54.230.111.74200 OK 59 kB URL HTTP/2 nexus.ensighten.com/regions/regions-prod/code/d0926462b4b934495d1ca90e04ce7977.js?conditionId0=423026
IP 54.230.111.74:0
File type ASCII text, with very long lines (586)
Hash a4cfc1132ad93bb6b1f98e4195d73370
d5d5c429c3b47a862f9e4a05e274ac92dc315421
cfa170c5628f414e274cf14933ed23289839bbed8f4ac63bb3ab3d14339fb953
GET /regions/regions-prod/code/d0926462b4b934495d1ca90e04ce7977.js?conditionId0=423026 HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Mon, 19 Sep 2022 16:09:12 GMT
x-amz-replication-status: PENDING
last-modified: Mon, 19 Sep 2022 16:07:06 GMT
etag: W/"8c4fd186b8e2c9bda992a34762b4986c"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: HqfDr7Q1rE4L0B5sGZ_NUDheybZt4G84
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LBxEy_f-t0UdIITimjFQgc5fMVYKxt4aLC3CGXIiMejztFiHUny-CQ==
age: 193558
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1b33d59cf038a3fe7273f78fda2cce3a
0b367731ef6df8e1f6c1b8774198daa9959d7cf5
b02b1756112479f92786994de8e884986b0a7eb3d5885300bfd8a64f597f7cc4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:55:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 35343b6981ed4c9eb2cd90bc8c2146cd
4e49432e50195a2bc528fb1745a2899306c79db8
cf55f53534e3e8b62513618cda90832a7b9bcd0d15b1a8f6bb51db6eb60daefd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:55:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 550873cb45a2d2ed0299458b54ba1b6a
a9f389991f13a8572b982374ea10197e90c97b1b
fd04fa2429d758cafbcead095e6d1080c16d00d6838eb67f66aeb046e516bb49
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4586
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:55:09 GMT
Last-Modified: Wed, 21 Sep 2022 20:38:43 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 313
www.googletagmanager.com/gtag/js?id=AW-1013536406&l=regionsDataLayer
142.250.74.72200 OK 46 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-1013536406&l=regionsDataLayer
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash 450b2bb3b31c7c8a7dc9e26626754e4c
d07f7629db430e0815f7af2f27ab7b89323a1334
ad29b600012fb7cb21fe875b7d180d2b83a473ea12cd598a5ad161bc07e2b5fd
GET /gtag/js?id=AW-1013536406&l=regionsDataLayer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 21 Sep 2022 21:55:09 GMT
expires: Wed, 21 Sep 2022 21:55:09 GMT
cache-control: private, max-age=900
last-modified: Wed, 21 Sep 2022 21:26:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46499
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 35343b6981ed4c9eb2cd90bc8c2146cd
4e49432e50195a2bc528fb1745a2899306c79db8
cf55f53534e3e8b62513618cda90832a7b9bcd0d15b1a8f6bb51db6eb60daefd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:55:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1b33d59cf038a3fe7273f78fda2cce3a
0b367731ef6df8e1f6c1b8774198daa9959d7cf5
b02b1756112479f92786994de8e884986b0a7eb3d5885300bfd8a64f597f7cc4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:55:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=2f522f2cbc0fecebadd20f961aabdb13&k=regions-bank-pixel-8219&zmpID=regions-bank&cache_buster=1624895703034792&PageUrl=https://www.regions.com/locator/mlo/mortgage-loan-officer-sam-pittman-atlanta
143.204.55.109200 OK 1.9 kB URL HTTP/2 live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=2f522f2cbc0fecebadd20f961aabdb13&k=regions-bank-pixel-8219&zmpID=regions-bank&cache_buster=1624895703034792&PageUrl=https://www.regions.com/locator/mlo/mortgage-loan-officer-sam-pittman-atlanta
IP 143.204.55.109:0
File type HTML document, ASCII text, with very long lines (1202)
Hash 55cd644e4dbe7a9b397d5e53c95e0593
aa66cf5f390dd8b006fb40c1d3c911e983a3a42c
a93edf6c276aa21ef63279487966ab7911d8d1a25d7dce2653d850b9ff1df8e6
GET /sync?c=16b6410431b6374e780104abb0443ca8&p=2f522f2cbc0fecebadd20f961aabdb13&k=regions-bank-pixel-8219&zmpID=regions-bank&cache_buster=1624895703034792&PageUrl=https://www.regions.com/locator/mlo/mortgage-loan-officer-sam-pittman-atlanta HTTP/1.1
Host: live.rezync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 1876
date: Wed, 21 Sep 2022 21:55:09 GMT
set-cookie: zync-uuid=9ab9318c-51dc-4897-bd71-a42be6d3ff2e:1663797309.5148215; Domain=rezync.com; Expires=Mon, 20 Mar 2023 21:55:09 GMT; Path=/; SameSite=None; Secure
sd-session-id=eyJfcGVybWFuZW50Ijp0cnVlLCJzZXNzaW9uX2lkIjoiOWFiOTMxOGMtNTFkYy00ODk3LWJkNzEtYTQyYmU2ZDNmZjJlOjE2NjM3OTczMDkuNTE0ODIxNSJ9.YyuIPQ.BC4YOVOY3zbmu3VaAaK2xxa0BbY; Expires=Mon, 20 Mar 2023 21:55:09 GMT; HttpOnly; Path=/; SameSite=None; Secure
vary: Cookie
server: lighttpd/1.4.59
x-cache: Miss from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: BZSXRTSFWPZ0Bt9uge3YO-OEDydhKovtJFQYEAHOHgWOBTrO-S8Bcw==
X-Firefox-Spdy: h2
t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o1rxt&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0
104.244.42.69200 OK 43 B URL HTTP/2 t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o1rxt&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0
IP 104.244.42.69:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?p_id=Twitter&p_user_id=0&txn_id=o1rxt&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:55:08 GMT
server: tsa_o
set-cookie: muc_ads=05426af9-d271-4c5b-b950-1c68608c57f0; Max-Age=63072000; Expires=Fri, 20 Sep 2024 21:55:09 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
strict-transport-security: max-age=0
x-response-time: 108
x-connection-hash: 6ecb92ff7233573acfc1ca062d93a0b8faf2f35b957827c0b2ca33586e5514a6
X-Firefox-Spdy: h2
cdn.boomtrain.com/p13n/regions-bank/p13n.min.js
143.204.55.34200 OK 25 kB URL HTTP/1.1 cdn.boomtrain.com/p13n/regions-bank/p13n.min.js
IP 143.204.55.34:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 3a4ab947ede525e04d80f5c565ed0d68
9cae902c51c8b5d48f7fd4afa10562ab53005873
03cc6df07c79c896c5cfda9a4a266e21675def309b2206ae9a564d79a012eec7
GET /p13n/regions-bank/p13n.min.js HTTP/1.1
Host: cdn.boomtrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 19 Sep 2022 07:49:29 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: DC7s1HXAceEBizfm89ymKy_1oi9XLF7g
Server: AmazonS3
Content-Encoding: gzip
Date: Wed, 21 Sep 2022 21:31:01 GMT
Cache-Control: public, max-age=3600
ETag: W/"b5c7a6912795e6d385f5e9a8b245f7dd"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Yzh4jrZxubxqXHlUIGLNZTNIYtgfmckcT5wRTfaECA_UjAIJ-_lbbw==
Age: 2346
bat.bing.com/bat.js
13.107.21.200200 OK 11 kB IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Hash 293ae3e0fc8b0d5c143fdf9d8490228d
3976c659b908e70818a3a1ac71860b497fe2d1a9
04a840d967ae836e14179bde574cabf14a1fc871182ca0f8193e7a0b06c727ab
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11367
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ranges: bytes
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
set-cookie: MUID=30C06CE8D6B669430D1E7ECED7436885; domain=.bing.com; expires=Mon, 16-Oct-2023 21:55:09 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 661B83C9D97E421AA84698FC6C56707D Ref B: OSL30EDGE0210 Ref C: 2022-09-21T21:55:09Z
date: Wed, 21 Sep 2022 21:55:08 GMT
X-Firefox-Spdy: h2
js.adsrvr.org/up_loader.1.1.0.js
143.204.45.46200 OK 1.9 kB URL HTTP/1.1 js.adsrvr.org/up_loader.1.1.0.js
IP 143.204.45.46:0
File type ASCII text, with very long lines (4593), with no line terminators
Hash 10c8dff7ca8a73c1b632d15cd7304b95
622aee6182568f9a9f425685bc3e1fd209bcddd2
48c115bd9a1ac4ac45eed3e2d7e6c98ed8451f5c546c3f71997c9365b253614f
GET /up_loader.1.1.0.js HTTP/1.1
Host: js.adsrvr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Wed, 21 Sep 2022 01:54:47 GMT
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: lsaYTb_gt5V2WHyCliqF78hwvLhZu9DMpcSR5dGZhwZ8RRrUhzqSjw==
Age: 72022
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c3dc89ea2daeec65f3255371661f2b1b
42d925fc09fe78ce664ba07b49883f027a024c5b
055a012e5b0c2d2f0c633da56e79db5744a2aad1d43fd52237fac385128fc7df
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1483
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:55:09 GMT
Last-Modified: Wed, 21 Sep 2022 21:30:26 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
p.teads.tv/teads-fellow.js
23.195.255.234200 OK 6.2 kB URL HTTP/1.1 p.teads.tv/teads-fellow.js
IP 23.195.255.234:0
File type ASCII text, with very long lines (19114), with no line terminators
Hash 8da91fbfe18ecc5173abf679aae05fe2
0e94aaabfd66c7ea2eb66ccb7e93f8b6f1f1a219
122ebe16c25b2f6f7aa76683d75c503e6a4aabc6056d66376ed234f19003e8d3
GET /teads-fellow.js HTTP/1.1
Host: p.teads.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: xGNjXHtFKKDpQoYdhdstQKkTNdp5yq0Fe+klSlF/I787G9ks4qpk3dmtE7rzyRSvu4TYyJyez4o=
x-amz-request-id: MAK285P1EZWB9B1K
Last-Modified: Wed, 21 Sep 2022 14:24:38 GMT
ETag: "395e11a1f85497bb2060c45c54303e44"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Encoding: gzip
Content-Length: 6195
Cache-Control: max-age=368
Date: Wed, 21 Sep 2022 21:55:09 GMT
Connection: keep-alive
Vary: Accept-Encoding
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 15af330272b65861c93c7f989a284e90
e3cf4e4108bc8e68819f82722fb6ca11392cdb34
7ebccd17f3283cfcd086121a089c9de4699284acf5809695d7a364835518ec1a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:55:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1cd3b80c01c05a7a491111e947a728de
157c9925b274c2f476c1e6baaef89fd81cdc1fe4
66b7e1425690ba57d56f7f19b62d8572114753569c1ec400d9b7cb6d48f32342
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2550
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:55:09 GMT
Last-Modified: Wed, 21 Sep 2022 21:12:39 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5af22e39b225120461ea5dc341b14321
38a609c3fa222ded0cfe61ff6ed446561f92d10d
ba3362176a7e67ea61abf9de1e8104df80614b02ce23ab7ab0ab75480b65fd38
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:55:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.bttrack.com/js/44911/analytics/1.0/analytics.min.js
69.16.175.10200 OK 369 B URL HTTP/1.1 cdn.bttrack.com/js/44911/analytics/1.0/analytics.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (599), with no line terminators
Hash ad0eb0570078f9251ad5b5f6bde73010
c8787129ce4b915314a5c05be6812f74fb148945
80a9e2602c17d221fe8d16a24af2a9a7b477d0ce22e3e5e124575cea35953026
GET /js/44911/analytics/1.0/analytics.min.js HTTP/1.1
Host: cdn.bttrack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:55:09 GMT
Connection: Keep-Alive
Cache-Control: max-age=67346
Content-Encoding: gzip
Content-Length: 369
Content-Type: text/javascript; charset=utf-8
Accept-Ranges: bytes
X-HW: 1663797309.dop212.sk1.t,1663797309.cds017.sk1.shn,1663797309.dop212.sk1.t,1663797309.cds229.sk1.c
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 3ecd92ddcb5a1e93fd43b968f002e5d0
e88db3017eb9969c758bca8f48b14f5fb6e7cd93
0113db4a7496f8a8c6138d4f5824697f5b90c082763fb770a827b403448b6540
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4435
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:55:09 GMT
Last-Modified: Wed, 21 Sep 2022 20:41:15 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 313
connect.facebook.net/en_US/fbevents.js
157.240.200.14200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (64348)
Hash 9ecd89752214ef749272eef344b9089a
70a58a49c08934265ee34c74efb01d6b3124095d
f76c51487e348977288fcaf83984cd8fe4e73758cc352402774d9eb94680d528
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 08Yj45a/lpNwr7QEvj/hqABvoU5A2bE1814h/8379j2PNkJbyJxF17s/r/Bu3pm2tfRWFQsik8ryGnppRrXSiw==
content-length: 26839
x-fb-trip-id: 1679558926
date: Wed, 21 Sep 2022 21:55:09 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pubads.g.doubleclick.net/activity;xsp=4958803;ord=8302874508744452?
216.58.211.2200 OK 42 B URL HTTP/2 pubads.g.doubleclick.net/activity;xsp=4958803;ord=8302874508744452?
IP 216.58.211.2:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /activity;xsp=4958803;ord=8302874508744452? HTTP/1.1
Host: pubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 21:55:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 21-Sep-2022 22:10:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=21011282&Ver=2&mid=5ec1b6bb-e3b3-43f7-b89f-6ffe9537ab6e&sid=0fa73c1039f811ed8ea02da8bfc7c802&vid=0fa72f9039f811edaa09f90a217e6c3e&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Atlanta%20Mortgage%20Lender%20%7C%20Sam%20Pittman%20%7C%20Regions&kw=Atlanta%20Mortgage%20Lender%20%7C%20Sam%20Pittman%20%7C%20Regions&p=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&r=<=3006&evt=pageLoad&sv=1&rn=267410
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=21011282&Ver=2&mid=5ec1b6bb-e3b3-43f7-b89f-6ffe9537ab6e&sid=0fa73c1039f811ed8ea02da8bfc7c802&vid=0fa72f9039f811edaa09f90a217e6c3e&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Atlanta%20Mortgage%20Lender%20%7C%20Sam%20Pittman%20%7C%20Regions&kw=Atlanta%20Mortgage%20Lender%20%7C%20Sam%20Pittman%20%7C%20Regions&p=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&r=<=3006&evt=pageLoad&sv=1&rn=267410
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=21011282&Ver=2&mid=5ec1b6bb-e3b3-43f7-b89f-6ffe9537ab6e&sid=0fa73c1039f811ed8ea02da8bfc7c802&vid=0fa72f9039f811edaa09f90a217e6c3e&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Atlanta%20Mortgage%20Lender%20%7C%20Sam%20Pittman%20%7C%20Regions&kw=Atlanta%20Mortgage%20Lender%20%7C%20Sam%20Pittman%20%7C%20Regions&p=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&r=<=3006&evt=pageLoad&sv=1&rn=267410 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=0DF572ABA6E661F9178F608DA7136031; domain=.bing.com; expires=Mon, 16-Oct-2023 21:55:09 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DE9F837B76FC40BE8D091DB506CC09EE Ref B: OSL30EDGE0210 Ref C: 2022-09-21T21:55:09Z
date: Wed, 21 Sep 2022 21:55:08 GMT
X-Firefox-Spdy: h2
c1.rfihub.net/js/tc.min.js
54.230.111.29200 OK 6.2 kB URL HTTP/2 c1.rfihub.net/js/tc.min.js
IP 54.230.111.29:0
File type C source, ASCII text, with very long lines (19497)
Hash ab5a2e3f2414c0a2b622e48c0b6da2fd
1a894787bde6cbf9b58d47b8f4245607420112ad
a5ef19cf7ca85f760c462ed2f228430c8d0a6d9daf3aa34894a5c42113cfdb8f
GET /js/tc.min.js HTTP/1.1
Host: c1.rfihub.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 6162
date: Wed, 21 Sep 2022 21:03:58 GMT
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: public, max-age=3600
expires: Wed, 21 Sep 2022 22:03:58 GMT
last-modified: Wed, 21 Sep 2022 21:03:48 GMT
content-encoding: gzip
server: Jetty(9.3.29.v20201019)
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pEZM91mXplz1lFNwKs7RBpG0sI68oNsfu1lZUiituAjmndNPXRPPiw==
age: 3071
X-Firefox-Spdy: h2
ct.pinterest.com/v3/?tid=2613483917557&noscript=1
23.38.200.197200 OK 35 B URL HTTP/2 ct.pinterest.com/v3/?tid=2613483917557&noscript=1
IP 23.38.200.197:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9b8d19f4310c758344e40bf17fbc7e85
2290ef058812d5f5e398736e2316cba8cf8093cf
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
GET /v3/?tid=2613483917557&noscript=1 HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: image/gif
content-length: 35
access-control-allow-origin: *
x-envoy-upstream-service-time: 2
referrer-policy: origin
x-pinterest-rid: 1492354261093911
date: Wed, 21 Sep 2022 21:55:09 GMT
set-cookie: _pinterest_ct_ua="TWc9PSZPUWh4MGZQclkrZ0JybTB3TWpGQTFXd2RpRDYweHdtc21OUU90UWdlWitDalZkdWM4ZGxBQ0NGbEd1RG9QZlNNVlJPSkYwZTZpUDRSelBteVhhTDgycmw4UFFub0ZGcVNDSUU3cEsxRmtDST0mQXpQYllnekhRYlBPTHdmZ2lFaVhLNEtJa1VBPQ=="; Expires=Thu, 21 Sep 2023 21:55:09 GMT; Path=/; Domain=ct.pinterest.com; Secure; SameSite=None
akamai-grn: 0.274f2417.1663797309.a7937a7f
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b1fcd968410cdcce6e4efe960e601426
60826de9d1b62657ad779b48daea502dbebeb73d
cd967bb41f3c220d74d8963beac4f5f9361062e2c1692c7a262ce652af281077
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5720
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:55:09 GMT
Last-Modified: Wed, 21 Sep 2022 20:19:49 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
ad.doubleclick.net/ddm/activity/src=9100576;type=pv;cat=regio0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?1997004187172.1267
216.58.207.198302 Found 0 B URL HTTP/2 ad.doubleclick.net/ddm/activity/src=9100576;type=pv;cat=regio0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?1997004187172.1267
IP 216.58.207.198:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ddm/activity/src=9100576;type=pv;cat=regio0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?1997004187172.1267 HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 21:55:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://adservice.google.com/ddm/fls/p/src=9100576;type=pv;cat=regio0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?1997004187172.1267&~oref=https://www.regions.com/
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 21-Sep-2022 22:10:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c3dc89ea2daeec65f3255371661f2b1b
42d925fc09fe78ce664ba07b49883f027a024c5b
055a012e5b0c2d2f0c633da56e79db5744a2aad1d43fd52237fac385128fc7df
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6015
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:55:09 GMT
Last-Modified: Wed, 21 Sep 2022 20:14:54 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
dc.ads.linkedin.com/collect/?pid=681506&fmt=gif
13.107.42.14302 Found 0 B URL HTTP/2 dc.ads.linkedin.com/collect/?pid=681506&fmt=gif
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect/?pid=681506&fmt=gif HTTP/1.1
Host: dc.ads.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fpid%3D681506%26fmt%3Dgif%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQLmF2lQ6wzHUgAAAYNiDDFdjkzZ9a59Qs_J86Si7TTHXuzlzjJiUumsS7PxuDR0TW2oaDS-yZfQ7w; Max-Age=2592000; Expires=Fri, 21 Oct 2022 21:55:09 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQKcA8NthcULZgAAAYNiDDFdsGYgD7rL3gx764BHbNw9MlUIff25ximBLthvHsEuqAID8ZlkCBBxToOqUQhFzg; Max-Age=2592000; Expires=Fri, 21 Oct 2022 21:55:09 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&286ee657-6d60-4dfc-8fe5-860b699eff57"; domain=.linkedin.com; Path=/; Secure; Expires=Thu, 21-Sep-2023 21:55:09 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2391:u=1:x=1:i=1663797309:t=1663883709:v=2:sig=AQGcWGrOddE2pNfPB1H7RNn6lEfOXzhn"; Expires=Thu, 22 Sep 2022 21:55:09 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXpNv+gggpMvzjOuvUCbw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 1E742578C2A9413E954D880797336B19 Ref B: OSL30EDGE0421 Ref C: 2022-09-21T21:55:09Z
date: Wed, 21 Sep 2022 21:55:09 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 41630fb2c7ef9e435a8762b0943e0980
04b6c8bfe97bc5408e1450b5921331c6ae6de682
e9e83895eef14a5a26e91c9574fc9f60eb2f47959406eabe87b4618412519476
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:55:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ib.adnxs.com/pixie?pi=8d5f389a-2c0c-4c6f-bc78-444ec3a0890e=PageView&script=0
185.89.210.90400 Bad Request 200 B URL HTTP/1.1 ib.adnxs.com/pixie?pi=8d5f389a-2c0c-4c6f-bc78-444ec3a0890e=PageView&script=0
IP 185.89.210.90:0
Hash fefdd5c33b3c8085f2c5b9293595122f
cdd78b96794eab7b50a4c41553a79b00dbe9da58
f918345e81bc13de00d6fa8ec2c395a454340493c9fc84c479648aebb23443eb
GET /pixie?pi=8d5f389a-2c0c-4c6f-bc78-444ec3a0890e=PageView&script=0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 400 Bad Request
Server: nginx/1.21.3
Date: Wed, 21 Sep 2022 21:55:09 GMT
Content-Type: text/plain
Content-Length: 200
Connection: keep-alive
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10175658&he=start&auid=regio0
212.82.100.181200 OK 43 B URL HTTP/2 sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10175658&he=start&auid=regio0
IP 212.82.100.181:0
ASN #34010 Yahoo! UK Services Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /spp.pl?a=10000&.yp=10175658&he=start&auid=regio0 HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:55:09 GMT
expires: Wed, 21 Sep 2022 21:55:09 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBD2IK2MCEEybJ6vCQhuqspDQO0Ir6YEFEgEBAQHZLGM1YwAAAAAA_eMAAA&S=AQAAAiNbfEV61ygazbKuovBBMcQ; Expires=Fri, 22 Sep 2023 03:55:09 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&d_nsid=0&ts=1663797309315
34.241.142.170302 Found 0 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&d_nsid=0&ts=1663797309315
IP 34.241.142.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&d_nsid=0&ts=1663797309315 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://www.regions.com
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.regions.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v041-099cffdd9.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&d_nsid=0&ts=1663797309315
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=17879722768884890091988112812302592217; Max-Age=15552000; Expires=Mon, 20 Mar 2023 21:55:09 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: WYClg3QJTok=
Content-Length: 0
Connection: keep-alive
bat.bing.com/p/action/21011282.js
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/21011282.js
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/21011282.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=078A856E736C651D1D6997487299640C; domain=.bing.com; expires=Mon, 16-Oct-2023 21:55:09 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-powered-by: ARR/3.0
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AD35E47CDEE748A892F229788538BE79 Ref B: OSL30EDGE0210 Ref C: 2022-09-21T21:55:09Z
date: Wed, 21 Sep 2022 21:55:08 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 15af330272b65861c93c7f989a284e90
e3cf4e4108bc8e68819f82722fb6ca11392cdb34
7ebccd17f3283cfcd086121a089c9de4699284acf5809695d7a364835518ec1a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:55:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.regionsmortgage.com/sampittman
205.255.102.40301 Moved permanently 16 kB URL HTTP/1.1 www.regionsmortgage.com/sampittman
IP 205.255.102.40:0
File type gzip compressed data, max compression\012- data
Hash 890f716858b5f72587e47c5eca121cb5
91871a0acd9a0ab644d51036bb5ca0c3bdc5e687
7a3629e375468328b3fb25e1a6cc5749604f09099e8d2109f366e7e0226aee4a
GET /sampittman HTTP/1.1
Host: www.regionsmortgage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved permanently
Location: https://www.regionsmortgage.com/sampittman
Connection: close
Cache-Control: no-cache
Pragma: no-cache
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5af22e39b225120461ea5dc341b14321
38a609c3fa222ded0cfe61ff6ed446561f92d10d
ba3362176a7e67ea61abf9de1e8104df80614b02ce23ab7ab0ab75480b65fd38
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:55:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cm.teads.tv/v2/advertiser?referer=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&buyer_pixel_id=5995
23.195.255.234200 OK 82 B URL HTTP/1.1 cm.teads.tv/v2/advertiser?referer=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&buyer_pixel_id=5995
IP 23.195.255.234:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 669b85d39cbaf491467a2f594c37a276
43b6c9f872ea750afc50329acb8a47cd46588295
fa10b271504d790905396d9315306150a550072c628611f73bb5784773ff93cf
GET /v2/advertiser?referer=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&buyer_pixel_id=5995 HTTP/1.1
Host: cm.teads.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.regions.com/
Origin: https://www.regions.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Content-Length: 82
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.regions.com
Expires: Wed, 21 Sep 2022 21:55:09 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 21 Sep 2022 21:55:09 GMT
Connection: keep-alive
pixel.quantserve.com/pixel;r=1998275301;labels=_fp.event.PageView;rf=3;a=p-AMy7w2y7nzRg3;url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta;uht=2;fpan=1;fpa=P0-787590960-1663797309652;pbc=;ns=0;ce=1;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;ref=;d=regions.com;dst=0;et=1663797309652;tzo=0;ogl=locale.en_US%2Csite_name.RegionsBank%2Ctype.article%2CTitle.Atlanta%20Mortgage%20Lender%20%7C%20Sam%20Pittman%20%7C%20Regions%2Cdescription.Looking%20for%20a%20mortgage%20lender%20in%20Atlanta%3F%20Sam%20Pittman%20at%20Regions%20Bank%20can%20assist%2Curl.https%3A%2F%2Fwww%252Eregions%252Ecom%2Flocator%2Fmlo%2Fmortgage-loan-officer-Sam-Pittman-Atlanta%2Cimage.https%3A%2F%2Fwww%252Eregions%252Ecom%2F-%2Fmedia%2FImages%2FWebSiteImages%2Fregions-logo%252Epng%3Frevision%3D0;ses=3ec0c8fb-6ec3-403a-9e78-5685c5b34735
91.228.74.251200 OK 35 B URL HTTP/2 pixel.quantserve.com/pixel;r=1998275301;labels=_fp.event.PageView;rf=3;a=p-AMy7w2y7nzRg3;url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta;uht=2;fpan=1;fpa=P0-787590960-1663797309652;pbc=;ns=0;ce=1;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;ref=;d=regions.com;dst=0;et=1663797309652;tzo=0;ogl=locale.en_US%2Csite_name.RegionsBank%2Ctype.article%2CTitle.Atlanta%20Mortgage%20Lender%20%7C%20Sam%20Pittman%20%7C%20Regions%2Cdescription.Looking%20for%20a%20mortgage%20lender%20in%20Atlanta%3F%20Sam%20Pittman%20at%20Regions%20Bank%20can%20assist%2Curl.https%3A%2F%2Fwww%252Eregions%252Ecom%2Flocator%2Fmlo%2Fmortgage-loan-officer-Sam-Pittman-Atlanta%2Cimage.https%3A%2F%2Fwww%252Eregions%252Ecom%2F-%2Fmedia%2FImages%2FWebSiteImages%2Fregions-logo%252Epng%3Frevision%3D0;ses=3ec0c8fb-6ec3-403a-9e78-5685c5b34735
IP 91.228.74.251:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
GET /pixel;r=1998275301;labels=_fp.event.PageView;rf=3;a=p-AMy7w2y7nzRg3;url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta;uht=2;fpan=1;fpa=P0-787590960-1663797309652;pbc=;ns=0;ce=1;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;ref=;d=regions.com;dst=0;et=1663797309652;tzo=0;ogl=locale.en_US%2Csite_name.RegionsBank%2Ctype.article%2CTitle.Atlanta%20Mortgage%20Lender%20%7C%20Sam%20Pittman%20%7C%20Regions%2Cdescription.Looking%20for%20a%20mortgage%20lender%20in%20Atlanta%3F%20Sam%20Pittman%20at%20Regions%20Bank%20can%20assist%2Curl.https%3A%2F%2Fwww%252Eregions%252Ecom%2Flocator%2Fmlo%2Fmortgage-loan-officer-Sam-Pittman-Atlanta%2Cimage.https%3A%2F%2Fwww%252Eregions%252Ecom%2F-%2Fmedia%2FImages%2FWebSiteImages%2Fregions-logo%252Epng%3Frevision%3D0;ses=3ec0c8fb-6ec3-403a-9e78-5685c5b34735 HTTP/1.1
Host: pixel.quantserve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:55:09 GMT
content-type: image/gif
content-length: 35
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: mc=632b883d-e23ca-b3c89-8499e; expires=Sun, 22-Oct-2023 21:55:09 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2
dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&d_nsid=0&ts=1663797309315
34.241.142.170200 OK 124 B URL HTTP/1.1 dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&d_nsid=0&ts=1663797309315
IP 34.241.142.170:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1f6783349ac4177ec3b3845fd520dca6
d84e7a43a8c8ff6f1a568ad6cb4162767f5b32b7
64bc30aa6a9d9e5396bb67c6af32c31f5ca6610641f0bdea10d759281df6adca
GET /id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&d_nsid=0&ts=1663797309315 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.regions.com
Content-Type: application/x-www-form-urlencoded
Referer: https://www.regions.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.regions.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-2-v041-06f866082.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-Error: 172
X-TID: /krbHM3FTos=
Content-Length: 124
Connection: keep-alive
analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o1rxt&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0
104.244.42.131200 OK 43 B URL HTTP/2 analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o1rxt&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0
IP 104.244.42.131:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?p_id=Twitter&p_user_id=0&txn_id=o1rxt&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:55:09 GMT
server: tsa_o
set-cookie: personalization_id="v1_tx1mfNbrCuF/vTU7ezJYYg=="; Max-Age=63072000; Expires=Fri, 20 Sep 2024 21:55:09 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
strict-transport-security: max-age=631138519
x-response-time: 104
x-connection-hash: bf856d3b174f8dd90266898b56a1bf0fafc7328bbf1119b68a7393f3a6c3006d
X-Firefox-Spdy: h2
rules.quantcount.com/rules-p-AMy7w2y7nzRg3.js
54.230.111.33200 OK 271 B URL HTTP/2 rules.quantcount.com/rules-p-AMy7w2y7nzRg3.js
IP 54.230.111.33:0
Hash c3aea86cfb633cfbbc5016b7c212fbc1
89934f12847b20c8d992007ab07494977f56ce84
b6d7b217464fd3d4447c18b0c1df4bb42e458c41841e9d2a5ab780f853943884
GET /rules-p-AMy7w2y7nzRg3.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 271
last-modified: Fri, 26 Aug 2022 12:05:44 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
date: Wed, 21 Sep 2022 21:55:09 GMT
cache-control: max-age=3600
etag: "c3aea86cfb633cfbbc5016b7c212fbc1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wU5HJXkgV6d4F9DwXdxzQ5kuSANQ6V-tcVytHiTNkaJA3iwwNd-XCA==
age: 765
X-Firefox-Spdy: h2
www.google.com/pagead/1p-conversion/1013536406/?random=1663797309719&cv=9&fst=1663797309719&num=1&label=F0kQCIWIgqYBEJatpeMD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9j0&sendb=1&ig=0&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&tiba=Atlanta%20Mortgage%20Lender%20%7C%20Sam%20Pittman%20%7C%20Regions&auid=1070510651.1663797309>m_ee=1&hn=www.google.com&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4
142.250.74.164302 Found 63 B URL HTTP/2 www.google.com/pagead/1p-conversion/1013536406/?random=1663797309719&cv=9&fst=1663797309719&num=1&label=F0kQCIWIgqYBEJatpeMD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9j0&sendb=1&ig=0&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&tiba=Atlanta%20Mortgage%20Lender%20%7C%20Sam%20Pittman%20%7C%20Regions&auid=1070510651.1663797309>m_ee=1&hn=www.google.com&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4
IP 142.250.74.164:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/1013536406/?random=1663797309719&cv=9&fst=1663797309719&num=1&label=F0kQCIWIgqYBEJatpeMD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9j0&sendb=1&ig=0&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&tiba=Atlanta%20Mortgage%20Lender%20%7C%20Sam%20Pittman%20%7C%20Regions&auid=1070510651.1663797309>m_ee=1&hn=www.google.com&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 21:55:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/1013536406/?random=1663797309719&cv=9&fst=1663797309719&num=1&label=F0kQCIWIgqYBEJatpeMD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9j0&sendb=1&ig=0&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&tiba=Atlanta%20Mortgage%20Lender%20%7C%20Sam%20Pittman%20%7C%20Regions&auid=1070510651.1663797309>m_ee=1&hn=www.google.com&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/ddm/fls/p/src=9100576;type=pv;cat=regio0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?1997004187172.1267&~oref=https://www.regions.com/
142.250.74.162302 Found 0 B URL HTTP/2 adservice.google.com/ddm/fls/p/src=9100576;type=pv;cat=regio0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?1997004187172.1267&~oref=https://www.regions.com/
IP 142.250.74.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ddm/fls/p/src=9100576;type=pv;cat=regio0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?1997004187172.1267&~oref=https://www.regions.com/ HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.regions.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 21:55:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://adservice.google.no/ddm/fls/p/src=9100576;type=pv;cat=regio0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?1997004187172.1267&~oref=https://www.regions.com/
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fpid%3D681506%26fmt%3Dgif%26liSync%3Dtrue
13.107.42.14302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fpid%3D681506%26fmt%3Dgif%26liSync%3Dtrue
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fpid%3D681506%26fmt%3Dgif%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.regions.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?pid=681506&fmt=gif&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&4902226a-f0f4-4ef5-873a-9e4ba46d4c9b"; Domain=.linkedin.com; Expires=Thu, 21-Sep-2023 21:55:09 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&20220921215509ceafdf8a-d689-4181-8090-1c9f87c48ea6AQG48AxR_8m6Qb2_lEg58rd1KHpVmX7g"; Domain=.www.linkedin.com; Expires=Thu, 21-Sep-2023 21:55:09 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NjM3OTczMDk7MjswMjGkCmhzkqPImv+BFKVNoH5630eiQEowV0JyXVpc3A38rA==; Domain=.linkedin.com; Expires=Mon, 20 Mar 2023 21:55:09 GMT; Path=/; Secure; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2391:u=1:x=1:i=1663797309:t=1663883709:v=2:sig=AQGcWGrOddE2pNfPB1H7RNn6lEfOXzhn"; Expires=Thu, 22 Sep 2022 21:55:09 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com https://*.qualtrics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri /security/csp?e=p&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXpNv+jFRXyzTPVDKHhyA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 67F4D7490BF14CFD9B2279999463CFDF Ref B: OSL30EDGE0421 Ref C: 2022-09-21T21:55:09Z
date: Wed, 21 Sep 2022 21:55:09 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 77f9b5e468180a8976a641e40dceedbf
9873db160721dc9f41d3ff2d711db700d6f5d4d7
cae6929c00ed37fc097432c9ac1d6800244479d3877b17662c67bafeeff23aba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:55:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 77f9b5e468180a8976a641e40dceedbf
9873db160721dc9f41d3ff2d711db700d6f5d4d7
cae6929c00ed37fc097432c9ac1d6800244479d3877b17662c67bafeeff23aba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:55:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pxl.qccerttest.com/pixel?r=22599247;fpan=0;fpa=P0-787590960-1663797309652;pbc=;ns=0;ce=1;qjs=1;qv=d18171e5-20220913105912;ref=;cm=;gdpr=0;d=regions.com;dst=0;et=1663797309777;tzo=0;url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta;ogl=locale.en_US%2Csite_name.RegionsBank%2Ctype.article%2CTitle.Atlanta%20Mortgage%20Lender%20%7C%20Sam%20Pittman%20%7C%20Regions%2Cdescription.Looking%20for%20a%20mortgage%20lender%20in%20Atlanta%3F%20Sam%20Pittman%20at%20Regions%20Bank%20can%20assist%2Curl.https%3A%2F%2Fwww%252Eregions%252Ecom%2Flocator%2Fmlo%2Fmortgage-loan-officer-Sam-Pittman-Atlanta%2Cimage.https%3A%2F%2Fwww%252Eregions%252Ecom%2F-%2Fmedia%2FImages%2FWebSiteImages%2Fregions-logo%252Epng%3Frevision%3D0
143.204.55.35200 OK 35 B URL HTTP/2 pxl.qccerttest.com/pixel?r=22599247;fpan=0;fpa=P0-787590960-1663797309652;pbc=;ns=0;ce=1;qjs=1;qv=d18171e5-20220913105912;ref=;cm=;gdpr=0;d=regions.com;dst=0;et=1663797309777;tzo=0;url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta;ogl=locale.en_US%2Csite_name.RegionsBank%2Ctype.article%2CTitle.Atlanta%20Mortgage%20Lender%20%7C%20Sam%20Pittman%20%7C%20Regions%2Cdescription.Looking%20for%20a%20mortgage%20lender%20in%20Atlanta%3F%20Sam%20Pittman%20at%20Regions%20Bank%20can%20assist%2Curl.https%3A%2F%2Fwww%252Eregions%252Ecom%2Flocator%2Fmlo%2Fmortgage-loan-officer-Sam-Pittman-Atlanta%2Cimage.https%3A%2F%2Fwww%252Eregions%252Ecom%2F-%2Fmedia%2FImages%2FWebSiteImages%2Fregions-logo%252Epng%3Frevision%3D0
IP 143.204.55.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
GET /pixel?r=22599247;fpan=0;fpa=P0-787590960-1663797309652;pbc=;ns=0;ce=1;qjs=1;qv=d18171e5-20220913105912;ref=;cm=;gdpr=0;d=regions.com;dst=0;et=1663797309777;tzo=0;url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta;ogl=locale.en_US%2Csite_name.RegionsBank%2Ctype.article%2CTitle.Atlanta%20Mortgage%20Lender%20%7C%20Sam%20Pittman%20%7C%20Regions%2Cdescription.Looking%20for%20a%20mortgage%20lender%20in%20Atlanta%3F%20Sam%20Pittman%20at%20Regions%20Bank%20can%20assist%2Curl.https%3A%2F%2Fwww%252Eregions%252Ecom%2Flocator%2Fmlo%2Fmortgage-loan-officer-Sam-Pittman-Atlanta%2Cimage.https%3A%2F%2Fwww%252Eregions%252Ecom%2F-%2Fmedia%2FImages%2FWebSiteImages%2Fregions-logo%252Epng%3Frevision%3D0 HTTP/1.1
Host: pxl.qccerttest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 35
last-modified: Thu, 04 Aug 2022 16:01:04 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Wed, 21 Sep 2022 01:48:50 GMT
etag: "55d25e9dc950d5db4d53a3b195c046c6"
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: VWERZXhP-jjdj565rYauafArk0tZXVp0aKNggOyiuSQfqzfCNYGxTw==
age: 72381
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 77f9b5e468180a8976a641e40dceedbf
9873db160721dc9f41d3ff2d711db700d6f5d4d7
cae6929c00ed37fc097432c9ac1d6800244479d3877b17662c67bafeeff23aba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:55:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/959581806/?random=1663797309727&cv=9&fst=1663797309727&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9j0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&tiba=Atlanta%20Mortgage%20Lender%20%7C%20Sam%20Pittman%20%7C%20Regions&auid=1070510651.1663797309&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.2200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/959581806/?random=1663797309727&cv=9&fst=1663797309727&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9j0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&tiba=Atlanta%20Mortgage%20Lender%20%7C%20Sam%20Pittman%20%7C%20Regions&auid=1070510651.1663797309&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.2:0
File type ASCII text, with very long lines (2440), with no line terminators
Hash 6716b86e1b5508503f90c9b35ff33a14
05cb979af679f76222df7f3c535b8af2bb1d3a8b
3bcf48754147b8b9e097f3da6bce77abf211f65789fe53a4788ebf2b3066a18b
GET /pagead/viewthroughconversion/959581806/?random=1663797309727&cv=9&fst=1663797309727&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9j0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&tiba=Atlanta%20Mortgage%20Lender%20%7C%20Sam%20Pittman%20%7C%20Regions&auid=1070510651.1663797309&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 21:55:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1088
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 21-Sep-2022 22:10:10 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1013536406/?random=1663797309715&cv=9&fst=1663797309715&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9j0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&tiba=Atlanta%20Mortgage%20Lender%20%7C%20Sam%20Pittman%20%7C%20Regions&auid=1070510651.1663797309&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.2200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1013536406/?random=1663797309715&cv=9&fst=1663797309715&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9j0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&tiba=Atlanta%20Mortgage%20Lender%20%7C%20Sam%20Pittman%20%7C%20Regions&auid=1070510651.1663797309&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.2:0
File type ASCII text, with very long lines (2442), with no line terminators
Hash e8dfd51e00a62ea9c0e8fed6cc77e598
7aca2077eccb3d6c994ce7e2cd70b1f217445530
9dac58eb3796b0df070349695977acffa487e583f065ff4d1a950550a006729d
GET /pagead/viewthroughconversion/1013536406/?random=1663797309715&cv=9&fst=1663797309715&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9j0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&tiba=Atlanta%20Mortgage%20Lender%20%7C%20Sam%20Pittman%20%7C%20Regions&auid=1070510651.1663797309&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 21:55:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1089
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 21-Sep-2022 22:10:10 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 5278634c99a4ed40fba9fd6a6dcba9e2
40c13f10b03da8ff38463e48581f4ae4702185a5
6e026c34658c66523bcfaab5d1efd92dfd1bf90258659bab764791e633e8dae7
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 21:55:10 GMT
Last-Modified: Wed, 21 Sep 2022 20:34:39 GMT
Server: ECS (nyb/1D2E)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: N0bq_zDYGazHNfhXQSjAcs0EWcV5EoTzpbpsXsthPsMWLS5pMTgKrw==
Age: 4831
googleads.g.doubleclick.net/pagead/viewthroughconversion/1013536406/?random=1663797309719&cv=9&fst=1663797309719&num=1&fmt=3&label=F0kQCIWIgqYBEJatpeMD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9j0&sendb=1&ig=0&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&tiba=Atlanta%20Mortgage%20Lender%20%7C%20Sam%20Pittman%20%7C%20Regions&auid=1070510651.1663797309>m_ee=1&hn=www.google.com&gcp=1&ct_cookie_present=1&async=1
142.250.74.2200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1013536406/?random=1663797309719&cv=9&fst=1663797309719&num=1&fmt=3&label=F0kQCIWIgqYBEJatpeMD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9j0&sendb=1&ig=0&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&tiba=Atlanta%20Mortgage%20Lender%20%7C%20Sam%20Pittman%20%7C%20Regions&auid=1070510651.1663797309>m_ee=1&hn=www.google.com&gcp=1&ct_cookie_present=1&async=1
IP 142.250.74.2:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/1013536406/?random=1663797309719&cv=9&fst=1663797309719&num=1&fmt=3&label=F0kQCIWIgqYBEJatpeMD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9j0&sendb=1&ig=0&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&tiba=Atlanta%20Mortgage%20Lender%20%7C%20Sam%20Pittman%20%7C%20Regions&auid=1070510651.1663797309>m_ee=1&hn=www.google.com&gcp=1&ct_cookie_present=1&async=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 21:55:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 21-Sep-2022 22:10:10 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 6db6c560a3def8d8aa108fb8deb61eaa
31c1836a706646c034e26d16ca2d26b68af029a8
1367ca195edf44c4958e32d34035732d34e48849516d8eaf6c24c75b22c97916
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:55:10 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 02:15:45 GMT
Expires: Wed, 28 Sep 2022 02:15:44 GMT
Etag: "31c1836a706646c034e26d16ca2d26b68af029a8"
Cache-Control: max-age=533433,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74e60b2378911c02-OSL
t.teads.tv/track?action=pageView&env=js-web&tag_version=6.0.0_2864ca5&buyer_pixel_id=5995&referer=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta
23.38.201.50200 OK 23 B URL HTTP/2 t.teads.tv/track?action=pageView&env=js-web&tag_version=6.0.0_2864ca5&buyer_pixel_id=5995&referer=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta
IP 23.38.201.50:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash da5b449fff36752a93779fa4067cd2eb
71a96eea77f21ab5f1819b96c4cedd5cd34476ca
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
GET /track?action=pageView&env=js-web&tag_version=6.0.0_2864ca5&buyer_pixel_id=5995&referer=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta HTTP/1.1
Host: t.teads.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 23
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Wed, 21 Sep 2022 21:55:10 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 77f9b5e468180a8976a641e40dceedbf
9873db160721dc9f41d3ff2d711db700d6f5d4d7
cae6929c00ed37fc097432c9ac1d6800244479d3877b17662c67bafeeff23aba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:55:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 51ca5853da6ab1b45b9b9d8425056853
b912e4d1ee63203030fa6efd1a77b5f02f4f86e0
a5dd1386ea0a4adc2678a71557841daec7a91a80330c7cf3dc845963c4addd3f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:55:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f675396b1827a50c78e358358f256144
451b788273e06a08f762735c23c13028e32a3f3c
6bd9e2ec423bf8f0f681a92f4ad0b28cdb53f5df6ca4b571c9697b678c20c126
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:55:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
20839218p.rfihub.com/ca.html?ver=9&rb=46121&ca=20839218&cust1=https%3A%2F%2Fwww.regions.com%2F&pe=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&pf=&ra=4637554301991248
193.0.160.128200 OK 2.7 kB URL HTTP/1.1 20839218p.rfihub.com/ca.html?ver=9&rb=46121&ca=20839218&cust1=https%3A%2F%2Fwww.regions.com%2F&pe=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&pf=&ra=4637554301991248
IP 193.0.160.128:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (2668), with no line terminators
Hash e762d5788f1b1d274111483b3f12670d
2f2660287dd789f087eeb3ca3c9fc05dd12f1a7f
4334195781d3e9defef654ac9a487eb431abb95d3e55507ccf48e88a834fcdd6
GET /ca.html?ver=9&rb=46121&ca=20839218&cust1=https%3A%2F%2Fwww.regions.com%2F&pe=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&pf=&ra=4637554301991248 HTTP/1.1
Host: 20839218p.rfihub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:55:10 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: eud=H4sIAAAAAAAA_5vFyGtoZmZsbmlubGhgaGqxCo1_Co3_Co3_C40_iQmVPwuNvwiNvwqNvwmNvwtdPQsq_xYafxMrmn5uNPei8RcJo_IfofEBDO47PyABAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 16 Oct 2023 21:55:10 GMT; Secure; SameSite=None
rud=H4sIAAAAAAAA_-MSNjU0NjY2sjQ1MjIxMjA2NrE0NBPiM9Qtzsjy8AzzMy1LqUoFACFYreglAAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 16 Oct 2023 21:55:10 GMT; Secure; SameSite=None
ruds=H4sIAAAAAAAA_-MSNjU0NjY2sjQ1MjIxMjA2NrE0NBPiM9Qtzsjy8AzzMy1LqUoFACFYreglAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Cache-Control: no-cache
Content-Type: text/html;charset=utf-8
Content-Length: 2668
Server: Jetty(9.3.29.v20201019)
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f675396b1827a50c78e358358f256144
451b788273e06a08f762735c23c13028e32a3f3c
6bd9e2ec423bf8f0f681a92f4ad0b28cdb53f5df6ca4b571c9697b678c20c126
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:55:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/ddm/fls/p/src=9100576;type=pv;cat=regio0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?1997004187172.1267&~oref=https://www.regions.com/
142.250.74.98200 OK 42 B URL HTTP/2 adservice.google.no/ddm/fls/p/src=9100576;type=pv;cat=regio0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?1997004187172.1267&~oref=https://www.regions.com/
IP 142.250.74.98:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ddm/fls/p/src=9100576;type=pv;cat=regio0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?1997004187172.1267&~oref=https://www.regions.com/ HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.regions.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 21:55:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=499108531775714&ev=PageView&dl=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&rl=&if=false&ts=1663797309907&sw=1280&sh=1024&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.1.1663797309906.631230926&it=1663797309642&coo=false&rqm=GET
157.240.200.35200 OK 44 B URL HTTP/2 www.facebook.com/tr/?id=499108531775714&ev=PageView&dl=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&rl=&if=false&ts=1663797309907&sw=1280&sh=1024&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.1.1663797309906.631230926&it=1663797309642&coo=false&rqm=GET
IP 157.240.200.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b798f4ce7359fd815df4bdf76503b295
f8cc6addf1707ad236ad9970b0a48f9733d07da5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
GET /tr/?id=499108531775714&ev=PageView&dl=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&rl=&if=false&ts=1663797309907&sw=1280&sh=1024&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.1.1663797309906.631230926&it=1663797309642&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
date: Wed, 21 Sep 2022 21:55:10 GMT
expires: Wed, 21 Sep 2022 21:55:10 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f675396b1827a50c78e358358f256144
451b788273e06a08f762735c23c13028e32a3f3c
6bd9e2ec423bf8f0f681a92f4ad0b28cdb53f5df6ca4b571c9697b678c20c126
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:55:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
px.ads.linkedin.com/collect?pid=681506&fmt=gif&liSync=true
13.107.42.14200 OK 65 B URL HTTP/2 px.ads.linkedin.com/collect?pid=681506&fmt=gif&liSync=true
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 8b0d5b18476ae12e2476f3621d54c4a5
2ad669e9d207fbb37e84dda25766dbaeb66d792c
2d7244b6960d26ae56f048f162f02949ca7858be19d9349ec82906e56dfa3cfe
GET /collect?pid=681506&fmt=gif&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.regions.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 65
content-type: image/gif
content-encoding: gzip
vary: Accept-Encoding
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&dca999cb-a14c-4025-8c11-16f48e733a1d"; domain=.linkedin.com; Path=/; Secure; Expires=Thu, 21-Sep-2023 21:55:10 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2387:u=1:x=1:i=1663797310:t=1663883710:v=2:sig=AQHvK2zEZr9Ts6pqJIE0Bdgmjfyc43C4"; Expires=Thu, 22 Sep 2022 21:55:10 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXpNv+l/qYJ+anjH9Sw/w==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: F24879C1433B4305A322B11CEC43B3CB Ref B: OSL30EDGE0421 Ref C: 2022-09-21T21:55:10Z
date: Wed, 21 Sep 2022 21:55:10 GMT
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/959581806/?random=1663797309727&cv=9&fst=1663794000000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&tiba=Atlanta%20Mortgage%20Lender%20%7C%20Sam%20Pittman%20%7C%20Regions&async=1&fmt=3&is_vtc=1&random=3087100539&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/959581806/?random=1663797309727&cv=9&fst=1663794000000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&tiba=Atlanta%20Mortgage%20Lender%20%7C%20Sam%20Pittman%20%7C%20Regions&async=1&fmt=3&is_vtc=1&random=3087100539&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/959581806/?random=1663797309727&cv=9&fst=1663794000000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&tiba=Atlanta%20Mortgage%20Lender%20%7C%20Sam%20Pittman%20%7C%20Regions&async=1&fmt=3&is_vtc=1&random=3087100539&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 21:55:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e30sImV4dGVybmFsX2lkcyI6eyJ6eW5jIjoiOWFiOTMxOGMtNTFkYy00ODk3LWJkNzEtYTQyYmU2ZDNmZjJlOjE2NjM3OTczMDkuNTE0ODIxNSJ9fQ%3D%3D&site_id=regions-bank
54.81.23.211200 OK 146 B URL HTTP/1.1 people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e30sImV4dGVybmFsX2lkcyI6eyJ6eW5jIjoiOWFiOTMxOGMtNTFkYy00ODk3LWJkNzEtYTQyYmU2ZDNmZjJlOjE2NjM3OTczMDkuNTE0ODIxNSJ9fQ%3D%3D&site_id=regions-bank
IP 54.81.23.211:0
File type JSON data\012- , ASCII text
Hash a6e50aef0ff3b4e9eea950238b240434
5a2ff8c820d0406069c6b294cd8494a5226bd654
ea8fefc96ee6b6a76ed3610848417d146c4359e94c1156f30edcb5aeb4d4c167
GET /identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e30sImV4dGVybmFsX2lkcyI6eyJ6eW5jIjoiOWFiOTMxOGMtNTFkYy00ODk3LWJkNzEtYTQyYmU2ZDNmZjJlOjE2NjM3OTczMDkuNTE0ODIxNSJ9fQ%3D%3D&site_id=regions-bank HTTP/1.1
Host: people.api.boomtrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.regions.com
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Authorization,x-app-id
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Origin: *
Content-Type: application/json
Date: Wed, 21 Sep 2022 21:55:10 GMT
Server: nginx
Content-Length: 146
Connection: keep-alive
www.google.no/pagead/1p-conversion/1013536406/?random=1663797309719&cv=9&fst=1663797309719&num=1&label=F0kQCIWIgqYBEJatpeMD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9j0&sendb=1&ig=0&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&tiba=Atlanta%20Mortgage%20Lender%20%7C%20Sam%20Pittman%20%7C%20Regions&auid=1070510651.1663797309>m_ee=1&hn=www.google.com&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0
142.250.74.3200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/1013536406/?random=1663797309719&cv=9&fst=1663797309719&num=1&label=F0kQCIWIgqYBEJatpeMD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9j0&sendb=1&ig=0&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&tiba=Atlanta%20Mortgage%20Lender%20%7C%20Sam%20Pittman%20%7C%20Regions&auid=1070510651.1663797309>m_ee=1&hn=www.google.com&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP 142.250.74.3:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/1013536406/?random=1663797309719&cv=9&fst=1663797309719&num=1&label=F0kQCIWIgqYBEJatpeMD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9j0&sendb=1&ig=0&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&tiba=Atlanta%20Mortgage%20Lender%20%7C%20Sam%20Pittman%20%7C%20Regions&auid=1070510651.1663797309>m_ee=1&hn=www.google.com&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.regions.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 21:55:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1013536406/?random=1663797309715&cv=9&fst=1663794000000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&tiba=Atlanta%20Mortgage%20Lender%20%7C%20Sam%20Pittman%20%7C%20Regions&async=1&fmt=3&is_vtc=1&random=3671786836&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1013536406/?random=1663797309715&cv=9&fst=1663794000000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&tiba=Atlanta%20Mortgage%20Lender%20%7C%20Sam%20Pittman%20%7C%20Regions&async=1&fmt=3&is_vtc=1&random=3671786836&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1013536406/?random=1663797309715&cv=9&fst=1663794000000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&tiba=Atlanta%20Mortgage%20Lender%20%7C%20Sam%20Pittman%20%7C%20Regions&async=1&fmt=3&is_vtc=1&random=3671786836&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 21:55:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f675396b1827a50c78e358358f256144
451b788273e06a08f762735c23c13028e32a3f3c
6bd9e2ec423bf8f0f681a92f4ad0b28cdb53f5df6ca4b571c9697b678c20c126
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:55:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f675396b1827a50c78e358358f256144
451b788273e06a08f762735c23c13028e32a3f3c
6bd9e2ec423bf8f0f681a92f4ad0b28cdb53f5df6ca4b571c9697b678c20c126
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:55:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e1b3d60c72ff8b4d09d38ff5635489e3
ef4be572205288dd2727561762b561888061261c
e523c4e56f4c14c4d7f75e20b6bf90afc6fadd022503f5e0da3c958e9169c195
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:55:10 GMT
Server: ECS (amb/6B92)
Content-Length: 471
smetrics.regions.com/id?d_visid_ver=4.4.0&d_fieldgroup=MC&mcorgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&ts=1663797309834
15.236.176.210200 OK 48 B URL HTTP/2 smetrics.regions.com/id?d_visid_ver=4.4.0&d_fieldgroup=MC&mcorgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&ts=1663797309834
IP 15.236.176.210:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c0184e3c6316e6c65999d28e915c3cad
2259d87d6f6f40495a7cae4ce735ad54fa29cf8f
dad5ca49c6fe29c8e1903cf8bf7d77bfb310d5f031c223bf9bf9f99502cb02fe
GET /id?d_visid_ver=4.4.0&d_fieldgroup=MC&mcorgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&ts=1663797309834 HTTP/1.1
Host: smetrics.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://www.regions.com
Connection: keep-alive
Referer: https://www.regions.com/
Cookie: _gcl_au=1.1.1070510651.1663797309; btIdentify=e56d7e0f-1f40-4f00-93dc-43df597fa664; _bti=%7B%22bsin%22%3A%22%22%7D; _bts=5cfbf59d-28f9-4349-cc6b-b505fbb403e9; _uetsid=0fa73c1039f811ed8ea02da8bfc7c802; _uetvid=0fa72f9039f811edaa09f90a217e6c3e; __qca=P0-787590960-1663797309652
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
access-control-allow-origin: https://www.regions.com
access-control-allow-credentials: true
date: Wed, 21 Sep 2022 21:55:10 GMT
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: AMCV_DB9639725BD2FC5B0A495C65%40AdobeOrg=0%7CMCMID%7C84803608065935470530136057308845474544; Path=/; Domain=regions.com; Max-Age=63072000; Expires=Fri, 20 Sep 2024 21:55:55 GMT;
s_ecid=MCMID%7C84803608065935470530136057308845474544; Path=/; Domain=regions.com; Max-Age=63072000; Expires=Fri, 20 Sep 2024 21:55:55 GMT; SameSite=Lax;
vary: Origin
content-type: application/x-javascript;charset=utf-8
content-length: 48
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329522420334916&referrer=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta
143.204.55.109302 Found 661 B URL HTTP/2 live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329522420334916&referrer=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta
IP 143.204.55.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (575)
Hash db4e5bc7b56a59a03e381a003787a2e8
1143eedde858387d2c8998e5d68f1e4b9d6b56d5
15d5907f8d8436407ccedca893b25d0b2336cdc245d967c8fc9ab5d39f3d1e1a
GET /pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329522420334916&referrer=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta HTTP/1.1
Host: live.rezync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Cookie: zync-uuid=9ab9318c-51dc-4897-bd71-a42be6d3ff2e:1663797309.5148215; sd-session-id=eyJfcGVybWFuZW50Ijp0cnVlLCJzZXNzaW9uX2lkIjoiOWFiOTMxOGMtNTFkYy00ODk3LWJkNzEtYTQyYmU2ZDNmZjJlOjE2NjM3OTczMDkuNTE0ODIxNSJ9.YyuIPQ.BC4YOVOY3zbmu3VaAaK2xxa0BbY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=utf-8
content-length: 661
location: https://p.rfihub.com/cm?pub=39342&in=0&userid=9ab9318c-51dc-4897-bd71-a42be6d3ff2e%3A1663797309.5148215&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D9ab9318c-51dc-4897-bd71-a42be6d3ff2e%253A1663797309.5148215
date: Wed, 21 Sep 2022 21:55:10 GMT
set-cookie: zync-uuid=9ab9318c-51dc-4897-bd71-a42be6d3ff2e:1663797309.5148215; Domain=rezync.com; Expires=Mon, 20 Mar 2023 14:55:10 GMT; Path=/; SameSite=None; Secure
sd-session-id=.eJwNykkOgzAMAMC_-EwqbGdzPoNCYqSohVaEXor4ezmONCdMH93XvOl2QDr2rw5QXu1Wh3RCb79Vn5DAITOTOCJLI7MV9HAN0LX39t6mVu8jeRbGWIzDWoyNEsxcA5psaVZfeVlIE3rPQQKP8nBoI6GD6w-3hiX8.YyuIPg.Man7ubLoeBVs5DTz1CNaMWg94xI; Expires=Mon, 20 Mar 2023 21:55:10 GMT; HttpOnly; Path=/; SameSite=None; Secure
vary: Cookie
server: lighttpd/1.4.59
x-cache: Miss from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: W-AC4LMZAEsdSGTFmzNeJGgrO18Zh4cd5zKdzKlk4hpcgzMDRKzLmg==
X-Firefox-Spdy: h2
www.regions.com/-/media/js/mp_linkcode.js
205.255.103.100200 OK 681 B URL HTTP/1.1 www.regions.com/-/media/js/mp_linkcode.js
IP 205.255.103.100:0
File type exported SGML document, ASCII text, with CRLF line terminators
Hash 662fd21e25a8269185df8c993bfd251d
4da619e51fa6a54e5ffcdd7d826c1e5550a67840
f9465098d4cfa9edb9fed28c3eceb6bd3251c3fb011e86d1fa8f27bf1a680ceb
GET /-/media/js/mp_linkcode.js HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-sam-pittman-atlanta
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae120545525d5f4f58455e445a4a423660; ASP.NET_SessionId=im2s2ialuwbddasbza4zzea0; SC_ANALYTICS_GLOBAL_COOKIE=61ad4a2733e64dc3b4681dad6df71a00|False; Regions_SessionId=33a91391-5855-4d19-8ed4-dfdcbab1e318; _gcl_au=1.1.1070510651.1663797309; btIdentify=e56d7e0f-1f40-4f00-93dc-43df597fa664; _bti=%7B%22app_id%22%3A%22regions-bank%22%2C%22bsin%22%3A%22wa0F%2BWoXNiGDUHO01yqVG2sTHBi4mumfSGAdqdLQEq%2BnIdEQhwl6YS2Rx1f5NHHCHFviqUF2On1gokeKHjQy4Q%3D%3D%22%2C%22is_identified%22%3Afalse%7D; _bts=5cfbf59d-28f9-4349-cc6b-b505fbb403e9; _uetsid=0fa73c1039f811ed8ea02da8bfc7c802; _uetvid=0fa72f9039f811edaa09f90a217e6c3e; qcSxc=1663797309653; __qca=P0-787590960-1663797309652; _fbp=fb.1.1663797309906.631230926
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 537811
Date: Thu, 15 Sep 2022 16:31:39 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 32fbff40b5ed4dcfb4de06b0179c338b
Content-Type: application/x-javascript
Content-Encoding: br
Last-Modified: Thu, 25 Aug 2016 21:09:38 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Disposition: inline; filename="mp_linkcode.js"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 681
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/js/oo_engine.js
205.255.103.100200 OK 15 kB URL HTTP/1.1 www.regions.com/-/media/js/oo_engine.js
IP 205.255.103.100:0
Hash 54216df51ccc54b91647f46e6324a5d1
35cf90a9b3fe6579456b237653cd652dd86fc347
7e268465893e047076cb3331536cd5762cebc6f6e96a5d17a7c16165fda220d0
GET /-/media/js/oo_engine.js HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-sam-pittman-atlanta
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09ae120545525d5f4f58455e445a4a423660; ASP.NET_SessionId=im2s2ialuwbddasbza4zzea0; SC_ANALYTICS_GLOBAL_COOKIE=61ad4a2733e64dc3b4681dad6df71a00|False; Regions_SessionId=33a91391-5855-4d19-8ed4-dfdcbab1e318; _gcl_au=1.1.1070510651.1663797309; btIdentify=e56d7e0f-1f40-4f00-93dc-43df597fa664; _bti=%7B%22app_id%22%3A%22regions-bank%22%2C%22bsin%22%3A%22wa0F%2BWoXNiGDUHO01yqVG2sTHBi4mumfSGAdqdLQEq%2BnIdEQhwl6YS2Rx1f5NHHCHFviqUF2On1gokeKHjQy4Q%3D%3D%22%2C%22is_identified%22%3Afalse%7D; _bts=5cfbf59d-28f9-4349-cc6b-b505fbb403e9; _uetsid=0fa73c1039f811ed8ea02da8bfc7c802; _uetvid=0fa72f9039f811edaa09f90a217e6c3e; qcSxc=1663797309653; __qca=P0-787590960-1663797309652; _fbp=fb.1.1663797309906.631230926
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 537811
Date: Thu, 15 Sep 2022 16:31:39 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 6bf959c8100849ea8da66ecf3fc7ab49
Content-Type: application/x-javascript
Content-Encoding: br
Last-Modified: Thu, 25 Aug 2016 21:09:39 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Disposition: inline; filename="oo_engine.js"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 15048
Strict-Transport-Security: max-age=157680000
dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&d_nsid=0&d_mid=84803608065935470530136057308845474544&ts=1663797310183
34.241.142.170200 OK 1.3 kB URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&d_nsid=0&d_mid=84803608065935470530136057308845474544&ts=1663797310183
IP 34.241.142.170:0
File type JSON data\012- , ASCII text, with very long lines (3731), with no line terminators
Hash 653891acc0906d2b0aa96c29857f39c1
62298a877a3b33598255f43b01984417c49cf140
3969b1b5148bb8d0bbce060c46d60ecc67bed96912ca4410b59a9941299dfd18
GET /id?d_visid_ver=4.4.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&d_nsid=0&d_mid=84803608065935470530136057308845474544&ts=1663797310183 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://www.regions.com
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.regions.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-2-v041-00a6e6b28.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=90606741504656371840715772713815392925; Max-Age=15552000; Expires=Mon, 20 Mar 2023 21:55:10 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: aapl1ctTQw8=
Content-Length: 1273
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash a46374ea01a83fa11682c6f71512e2fd
da6c17f1deaa4d1506486fc1efdcfdfbced3ca32
9cd6b1d3f6e1cac4c9e35a23609e46c1a357a262700ae797d421707e17c1efe4
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 21:55:10 GMT
Last-Modified: Wed, 21 Sep 2022 21:28:58 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 6gfWGLWtzcNuSzRfnaymyeB16fXyu1xYTxEJj_MHjjZGEoEPVWSx-g==
Age: 1572
ib.adnxs.com/setuid?entity=18&code=5133329522420334916
185.89.210.90307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/setuid?entity=18&code=5133329522420334916
IP 185.89.210.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /setuid?entity=18&code=5133329522420334916 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 21 Sep 2022 21:55:10 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5133329522420334916
AN-X-Request-Uuid: 1762d7f5-04e3-492e-a87f-82964be94035
Set-Cookie: uuid2=8769721399295168142; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 20-Dec-2022 21:55:10 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
dpm.demdex.net/ibs:dpid=1121&dpuuid=5133329522420334916&redir=
34.241.142.170302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=1121&dpuuid=5133329522420334916&redir=
IP 34.241.142.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=1121&dpuuid=5133329522420334916&redir= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v041-00f176e58.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5133329522420334916&redir=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=44788407546888356480950624548212490737; Max-Age=15552000; Expires=Mon, 20 Mar 2023 21:55:10 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Ik6OXR0JS5o=
Content-Length: 0
Connection: keep-alive
contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5133329522420334916
23.38.200.22200 OK 45 B URL HTTP/2 contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5133329522420334916
IP 23.38.200.22:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash 99cceceaed4d575484b69ddaf9ed66a7
1e3a3b15296b585833a22d987a387aa58aa1642d
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
GET /cksync.php?cs=3&type=rkt&ovsid=5133329522420334916 HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
content-length: 45
content-type: image/gif
set-cookie: visitor-id=3067989103580252000V10; Expires=Thu, 21 Sep 2023 21:55:10 GMT; domain=.media.net; Path=/;
data-rk=5133329522420334916~~3;Expires=Wed, 20 Sep 2023 21:55:10 GMT;path=/;domain=.media.net;
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=31536000
x-mnet-hl2: E
expires: Wed, 21 Sep 2022 21:55:10 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 21 Sep 2022 21:55:10 GMT
X-Firefox-Spdy: h2
smetrics.regions.com/b/ss/regionsbankprod/10/JS-2.22.3/s56596690963372?AQB=1&ndh=1&pf=1&callback=s_c_il[0].doPostbacks&et=1&t=21%2F8%2F2022%2021%3A55%3A10%203%200&d.&nsid=0&jsonv=1&.d&mid=84803608065935470530136057308845474544&aamlh=6&ce=UTF-8&ns=regions&cdp=2&pageName=rdc%7Clocator%7Cmortgage%20loan%20officer%20sam%20pittman%20atlanta&g=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&c.&apl=4.0&getPreviousValue=3.0&getPercentPageViewed=5.0&manageVars=3.0&.c&cc=USD&ch=locator&server=www.regions.com&events=event1&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&c1=D%3Dv1&v1=rdc&h1=D%3Dv1&c2=D%3Dv2&v2=mlo&h2=D%3Dch&c3=D%3DpageName&v3=D%3DpageName&h3=mortgage%20loan%20officer%20sam%20pittman%20atlanta&c4=D%3Dg&v4=D%3Dg&c6=D%3Dv6&v6=en&c7=D%3Dv7&v7=desktop%20layout%7C1280x939&c8=D%3Dv8&c9=D%3Dv9&v9=%7C&v10=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&v12=D%3Dmid&v18=anonymous&c19=D%3DpageName&c23=D%3Dv10&v68=22.3.2%7C2.22.3%7C4.4.0%7C20220801&c75=D%3Dv68&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&AQE=1
15.236.176.210200 OK 3.7 kB URL HTTP/2 smetrics.regions.com/b/ss/regionsbankprod/10/JS-2.22.3/s56596690963372?AQB=1&ndh=1&pf=1&callback=s_c_il[0].doPostbacks&et=1&t=21%2F8%2F2022%2021%3A55%3A10%203%200&d.&nsid=0&jsonv=1&.d&mid=84803608065935470530136057308845474544&aamlh=6&ce=UTF-8&ns=regions&cdp=2&pageName=rdc%7Clocator%7Cmortgage%20loan%20officer%20sam%20pittman%20atlanta&g=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&c.&apl=4.0&getPreviousValue=3.0&getPercentPageViewed=5.0&manageVars=3.0&.c&cc=USD&ch=locator&server=www.regions.com&events=event1&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&c1=D%3Dv1&v1=rdc&h1=D%3Dv1&c2=D%3Dv2&v2=mlo&h2=D%3Dch&c3=D%3DpageName&v3=D%3DpageName&h3=mortgage%20loan%20officer%20sam%20pittman%20atlanta&c4=D%3Dg&v4=D%3Dg&c6=D%3Dv6&v6=en&c7=D%3Dv7&v7=desktop%20layout%7C1280x939&c8=D%3Dv8&c9=D%3Dv9&v9=%7C&v10=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&v12=D%3Dmid&v18=anonymous&c19=D%3DpageName&c23=D%3Dv10&v68=22.3.2%7C2.22.3%7C4.4.0%7C20220801&c75=D%3Dv68&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&AQE=1
IP 15.236.176.210:0
File type ASCII text, with very long lines (3687)
Hash c7191b8c5e551dd6fe0ec359eaf4b637
2377946550137f1099bcd03b0e74808ad8908c4b
e61c6a88261e922bb7b30b213c05fef8ba140e849960479f88d449ea547d2836
GET /b/ss/regionsbankprod/10/JS-2.22.3/s56596690963372?AQB=1&ndh=1&pf=1&callback=s_c_il[0].doPostbacks&et=1&t=21%2F8%2F2022%2021%3A55%3A10%203%200&d.&nsid=0&jsonv=1&.d&mid=84803608065935470530136057308845474544&aamlh=6&ce=UTF-8&ns=regions&cdp=2&pageName=rdc%7Clocator%7Cmortgage%20loan%20officer%20sam%20pittman%20atlanta&g=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&c.&apl=4.0&getPreviousValue=3.0&getPercentPageViewed=5.0&manageVars=3.0&.c&cc=USD&ch=locator&server=www.regions.com&events=event1&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&c1=D%3Dv1&v1=rdc&h1=D%3Dv1&c2=D%3Dv2&v2=mlo&h2=D%3Dch&c3=D%3DpageName&v3=D%3DpageName&h3=mortgage%20loan%20officer%20sam%20pittman%20atlanta&c4=D%3Dg&v4=D%3Dg&c6=D%3Dv6&v6=en&c7=D%3Dv7&v7=desktop%20layout%7C1280x939&c8=D%3Dv8&c9=D%3Dv9&v9=%7C&v10=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&v12=D%3Dmid&v18=anonymous&c19=D%3DpageName&c23=D%3Dv10&v68=22.3.2%7C2.22.3%7C4.4.0%7C20220801&c75=D%3Dv68&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&AQE=1 HTTP/1.1
Host: smetrics.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Cookie: _gcl_au=1.1.1070510651.1663797309; btIdentify=e56d7e0f-1f40-4f00-93dc-43df597fa664; _bti=%7B%22app_id%22%3A%22regions-bank%22%2C%22bsin%22%3A%22wa0F%2BWoXNiGDUHO01yqVG2sTHBi4mumfSGAdqdLQEq%2BnIdEQhwl6YS2Rx1f5NHHCHFviqUF2On1gokeKHjQy4Q%3D%3D%22%2C%22is_identified%22%3Afalse%7D; _bts=5cfbf59d-28f9-4349-cc6b-b505fbb403e9; _uetsid=0fa73c1039f811ed8ea02da8bfc7c802; _uetvid=0fa72f9039f811edaa09f90a217e6c3e; __qca=P0-787590960-1663797309652; _fbp=fb.1.1663797309906.631230926; AMCV_DB9639725BD2FC5B0A495C65%40AdobeOrg=1585540135%7CMCMID%7C84803608065935470530136057308845474544%7CMCAID%7CNONE%7CMCOPTOUT-1663804510s%7CNONE%7CMCAAMLH-1664402110%7C6%7CMCAAMB-1664402110%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C4.4.0; s_ecid=MCMID%7C84803608065935470530136057308845474544; AMCVS_DB9639725BD2FC5B0A495C65%40AdobeOrg=1; s_lang=en; gpv_pn=rdc%7Clocator%7Cmortgage%20loan%20officer%20sam%20pittman%20atlanta; s_ips=939; s_tp=2581; s_ppv=rdc%257Clocator%257Cmortgage%2520loan%2520officer%2520sam%2520pittman%2520atlanta%2C36%2C36%2C939%2C1%2C2; s_cc=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
date: Wed, 21 Sep 2022 21:55:10 GMT
expires: Tue, 20 Sep 2022 21:55:10 GMT
last-modified: Thu, 22 Sep 2022 21:55:10 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_ecid=MCMID%7C84803608065935470530136057308845474544; Path=/; Domain=regions.com; Max-Age=63072000; Expires=Fri, 20 Sep 2024 21:55:55 GMT;
etag: 3572977518348206080-4619840275673133964
vary: *
dcs: dcs-prod-irl1-2-v041-0f8dc3078.edge-irl1.demdex.com 5 ms
x-aam-tid: ndudaerrQng=
content-type: application/x-javascript;charset=utf-8
content-length: 3688
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=0&c=1202&i=4gy7wg&p=regions-prod&s=340&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTcUAPAmY2xpZW50SWQiOjEyMDIsInB1Ymxpc2hQYXRoIjoicmVnaW9ucy1wcm9kIiwiaW5zdGFuY2UvAPE0IjRneTd3ZyIsInBhY2tldCI6MCwibW9kZSI6Im9ic2VydmUiLCJjb29raWVzIjp7fSwiZW52aXJvbm1lbnQiOiJSZVwAIiBQXADyBnJlcXVlc3RzIjpbeyJkZXN0aW5hdMAAYCIsInR5cFkAYGJpbGxpbnUA8AVzdGFydCI6MTY2Mzc5NzMxMDEyN2IAwGQiOi0xLCJzb3VyYzIA8AYiLCJzdGF0dXMiOiIiLCJyZWFzb25lANRdLCJkYXRhUGF0dGVyEgCwbGlzdCI6W10sImkSAfAANjYzNzk3MzEwMTI3fV19
63.34.68.24204 No Content 0 B URL HTTP/2 data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=0&c=1202&i=4gy7wg&p=regions-prod&s=340&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTcUAPAmY2xpZW50SWQiOjEyMDIsInB1Ymxpc2hQYXRoIjoicmVnaW9ucy1wcm9kIiwiaW5zdGFuY2UvAPE0IjRneTd3ZyIsInBhY2tldCI6MCwibW9kZSI6Im9ic2VydmUiLCJjb29raWVzIjp7fSwiZW52aXJvbm1lbnQiOiJSZVwAIiBQXADyBnJlcXVlc3RzIjpbeyJkZXN0aW5hdMAAYCIsInR5cFkAYGJpbGxpbnUA8AVzdGFydCI6MTY2Mzc5NzMxMDEyN2IAwGQiOi0xLCJzb3VyYzIA8AYiLCJzdGF0dXMiOiIiLCJyZWFzb25lANRdLCJkYXRhUGF0dGVyEgCwbGlzdCI6W10sImkSAfAANjYzNzk3MzEwMTI3fV19
IP 63.34.68.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /privacy/v1/b/r.rnc?n=0&c=1202&i=4gy7wg&p=regions-prod&s=340&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTcUAPAmY2xpZW50SWQiOjEyMDIsInB1Ymxpc2hQYXRoIjoicmVnaW9ucy1wcm9kIiwiaW5zdGFuY2UvAPE0IjRneTd3ZyIsInBhY2tldCI6MCwibW9kZSI6Im9ic2VydmUiLCJjb29raWVzIjp7fSwiZW52aXJvbm1lbnQiOiJSZVwAIiBQXADyBnJlcXVlc3RzIjpbeyJkZXN0aW5hdMAAYCIsInR5cFkAYGJpbGxpbnUA8AVzdGFydCI6MTY2Mzc5NzMxMDEyN2IAwGQiOi0xLCJzb3VyYzIA8AYiLCJzdGF0dXMiOiIiLCJyZWFzb25lANRdLCJkYXRhUGF0dGVyEgCwbGlzdCI6W10sImkSAfAANjYzNzk3MzEwMTI3fV19 HTTP/1.1
Host: data.privacy.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Wed, 21 Sep 2022 21:55:10 GMT
expires: Wed, 21 Sep 2022 21:55:09 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEzMzMyOTUyMjQyMDMzNDkxNg==&forward=
142.250.74.130302 Found 369 B URL HTTP/2 cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEzMzMyOTUyMjQyMDMzNDkxNg==&forward=
IP 142.250.74.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash ba90138d0ed64329355893b23d843cf1
6febc309bd6e1226aee333af8db1e29d72352fe9
20b7e54b21391455889003a2d18c859bcd1e397c0ccb08d4528d1ae4d600eed1
GET /pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEzMzMyOTUyMjQyMDMzNDkxNg==&forward= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEzMzMyOTUyMjQyMDMzNDkxNg==&forward=&google_tc=
date: Wed, 21 Sep 2022 21:55:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 369
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 21-Sep-2022 22:10:10 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5133329522420334916
185.89.210.90200 OK 43 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5133329522420334916
IP 185.89.210.90:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fsetuid%3Fentity%3D18%26code%3D5133329522420334916 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20839218p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 21 Sep 2022 21:55:10 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 3d8b8dc3-56e5-4d6b-8134-9ce9a4434d9e
Set-Cookie: anj=dTM7k!M4/YErk#WF']wIg2Ildd7A>d!]tbPl1MNu::wpAk`W>$ka#=sjF$dPfQCLae:!#.D/L[`4^J$o!_6-zQEVk`!*2PU^U.^); SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 20-Dec-2022 21:55:10 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3423ede4e385b098f165a74c5866fbd9
93c10d1e17d52b5a776c9db81e0edeefee332534
16fe3d4ac2f3f66754d28da5da6fa16d1cf9ff0b7ecfa139daffea89a7e1e623
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2846
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:55:10 GMT
Last-Modified: Wed, 21 Sep 2022 21:07:44 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5133329522420334916&forward=
104.18.19.126302 Found 0 B URL HTTP/2 dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5133329522420334916&forward=
IP 104.18.19.126:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rum?cm_dsp_id=57&external_user_id=5133329522420334916&forward= HTTP/1.1
Host: dsum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 21 Sep 2022 21:55:10 GMT
content-length: 0
location: /rum?cm_dsp_id=57&external_user_id=5133329522420334916&forward=&C=1
cf-ray: 74e60b279ec8b4f9-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMID=YyuIPgz4DrFkXkx6fmdWmQAA; Path=/; Domain=casalemedia.com; Expires=Thu, 21 Sep 2023 21:55:10 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=4396; Path=/; Domain=casalemedia.com; Expires=Tue, 20 Dec 2022 21:55:10 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=4396; Path=/; Domain=casalemedia.com; Expires=Tue, 20 Dec 2022 21:55:10 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CiS4EVkgxB5pITyLxUFNDmLFaO3W5P2jAcMFYwfkaUhPKZrfuNyNdQQKwWosok9aYuZY62Qdi49zOcOGXdFktXpaOmjug1JW7fc083FYcEr6TuVOKeoBIEEiYfzKvriHIYuosvubw0tNbA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5133329522420334916&redir=
34.241.142.170200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5133329522420334916&redir=
IP 34.241.142.170:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5133329522420334916&redir= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20839218p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v041-07c43034b.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: i1LoSLCvRNQ=
Content-Length: 59
Connection: keep-alive
cm.g.doubleclick.net/pixel?in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEzMzMyOTUyMjQyMDMzNDkxNg==&forward=&google_tc=
142.250.74.130302 Found 269 B URL HTTP/2 cm.g.doubleclick.net/pixel?in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEzMzMyOTUyMjQyMDMzNDkxNg==&forward=&google_tc=
IP 142.250.74.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 2ac1f21e70e438c7e2193d02ee7e9be0
f9a11bb626bad146751fc166f96b91f6aeae7eab
de4a04a623ca095cd229a54edeb3120d9dc94d227198b75cb9a0a69677ed7c85
GET /pixel?in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEzMzMyOTUyMjQyMDMzNDkxNg==&forward=&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20839218p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_error=3
date: Wed, 21 Sep 2022 21:55:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 269
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
p.rfihub.com/cm?pub=24472&in=1
193.0.160.128302 Found 0 B URL HTTP/1.1 p.rfihub.com/cm?pub=24472&in=1
IP 193.0.160.128:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm?pub=24472&in=1 HTTP/1.1
Host: p.rfihub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 302 Found
Date: Wed, 21 Sep 2022 21:55:10 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: eud=H4sIAAAAAAAA_7vFwmtoZmZsbmlubGhgbmgEANkZ9q8QAAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 16 Oct 2023 21:55:10 GMT; Secure; SameSite=None
ruds=H4sIAAAAAAAA_-MSNjU0sDA1tTQ3MjGxMLa0sLQwNRLiM9T1LfHzyE_0zfbN8zUAAKPu2nYlAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
rud=H4sIAAAAAAAA_-MSNjU0sDA1tTQ3MjGxMLa0sLQwNRLiM9T1LfHzyE_0zfbN8zUAAKPu2nYlAAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 16 Oct 2023 21:55:10 GMT; Secure; SameSite=None
Location: https://ps.eyeota.net/match?uid=5108559724483989852&bid=omt9pi0
Content-Length: 0
Server: Jetty(9.3.29.v20201019)
pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5133329522420334916&
213.19.162.90204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5133329522420334916&
IP 213.19.162.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=13490&nid=2596&put=5133329522420334916& HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 17c962550296893d145ef1b8078fc6d6
Content-Type: image/gif
sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
151.101.86.49503 Service Unavailable 0 B URL HTTP/2 sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
IP 151.101.86.49:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP/1.1
Host: sync-tm.everesttech.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 503 Service Unavailable
server: Varnish
retry-after: 0
accept-ranges: bytes
date: Wed, 21 Sep 2022 21:55:10 GMT
via: 1.1 varnish
x-served-by: cache-bma1662-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1663797311.752364,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash f063bbd1a226bdf35ade640dfc0feb9c
f283887ccb81439f581836dbee09ff8db70ac3a3
fcf3146dcd0da35f4a24f5cc7cf73a028a2b16df6f84bdcedaf94fb3eab298f2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6436
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:55:10 GMT
Last-Modified: Wed, 21 Sep 2022 20:07:54 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 727
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1a6ba8b99be5dbe186929b9f38510167
90e6447b57bcdd0bb7d7ada783370ff4a73ff870
c9f2ec28f0d4c8c42218f838f9165001cfa50262c1520bd58c78ae9e1176948c
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3784
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:55:10 GMT
Last-Modified: Wed, 21 Sep 2022 20:52:06 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
events.api.boomtrain.com/event/track
52.45.50.76200 OK 2 B URL HTTP/2 events.api.boomtrain.com/event/track
IP 52.45.50.76:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /event/track HTTP/1.1
Host: events.api.boomtrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 553
Origin: https://www.regions.com
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:55:10 GMT
content-length: 2
server: nginx
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type, Authorization, x-app-id
access-control-allow-methods: GET, PUT, POST, DELETE
X-Firefox-Spdy: h2
dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5133329522420334916&forward=&C=1
104.18.19.126200 OK 43 B URL HTTP/2 dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5133329522420334916&forward=&C=1
IP 104.18.19.126:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /rum?cm_dsp_id=57&external_user_id=5133329522420334916&forward=&C=1 HTTP/1.1
Host: dsum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20839218p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:55:10 GMT
content-type: image/gif
content-length: 43
cf-ray: 74e60b281f1fb4f9-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZPccZ%2Bz9jjN3y8GfS0P%2Fs1b62sz6gYMbecu6GLDL16%2BuqSutqEO57u0YVM8WcrIIDaj1pbWYZjO9mS1vj2S0Tv0uEAFJct5BA%2Brc623pYAy6QLJPDXLEK%2BbTZryBxOavpcWt9wBQrUOEHw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 09984dfda414469279844f37bf0a4e3b
c113476ce34a4843b7b91e3141fe4c1fa6bc9216
342ecb19ad9a7a05b6882d860ef025cbfe52b7fb2f307e5cac208a99585e7416
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4847
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:55:10 GMT
Last-Modified: Wed, 21 Sep 2022 20:34:23 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
bttrack.com/engagement/event?input=%7B%22globalId%22%3A%2200000000-0000-0000-0000-000000000042%22%2C%22creativeId%22%3A%22%22%2C%22placementId%22%3A%22%22%2C%22goalId%22%3A%2244911%22%2C%22sessionId%22%3A%22fc0402be-dc84-409b-a1a9-07030f913b28%22%2C%22parentPublisherId%22%3A%22%22%2C%22publisherId%22%3A%22%22%2C%22siteId%22%3A%22%22%2C%22commonId%22%3A%22%22%2C%22heartbeat%22%3A1%2C%22url%22%3A%22https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta%22%2C%22fingerprint%22%3A%22%22%2C%22fingerprintProvider%22%3A%22%22%7D
192.132.33.46200 OK 0 B URL HTTP/2 bttrack.com/engagement/event?input=%7B%22globalId%22%3A%2200000000-0000-0000-0000-000000000042%22%2C%22creativeId%22%3A%22%22%2C%22placementId%22%3A%22%22%2C%22goalId%22%3A%2244911%22%2C%22sessionId%22%3A%22fc0402be-dc84-409b-a1a9-07030f913b28%22%2C%22parentPublisherId%22%3A%22%22%2C%22publisherId%22%3A%22%22%2C%22siteId%22%3A%22%22%2C%22commonId%22%3A%22%22%2C%22heartbeat%22%3A1%2C%22url%22%3A%22https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta%22%2C%22fingerprint%22%3A%22%22%2C%22fingerprintProvider%22%3A%22%22%7D
IP 192.132.33.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /engagement/event?input=%7B%22globalId%22%3A%2200000000-0000-0000-0000-000000000042%22%2C%22creativeId%22%3A%22%22%2C%22placementId%22%3A%22%22%2C%22goalId%22%3A%2244911%22%2C%22sessionId%22%3A%22fc0402be-dc84-409b-a1a9-07030f913b28%22%2C%22parentPublisherId%22%3A%22%22%2C%22publisherId%22%3A%22%22%2C%22siteId%22%3A%22%22%2C%22commonId%22%3A%22%22%2C%22heartbeat%22%3A1%2C%22url%22%3A%22https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta%22%2C%22fingerprint%22%3A%22%22%2C%22fingerprintProvider%22%3A%22%22%7D HTTP/1.1
Host: bttrack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.regions.com
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,no-cache
pragma: no-cache
content-type: text/plain
content-encoding: gzip
expires: -1
server: Microsoft-IIS/8.5
x-aspnetmvc-version: 5.2
access-control-allow-origin: *
x-aspnet-version: 4.0.30319
p3p: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
x-servername: Track001-iad
date: Wed, 21 Sep 2022 21:54:42 GMT
content-length: 0
X-Firefox-Spdy: h2
bpi.rtactivate.com/tag/?id=11017&user_id=5133329522420334916
52.200.138.20200 OK 43 B URL HTTP/2 bpi.rtactivate.com/tag/?id=11017&user_id=5133329522420334916
IP 52.200.138.20:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /tag/?id=11017&user_id=5133329522420334916 HTTP/1.1
Host: bpi.rtactivate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: awselb/2.0
date: Wed, 21 Sep 2022 21:55:10 GMT
content-type: image/gif
content-length: 43
X-Firefox-Spdy: h2
bttrack.com/engagement/getpixels?gid=44911
192.132.33.46200 OK 0 B URL HTTP/2 bttrack.com/engagement/getpixels?gid=44911
IP 192.132.33.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /engagement/getpixels?gid=44911 HTTP/1.1
Host: bttrack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.regions.com
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,no-cache
pragma: no-cache
content-type: text/html
content-encoding: gzip
expires: -1
server: Microsoft-IIS/8.5
x-aspnetmvc-version: 5.2
access-control-allow-origin: *
x-aspnet-version: 4.0.30319
p3p: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
x-servername: Track003-iad
date: Wed, 21 Sep 2022 21:54:42 GMT
content-length: 0
X-Firefox-Spdy: h2
x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5133329522420334916
23.38.201.22200 OK 43 B URL HTTP/2 x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5133329522420334916
IP 23.38.201.22:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /e/rocketfuel_sync?na_exid=5133329522420334916 HTTP/1.1
Host: x.dlx.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 43
expires: Wed, 21 Sep 2022 21:55:10 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 21 Sep 2022 21:55:10 GMT
strict-transport-security: max-age=2628000
X-Firefox-Spdy: h2
aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5133329522420334916
52.212.110.18200 OK 43 B URL HTTP/2 aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5133329522420334916
IP 52.212.110.18:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash db04c7b378cb2db912c3ba8a5a774ee3
dee34bd86c3484d31002182aa2b7caa4699126b8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
GET /adscores/g.pixel?sid=9212192898&rf=5133329522420334916 HTTP/1.1
Host: aa.agkn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:55:10 GMT
content-type: image/gif
content-length: 43
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash b8bfc9958399c5e100b7af786b26e7af
273cf130821602bb6f0991a3e9f6a43e766fcc66
273e564a30ee9c9912553c0ef3b3e5d2857e9f31228948e29f5053fade480fe0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 21:55:10 GMT
Last-Modified: Wed, 21 Sep 2022 20:24:51 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: szePwxoGqzkx7oAQ3z1fgJj6_xUjNVJLxensjBVgmNbNdge-slhm6w==
Age: 5419
sync.search.spotxchange.com/partner?adv_id=7180&uid=5133329522420334916&img=1
185.94.180.126302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?adv_id=7180&uid=5133329522420334916&img=1
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?adv_id=7180&uid=5133329522420334916&img=1 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 21 Sep 2022 21:55:10 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=10618518-39f8-11ed-ab56-192cb16e0406; expires=Wed, 19-Oct-2022 21:55:10 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?adv_id=7180&uid=5133329522420334916&img=1&__user_check__=1&sync_id=10618554-39f8-11ed-ab56-192cb16e0406
X-fe: 100
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash c9de0b3c34611b80510bd3f1fa6ae0fd
5ce7d6e4360594b160ca764b6d02aa7e5e291dea
4dac3fb1beb37ae1d7e386702dc79343a75fc05378376709a40777198a3c134b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:55:10 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 03:43:25 GMT
Expires: Wed, 28 Sep 2022 03:43:24 GMT
Etag: "5ce7d6e4360594b160ca764b6d02aa7e5e291dea"
Cache-Control: max-age=538693,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74e60b275c951c02-OSL
regions.demdex.net/dest5.html?d_nsid=undefined
52.209.199.248200 OK 2.8 kB URL HTTP/1.1 regions.demdex.net/dest5.html?d_nsid=undefined
IP 52.209.199.248:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=undefined HTTP/1.1
Host: regions.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Wed, 21 Sep 2022 21:55:10 GMT
DCS: dcs-prod-irl1-1-v041-037c90f93.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Mon, 19 Sep 2022 08:53:31 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: 4CETyrsJRLI=
transfer-encoding: chunked
Connection: keep-alive
beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5133329522420334916
79.125.33.106204 No Content 0 B URL HTTP/2 beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5133329522420334916
IP 79.125.33.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatch.gif?partner_id=rfuel&partner_user_id=5133329522420334916 HTTP/1.1
Host: beacon.krxd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 21 Sep 2022 21:55:10 GMT
set-cookie: _kuid_=PF88Spk2; Expires=Mon, 20-Mar-23 21:55:10 GMT; Max-Age=15552000; Domain=.krxd.net; Path=/
cache-control: private, no-cache, no-store
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by: beacon-n015-dub-prod.krxd.net
x-request-time: D=27 t=1663797310
X-Firefox-Spdy: h2
p.rfihub.com/cm?pub=39342&in=0&userid=9ab9318c-51dc-4897-bd71-a42be6d3ff2e%3A1663797309.5148215&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D9ab9318c-51dc-4897-bd71-a42be6d3ff2e%253A1663797309.5148215
193.0.160.128302 Found 0 B URL HTTP/1.1 p.rfihub.com/cm?pub=39342&in=0&userid=9ab9318c-51dc-4897-bd71-a42be6d3ff2e%3A1663797309.5148215&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D9ab9318c-51dc-4897-bd71-a42be6d3ff2e%253A1663797309.5148215
IP 193.0.160.128:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm?pub=39342&in=0&userid=9ab9318c-51dc-4897-bd71-a42be6d3ff2e%3A1663797309.5148215&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D9ab9318c-51dc-4897-bd71-a42be6d3ff2e%253A1663797309.5148215 HTTP/1.1
Host: p.rfihub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20839218p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Wed, 21 Sep 2022 21:55:10 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: ruds=H4sIAAAAAAAA_-MSNjU0MjE2MjI2MjY0szQyNzMysxDiM9QtSTFNdNOtiPS0TCoGAMlMJf0lAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
eud=H4sIAAAAAAAA_zXIuRWAIBAFwAqMqGN5fJa97IazIEOrNXLCeZJFH8HwSYI1qXkYjWWg3urYuvicum-osoVxiSxoXiFvuv5EceYPQ13p00oAAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 16 Oct 2023 21:55:10 GMT; Secure; SameSite=None
euds=H4sIAAAAAAAA_wXByRWAIAwFwIvtxOfPHrsBAoVYuTPfFTVmCXKRoRdpVtDsAA3lub3lHN4v3CUq5KnboMmwHx2BDtQ6AAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
rud=H4sIAAAAAAAA_-MSNjU0MjE2MjI2MjY0szQyNzMysxDiM9QtSTFNdNOtiPS0TCoGAMlMJf0lAAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 16 Oct 2023 21:55:10 GMT; Secure; SameSite=None
Location: https://idsync.rlcdn.com/501709.gif?partner_uid=9ab9318c-51dc-4897-bd71-a42be6d3ff2e%3A1663797309.5148215
Content-Length: 0
Server: Jetty(9.3.29.v20201019)
ocsp.usertrust.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 5206b78759fabe72774270f31d67d957
60fa5106620042c1a8ab74b1909f416df1381dbb
53feba3af85487a91bf1b13afed1faef280c9b340414dce620b244ea3c01a236
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:55:10 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 09:01:01 GMT
Expires: Wed, 28 Sep 2022 09:01:00 GMT
Etag: "60fa5106620042c1a8ab74b1909f416df1381dbb"
Cache-Control: max-age=602213,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 754
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e60b28fd11b505-OSL
sync.search.spotxchange.com/partner?adv_id=7180&uid=5133329522420334916&img=1&__user_check__=1&sync_id=10618554-39f8-11ed-ab56-192cb16e0406
185.94.180.126200 OK 43 B URL HTTP/1.1 sync.search.spotxchange.com/partner?adv_id=7180&uid=5133329522420334916&img=1&__user_check__=1&sync_id=10618554-39f8-11ed-ab56-192cb16e0406
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55fade2068e7503eae8d7ddf5eb6bd09
317496a096d6c86486a71d4521994bcd171a6bb3
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
GET /partner?adv_id=7180&uid=5133329522420334916&img=1&__user_check__=1&sync_id=10618554-39f8-11ed-ab56-192cb16e0406 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20839218p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 21:55:10 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Set-Cookie: audience=106e3155-39f8-11ed-8152-169e7f670106; expires=Wed, 19-Oct-2022 21:55:10 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 38
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D
18.159.27.52200 OK 0 B URL HTTP/2 bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D
IP 18.159.27.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D HTTP/1.1
Host: bs.serving-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:55:10 GMT
content-length: 0
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NOI DEVa OUR BUS UNI"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 111914dc79c89e3eb9a72f2800bcb6ba
af7a9c8d5ad338097093987b843760afa9be8960
bb292b346d55d4bc4385ccc49d1b126157986eca6c82b8bfa9349c72ce24a527
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6591
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:55:10 GMT
Last-Modified: Wed, 21 Sep 2022 20:05:19 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 280
lptag.liveperson.net/tag/tag.js?site=60208595
178.249.101.23200 OK 7.6 kB URL HTTP/2 lptag.liveperson.net/tag/tag.js?site=60208595
IP 178.249.101.23:0
File type ASCII text, with very long lines (21652), with no line terminators
Hash 6b675640425ec8551a433e26a377d954
7234f02cce1ccb2a4facf2b34b9185cfcf27299d
8c9716f14d2e964be7c93d3d8c28819cb35c529fce6206a79061cda509e05bfd
GET /tag/tag.js?site=60208595 HTTP/1.1
Host: lptag.liveperson.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:55:10 GMT
content-type: application/javascript
content-length: 7567
last-modified: Thu, 03 Sep 2020 08:27:49 GMT
etag: "5f50a905-1d8f"
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
cache-control: public, max-age=630
x-content-type-options: nosniff
X-Firefox-Spdy: h2
a.rfihub.com/cm?pub=445&in=0&forward=&google_error=3
193.0.160.128200 OK 42 B URL HTTP/1.1 a.rfihub.com/cm?pub=445&in=0&forward=&google_error=3
IP 193.0.160.128:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash accba0b69f352b4c9440f05891b015c5
9d01cc5dc8e042c0d4ad6cfb8b3ac38e84a5ef9f
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
GET /cm?pub=445&in=0&forward=&google_error=3 HTTP/1.1
Host: a.rfihub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20839218p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:55:10 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: ruds=H4sIAAAAAAAA_-MSNjU0MTQyNLAwMjQ3MTM1NzMzsRDiM9T1CTNwKi_zcHQOTcsBANYhkNQlAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
eud=H4sIAAAAAAAA_-NicjUO4jU0MzM2tzQ3NjSwNDACAEogTU8TAAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 16 Oct 2023 21:55:10 GMT; Secure; SameSite=None
euds=H4sIAAAAAAAA_-NicjUGAEAxo38EAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
rud=H4sIAAAAAAAA_-MSNjU0MTQyNLAwMjQ3MTM1NzMzsRDiM9T1CTNwKi_zcHQOTcsBANYhkNQlAAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 16 Oct 2023 21:55:10 GMT; Secure; SameSite=None
Cache-Control: no-cache
Content-Type: image/gif
Content-Length: 42
Server: Jetty(9.3.29.v20201019)
ps.eyeota.net/match?uid=5108559724483989852&bid=omt9pi0
3.120.214.218200 OK 0 B URL HTTP/1.1 ps.eyeota.net/match?uid=5108559724483989852&bid=omt9pi0
IP 3.120.214.218:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?uid=5108559724483989852&bid=omt9pi0 HTTP/1.1
Host: ps.eyeota.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20839218p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Set-Cookie: SERVERID=24244~DM; Domain=eyeota.net; Path=/; Expires=Wed, 21 Sep 2022 22:05:10 GMT; Secure; SameSite=None;
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
Content-Length: 0
Date: Wed, 21 Sep 2022 21:55:10 GMT
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f68324bff0a6a9b79ef6fa84254982f3
c144294cf0a86bb98207c5b4d05b350556c0006d
2bbeb9cec143aff4b7c70381bdf41dba862712015412cfe75bd7249a9706a419
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:55:10 GMT
Server: ECS (amb/6B92)
Content-Length: 471
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash a3b00c4674ee0386430e963a8ca3a040
f2cb59ace17ff9d8c7273a3f5d76887700f457a0
17d6cf90b88f4e2897173116ca300b3dbd613af3aca9bfcdbf69adbb3883aa38
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:55:11 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 13:42:56 GMT
Expires: Wed, 28 Sep 2022 13:42:55 GMT
Etag: "f2cb59ace17ff9d8c7273a3f5d76887700f457a0"
Cache-Control: max-age=574664,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74e60b283aecb4f7-OSL
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 95a705cf80c3f66edf69c8acc0e66fb6
e600da395e35e9fd92e6cd0d787ff50cb1b8d104
8055e43bda5c6e4d93011728db61e68de262cb5a1e2048c86c3fdc0c05e2d42b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 21:55:10 GMT
Last-Modified: Wed, 21 Sep 2022 21:25:14 GMT
Server: ECS (nyb/1D1A)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: dAnO49OQ2v7nqBTT0w09F4mecGWCZTT2fEx1mypXVtw6u9PIvW5utQ==
Age: 1796
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash a3b00c4674ee0386430e963a8ca3a040
f2cb59ace17ff9d8c7273a3f5d76887700f457a0
17d6cf90b88f4e2897173116ca300b3dbd613af3aca9bfcdbf69adbb3883aa38
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:55:11 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 13:42:56 GMT
Expires: Wed, 28 Sep 2022 13:42:55 GMT
Etag: "f2cb59ace17ff9d8c7273a3f5d76887700f457a0"
Cache-Control: max-age=574663,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74e60b29889f0af6-OSL
cm.everesttech.net/cm/dd?d_uuid=90606741504656371840715772713815392925
52.215.56.149302 0 B URL HTTP/1.1 cm.everesttech.net/cm/dd?d_uuid=90606741504656371840715772713815392925
IP 52.215.56.149:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/dd?d_uuid=90606741504656371840715772713815392925 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Date: Wed, 21 Sep 2022 21:55:11 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~YyuIPwAAAKvQogOV; Domain=.everesttech.net; Expires=Thu, 21-Sep-2023 21:55:11 GMT; Path=/
everest_session_v2=YyuIPwAAAKvQowOV; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YyuIPwAAAKvQogOV
Server: AMO-cookiemap/1.1
idsync.rlcdn.com/360947.gif?partner_uid=5133329522420334916
35.244.174.68200 OK 42 B URL HTTP/2 idsync.rlcdn.com/360947.gif?partner_uid=5133329522420334916
IP 35.244.174.68:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /360947.gif?partner_uid=5133329522420334916 HTTP/1.1
Host: idsync.rlcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: rlas3=JPeFF28o2/fpU0TdHL+DiCO/esTJjtHa2AuwfFihYMc=; Path=/; Domain=rlcdn.com; Expires=Thu, 21 Sep 2023 21:55:11 GMT; Secure; SameSite=None
pxrc=CAA=; Path=/; Domain=rlcdn.com; Expires=Sun, 20 Nov 2022 21:55:11 GMT; Secure; SameSite=None
timing-allow-origin: *
date: Wed, 21 Sep 2022 21:55:11 GMT
content-length: 42
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
idsync.rlcdn.com/501709.gif?partner_uid=9ab9318c-51dc-4897-bd71-a42be6d3ff2e%3A1663797309.5148215
35.244.174.68307 Temporary Redirect 0 B URL HTTP/2 idsync.rlcdn.com/501709.gif?partner_uid=9ab9318c-51dc-4897-bd71-a42be6d3ff2e%3A1663797309.5148215
IP 35.244.174.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /501709.gif?partner_uid=9ab9318c-51dc-4897-bd71-a42be6d3ff2e%3A1663797309.5148215 HTTP/1.1
Host: idsync.rlcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20839218p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
cache-control: no-cache, no-store
location: https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjc5YWI5MzE4Yy01MWRjLTQ4OTctYmQ3MS1hNDJiZTZkM2ZmMmU6MTY2Mzc5NzMwOS41MTQ4MjE1EAAaDQi_kK6ZBhIFCOgHEABCAEoA
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: pxrc=CAA=; Path=/; Domain=rlcdn.com; Expires=Sun, 20 Nov 2022 21:55:11 GMT; Secure; SameSite=None
timing-allow-origin: *
date: Wed, 21 Sep 2022 21:55:11 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
regionsbank.mpeasylink.com/mpel/mpel.js
54.174.98.17200 1.7 kB URL HTTP/1.1 regionsbank.mpeasylink.com/mpel/mpel.js
IP 54.174.98.17:0
File type ASCII text, with very long lines (515)
Hash 6fdd7985388a9a91f458c96ece692409
c655f98e175824e81802934d717e0607b25d906f
17936884b849d8d2f051fa0b88d5cb58466d78931b687900b1b90aecde32d977
Analyzer Verdict Alert quad9 Sinkholed
GET /mpel/mpel.js HTTP/1.1
Host: regionsbank.mpeasylink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: nginx
Date: Wed, 21 Sep 2022 21:55:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"5096-1630605988000"
Last-Modified: Thu, 02 Sep 2021 18:06:28 GMT
Cache-Control: max-age=86400
Expires: Thu, 22 Sep 2022 21:55:11 GMT
vary: accept-encoding
Content-Encoding: gzip
idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjc5YWI5MzE4Yy01MWRjLTQ4OTctYmQ3MS1hNDJiZTZkM2ZmMmU6MTY2Mzc5NzMwOS41MTQ4MjE1EAAaDQi_kK6ZBhIFCOgHEABCAEoA
35.244.174.68307 Temporary Redirect 0 B URL HTTP/2 idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjc5YWI5MzE4Yy01MWRjLTQ4OTctYmQ3MS1hNDJiZTZkM2ZmMmU6MTY2Mzc5NzMwOS41MTQ4MjE1EAAaDQi_kK6ZBhIFCOgHEABCAEoA
IP 35.244.174.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1000.gif?memo=CM3PHhJBCj0IARAFGjc5YWI5MzE4Yy01MWRjLTQ4OTctYmQ3MS1hNDJiZTZkM2ZmMmU6MTY2Mzc5NzMwOS41MTQ4MjE1EAAaDQi_kK6ZBhIFCOgHEABCAEoA HTTP/1.1
Host: idsync.rlcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20839218p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 307 Temporary Redirect
cache-control: no-cache, no-store
location: https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: pxrc=CL+QrpkGEgUI6AcQABIGCLrqARAA; Path=/; Domain=rlcdn.com; Expires=Sun, 20 Nov 2022 21:55:11 GMT; Secure; SameSite=None
timing-allow-origin: *
date: Wed, 21 Sep 2022 21:55:11 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 4c2459fba54e2151404e47950670d6ba
d082d2dabb20cae92ac130ddebaa606958962f9d
df1f46f76c59326e0c5002768f81bdaa2a32f214862e13b0625e9ef31e134f08
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 21:55:11 GMT
Last-Modified: Wed, 21 Sep 2022 20:18:01 GMT
Server: ECS (bsa/EB13)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 4TN1dRrcOW8VJFAFpNdOwB4C-XZSLosDCq8nZpIMrruhhYPYGusNWw==
Age: 5830
dpm.demdex.net/ibs:dpid=411&dpuuid=YyuIPwAAAKvQogOV
34.241.142.170302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=411&dpuuid=YyuIPwAAAKvQogOV
IP 34.241.142.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=411&dpuuid=YyuIPwAAAKvQogOV HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.regions.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v041-07da512d0.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YyuIPwAAAKvQogOV
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=69658199320946463833372933423052636812; Max-Age=15552000; Expires=Mon, 20 Mar 2023 21:55:11 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: BufTwIGZSrE=
Content-Length: 0
Connection: keep-alive
www.cloudflare.com/cdn-cgi/trace
104.16.123.96200 OK 699 B URL HTTP/2 www.cloudflare.com/cdn-cgi/trace
IP 104.16.123.96:0
Hash c9c91bbb9a4241c42e6e64a338b78e37
0c87bdb02bc90ad5093b7a1fea566e0daa669aa5
3d74c22f94b25ba264d1c1c7cd5e4692f340184a027b80f84ba6d574b79b321a
GET /cdn-cgi/trace HTTP/1.1
Host: www.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.regions.com
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:55:10 GMT
content-type: text/plain
access-control-allow-origin: *
server: cloudflare
cf-ray: 74e60b2928bf0b45-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
siteintercept.qualtrics.com/dxjsmodule/4.1fa8baa6e7b1d7777fa4.chunk.js?Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web&Q_BRANDID=regions
104.17.209.240200 OK 1.1 kB URL HTTP/2 siteintercept.qualtrics.com/dxjsmodule/4.1fa8baa6e7b1d7777fa4.chunk.js?Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web&Q_BRANDID=regions
IP 104.17.209.240:0
File type ASCII text, with very long lines (1754), with no line terminators
Hash e462a304d64248f2a4dcc193d33db5cf
04572b72bb28774c38fba901feceed918b9589fd
3ffe5f51bea0121f5039a2f2286ed7f532e02dcbedce6ea566253dab54a52a2f
GET /dxjsmodule/4.1fa8baa6e7b1d7777fa4.chunk.js?Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web&Q_BRANDID=regions HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:55:10 GMT
content-type: application/javascript
cf-ray: 74e60b297e97b527-OSL
access-control-allow-origin: *
age: 158410
cache-control: public, max-age=604800, s-maxage=604800
etag: W/"9eb-18333011708"
last-modified: Mon, 12 Sep 2022 18:40:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=2539
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash ef22746354dc8b5189d4e6c76270b510
f8d168a64fa6aef7421e33fccbfa57ec0721c412
9b039b092a421e633ef47389c9213751f5cc1d881df3154b95c808eb9f742249
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:55:11 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 13:56:50 GMT
Expires: Tue, 27 Sep 2022 13:56:49 GMT
Etag: "f8d168a64fa6aef7421e33fccbfa57ec0721c412"
Cache-Control: max-age=489097,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74e60b28dde01c02-OSL
siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_2tbnXZsYSY6ZeF7&Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web
104.17.209.240200 OK 1.4 kB URL HTTP/2 siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_2tbnXZsYSY6ZeF7&Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web
IP 104.17.209.240:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (4753), with no line terminators
Hash 20754bd326a7bf1e5460c68be3fbd4d3
0cd49657c65b00d69be71da504be4fc4b5acb555
51ca9c814335dd553028fda98d0a585ddee72825f83fdde555a87c2385d6486f
POST /WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_2tbnXZsYSY6ZeF7&Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 134
Origin: https://www.regions.com
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:55:10 GMT
content-type: application/json
cf-ray: 74e60b286c7bb527-OSL
access-control-allow-origin: https://www.regions.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
trace-id: ec7bd7529875e3d1
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
x.bidswitch.net/sync?dsp_id=119&user_id=5133329522420334916&expires=30
3.127.105.16302 Moved Temporarily 0 B URL HTTP/1.1 x.bidswitch.net/sync?dsp_id=119&user_id=5133329522420334916&expires=30
IP 3.127.105.16:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=119&user_id=5133329522420334916&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Wed, 21 Sep 2022 21:55:11 GMT
Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5133329522420334916&expires=30
Set-Cookie: tuuid=9cef157a-4299-42e4-a7e8-99931b7449a9; path=/; expires=Thu, 21-Sep-2023 21:55:11 GMT; domain=.bidswitch.net; samesite=none; secure
c=1663797311; path=/; expires=Thu, 21-Sep-2023 21:55:11 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1663797311; path=/; expires=Thu, 21-Sep-2023 21:55:11 GMT; domain=.bidswitch.net; samesite=none; secure
c=1663797311; path=/; expires=Thu, 21-Sep-2023 21:55:11 GMT; domain=.bidswitch.net; samesite=none; secure
Content-Length: 0
Connection: keep-alive
regionsbank.mpeasylink.com/mpel/mpel_storage.html?cmd=getpref&href=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta
54.174.98.17200 1.2 kB URL HTTP/1.1 regionsbank.mpeasylink.com/mpel/mpel_storage.html?cmd=getpref&href=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta
IP 54.174.98.17:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (650)
Hash 4e15b50697a74d423a6d9933b24a00a3
56185b17a5a18f75c8269f522a6f6e65dfd5a0f2
daccffddc4a2db0ebc4a2461a23cd60cabf64c5f60c9c099fc157ba2278f9dc7
Analyzer Verdict Alert quad9 Sinkholed
GET /mpel/mpel_storage.html?cmd=getpref&href=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta HTTP/1.1
Host: regionsbank.mpeasylink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: nginx
Date: Wed, 21 Sep 2022 21:55:11 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"2762-1630605988000"
Last-Modified: Thu, 02 Sep 2021 18:06:28 GMT
vary: accept-encoding
Content-Encoding: gzip
siteintercept.qualtrics.com/dxjsmodule/1.646b5a7aa96ac3ade1d5.chunk.js?Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web&Q_BRANDID=regions
104.17.209.240200 OK 7.8 kB URL HTTP/2 siteintercept.qualtrics.com/dxjsmodule/1.646b5a7aa96ac3ade1d5.chunk.js?Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web&Q_BRANDID=regions
IP 104.17.209.240:0
File type ASCII text, with very long lines (28783), with no line terminators
Hash 4a4b28fa1b889741fc189e48cad1dd28
bb36ddd78a9d35b660598f31445aab13fa304ea1
fa0302f0802dffc48e766270cc175dec0532285c9bb41358ff433919d2e6bc78
GET /dxjsmodule/1.646b5a7aa96ac3ade1d5.chunk.js?Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web&Q_BRANDID=regions HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:55:10 GMT
content-type: application/javascript
cf-ray: 74e60b297e9bb527-OSL
access-control-allow-origin: *
age: 158409
cache-control: public, max-age=604800, s-maxage=604800
etag: W/"7380-18333011708"
last-modified: Mon, 12 Sep 2022 18:40:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=29568
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5133329522420334916&expires=30
3.127.105.16200 OK 43 B URL HTTP/1.1 x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5133329522420334916&expires=30
IP 3.127.105.16:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?dsp_id=119&user_id=5133329522420334916&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20839218p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Wed, 21 Sep 2022 21:55:11 GMT
Content-Length: 43
Connection: keep-alive
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YyuIPwAAAKvQogOV
34.241.142.170200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YyuIPwAAAKvQogOV
IP 34.241.142.170:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YyuIPwAAAKvQogOV HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.regions.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v041-03ed4ee19.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: zcS9ReE5Q58=
Content-Length: 59
Connection: keep-alive
sjc1.qualtrics.com/WRQualtricsSiteIntercept/Graphic.php?IM=IM_3Rb1cZVNRo1x9BA
23.38.201.123200 OK 2.1 kB URL HTTP/2 sjc1.qualtrics.com/WRQualtricsSiteIntercept/Graphic.php?IM=IM_3Rb1cZVNRo1x9BA
IP 23.38.201.123:0
File type PNG image data, 40 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 8589c169002370f528326cb492232e81
af7b67df6f182becf3708eb1363858326009a3a0
0055a4ba915b2740205b0823e65ecb2ad2e367938e8cf1fe7010dff9e9c6aeb2
GET /WRQualtricsSiteIntercept/Graphic.php?IM=IM_3Rb1cZVNRo1x9BA HTTP/1.1
Host: sjc1.qualtrics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
x-request-id: ab9ecfcb-0b57-4196-aa71-c4cc6ad0fb29
x-transaction-id: 8131bec9-1965-40cd-ac3c-df3d56724670
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
permissions-policy: camera=(), geolocation=(), microphone=()
x-edgeconnect-midmile-rtt: 25
x-edgeconnect-origin-mex-latency: 175
etag: "8589c169002370f528326cb492232e81"
x-envoy-upstream-service-time: 17
server: envoy
content-disposition: inline; filename=Feedback+tab+-+dark+outline
content-length: 2098
content-type: image/png
x-robots-tag: noindex
cache-control: public, max-age=60
expires: Wed, 21 Sep 2022 21:56:11 GMT
date: Wed, 21 Sep 2022 21:55:11 GMT
content-security-policy-report-only: report-uri https://sjc1.qualtrics.com/csp-report
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
regionsbank.mpeasylink.com/mpel/mpel?href=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&ref=&lang=&country=undefined&curr=undefined®ion=undefined&osl=en-US
54.174.98.17200 641 B URL HTTP/1.1 regionsbank.mpeasylink.com/mpel/mpel?href=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&ref=&lang=&country=undefined&curr=undefined®ion=undefined&osl=en-US
IP 54.174.98.17:0
File type ASCII text, with very long lines (641), with no line terminators
Hash b3dd2edb5dfeee1a0529766c41957c67
447d5e8bf3cb4bf49aab01f12639afc933b8ff38
ef9ba31d511766efc2f207e993c8a1286ccddcf236fe5910ebbd70b38d324ecd
Analyzer Verdict Alert quad9 Sinkholed
GET /mpel/mpel?href=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&ref=&lang=&country=undefined&curr=undefined®ion=undefined&osl=en-US HTTP/1.1
Host: regionsbank.mpeasylink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: nginx
Date: Wed, 21 Sep 2022 21:55:11 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 641
Connection: keep-alive
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa OUR IND COM NAV INT STA"
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 44002a6e6b338defadbd7083ee955851
fb400534e6c640426b4562ab88a081221232084a
e6784eb9510065132bfdbfd2044636bd30ef64be60d0549f5884ed659f4f5adb
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:55:11 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 04:31:54 GMT
Expires: Tue, 27 Sep 2022 04:31:53 GMT
Etag: "fb400534e6c640426b4562ab88a081221232084a"
Cache-Control: max-age=455201,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74e60b2c6a9c0af6-OSL
siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_d6XJAZtXw3FDrIp&Version=9&Q_InterceptID=SI_9ZSfygjz9UlZlBP&Q_ORIGIN=https://www.regions.com&Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web
104.17.209.240200 OK 721 B URL HTTP/2 siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_d6XJAZtXw3FDrIp&Version=9&Q_InterceptID=SI_9ZSfygjz9UlZlBP&Q_ORIGIN=https://www.regions.com&Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web
IP 104.17.209.240:0
File type JSON data\012- , ASCII text, with very long lines (349), with no line terminators
Hash 5b1c80445e44920612868b8bdb8c567f
91268be9b5d214fbcf6dc3cc5d61bb0a09de9e44
43e818cc7affcf1f98cc8eba01c75543bff821182c767106db06751cf0804e28
GET /WRSiteInterceptEngine/Asset.php?Module=CR_d6XJAZtXw3FDrIp&Version=9&Q_InterceptID=SI_9ZSfygjz9UlZlBP&Q_ORIGIN=https://www.regions.com&Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.regions.com
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:55:11 GMT
content-type: application/json
cf-ray: 74e60b2a5fa9b527-OSL
access-control-allow-origin: *
age: 5068
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
expires: Sat, 18 Sep 2032 18:08:07 GMT
last-modified: Wed, 21 Sep 2022 18:08:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: false
edge-control: max-age=604800
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
servershortname:
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
regionsbank.mpeasylink.com/mpel/mpel_ssd.js
54.174.98.17200 1.3 kB URL HTTP/1.1 regionsbank.mpeasylink.com/mpel/mpel_ssd.js
IP 54.174.98.17:0
File type ASCII text, with very long lines (502)
Hash d2bb2d87021ee3565a99e3a9931bcde4
108222707532738b19ec38f7d76400a42b64c638
88020687f4c733cb981045c3a507745f234a477ad13caf8c17192344c649f480
Analyzer Verdict Alert quad9 Sinkholed
GET /mpel/mpel_ssd.js HTTP/1.1
Host: regionsbank.mpeasylink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: nginx
Date: Wed, 21 Sep 2022 21:55:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"3276-1630605988000"
Last-Modified: Thu, 02 Sep 2021 18:06:28 GMT
Cache-Control: max-age=86400
Expires: Thu, 22 Sep 2022 21:55:11 GMT
vary: accept-encoding
Content-Encoding: gzip
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 44002a6e6b338defadbd7083ee955851
fb400534e6c640426b4562ab88a081221232084a
e6784eb9510065132bfdbfd2044636bd30ef64be60d0549f5884ed659f4f5adb
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:55:11 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 04:31:54 GMT
Expires: Tue, 27 Sep 2022 04:31:53 GMT
Etag: "fb400534e6c640426b4562ab88a081221232084a"
Cache-Control: max-age=455201,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74e60b2c7f47b4f7-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 44002a6e6b338defadbd7083ee955851
fb400534e6c640426b4562ab88a081221232084a
e6784eb9510065132bfdbfd2044636bd30ef64be60d0549f5884ed659f4f5adb
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:55:11 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 04:31:54 GMT
Expires: Tue, 27 Sep 2022 04:31:53 GMT
Etag: "fb400534e6c640426b4562ab88a081221232084a"
Cache-Control: max-age=455201,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74e60b2c88e2fabc-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 44002a6e6b338defadbd7083ee955851
fb400534e6c640426b4562ab88a081221232084a
e6784eb9510065132bfdbfd2044636bd30ef64be60d0549f5884ed659f4f5adb
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:55:11 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 04:31:54 GMT
Expires: Tue, 27 Sep 2022 04:31:53 GMT
Etag: "fb400534e6c640426b4562ab88a081221232084a"
Cache-Control: max-age=455201,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74e60b2c89aab50f-OSL
regionsbank.mpeasylink.com/mpel/mpel_storage.html?cmd=storePref&href=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&siteurl=www.regions.com&lang=en&country=®ion=&sitelist=www.regions.com,regions.com,www.regionstest.com;espanol.regions.com¤cy=&nonMP=false&mode=&uuid=
54.174.98.17200 1.2 kB URL HTTP/1.1 regionsbank.mpeasylink.com/mpel/mpel_storage.html?cmd=storePref&href=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&siteurl=www.regions.com&lang=en&country=®ion=&sitelist=www.regions.com,regions.com,www.regionstest.com;espanol.regions.com¤cy=&nonMP=false&mode=&uuid=
IP 54.174.98.17:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (650)
Hash 4e15b50697a74d423a6d9933b24a00a3
56185b17a5a18f75c8269f522a6f6e65dfd5a0f2
daccffddc4a2db0ebc4a2461a23cd60cabf64c5f60c9c099fc157ba2278f9dc7
Analyzer Verdict Alert quad9 Sinkholed
GET /mpel/mpel_storage.html?cmd=storePref&href=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&siteurl=www.regions.com&lang=en&country=®ion=&sitelist=www.regions.com,regions.com,www.regionstest.com;espanol.regions.com¤cy=&nonMP=false&mode=&uuid= HTTP/1.1
Host: regionsbank.mpeasylink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: nginx
Date: Wed, 21 Sep 2022 21:55:11 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"2762-1630605988000"
Last-Modified: Thu, 02 Sep 2021 18:06:28 GMT
vary: accept-encoding
Content-Encoding: gzip
siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_d6XJAZtXw3FDrIp&Q_SIID=SI_9ZSfygjz9UlZlBP&Q_ASID=AS_41676732&Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web&r=1663797310925
104.17.209.240200 OK 30 kB URL HTTP/2 siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_d6XJAZtXw3FDrIp&Q_SIID=SI_9ZSfygjz9UlZlBP&Q_ASID=AS_41676732&Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web&r=1663797310925
IP 104.17.209.240:0
File type ASCII text, with no line terminators
Hash de47e4ccbaca813c017a66c1fcbba162
d3921008bfaf37ef9c9fbd76693382ffd16cab01
9cad6ca1b7d8425bff2b41e6c1de4847f67f8ab20e9b37730a462c6351f28ad1
POST /WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_d6XJAZtXw3FDrIp&Q_SIID=SI_9ZSfygjz9UlZlBP&Q_ASID=AS_41676732&Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web&r=1663797310925 HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 82
Origin: https://www.regions.com
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:55:11 GMT
content-type: text/plain; charset=UTF-8
cf-ray: 74e60b2b3887b527-OSL
access-control-allow-origin: https://www.regions.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
trace-id: 638b354589d4ba62
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_unified_window/10.20.1.9-release_5536/ui-framework.js?version=10.20.1.9-release_5536
178.249.97.98200 OK 14 kB URL HTTP/2 lpcdn.lpsnmedia.net/le_unified_window/10.20.1.9-release_5536/ui-framework.js?version=10.20.1.9-release_5536
IP 178.249.97.98:0
File type ASCII text, with very long lines (32037)
Hash 2227f12c62af918f54f8177f35f15786
ccf122ef356f2d2a163481a9c5a62af70056643e
55b8b24db5f79fc9947a714210021d4a21b53617d87fb14226c6ea45ce1b3a62
GET /le_unified_window/10.20.1.9-release_5536/ui-framework.js?version=10.20.1.9-release_5536 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:55:11 GMT
content-type: application/javascript
last-modified: Wed, 31 Aug 2022 14:50:35 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Thu, 21 Sep 2023 21:55:11 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
accdn.lpsnmedia.net/api/account/60208595/configuration/setting/accountproperties/?cb=accountSettingsCB
178.249.101.99200 OK 303 kB URL HTTP/2 accdn.lpsnmedia.net/api/account/60208595/configuration/setting/accountproperties/?cb=accountSettingsCB
IP 178.249.101.99:0
File type ASCII text, with very long lines (38378)
Size 303 kB (303383 bytes)
Hash d9a9aeee9468da2d671bfac6c0ad89cb
9259e65177e475e7539905cdd783df36ab13bcab
b34abdb550134d083d9f236926a442e054eaf343190f32e2acb687658301a2cc
GET /api/account/60208595/configuration/setting/accountproperties/?cb=accountSettingsCB HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:55:11 GMT
content-type: application/javascript
set-cookie: ADRUM_BTa=R:24|g:65ba0e19-a35b-425e-b36b-8534c4caf732; Max-Age=30; Expires=Wed, 21-Sep-2022 21:55:41 GMT; Path=/
ADRUM_BTa=R:24|g:65ba0e19-a35b-425e-b36b-8534c4caf732|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Wed, 21-Sep-2022 21:55:41 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Wed, 21-Sep-2022 21:55:41 GMT; Path=/; Secure
ADRUM_BT1=R:24|i:2241585; Max-Age=30; Expires=Wed, 21-Sep-2022 21:55:41 GMT; Path=/
ADRUM_BT1=R:24|i:2241585|e:7; Max-Age=30; Expires=Wed, 21-Sep-2022 21:55:41 GMT; Path=/
vary: Accept
expires: Wed, 21 Sep 2022 21:56:11 GMT
x-envoy-upstream-service-time: 3
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: EXPIRED
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_secure_storage/3.18.0.0-release_5078/storage.secure.min.js?loc=https%3A%2F%2Fwww.regions.com&site=60208595&force=1&env=prod
178.249.97.98200 OK 15 kB URL HTTP/2 lpcdn.lpsnmedia.net/le_secure_storage/3.18.0.0-release_5078/storage.secure.min.js?loc=https%3A%2F%2Fwww.regions.com&site=60208595&force=1&env=prod
IP 178.249.97.98:0
Hash d69ad4583d1fd8b8a5d7b88b8b539473
e51b988f05b40be57378715dbd2d46120a81f32b
6640db4cc1885befb1b9f680396d7545e5ba53807a5f9a67ad6f264cd2585f58
GET /le_secure_storage/3.18.0.0-release_5078/storage.secure.min.js?loc=https%3A%2F%2Fwww.regions.com&site=60208595&force=1&env=prod HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:55:11 GMT
content-type: application/javascript
last-modified: Mon, 08 Aug 2022 03:15:58 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Thu, 21 Sep 2023 21:55:11 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
va.v.liveperson.net/api/js/60208595?&cb=lpCb18529x63326&t=sp&ts=1663797311098&pid=7053221020&tid=5979269819&pt=Atlanta%20Mortgage%20Lender%20%7C%20Sam%20Pittman%20%7C%20Regions&u=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&df=0&os=2&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
208.89.12.87200 OK 399 B URL HTTP/2 va.v.liveperson.net/api/js/60208595?&cb=lpCb18529x63326&t=sp&ts=1663797311098&pid=7053221020&tid=5979269819&pt=Atlanta%20Mortgage%20Lender%20%7C%20Sam%20Pittman%20%7C%20Regions&u=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&df=0&os=2&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
IP 208.89.12.87:0
File type ASCII text, with very long lines (391), with no line terminators
Hash da2aa5e4b632569d7a9d899e6f26695c
d69b79efceeacb73bacaa22d9bff6941479205b5
c242be0b49296699a3012b1b4285d0d47fb2a18ea403e272c51666de371d7b9f
GET /api/js/60208595?&cb=lpCb18529x63326&t=sp&ts=1663797311098&pid=7053221020&tid=5979269819&pt=Atlanta%20Mortgage%20Lender%20%7C%20Sam%20Pittman%20%7C%20Regions&u=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&df=0&os=2&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D HTTP/1.1
Host: va.v.liveperson.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:55:12 GMT
content-type: application/javascript
set-cookie: LPVisitorID=g4MjcxNTMyN2FmMzQ0MWQy; Expires=Thu, 21-Sep-2023 21:55:12 GMT; Path=/; HttpOnly
LPSessionID=wmzLxQo9TXK91Vb8g539Rg; Path=/api/js/60208595; HttpOnly
cache-control: no-store
server: ws
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=4&c=1202&i=4gy7wg&p=regions-prod&s=15693&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTcUAPAmY2xpZW50SWQiOjEyMDIsInB1Ymxpc2hQYXRoIjoicmVnaW9ucy1wcm9kIiwiaW5zdGFuY2UvAPE0IjRneTd3ZyIsInBhY2tldCI6MSwibW9kZSI6Im9ic2VydmUiLCJjb29raWVzIjp7fSwiZW52aXJvbm1lbnQiOiJSZVwAIiBQXADyBnJlcXVlc3RzIjpbeyJkZXN0aW5hdMAA8hFodHRwczovL2V2ZW50cy5hcGkuYm9vbXRyYWluLmNvbRkAwC90cmFjayIsInR5cIUAoHhociIsInN0YXKcAMA2NjM3OTczMTAxMDSKAADxAAoUAFBzb3VyYzkAslhIUl9NQU5BR0VSQQDAdHVzIjoiYWxsb3dlBwFgcmVhc29uqgDUXSwiZGF0YVBhdHRlchIAtGxpc3QiOltdLCJpZgCvMjY3MTgyMjl9LNwATB813AAAPzUsItwATy8zMNwAByFidJsBAqsBUG5nYWdlAwICtgHzED9pbnB1dD0lN0IlMjJnbG9iYWxJZCUyMiUzQSUyMjABABAtCAALBQAAEwBAMDA0Mi0A1zJDJTIyY3JlYXRpdmVAAAUcAEFwbGFjdgAPHQABKWdvdQBVNDQ5MTE6ADBzZXNHAwc4APUVZmMwNDAyYmUtZGM4NC00MDliLWExYTktMDcwMzBmOTEzYjI4PwBycGFyZW50UFYDJ2VyRwAGIwAPHQAJP3NpdNEAAm9jb21tb25PAAGQaGVhcnRiZWF0YQBBM0ExJR0BMnVybBAAMSUyMlADAWEBg0YlMkZ3d3cu6AMAogHwASUyRmxvY2F0b3IlMkZtbG8GADBvcnS2AfASLWxvYW4tb2ZmaWNlci1zYW0tcGl0dG1hbi1hdGxhbnRhYgABbgCwZmluZ2VycHJpbnQUAAHMAQAJAAwdAIBQcm92aWRlchwABSUALzdExQMPHzHFAwAAFAAP6QJInzk1NTcxOTA2MekC____CuFnZXRwaXhlbHM_Z2lkPUgFD8sDEA-0BgAfMbQGS582OTIwNzU4MTXLAx4P4gDPMmpzPxAHAsABUyZjYj0xKQlWMDk1OTjRAWJzY3JpcHQjCQhkCV4wOTYwMIgIJzE2iAgxbXV03gkSTyoKMnJDTEgAAmsJP2xvYWgJIZ81OTQyMjgzOTKjBQjyA2luc2lnaHQuYWRzcnZyLm9yZzgK_wUvdXA_YWR2PXBra2p5YWwmcmVmPSgHRvEGJnVwaWQ9eHp4bnkyOCZ1cHY9MS4xowsDvApQaWZyYW1ACw6_Ch8zLwMAABQABfoG-AhIVE1MSUZSQU1FX1NFVEFUVFJJQlVURWABD8sKJ58yMDQ1MzY1NDDLCggPYwENf3U0bHJ4b2RjAVF_M2U3a3pqNWMBHR42vgIYM74CD2MBS583NTM4MzU3NzKeBAfyMmRwbS5kZW1kZXgubmV0L2lkP2RfdmlzaWRfdmVyPTQuNC4wJmRfZmllbGRncm91cD1BQU0mZF9ydGJkPWpzb24mKQBgMiZkX29yrAXwHERCOTYzOTcyNUJEMkZDNUIwQTQ5NUM2NSU0MEFkb2JlT3JnJmRfbnNpZD1aAPUebWlkPTg0ODAzNjA4MDY1OTM1NDcwNTMwMTM2MDU3MzA4ODQ1NDc0NTQ0JnRzQARWMTAxODNABA-hDQUuODN_AQAUAAXiAg-hDT-fODY5NTEyODY2cwH_e_QDem4ydGJueHpzeXN5NnplZjctqAwAFg3wBGludGVyY2VwdC5xdWFsdHJpY3PADEAvV1JTNA0EHgDwAkVuZ2luZS8_UV9aSUQ9Wk5fVAD_A1hac1lTWTZaZUY3JlFfTE9DPewFRxh0AAMmMzIAAw9ABwVdMTAxMzIDAzcyMjJAB6BhcHBlbmRDaGlsKQc_c3RhOQcrjzQ2NDkxNjcyxQ8ID40B6A6QBAqNAQ_NCEMElAEPzQgIC7sP_wsvLS9tZWRpYS9qcy9tcF9saW5rY29kZS5qc3UCEgBhAiRlbrMSAS0TNzI2N3UCs2luc2VydEJlZm9ynAgPdgIqrzQyMjI2MDAyNDR2BQcP4gA8HjdXAwniAA_KAUIF6AAfOegABw_RBB_QVGFyZ2V0aW5nLnBocN4EP29uZeEEBfIIQ0xJRU5UVkVSU0lPTj0xLjc3LjAmUV8XAIZUWVBFPXdlYiQCD5kHBBAyhQcMIQInODQhAg-ZBz6vNDU3MDY5MjMyODsBrQ62Cy8yOOUOSgQ7AQ-ZFQkPdgIJ9B1keGpzbW9kdWxlLzExLjZkNzc0YTZhNjQyYzdjYjkxNDM1LmNodW5rLmpzP0sCD2ICDLsmUV9CUkFORElEPdgDBnwCDxUHBz4yMTi-AwlEAQ8VBzufMzk2MzA4Mjg5gQUID0EBmx4ylg8KhQIPQQFEHzO9AyMPggJ_LzIxggIMD0AGQgWJAg8oByNBb29fZQQLDwgIFg7wCDczMDPnBQ8ICDyfMzY1ODU4ODAyKAIICzAECOoID-AAHw4GCArgAA_GAUME5gAfNw4DBwDmAKFjbG91ZGZsYXJlzgxxY2RuLWNnaaUSAHUJAyESD6MHBC8zNbwBAAAUAA88D0cAdRM_NDI0TRUKD9gAxQSPDgeLEQC6HnM1Lmh0bWw_MBGvdW5kZWZpbmVkI2QOCgYDBw_9EwcuMzYYDgEUAAXfAQI8AOFfRE9NQXR0ck1vZGlmabQeBSMOD_wTKX84MTY5OTI5Jg4I4WNtLmV2ZXJlc3R0ZWNonRJAY20vZKAS8Ax1dWlkPTkwNjA2NzQxNTA0NjU2MzcxODQwNzHtEsc3MTM4MTUzOTI5MjUMARBtYiANBhUB9QALiwoBFAAGCQEvbWcGAUOfMzg2NjYwNTEwnxMIDwIVDQ9lFqEoNDCvCgwjBRhBXxYPvxckD1wWMQ9aAY4eNQkMCloBD4QJOwRUAQ97IgkPrgKuHjWwFwpUAQyuAg9uGjIEWwEPYQ0JD1sBDQ8LGaEoNDALGQxbAQ8JBDIPAhkQD1oBrh41hgoKWgEPCQQ8A1QBHzllCwgPVAGvHTmgDQpUAQyuAg8JBDMEWwEPTyAIAAILgWZhY2Vib29r2As2dHIv5giic2VuZEJlYWNvbkcHCE4fPzEwNLgPABA0iw4F7QivU0VOREJFQUNPTrkoO581MDcxMTgzMTi6FAkibWV8GQQNCwCRKVNiL3NzLxEAQGJhbmtAKvNuLzEwL0pTLTIuMjIuMy9zNTY1OTY2OTA5NjMzNzI_QVFCPTEmbmRoPTEmcGY9MSZjYWxsYmFjaz1zX2NfaWxbMF0uZG9Qb3N0YmFja3MmZXQ9MSZ0PTIxJTJGOCUyRjIwMjIlMjAyMSUzQTU1JTNBMTAlMjAzJTIwMCZkLia6HAD8HH92PTEmLmQmwxwY8wVhYW1saD02JmNlPVVURi04Jm5zPd0A9AcmY2RwPTImcGFnZU5hbWU9cmRjJTdDQSczN0NtOycwJTIwPSczJTIwPyeTJTIwc2FtJTIwQyczJTIwRScvJmeNGkhwYy4mYXBsPSAe8AZnZXRQcmV2aW91c1ZhbHVlPTMuMCYVAABWG_AFbnRQYWdlVmlld2VkPTUuMCZtYW4RADFhcnMoANMuYyZjYz1VU0QmY2g97wARJvUrHHLcExImtysRPQcA8DQxJmFhbWI9ajhPZHY2TG9uTjRyM2FuN0xoRDNXWnJVMWJVcEFrRmtraVkxbmNCUjk2dDJQVEkmYzE9RCUzRHYxJnYxZAElJmgRACJjMhsAojImdjI9bWxvJmgRAFFjaCZjMxsABJ0BKyZ2EAA_aDM9oAEhIWM0VwA0ZyZ2CQAhYzYSALJ2NiZ2Nj1lbiZjNxAAwDcmdjc9ZGVza3RvcAIC8gRheW91dCU3QzEyODB4OTM5JmM4KQBCOCZjOQoAzzkmdjk9JTdDJnYxMAgCSCJ2MSYB8gVtaWQmdjE4PWFub255bW91cyZjMYoABTYBImMyNwGAdjEwJnY2OD2_A1IuMiU3Q8oDMSU3Q3AgABEAsjAyMjA4MDEmYzc1zgBRNjgmcz3uAPELMTAyNCZjPTI0Jmo9MS42JnY9TiZrPVkmYncgAEAmYmg9EQEvbWOQIBdXQVFFPTFFBQ-PJAQQMaYgDhgGHzfSEkifNTMwMjA3OTUyshMIH3M4Bf____-VD60QAAk4BQ9QC0IFPgUPdgoIA38JCAUnD3oVXjc2NzgVGQ-vDTwfMGwVDw8EAV8ODwIKBAEPDwJCFDILAQ-6DgjxAWxwdGFnLmxpdmVwZXJzb255FkB0YWcvFwAwanM_qB2HPTYwMjA4NTleFg9tHgcuMTRhMhk3li4P8AE7nzE5Mzc0NTk2MzIICA_lAEAO0QEK5QAP0QFCBewADzAPCACxAQ_hJwUHGB5RQ29yZU2lIA-HICMDQwMPRQoREDb5BAtzGC83NAIESI81MDkwNTc4NgYFCA8mAYEPOAMADyYBUB83lBoIDyYBgQ95AwAJJgEMeQMPVxUyA1ICHzfRIi8PeANaDt4XCngDDCwBD9UTM8A1MDkwNTc4NzJ9XX0
63.34.68.24204 No Content 0 B URL HTTP/2 data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=4&c=1202&i=4gy7wg&p=regions-prod&s=15693&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTcUAPAmY2xpZW50SWQiOjEyMDIsInB1Ymxpc2hQYXRoIjoicmVnaW9ucy1wcm9kIiwiaW5zdGFuY2UvAPE0IjRneTd3ZyIsInBhY2tldCI6MSwibW9kZSI6Im9ic2VydmUiLCJjb29raWVzIjp7fSwiZW52aXJvbm1lbnQiOiJSZVwAIiBQXADyBnJlcXVlc3RzIjpbeyJkZXN0aW5hdMAA8hFodHRwczovL2V2ZW50cy5hcGkuYm9vbXRyYWluLmNvbRkAwC90cmFjayIsInR5cIUAoHhociIsInN0YXKcAMA2NjM3OTczMTAxMDSKAADxAAoUAFBzb3VyYzkAslhIUl9NQU5BR0VSQQDAdHVzIjoiYWxsb3dlBwFgcmVhc29uqgDUXSwiZGF0YVBhdHRlchIAtGxpc3QiOltdLCJpZgCvMjY3MTgyMjl9LNwATB813AAAPzUsItwATy8zMNwAByFidJsBAqsBUG5nYWdlAwICtgHzED9pbnB1dD0lN0IlMjJnbG9iYWxJZCUyMiUzQSUyMjABABAtCAALBQAAEwBAMDA0Mi0A1zJDJTIyY3JlYXRpdmVAAAUcAEFwbGFjdgAPHQABKWdvdQBVNDQ5MTE6ADBzZXNHAwc4APUVZmMwNDAyYmUtZGM4NC00MDliLWExYTktMDcwMzBmOTEzYjI4PwBycGFyZW50UFYDJ2VyRwAGIwAPHQAJP3NpdNEAAm9jb21tb25PAAGQaGVhcnRiZWF0YQBBM0ExJR0BMnVybBAAMSUyMlADAWEBg0YlMkZ3d3cu6AMAogHwASUyRmxvY2F0b3IlMkZtbG8GADBvcnS2AfASLWxvYW4tb2ZmaWNlci1zYW0tcGl0dG1hbi1hdGxhbnRhYgABbgCwZmluZ2VycHJpbnQUAAHMAQAJAAwdAIBQcm92aWRlchwABSUALzdExQMPHzHFAwAAFAAP6QJInzk1NTcxOTA2MekC____CuFnZXRwaXhlbHM_Z2lkPUgFD8sDEA-0BgAfMbQGS582OTIwNzU4MTXLAx4P4gDPMmpzPxAHAsABUyZjYj0xKQlWMDk1OTjRAWJzY3JpcHQjCQhkCV4wOTYwMIgIJzE2iAgxbXV03gkSTyoKMnJDTEgAAmsJP2xvYWgJIZ81OTQyMjgzOTKjBQjyA2luc2lnaHQuYWRzcnZyLm9yZzgK_wUvdXA_YWR2PXBra2p5YWwmcmVmPSgHRvEGJnVwaWQ9eHp4bnkyOCZ1cHY9MS4xowsDvApQaWZyYW1ACw6_Ch8zLwMAABQABfoG-AhIVE1MSUZSQU1FX1NFVEFUVFJJQlVURWABD8sKJ58yMDQ1MzY1NDDLCggPYwENf3U0bHJ4b2RjAVF_M2U3a3pqNWMBHR42vgIYM74CD2MBS583NTM4MzU3NzKeBAfyMmRwbS5kZW1kZXgubmV0L2lkP2RfdmlzaWRfdmVyPTQuNC4wJmRfZmllbGRncm91cD1BQU0mZF9ydGJkPWpzb24mKQBgMiZkX29yrAXwHERCOTYzOTcyNUJEMkZDNUIwQTQ5NUM2NSU0MEFkb2JlT3JnJmRfbnNpZD1aAPUebWlkPTg0ODAzNjA4MDY1OTM1NDcwNTMwMTM2MDU3MzA4ODQ1NDc0NTQ0JnRzQARWMTAxODNABA-hDQUuODN_AQAUAAXiAg-hDT-fODY5NTEyODY2cwH_e_QDem4ydGJueHpzeXN5NnplZjctqAwAFg3wBGludGVyY2VwdC5xdWFsdHJpY3PADEAvV1JTNA0EHgDwAkVuZ2luZS8_UV9aSUQ9Wk5fVAD_A1hac1lTWTZaZUY3JlFfTE9DPewFRxh0AAMmMzIAAw9ABwVdMTAxMzIDAzcyMjJAB6BhcHBlbmRDaGlsKQc_c3RhOQcrjzQ2NDkxNjcyxQ8ID40B6A6QBAqNAQ_NCEMElAEPzQgIC7sP_wsvLS9tZWRpYS9qcy9tcF9saW5rY29kZS5qc3UCEgBhAiRlbrMSAS0TNzI2N3UCs2luc2VydEJlZm9ynAgPdgIqrzQyMjI2MDAyNDR2BQcP4gA8HjdXAwniAA_KAUIF6AAfOegABw_RBB_QVGFyZ2V0aW5nLnBocN4EP29uZeEEBfIIQ0xJRU5UVkVSU0lPTj0xLjc3LjAmUV8XAIZUWVBFPXdlYiQCD5kHBBAyhQcMIQInODQhAg-ZBz6vNDU3MDY5MjMyODsBrQ62Cy8yOOUOSgQ7AQ-ZFQkPdgIJ9B1keGpzbW9kdWxlLzExLjZkNzc0YTZhNjQyYzdjYjkxNDM1LmNodW5rLmpzP0sCD2ICDLsmUV9CUkFORElEPdgDBnwCDxUHBz4yMTi-AwlEAQ8VBzufMzk2MzA4Mjg5gQUID0EBmx4ylg8KhQIPQQFEHzO9AyMPggJ_LzIxggIMD0AGQgWJAg8oByNBb29fZQQLDwgIFg7wCDczMDPnBQ8ICDyfMzY1ODU4ODAyKAIICzAECOoID-AAHw4GCArgAA_GAUME5gAfNw4DBwDmAKFjbG91ZGZsYXJlzgxxY2RuLWNnaaUSAHUJAyESD6MHBC8zNbwBAAAUAA88D0cAdRM_NDI0TRUKD9gAxQSPDgeLEQC6HnM1Lmh0bWw_MBGvdW5kZWZpbmVkI2QOCgYDBw_9EwcuMzYYDgEUAAXfAQI8AOFfRE9NQXR0ck1vZGlmabQeBSMOD_wTKX84MTY5OTI5Jg4I4WNtLmV2ZXJlc3R0ZWNonRJAY20vZKAS8Ax1dWlkPTkwNjA2NzQxNTA0NjU2MzcxODQwNzHtEsc3MTM4MTUzOTI5MjUMARBtYiANBhUB9QALiwoBFAAGCQEvbWcGAUOfMzg2NjYwNTEwnxMIDwIVDQ9lFqEoNDCvCgwjBRhBXxYPvxckD1wWMQ9aAY4eNQkMCloBD4QJOwRUAQ97IgkPrgKuHjWwFwpUAQyuAg9uGjIEWwEPYQ0JD1sBDQ8LGaEoNDALGQxbAQ8JBDIPAhkQD1oBrh41hgoKWgEPCQQ8A1QBHzllCwgPVAGvHTmgDQpUAQyuAg8JBDMEWwEPTyAIAAILgWZhY2Vib29r2As2dHIv5giic2VuZEJlYWNvbkcHCE4fPzEwNLgPABA0iw4F7QivU0VOREJFQUNPTrkoO581MDcxMTgzMTi6FAkibWV8GQQNCwCRKVNiL3NzLxEAQGJhbmtAKvNuLzEwL0pTLTIuMjIuMy9zNTY1OTY2OTA5NjMzNzI_QVFCPTEmbmRoPTEmcGY9MSZjYWxsYmFjaz1zX2NfaWxbMF0uZG9Qb3N0YmFja3MmZXQ9MSZ0PTIxJTJGOCUyRjIwMjIlMjAyMSUzQTU1JTNBMTAlMjAzJTIwMCZkLia6HAD8HH92PTEmLmQmwxwY8wVhYW1saD02JmNlPVVURi04Jm5zPd0A9AcmY2RwPTImcGFnZU5hbWU9cmRjJTdDQSczN0NtOycwJTIwPSczJTIwPyeTJTIwc2FtJTIwQyczJTIwRScvJmeNGkhwYy4mYXBsPSAe8AZnZXRQcmV2aW91c1ZhbHVlPTMuMCYVAABWG_AFbnRQYWdlVmlld2VkPTUuMCZtYW4RADFhcnMoANMuYyZjYz1VU0QmY2g97wARJvUrHHLcExImtysRPQcA8DQxJmFhbWI9ajhPZHY2TG9uTjRyM2FuN0xoRDNXWnJVMWJVcEFrRmtraVkxbmNCUjk2dDJQVEkmYzE9RCUzRHYxJnYxZAElJmgRACJjMhsAojImdjI9bWxvJmgRAFFjaCZjMxsABJ0BKyZ2EAA_aDM9oAEhIWM0VwA0ZyZ2CQAhYzYSALJ2NiZ2Nj1lbiZjNxAAwDcmdjc9ZGVza3RvcAIC8gRheW91dCU3QzEyODB4OTM5JmM4KQBCOCZjOQoAzzkmdjk9JTdDJnYxMAgCSCJ2MSYB8gVtaWQmdjE4PWFub255bW91cyZjMYoABTYBImMyNwGAdjEwJnY2OD2_A1IuMiU3Q8oDMSU3Q3AgABEAsjAyMjA4MDEmYzc1zgBRNjgmcz3uAPELMTAyNCZjPTI0Jmo9MS42JnY9TiZrPVkmYncgAEAmYmg9EQEvbWOQIBdXQVFFPTFFBQ-PJAQQMaYgDhgGHzfSEkifNTMwMjA3OTUyshMIH3M4Bf____-VD60QAAk4BQ9QC0IFPgUPdgoIA38JCAUnD3oVXjc2NzgVGQ-vDTwfMGwVDw8EAV8ODwIKBAEPDwJCFDILAQ-6DgjxAWxwdGFnLmxpdmVwZXJzb255FkB0YWcvFwAwanM_qB2HPTYwMjA4NTleFg9tHgcuMTRhMhk3li4P8AE7nzE5Mzc0NTk2MzIICA_lAEAO0QEK5QAP0QFCBewADzAPCACxAQ_hJwUHGB5RQ29yZU2lIA-HICMDQwMPRQoREDb5BAtzGC83NAIESI81MDkwNTc4NgYFCA8mAYEPOAMADyYBUB83lBoIDyYBgQ95AwAJJgEMeQMPVxUyA1ICHzfRIi8PeANaDt4XCngDDCwBD9UTM8A1MDkwNTc4NzJ9XX0
IP 63.34.68.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /privacy/v1/b/r.rnc?n=4&c=1202&i=4gy7wg&p=regions-prod&s=15693&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTcUAPAmY2xpZW50SWQiOjEyMDIsInB1Ymxpc2hQYXRoIjoicmVnaW9ucy1wcm9kIiwiaW5zdGFuY2UvAPE0IjRneTd3ZyIsInBhY2tldCI6MSwibW9kZSI6Im9ic2VydmUiLCJjb29raWVzIjp7fSwiZW52aXJvbm1lbnQiOiJSZVwAIiBQXADyBnJlcXVlc3RzIjpbeyJkZXN0aW5hdMAA8hFodHRwczovL2V2ZW50cy5hcGkuYm9vbXRyYWluLmNvbRkAwC90cmFjayIsInR5cIUAoHhociIsInN0YXKcAMA2NjM3OTczMTAxMDSKAADxAAoUAFBzb3VyYzkAslhIUl9NQU5BR0VSQQDAdHVzIjoiYWxsb3dlBwFgcmVhc29uqgDUXSwiZGF0YVBhdHRlchIAtGxpc3QiOltdLCJpZgCvMjY3MTgyMjl9LNwATB813AAAPzUsItwATy8zMNwAByFidJsBAqsBUG5nYWdlAwICtgHzED9pbnB1dD0lN0IlMjJnbG9iYWxJZCUyMiUzQSUyMjABABAtCAALBQAAEwBAMDA0Mi0A1zJDJTIyY3JlYXRpdmVAAAUcAEFwbGFjdgAPHQABKWdvdQBVNDQ5MTE6ADBzZXNHAwc4APUVZmMwNDAyYmUtZGM4NC00MDliLWExYTktMDcwMzBmOTEzYjI4PwBycGFyZW50UFYDJ2VyRwAGIwAPHQAJP3NpdNEAAm9jb21tb25PAAGQaGVhcnRiZWF0YQBBM0ExJR0BMnVybBAAMSUyMlADAWEBg0YlMkZ3d3cu6AMAogHwASUyRmxvY2F0b3IlMkZtbG8GADBvcnS2AfASLWxvYW4tb2ZmaWNlci1zYW0tcGl0dG1hbi1hdGxhbnRhYgABbgCwZmluZ2VycHJpbnQUAAHMAQAJAAwdAIBQcm92aWRlchwABSUALzdExQMPHzHFAwAAFAAP6QJInzk1NTcxOTA2MekC____CuFnZXRwaXhlbHM_Z2lkPUgFD8sDEA-0BgAfMbQGS582OTIwNzU4MTXLAx4P4gDPMmpzPxAHAsABUyZjYj0xKQlWMDk1OTjRAWJzY3JpcHQjCQhkCV4wOTYwMIgIJzE2iAgxbXV03gkSTyoKMnJDTEgAAmsJP2xvYWgJIZ81OTQyMjgzOTKjBQjyA2luc2lnaHQuYWRzcnZyLm9yZzgK_wUvdXA_YWR2PXBra2p5YWwmcmVmPSgHRvEGJnVwaWQ9eHp4bnkyOCZ1cHY9MS4xowsDvApQaWZyYW1ACw6_Ch8zLwMAABQABfoG-AhIVE1MSUZSQU1FX1NFVEFUVFJJQlVURWABD8sKJ58yMDQ1MzY1NDDLCggPYwENf3U0bHJ4b2RjAVF_M2U3a3pqNWMBHR42vgIYM74CD2MBS583NTM4MzU3NzKeBAfyMmRwbS5kZW1kZXgubmV0L2lkP2RfdmlzaWRfdmVyPTQuNC4wJmRfZmllbGRncm91cD1BQU0mZF9ydGJkPWpzb24mKQBgMiZkX29yrAXwHERCOTYzOTcyNUJEMkZDNUIwQTQ5NUM2NSU0MEFkb2JlT3JnJmRfbnNpZD1aAPUebWlkPTg0ODAzNjA4MDY1OTM1NDcwNTMwMTM2MDU3MzA4ODQ1NDc0NTQ0JnRzQARWMTAxODNABA-hDQUuODN_AQAUAAXiAg-hDT-fODY5NTEyODY2cwH_e_QDem4ydGJueHpzeXN5NnplZjctqAwAFg3wBGludGVyY2VwdC5xdWFsdHJpY3PADEAvV1JTNA0EHgDwAkVuZ2luZS8_UV9aSUQ9Wk5fVAD_A1hac1lTWTZaZUY3JlFfTE9DPewFRxh0AAMmMzIAAw9ABwVdMTAxMzIDAzcyMjJAB6BhcHBlbmRDaGlsKQc_c3RhOQcrjzQ2NDkxNjcyxQ8ID40B6A6QBAqNAQ_NCEMElAEPzQgIC7sP_wsvLS9tZWRpYS9qcy9tcF9saW5rY29kZS5qc3UCEgBhAiRlbrMSAS0TNzI2N3UCs2luc2VydEJlZm9ynAgPdgIqrzQyMjI2MDAyNDR2BQcP4gA8HjdXAwniAA_KAUIF6AAfOegABw_RBB_QVGFyZ2V0aW5nLnBocN4EP29uZeEEBfIIQ0xJRU5UVkVSU0lPTj0xLjc3LjAmUV8XAIZUWVBFPXdlYiQCD5kHBBAyhQcMIQInODQhAg-ZBz6vNDU3MDY5MjMyODsBrQ62Cy8yOOUOSgQ7AQ-ZFQkPdgIJ9B1keGpzbW9kdWxlLzExLjZkNzc0YTZhNjQyYzdjYjkxNDM1LmNodW5rLmpzP0sCD2ICDLsmUV9CUkFORElEPdgDBnwCDxUHBz4yMTi-AwlEAQ8VBzufMzk2MzA4Mjg5gQUID0EBmx4ylg8KhQIPQQFEHzO9AyMPggJ_LzIxggIMD0AGQgWJAg8oByNBb29fZQQLDwgIFg7wCDczMDPnBQ8ICDyfMzY1ODU4ODAyKAIICzAECOoID-AAHw4GCArgAA_GAUME5gAfNw4DBwDmAKFjbG91ZGZsYXJlzgxxY2RuLWNnaaUSAHUJAyESD6MHBC8zNbwBAAAUAA88D0cAdRM_NDI0TRUKD9gAxQSPDgeLEQC6HnM1Lmh0bWw_MBGvdW5kZWZpbmVkI2QOCgYDBw_9EwcuMzYYDgEUAAXfAQI8AOFfRE9NQXR0ck1vZGlmabQeBSMOD_wTKX84MTY5OTI5Jg4I4WNtLmV2ZXJlc3R0ZWNonRJAY20vZKAS8Ax1dWlkPTkwNjA2NzQxNTA0NjU2MzcxODQwNzHtEsc3MTM4MTUzOTI5MjUMARBtYiANBhUB9QALiwoBFAAGCQEvbWcGAUOfMzg2NjYwNTEwnxMIDwIVDQ9lFqEoNDCvCgwjBRhBXxYPvxckD1wWMQ9aAY4eNQkMCloBD4QJOwRUAQ97IgkPrgKuHjWwFwpUAQyuAg9uGjIEWwEPYQ0JD1sBDQ8LGaEoNDALGQxbAQ8JBDIPAhkQD1oBrh41hgoKWgEPCQQ8A1QBHzllCwgPVAGvHTmgDQpUAQyuAg8JBDMEWwEPTyAIAAILgWZhY2Vib29r2As2dHIv5giic2VuZEJlYWNvbkcHCE4fPzEwNLgPABA0iw4F7QivU0VOREJFQUNPTrkoO581MDcxMTgzMTi6FAkibWV8GQQNCwCRKVNiL3NzLxEAQGJhbmtAKvNuLzEwL0pTLTIuMjIuMy9zNTY1OTY2OTA5NjMzNzI_QVFCPTEmbmRoPTEmcGY9MSZjYWxsYmFjaz1zX2NfaWxbMF0uZG9Qb3N0YmFja3MmZXQ9MSZ0PTIxJTJGOCUyRjIwMjIlMjAyMSUzQTU1JTNBMTAlMjAzJTIwMCZkLia6HAD8HH92PTEmLmQmwxwY8wVhYW1saD02JmNlPVVURi04Jm5zPd0A9AcmY2RwPTImcGFnZU5hbWU9cmRjJTdDQSczN0NtOycwJTIwPSczJTIwPyeTJTIwc2FtJTIwQyczJTIwRScvJmeNGkhwYy4mYXBsPSAe8AZnZXRQcmV2aW91c1ZhbHVlPTMuMCYVAABWG_AFbnRQYWdlVmlld2VkPTUuMCZtYW4RADFhcnMoANMuYyZjYz1VU0QmY2g97wARJvUrHHLcExImtysRPQcA8DQxJmFhbWI9ajhPZHY2TG9uTjRyM2FuN0xoRDNXWnJVMWJVcEFrRmtraVkxbmNCUjk2dDJQVEkmYzE9RCUzRHYxJnYxZAElJmgRACJjMhsAojImdjI9bWxvJmgRAFFjaCZjMxsABJ0BKyZ2EAA_aDM9oAEhIWM0VwA0ZyZ2CQAhYzYSALJ2NiZ2Nj1lbiZjNxAAwDcmdjc9ZGVza3RvcAIC8gRheW91dCU3QzEyODB4OTM5JmM4KQBCOCZjOQoAzzkmdjk9JTdDJnYxMAgCSCJ2MSYB8gVtaWQmdjE4PWFub255bW91cyZjMYoABTYBImMyNwGAdjEwJnY2OD2_A1IuMiU3Q8oDMSU3Q3AgABEAsjAyMjA4MDEmYzc1zgBRNjgmcz3uAPELMTAyNCZjPTI0Jmo9MS42JnY9TiZrPVkmYncgAEAmYmg9EQEvbWOQIBdXQVFFPTFFBQ-PJAQQMaYgDhgGHzfSEkifNTMwMjA3OTUyshMIH3M4Bf____-VD60QAAk4BQ9QC0IFPgUPdgoIA38JCAUnD3oVXjc2NzgVGQ-vDTwfMGwVDw8EAV8ODwIKBAEPDwJCFDILAQ-6DgjxAWxwdGFnLmxpdmVwZXJzb255FkB0YWcvFwAwanM_qB2HPTYwMjA4NTleFg9tHgcuMTRhMhk3li4P8AE7nzE5Mzc0NTk2MzIICA_lAEAO0QEK5QAP0QFCBewADzAPCACxAQ_hJwUHGB5RQ29yZU2lIA-HICMDQwMPRQoREDb5BAtzGC83NAIESI81MDkwNTc4NgYFCA8mAYEPOAMADyYBUB83lBoIDyYBgQ95AwAJJgEMeQMPVxUyA1ICHzfRIi8PeANaDt4XCngDDCwBD9UTM8A1MDkwNTc4NzJ9XX0 HTTP/1.1
Host: data.privacy.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 21 Sep 2022 21:55:14 GMT
expires: Wed, 21 Sep 2022 21:55:13 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2
data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=5&c=1202&i=4gy7wg&p=regions-prod&s=7059&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTcUAPAmY2xpZW50SWQiOjEyMDIsInB1Ymxpc2hQYXRoIjoicmVnaW9ucy1wcm9kIiwiaW5zdGFuY2UvAPE0IjRneTd3ZyIsInBhY2tldCI6MSwibW9kZSI6Im9ic2VydmUiLCJjb29raWVzIjp7fSwiZW52aXJvbm1lbnQiOiJSZVwAIiBQXADyBnJlcXVlc3RzIjpbeyJkZXN0aW5hdMAA9BxodHRwczovL3NpdGVpbnRlcmNlcHQucXVhbHRyaWNzLmNvbS9XUlNpdGVJHgDyHUVuZ2luZS9Bc3NldC5waHA_TW9kdWxlPVNJXzlaU2Z5Z2p6OVVsWmxCUCZWKAHUPTMyJlFfT1JJR0lOPXIAQ3d3dy4EAQBmAPUIJlFfQ0xJRU5UVkVSU0lPTj0xLjc3LjAXAOBUWVBFPXdlYiIsInR5cAoBoHhociIsInN0YXIhAcA2NjM3OTczMTA3NTQPAQB2AQoUAFBzb3VyYzkAslhIUl9NQU5BR0VSQQDAdHVzIjoiYWxsb3dljAFgcmVhc29uLwHUXSwiZGF0YVBhdHRlchIAsmxpc3QiOltdLCJpZgDPNTUzNDA3ODI1Nn0sYQH_qvUDQ1JfZDZYSkFadFh3M0ZEcklwwgJFOSZRXwIDL0lE7QIBD-ICWB814gIAPzUsIuICR68zMjg2MTgxMDQ54gJKD4EB_0hRZHhqc22oBf8SLzQuMWZhOGJhYTZlN2IxZDc3NzdmYTQuY2h1bmsuanM_iQUUsyZRX0JSQU5ESUQ9xwUGmwVic2NyaXB0XQUMngUeMLwCJzg3vAKgYXBwZW5kQ2hpbIsFMnN0YZ4FMGxvYRAAD5sFHa8zNDA2MTA5NDMwuQIjDzgBdx8xOAFjHzE4Aa0fNjgBDDFtdXQNCRJPWQkyckNMuAIPdwIzDxIIJAd3AsJGZWVkYmFja0xpbmtqCQ-lA1AfMzUBAB85pQNGnzQ3MzYzMDI2Mm0CLw8uAWIfNy4BDA9jAkIFNQEfNaIDLv8HMS42NDZiNWE3YWE5NmFjM2FkZTFkNRIGVh4yPwEvOTRtAkavNTY1NTc3NzA0ODgBrQ93AgAJOAEPdwJCBD8BLzUzPwEHAxAI8ABiYW5rLm1wZWFzeWxpbmvmDVEvbXBlbAUA8g9fc3RvcmFnZS5odG1sP2NtZD1nZXRwcmVmJmhyZWYmDpslM0ElMkYlMkYsDvABJTJGbG9jYXRvciUyRm1sbwYA9hlvcnRnYWdlLWxvYW4tb2ZmaWNlci1zYW0tcGl0dG1hbi1hdGxhbnRhpQhQaWZyYW1JDw1DDi44OVsBARQABWELAjwA4V9ET01BdHRyTW9kaWZpOw4FsAgPTg4nnzMwNDkwNTY0MtkDCA9iARE2Lmpz7QAPkgkHLjI2MA8_OTAxgANHjzE5NDg2NzY0QQIsD98AFg7MAQrfAA8nA0ME5gAPAQgJPWpjMWsRFFF7EQl0EYEvR3JhcGhpY3AR9gZJTT1JTV8zUmIxY1pWTlJvMXg5QkHrASBpbToSDdUCLjkyQgoBFAAF1QL4B0hUTUxJbWFnZV9TRVRBVFRSSUJVVEUOCQ_VAiiPNTQyMjIxMTGICyQPhBIDwD9RX0ltcHJlc3M9MSoSP0lEPUMOAE9RX1NJsw8F4UFTSUQ9QVNfNDE2NzY3qBIPhxISRSZyPTFfEjY5MjV_AQ-XEgQuOTK1DwEUAAV_AQ-XEj6fNDk5NTA4OTk5hAIJD_gTHg90Af8w8QZscHRhZy5saXZlcGVyc29uLm5ldC8VAPEPL2FwaS9hY2NvdW50LzYwMjA4NTk1L2NvbmZpZ3VypwxxL2FwcGxpYwwA9hBzL3RhZ2xldHMvLmpzb25wP3Y9Mi4wJmRmPTAmYj0zlAIP_gUHPDcxOH4JTzEwNjj-BUafMTk0NzY4MzQ23QYIAQsBDyABdR0ysBAPIAFTHzdfCQcPIAF7DVYGCyABD18HQgVHAg_FCwjhY20uZXZlcmVzdHRlY2hlA_khY20vZGQ_ZF91dWlkPTkwNjA2NzQxNTA0NjU2MzcxODQwNzE1NzcyNzEzODE1Mzky2QUPWAcELTM22QVHMTEwNkIDDAIBAKwHBSgKD9gSJY84NjY2MDUxMEgDCB9zYAhcDUgKPzExOMgNR9AzNTQyMjIxMTEzfV19
63.34.68.24204 No Content 0 B URL HTTP/2 data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=5&c=1202&i=4gy7wg&p=regions-prod&s=7059&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTcUAPAmY2xpZW50SWQiOjEyMDIsInB1Ymxpc2hQYXRoIjoicmVnaW9ucy1wcm9kIiwiaW5zdGFuY2UvAPE0IjRneTd3ZyIsInBhY2tldCI6MSwibW9kZSI6Im9ic2VydmUiLCJjb29raWVzIjp7fSwiZW52aXJvbm1lbnQiOiJSZVwAIiBQXADyBnJlcXVlc3RzIjpbeyJkZXN0aW5hdMAA9BxodHRwczovL3NpdGVpbnRlcmNlcHQucXVhbHRyaWNzLmNvbS9XUlNpdGVJHgDyHUVuZ2luZS9Bc3NldC5waHA_TW9kdWxlPVNJXzlaU2Z5Z2p6OVVsWmxCUCZWKAHUPTMyJlFfT1JJR0lOPXIAQ3d3dy4EAQBmAPUIJlFfQ0xJRU5UVkVSU0lPTj0xLjc3LjAXAOBUWVBFPXdlYiIsInR5cAoBoHhociIsInN0YXIhAcA2NjM3OTczMTA3NTQPAQB2AQoUAFBzb3VyYzkAslhIUl9NQU5BR0VSQQDAdHVzIjoiYWxsb3dljAFgcmVhc29uLwHUXSwiZGF0YVBhdHRlchIAsmxpc3QiOltdLCJpZgDPNTUzNDA3ODI1Nn0sYQH_qvUDQ1JfZDZYSkFadFh3M0ZEcklwwgJFOSZRXwIDL0lE7QIBD-ICWB814gIAPzUsIuICR68zMjg2MTgxMDQ54gJKD4EB_0hRZHhqc22oBf8SLzQuMWZhOGJhYTZlN2IxZDc3NzdmYTQuY2h1bmsuanM_iQUUsyZRX0JSQU5ESUQ9xwUGmwVic2NyaXB0XQUMngUeMLwCJzg3vAKgYXBwZW5kQ2hpbIsFMnN0YZ4FMGxvYRAAD5sFHa8zNDA2MTA5NDMwuQIjDzgBdx8xOAFjHzE4Aa0fNjgBDDFtdXQNCRJPWQkyckNMuAIPdwIzDxIIJAd3AsJGZWVkYmFja0xpbmtqCQ-lA1AfMzUBAB85pQNGnzQ3MzYzMDI2Mm0CLw8uAWIfNy4BDA9jAkIFNQEfNaIDLv8HMS42NDZiNWE3YWE5NmFjM2FkZTFkNRIGVh4yPwEvOTRtAkavNTY1NTc3NzA0ODgBrQ93AgAJOAEPdwJCBD8BLzUzPwEHAxAI8ABiYW5rLm1wZWFzeWxpbmvmDVEvbXBlbAUA8g9fc3RvcmFnZS5odG1sP2NtZD1nZXRwcmVmJmhyZWYmDpslM0ElMkYlMkYsDvABJTJGbG9jYXRvciUyRm1sbwYA9hlvcnRnYWdlLWxvYW4tb2ZmaWNlci1zYW0tcGl0dG1hbi1hdGxhbnRhpQhQaWZyYW1JDw1DDi44OVsBARQABWELAjwA4V9ET01BdHRyTW9kaWZpOw4FsAgPTg4nnzMwNDkwNTY0MtkDCA9iARE2Lmpz7QAPkgkHLjI2MA8_OTAxgANHjzE5NDg2NzY0QQIsD98AFg7MAQrfAA8nA0ME5gAPAQgJPWpjMWsRFFF7EQl0EYEvR3JhcGhpY3AR9gZJTT1JTV8zUmIxY1pWTlJvMXg5QkHrASBpbToSDdUCLjkyQgoBFAAF1QL4B0hUTUxJbWFnZV9TRVRBVFRSSUJVVEUOCQ_VAiiPNTQyMjIxMTGICyQPhBIDwD9RX0ltcHJlc3M9MSoSP0lEPUMOAE9RX1NJsw8F4UFTSUQ9QVNfNDE2NzY3qBIPhxISRSZyPTFfEjY5MjV_AQ-XEgQuOTK1DwEUAAV_AQ-XEj6fNDk5NTA4OTk5hAIJD_gTHg90Af8w8QZscHRhZy5saXZlcGVyc29uLm5ldC8VAPEPL2FwaS9hY2NvdW50LzYwMjA4NTk1L2NvbmZpZ3VypwxxL2FwcGxpYwwA9hBzL3RhZ2xldHMvLmpzb25wP3Y9Mi4wJmRmPTAmYj0zlAIP_gUHPDcxOH4JTzEwNjj-BUafMTk0NzY4MzQ23QYIAQsBDyABdR0ysBAPIAFTHzdfCQcPIAF7DVYGCyABD18HQgVHAg_FCwjhY20uZXZlcmVzdHRlY2hlA_khY20vZGQ_ZF91dWlkPTkwNjA2NzQxNTA0NjU2MzcxODQwNzE1NzcyNzEzODE1Mzky2QUPWAcELTM22QVHMTEwNkIDDAIBAKwHBSgKD9gSJY84NjY2MDUxMEgDCB9zYAhcDUgKPzExOMgNR9AzNTQyMjIxMTEzfV19
IP 63.34.68.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /privacy/v1/b/r.rnc?n=5&c=1202&i=4gy7wg&p=regions-prod&s=7059&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTcUAPAmY2xpZW50SWQiOjEyMDIsInB1Ymxpc2hQYXRoIjoicmVnaW9ucy1wcm9kIiwiaW5zdGFuY2UvAPE0IjRneTd3ZyIsInBhY2tldCI6MSwibW9kZSI6Im9ic2VydmUiLCJjb29raWVzIjp7fSwiZW52aXJvbm1lbnQiOiJSZVwAIiBQXADyBnJlcXVlc3RzIjpbeyJkZXN0aW5hdMAA9BxodHRwczovL3NpdGVpbnRlcmNlcHQucXVhbHRyaWNzLmNvbS9XUlNpdGVJHgDyHUVuZ2luZS9Bc3NldC5waHA_TW9kdWxlPVNJXzlaU2Z5Z2p6OVVsWmxCUCZWKAHUPTMyJlFfT1JJR0lOPXIAQ3d3dy4EAQBmAPUIJlFfQ0xJRU5UVkVSU0lPTj0xLjc3LjAXAOBUWVBFPXdlYiIsInR5cAoBoHhociIsInN0YXIhAcA2NjM3OTczMTA3NTQPAQB2AQoUAFBzb3VyYzkAslhIUl9NQU5BR0VSQQDAdHVzIjoiYWxsb3dljAFgcmVhc29uLwHUXSwiZGF0YVBhdHRlchIAsmxpc3QiOltdLCJpZgDPNTUzNDA3ODI1Nn0sYQH_qvUDQ1JfZDZYSkFadFh3M0ZEcklwwgJFOSZRXwIDL0lE7QIBD-ICWB814gIAPzUsIuICR68zMjg2MTgxMDQ54gJKD4EB_0hRZHhqc22oBf8SLzQuMWZhOGJhYTZlN2IxZDc3NzdmYTQuY2h1bmsuanM_iQUUsyZRX0JSQU5ESUQ9xwUGmwVic2NyaXB0XQUMngUeMLwCJzg3vAKgYXBwZW5kQ2hpbIsFMnN0YZ4FMGxvYRAAD5sFHa8zNDA2MTA5NDMwuQIjDzgBdx8xOAFjHzE4Aa0fNjgBDDFtdXQNCRJPWQkyckNMuAIPdwIzDxIIJAd3AsJGZWVkYmFja0xpbmtqCQ-lA1AfMzUBAB85pQNGnzQ3MzYzMDI2Mm0CLw8uAWIfNy4BDA9jAkIFNQEfNaIDLv8HMS42NDZiNWE3YWE5NmFjM2FkZTFkNRIGVh4yPwEvOTRtAkavNTY1NTc3NzA0ODgBrQ93AgAJOAEPdwJCBD8BLzUzPwEHAxAI8ABiYW5rLm1wZWFzeWxpbmvmDVEvbXBlbAUA8g9fc3RvcmFnZS5odG1sP2NtZD1nZXRwcmVmJmhyZWYmDpslM0ElMkYlMkYsDvABJTJGbG9jYXRvciUyRm1sbwYA9hlvcnRnYWdlLWxvYW4tb2ZmaWNlci1zYW0tcGl0dG1hbi1hdGxhbnRhpQhQaWZyYW1JDw1DDi44OVsBARQABWELAjwA4V9ET01BdHRyTW9kaWZpOw4FsAgPTg4nnzMwNDkwNTY0MtkDCA9iARE2Lmpz7QAPkgkHLjI2MA8_OTAxgANHjzE5NDg2NzY0QQIsD98AFg7MAQrfAA8nA0ME5gAPAQgJPWpjMWsRFFF7EQl0EYEvR3JhcGhpY3AR9gZJTT1JTV8zUmIxY1pWTlJvMXg5QkHrASBpbToSDdUCLjkyQgoBFAAF1QL4B0hUTUxJbWFnZV9TRVRBVFRSSUJVVEUOCQ_VAiiPNTQyMjIxMTGICyQPhBIDwD9RX0ltcHJlc3M9MSoSP0lEPUMOAE9RX1NJsw8F4UFTSUQ9QVNfNDE2NzY3qBIPhxISRSZyPTFfEjY5MjV_AQ-XEgQuOTK1DwEUAAV_AQ-XEj6fNDk5NTA4OTk5hAIJD_gTHg90Af8w8QZscHRhZy5saXZlcGVyc29uLm5ldC8VAPEPL2FwaS9hY2NvdW50LzYwMjA4NTk1L2NvbmZpZ3VypwxxL2FwcGxpYwwA9hBzL3RhZ2xldHMvLmpzb25wP3Y9Mi4wJmRmPTAmYj0zlAIP_gUHPDcxOH4JTzEwNjj-BUafMTk0NzY4MzQ23QYIAQsBDyABdR0ysBAPIAFTHzdfCQcPIAF7DVYGCyABD18HQgVHAg_FCwjhY20uZXZlcmVzdHRlY2hlA_khY20vZGQ_ZF91dWlkPTkwNjA2NzQxNTA0NjU2MzcxODQwNzE1NzcyNzEzODE1Mzky2QUPWAcELTM22QVHMTEwNkIDDAIBAKwHBSgKD9gSJY84NjY2MDUxMEgDCB9zYAhcDUgKPzExOMgNR9AzNTQyMjIxMTEzfV19 HTTP/1.1
Host: data.privacy.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 21 Sep 2022 21:55:14 GMT
expires: Wed, 21 Sep 2022 21:55:13 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2
siteintercept.qualtrics.com/dxjsmodule/11.6d774a6a642c7cb91435.chunk.js?Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web&Q_BRANDID=www.regions.com
104.17.209.240200 OK 0 B URL HTTP/2 siteintercept.qualtrics.com/dxjsmodule/11.6d774a6a642c7cb91435.chunk.js?Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web&Q_BRANDID=www.regions.com
IP 104.17.209.240:0
GET /dxjsmodule/11.6d774a6a642c7cb91435.chunk.js?Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web&Q_BRANDID=www.regions.com HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:55:10 GMT
content-type: application/javascript
cf-ray: 74e60b26295bb527-OSL
access-control-allow-origin: *
age: 158680
cache-control: public, max-age=604800, s-maxage=604800
etag: W/"f79a-18333011708"
last-modified: Mon, 12 Sep 2022 18:40:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=63386
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
insight.adsrvr.org/track/up?adv=u4lrxod&ref=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&upid=3e7kzj5&upv=1.1.0
35.71.131.137200 OK 0 B URL HTTP/2 insight.adsrvr.org/track/up?adv=u4lrxod&ref=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&upid=3e7kzj5&upv=1.1.0
IP 35.71.131.137:0
GET /track/up?adv=u4lrxod&ref=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&upid=3e7kzj5&upv=1.1.0 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:55:10 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
partners.tremorhub.com/sync?UIRF=5133329522420334916&r=wgXt4zBSlZEU
18.215.140.199200 OK 0 B URL HTTP/2 partners.tremorhub.com/sync?UIRF=5133329522420334916&r=wgXt4zBSlZEU
IP 18.215.140.199:0
GET /sync?UIRF=5133329522420334916&r=wgXt4zBSlZEU HTTP/1.1
Host: partners.tremorhub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:55:11 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
lptag.liveperson.net/lptag/api/account/60208595/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3
178.249.101.23200 OK 0 B URL HTTP/2 lptag.liveperson.net/lptag/api/account/60208595/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3
IP 178.249.101.23:0
GET /lptag/api/account/60208595/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3 HTTP/1.1
Host: lptag.liveperson.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:55:11 GMT
content-type: application/x-javascript
set-cookie: ADRUM_BTa=R:24|g:ebac38ab-422f-47d4-9faf-e4016da51ed4; Max-Age=30; Expires=Wed, 21-Sep-2022 21:55:41 GMT; Path=/
ADRUM_BTa=R:24|g:ebac38ab-422f-47d4-9faf-e4016da51ed4|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Wed, 21-Sep-2022 21:55:41 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Wed, 21-Sep-2022 21:55:41 GMT; Path=/; Secure
ADRUM_BT1=R:24|i:1758155; Max-Age=30; Expires=Wed, 21-Sep-2022 21:55:41 GMT; Path=/
ADRUM_BT1=R:24|i:1758155|e:1; Max-Age=30; Expires=Wed, 21-Sep-2022 21:55:41 GMT; Path=/
ADRUM_BT1=R:24|i:1758155|e:1|d:2; Max-Age=30; Expires=Wed, 21-Sep-2022 21:55:41 GMT; Path=/
cache-control: public, max-age=630
server: ws
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: EXPIRED
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_secure_storage/3.18.0.0-release_5078/storage.secure.min.html?loc=https%3A%2F%2Fwww.regions.com&site=60208595&env=prod
178.249.97.98200 OK 0 B URL HTTP/2 lpcdn.lpsnmedia.net/le_secure_storage/3.18.0.0-release_5078/storage.secure.min.html?loc=https%3A%2F%2Fwww.regions.com&site=60208595&env=prod
IP 178.249.97.98:0
GET /le_secure_storage/3.18.0.0-release_5078/storage.secure.min.html?loc=https%3A%2F%2Fwww.regions.com&site=60208595&env=prod HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:55:11 GMT
content-type: text/html
last-modified: Mon, 08 Aug 2022 03:15:58 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Thu, 21 Sep 2023 21:55:11 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
secure.quantserve.com/quant.js
91.228.74.251200 OK 0 B URL HTTP/2 secure.quantserve.com/quant.js
IP 91.228.74.251:0
GET /quant.js HTTP/1.1
Host: secure.quantserve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:55:09 GMT
content-type: application/javascript
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "eN3sxSgaav0x5wHLxGB1gQ=="
expires: Wed, 28 Sep 2022 21:55:09 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
zn2tbnxzsysy6zef7-regions.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_2tbnXZsYSY6ZeF7&Q_LOC=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&t=1663797310132
104.17.209.240200 OK 0 B URL HTTP/2 zn2tbnxzsysy6zef7-regions.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_2tbnXZsYSY6ZeF7&Q_LOC=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&t=1663797310132
IP 104.17.209.240:0
GET /WRSiteInterceptEngine/?Q_ZID=ZN_2tbnXZsYSY6ZeF7&Q_LOC=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&t=1663797310132 HTTP/1.1
Host: zn2tbnxzsysy6zef7-regions.siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:55:10 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 74e60b25f933b527-OSL
access-control-allow-origin: *
age: 486324
cache-control: public, max-age=3600, s-maxage=604800
etag: W/"2127-VrFrN4b27frFkCMw5F5UrW3+Nq8"
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=8487
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
insight.adsrvr.org/track/up?adv=pkkjyal&ref=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&upid=xzxny28&upv=1.1.0
35.71.131.137200 OK 0 B URL HTTP/2 insight.adsrvr.org/track/up?adv=pkkjyal&ref=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&upid=xzxny28&upv=1.1.0
IP 35.71.131.137:0
GET /track/up?adv=pkkjyal&ref=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-sam-pittman-atlanta&upid=xzxny28&upv=1.1.0 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:55:10 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
accdn.lpsnmedia.net/api/account/60208595/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
178.249.101.99200 OK 0 B URL HTTP/2 accdn.lpsnmedia.net/api/account/60208595/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
IP 178.249.101.99:0
GET /api/account/60208595/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:55:11 GMT
content-type: application/javascript
set-cookie: ADRUM_BTa=R:24|g:d31abd7b-6cc2-4e9e-a705-3a0a53a0ad92; Max-Age=30; Expires=Wed, 21-Sep-2022 21:55:41 GMT; Path=/
ADRUM_BTa=R:24|g:d31abd7b-6cc2-4e9e-a705-3a0a53a0ad92|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Wed, 21-Sep-2022 21:55:41 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Wed, 21-Sep-2022 21:55:41 GMT; Path=/; Secure
ADRUM_BT1=R:24|i:2241585; Max-Age=30; Expires=Wed, 21-Sep-2022 21:55:41 GMT; Path=/
ADRUM_BT1=R:24|i:2241585|e:5; Max-Age=30; Expires=Wed, 21-Sep-2022 21:55:41 GMT; Path=/
vary: Accept
expires: Wed, 21 Sep 2022 21:56:11 GMT
x-envoy-upstream-service-time: 1
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: EXPIRED
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_unified_window/10.20.1.9-release_5536/lpChatV3.min.js?version=10.20.1.9-release_5536
178.249.97.98200 OK 0 B URL HTTP/2 lpcdn.lpsnmedia.net/le_unified_window/10.20.1.9-release_5536/lpChatV3.min.js?version=10.20.1.9-release_5536
IP 178.249.97.98:0
GET /le_unified_window/10.20.1.9-release_5536/lpChatV3.min.js?version=10.20.1.9-release_5536 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:55:11 GMT
content-type: application/javascript
last-modified: Wed, 31 Aug 2022 14:50:35 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Thu, 21 Sep 2023 21:55:11 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
nexus.ensighten.com/regions/regions-prod/code/24da58b897a83ac8dd6122091a6386c7.js?conditionId0=365287
54.230.111.74200 OK 0 B URL HTTP/2 nexus.ensighten.com/regions/regions-prod/code/24da58b897a83ac8dd6122091a6386c7.js?conditionId0=365287
IP 54.230.111.74:0
GET /regions/regions-prod/code/24da58b897a83ac8dd6122091a6386c7.js?conditionId0=365287 HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Fri, 16 Sep 2022 01:12:48 GMT
x-amz-replication-status: COMPLETED
last-modified: Thu, 29 Jul 2021 14:26:53 GMT
etag: W/"9ed4a4cfac4d3c7c1bfeb172d00660a5"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: BEVKDIy25SUFzQ.PZ9GYTiV2LlHnMgZ9
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OKrK-r2GtSrTkG5cuWvf7Uew-N25dUsvmB3c7z8qrmjI4JfMpoTbqw==
age: 506542
X-Firefox-Spdy: h2
bttrack.com/engagement/js?goalId=44911&cb=1663797309598
192.132.33.46200 OK 0 B URL HTTP/2 bttrack.com/engagement/js?goalId=44911&cb=1663797309598
IP 192.132.33.46:0
GET /engagement/js?goalId=44911&cb=1663797309598 HTTP/1.1
Host: bttrack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,no-cache
pragma: no-cache
content-type: text/javascript; charset=utf-8
content-encoding: gzip
expires: -1
server: Microsoft-IIS/8.5
x-aspnetmvc-version: 5.2
x-aspnet-version: 4.0.30319
set-cookie: bt-es-44911=fc0402be-dc84-409b-a1a9-07030f913b28; path=/
p3p: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
x-servername: Track002-iad
date: Wed, 21 Sep 2022 21:54:41 GMT
X-Firefox-Spdy: h2
siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web&Q_BRANDID=regions
104.17.209.240200 OK 0 B URL HTTP/2 siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web&Q_BRANDID=regions
IP 104.17.209.240:0
GET /dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web&Q_BRANDID=regions HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:55:10 GMT
content-type: application/javascript
cf-ray: 74e60b290d4fb527-OSL
access-control-allow-origin: *
age: 158410
cache-control: public, max-age=604800, s-maxage=604800
etag: W/"19abd-18333011708"
last-modified: Mon, 12 Sep 2022 18:40:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=105149
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_unified_window/10.20.1.9-release_5536/surveylogicinstance.min.js?version=10.20.1.9-release_5536
178.249.97.98200 OK 0 B URL HTTP/2 lpcdn.lpsnmedia.net/le_unified_window/10.20.1.9-release_5536/surveylogicinstance.min.js?version=10.20.1.9-release_5536
IP 178.249.97.98:0
GET /le_unified_window/10.20.1.9-release_5536/surveylogicinstance.min.js?version=10.20.1.9-release_5536 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 21:55:11 GMT
content-type: application/javascript
last-modified: Wed, 31 Aug 2022 14:50:35 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Thu, 21 Sep 2023 21:55:11 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2