urlscan.io logo urlscan.io
SecurityTrails logo

login.regions.com Open in urlscan Pro
205.255.100.240  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://smarturl.it/3ndrhy
Effective URL: https://login.regions.com/
Submission: On February 26 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 12 domains to perform 28 HTTP transactions. The main IP is 205.255.100.240, located in United States and belongs to NEUSTAR-AS6, US. The main domain is login.regions.com.
TLS certificate: Issued by Sectigo RSA Extended Validation Secur... on April 22nd 2020. Valid for: a year.
This is the only time login.regions.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    54.161.197.52 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-161-197-52.compute-1.amazonaws.com
smarturl.it
1    35.194.141.193 (New Taipei, Taiwan)

ASN15169 (GOOGLE, US)
PTR: 193.141.194.35.bc.googleusercontent.com
reurl.cc
2    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2606:4700:3037::ac43:b492 (United States)

ASN13335 (CLOUDFLARENET, US)
goo.io
3    2607:fcd0:100:4600::5:750 (Los Angeles, United States)

ASN8100 (ASN-QUADRANET-GLOBAL, US)
puskesmas-terminal.com
14    205.255.100.240 (United States)

ASN19905 (NEUSTAR-AS6, US)
login.regions.com
1    2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
5    18.197.253.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
nexus.ensighten.com
Domain Requested by
14 login.regions.com reurl.cc
login.regions.com
5 nexus.ensighten.com login.regions.com
nexus.ensighten.com
3 puskesmas-terminal.com 3 redirects
2 connect.facebook.net reurl.cc
connect.facebook.net
2 www.google-analytics.com reurl.cc
www.google-analytics.com
1 www.google.de
1 www.google.com
1 stats.g.doubleclick.net www.google-analytics.com
1 goo.io 1 redirects
1 www.facebook.com reurl.cc
1 reurl.cc
1 smarturl.it 1 redirects
28 12

This site contains links to these domains. Also see Links.

Domain
www.regions.com
onlinebanking.regions.com
survey.regions.com
Subject Issuer Validity Valid
reurl.cc
R3		 2021-01-09 -
2021-04-09		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-02-10 -
2021-05-10		 3 months crt.sh
login.regions.com
Sectigo RSA Extended Validation Secure Server CA		 2020-04-22 -
2021-04-22		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
www.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
nexus.ensighten.com
DigiCert SHA2 Secure Server CA		 2020-09-09 -
2021-10-11		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login.regions.com/
Frame ID: 539B1D27E50E67DCA56ACF17055859DB
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://smarturl.it/3ndrhy HTTP 301
    https://reurl.cc/5o449M Page URL
  2. https://goo.io/0diteSg HTTP 301
    https://puskesmas-terminal.com/wp-includes/certificates/-/-/RTR_0G000016118663903933570/index.php?id=reg HTTP 302
    https://puskesmas-terminal.com/wp-includes/certificates/-/-/RTR_0G000016118663903933570/hm2jlnge= HTTP 301
    https://puskesmas-terminal.com/wp-includes/certificates/-/-/RTR_0G000016118663903933570/hm2jlnge=/ HTTP 302
    https://login.regions.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/\/nexus\.ensighten\.com\//i

Page Statistics

28
Requests

100 %
HTTPS

67 %
IPv6

12
Domains

12
Subdomains

9
IPs

4
Countries

1765 kB
Transfer

4634 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://smarturl.it/3ndrhy HTTP 301
    https://reurl.cc/5o449M Page URL
  2. https://goo.io/0diteSg HTTP 301
    https://puskesmas-terminal.com/wp-includes/certificates/-/-/RTR_0G000016118663903933570/index.php?id=reg HTTP 302
    https://puskesmas-terminal.com/wp-includes/certificates/-/-/RTR_0G000016118663903933570/hm2jlnge= HTTP 301
    https://puskesmas-terminal.com/wp-includes/certificates/-/-/RTR_0G000016118663903933570/hm2jlnge=/ HTTP 302
    https://login.regions.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://smarturl.it/3ndrhy HTTP 301
  • https://reurl.cc/5o449M

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
5o449M
reurl.cc/
Redirect Chain
  • https://smarturl.it/3ndrhy
  • https://reurl.cc/5o449M
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/5o449M
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.194.141.193 New Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
193.141.194.35.bc.googleusercontent.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
f46d23db314d71241b4c7556d24787bfab96a008b11cd432d3a71954f3c6fec8
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Host
reurl.cc
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx/1.4.6 (Ubuntu)
Date
Fri, 26 Feb 2021 18:29:48 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Target
https://goo.io/0diteSg
X-Frame-Options
DENY
Content-Encoding
gzip

Redirect headers

date
Fri, 26 Feb 2021 18:29:47 GMT
location
https://reurl.cc/5o449M
set-cookie
AWSALB=tyhk4+fBMSLvdc2lxvLxicyDjCk3UgeM000atY7TdzUz08bKrYMt7minbwkjxRWgGs6kp5osPsLzm2Dv0487envCZ39hML3r2maiGtmJ/1NkG/h5kmngJIUjVnKs; Expires=Fri, 05 Mar 2021 18:29:47 GMT; Path=/ AWSALBCORS=tyhk4+fBMSLvdc2lxvLxicyDjCk3UgeM000atY7TdzUz08bKrYMt7minbwkjxRWgGs6kp5osPsLzm2Dv0487envCZ39hML3r2maiGtmJ/1NkG/h5kmngJIUjVnKs; Expires=Fri, 05 Mar 2021 18:29:47 GMT; Path=/; SameSite=None; Secure requester_id=1365368478034747395;Path=/;Expires=Mon, 24-Feb-2031 18:29:47 GMT;Max-Age=315360000 last_click_3ndrhy=1614364187140;Path=/;Expires=Sun, 28-Feb-2021 18:29:47 GMT;Max-Age=172800
server
nginx/1.14.2
x-application-context
application:default,prod:2243
expires
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
x-node-id
110
x-proxy-cache
MISS
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/5o449M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/5o449M
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
1632
date
Fri, 26 Feb 2021 18:02:36 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Fri, 26 Feb 2021 20:02:36 GMT
fbevents.js
connect.facebook.net/en_US/ 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/5o449M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/5o449M
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23762
x-fb-rlafr
0
pragma
public
x-fb-debug
k0R18JhMiI93j5fOuQZp4DDSvVlbBFSeoiiL208DDEz8gi97f4y9jv+OYSmE939KC54bJqHN+Xmq0ViSJbzJ/g==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Fri, 26 Feb 2021 18:29:48 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
x-xss-protection
0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=190533002&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2F5o449M&ul=en-us&de=UTF-8&dt=Regions%20Online%20Banking%20-%20Log%20in%20to%20your%20accounts%20%7C%20Regions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1291228001&gjid=556175&cid=916179881.1614364188&tid=UA-102456694-1&_gid=2033214634.1614364188&_r=1&_slc=1&z=1840508982
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/5o449M
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 18:29:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
1675200226052423
connect.facebook.net/signals/config/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1675200226052423?v=2.9.33&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
03ed1d6b8dd950567aa5a710804a2b6bd1db57a7dc67fcf0b998385738e35026
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/5o449M
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
8092
x-fb-rlafr
0
pragma
public
x-fb-debug
/IAjaRmqmbisjdgUb+jOC+7xpgXM7/gE7eP2Vf8gOl+QrDd9s6+n59nQQ3rme1sKUc51KfZjLz+Es57TFERUTg==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Fri, 26 Feb 2021 18:29:48 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-content-id
818365870
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc%2F5o449M&rl=&if=false&ts=1614364188368&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=28&fbp=fb.1.1614364188366.226201923&it=1614364188351&coo=false&rqm=GET
Requested by
Host: reurl.cc
URL: https://reurl.cc/5o449M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://reurl.cc/5o449M
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 18:29:48 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 26 Feb 2021 18:29:48 GMT
Primary Request Cookie set /
login.regions.com/
Redirect Chain
  • https://goo.io/0diteSg
  • https://puskesmas-terminal.com/wp-includes/certificates/-/-/RTR_0G000016118663903933570/index.php?id=reg
  • https://puskesmas-terminal.com/wp-includes/certificates/-/-/RTR_0G000016118663903933570/hm2jlnge=
  • https://puskesmas-terminal.com/wp-includes/certificates/-/-/RTR_0G000016118663903933570/hm2jlnge=/
  • https://login.regions.com/
12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.regions.com/
Requested by
Host: reurl.cc
URL: https://reurl.cc/5o449M
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.255.100.240 , United States, ASN19905 (NEUSTAR-AS6, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
befd138c09d232d486212867cb57ec428889c3103a4f42b105ceaed655807b9b
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Host
login.regions.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://reurl.cc/5o449M
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://reurl.cc/5o449M

Response headers

Cache-Control
no-cache, no-store
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Server
Microsoft-IIS/10.0
X-Frame-Options
DENY
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
Date
Fri, 26 Feb 2021 18:29:50 GMT
Set-Cookie
.AspNetCore.Antiforgery.fKNFS50r15A=CfDJ8DeENtDT7xpAqS4LI0aPrvq4W-dCXrtPJPck4GNVw__SvrPXT2zVgtOuaOO80ybRWrdrp_nseKTYAfuiDq38gKkOhOhGpbAv5udKx_meJWsd1JwhasvfM-e6gt3fGgom6nt-mrHBgDqb_rKAKGzN0WE; Path=/; HttpOnly NSC_JOcl5skrbzftt3bboixitgckd0txvec=ffffffff09aece3045525d5f4f58455e445a4a423660; Path=/; HttpOnly
Content-Encoding
gzip
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=157680000

Redirect headers

server
nginx/1.18.0 (Ubuntu)
date
Fri, 26 Feb 2021 18:29:49 GMT
content-type
text/html; charset=UTF-8
location
https://login.regions.com/
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
strict-transport-security
max-age=15768000; includeSubdomains; preload
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
collect
stats.g.doubleclick.net/j/ 		4 B
83 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-102456694-1&cid=916179881.1614364188&jid=1291228001&gjid=556175&_gid=2033214634.1614364188&_u=IEBAAEAAAAAAAC~&z=1541733933
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/5o449M
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 26 Feb 2021 18:29:48 GMT
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-102456694-1&cid=916179881.1614364188&jid=1291228001&_u=IEBAAEAAAAAAAC~&z=761362157
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/5o449M
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 18:29:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-102456694-1&cid=916179881.1614364188&jid=1291228001&_u=IEBAAEAAAAAAAC~&z=761362157
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/5o449M
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 18:29:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
com-regions.css
login.regions.com/Assets/Styles/Library/RegionsBootstrap/ 		369 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.regions.com/Assets/Styles/Library/RegionsBootstrap/com-regions.css?v=x8e3dLnyxkyEVEuSBGXOJRTOWxTEMSxtwzaycyozII8
Requested by
Host: login.regions.com
URL: https://login.regions.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.255.100.240 , United States, ASN19905 (NEUSTAR-AS6, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c7c7b774b9f2c64c84544b920465ce2514ce5b14c4312c6dc336b2732a33208f
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://login.regions.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 02:52:55 GMT
Via
NS-CACHE-12-B
X-Content-Type-Options
nosniff
Age
56215
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
52021
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
Cteonnt-Length
377515
Last-Modified
Fri, 08 Jan 2021 03:21:16 GMT
Server
Microsoft-IIS/10.0
ETag
"1d6e56d52f0dcab"
X-Frame-Options
DENY
Strict-Transport-Security
max-age=157680000
Content-Type
text/css
Cache-Control
max-age= 86400
Accept-Ranges
bytes
olbAuth.min.css
login.regions.com/Assets/Styles/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.regions.com/Assets/Styles/olbAuth.min.css?v=nXgpgIhKDDpWMfVTTAqVfQjXFAl6JN6bf-1rEIQG11w
Requested by
Host: login.regions.com
URL: https://login.regions.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.255.100.240 , United States, ASN19905 (NEUSTAR-AS6, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
9d782980884a0c3a5631f5534c0a957d08d714097a24de9b7fed6b108406d75c
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://login.regions.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 02:52:50 GMT
Via
NS-CACHE-12-B
X-Content-Type-Options
nosniff
Age
56221
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
928
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
Cteonnt-Length
2230
Last-Modified
Fri, 08 Jan 2021 03:21:16 GMT
Server
Microsoft-IIS/10.0
ETag
"1d6e56d52f516b6"
X-Frame-Options
DENY
Strict-Transport-Security
max-age=157680000
Content-Type
text/css
Cache-Control
max-age= 86400
Accept-Ranges
bytes
regions-logo-no-r.svg
login.regions.com/Assets/Images/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.regions.com/Assets/Images/regions-logo-no-r.svg
Requested by
Host: login.regions.com
URL: https://login.regions.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.255.100.240 , United States, ASN19905 (NEUSTAR-AS6, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
912f72af9fe61099bc2452960df7b72ee662d5c3e6188ab246767de1fe367913
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://login.regions.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 02:52:56 GMT
Via
NS-CACHE-12-B
X-Content-Type-Options
nosniff
Age
56215
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
2317
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
Cteonnt-Length
5627
Last-Modified
Fri, 08 Jan 2021 03:21:16 GMT
Server
Microsoft-IIS/10.0
ETag
"1d6e56d52f50bfb"
X-Frame-Options
DENY
Strict-Transport-Security
max-age=157680000
Content-Type
image/svg+xml
Cache-Control
max-age= 86400
Accept-Ranges
bytes
xmui.css
login.regions.com/Assets/Styles/Library/Transmit/ 		798 KB
364 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.regions.com/Assets/Styles/Library/Transmit/xmui.css?v=SicNklE1Ktl1QEjtpmgbhUZP0kpreO2AmgaagwSXy6Y
Requested by
Host: login.regions.com
URL: https://login.regions.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.255.100.240 , United States, ASN19905 (NEUSTAR-AS6, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4a270d9251352ad9754048eda6681b85464fd24a6b78ed809a069a830497cba6
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://login.regions.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 02:52:54 GMT
Via
NS-CACHE-12-B
X-Content-Type-Options
nosniff
Age
56217
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
372534
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
Cteonnt-Length
817206
Last-Modified
Fri, 08 Jan 2021 03:21:16 GMT
Server
Microsoft-IIS/10.0
ETag
"1d6e56d52f96636"
X-Frame-Options
DENY
Strict-Transport-Security
max-age=157680000
Content-Type
text/css
Cache-Control
max-age= 86400
Accept-Ranges
bytes
xmui-no-vars.css
login.regions.com/Assets/Styles/Library/Transmit/ 		764 KB
360 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.regions.com/Assets/Styles/Library/Transmit/xmui-no-vars.css?v=27_x0mg1W6CZZnEL--AiaqVsSOXDJ9i9i-DjWZ9cLH4
Requested by
Host: login.regions.com
URL: https://login.regions.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.255.100.240 , United States, ASN19905 (NEUSTAR-AS6, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
dbbff1d268355ba09966710bfbe0226aa56c48e5c327d8bd8be0e3599f5c2c7e
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://login.regions.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 02:52:54 GMT
Via
NS-CACHE-12-B
X-Content-Type-Options
nosniff
Age
56217
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
368226
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
Cteonnt-Length
782104
Last-Modified
Fri, 08 Jan 2021 03:21:16 GMT
Server
Microsoft-IIS/10.0
ETag
"1d6e56d52fef118"
X-Frame-Options
DENY
Strict-Transport-Security
max-age=157680000
Content-Type
text/css
Cache-Control
max-age= 86400
Accept-Ranges
bytes
Common.css
login.regions.com/Assets/Styles/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.regions.com/Assets/Styles/Common.css?v=5-dD3SDWyYd6oqbtYnVWMkfQPvL7YH9QTq8oDnvMbK0
Requested by
Host: login.regions.com
URL: https://login.regions.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.255.100.240 , United States, ASN19905 (NEUSTAR-AS6, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
71d89feac24a5e17ba2748b0a87787d3b6ba4613ab2476a2107beb52a25a00e1
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://login.regions.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 02:52:54 GMT
Via
NS-CACHE-12-B
X-Content-Type-Options
nosniff
Age
56217
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1803
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
Cteonnt-Length
6273
Last-Modified
Fri, 08 Jan 2021 03:21:16 GMT
Server
Microsoft-IIS/10.0
ETag
"1d6e56d52f50681"
X-Frame-Options
DENY
Strict-Transport-Security
max-age=157680000
Content-Type
text/css
Cache-Control
max-age= 86400
Accept-Ranges
bytes
login.min.js
login.regions.com/Assets/Scripts/ 		1 MB
294 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.regions.com/Assets/Scripts/login.min.js?v=h2l4kwjSmFhsosN9YheUZsPHCE_r3xd9N8PjjY8kk9s
Requested by
Host: login.regions.com
URL: https://login.regions.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.255.100.240 , United States, ASN19905 (NEUSTAR-AS6, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
8769789308d298586ca2c37d62179466c3c7084febdf177d37c3e38d8f2493db
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://login.regions.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 02:52:53 GMT
Via
NS-CACHE-12-B
X-Content-Type-Options
nosniff
Age
56218
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
300311
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
Cteonnt-Length
1114709
Last-Modified
Sat, 09 Jan 2021 19:23:52 GMT
Server
Microsoft-IIS/10.0
ETag
"1d6e6bcf6b01655"
X-Frame-Options
DENY
Strict-Transport-Security
max-age=157680000
Content-Type
application/javascript
Cache-Control
max-age= 86400
Accept-Ranges
bytes
equal-housing-lender.svg
login.regions.com/Assets/Images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.regions.com/Assets/Images/equal-housing-lender.svg
Requested by
Host: login.regions.com
URL: https://login.regions.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.255.100.240 , United States, ASN19905 (NEUSTAR-AS6, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e4bc94279e093f25720c2867e7a08dbfaaa140636f11eab5ac4e204a93a3751e
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://login.regions.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 02:52:54 GMT
Via
NS-CACHE-12-B
X-Content-Type-Options
nosniff
Age
56217
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1671
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
Cteonnt-Length
3790
Last-Modified
Fri, 08 Jan 2021 03:21:16 GMT
Server
Microsoft-IIS/10.0
ETag
"1d6e56d52f510ce"
X-Frame-Options
DENY
Strict-Transport-Security
max-age=157680000
Content-Type
image/svg+xml
Cache-Control
max-age= 86400
Accept-Ranges
bytes
member-fdic.svg
login.regions.com/Assets/Images/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.regions.com/Assets/Images/member-fdic.svg
Requested by
Host: login.regions.com
URL: https://login.regions.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.255.100.240 , United States, ASN19905 (NEUSTAR-AS6, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
8b69a3707a2ef4a748dd6c9923a1fa17d1ed5d32eee6e60240540217cf30b324
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://login.regions.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 02:52:54 GMT
Via
NS-CACHE-12-B
X-Content-Type-Options
nosniff
Age
56217
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
2658
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
Cteonnt-Length
6001
Last-Modified
Fri, 08 Jan 2021 03:21:16 GMT
Server
Microsoft-IIS/10.0
ETag
"1d6e56d52f50971"
X-Frame-Options
DENY
Strict-Transport-Security
max-age=157680000
Content-Type
image/svg+xml
Cache-Control
max-age= 86400
Accept-Ranges
bytes
regionslib.min.js
login.regions.com/Assets/Scripts/ 		994 KB
489 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.regions.com/Assets/Scripts/regionslib.min.js?v=HtUVOJTWK1iZpw0Gl8w-cTMxKyTuHCjdJolqYBbsuBM
Requested by
Host: login.regions.com
URL: https://login.regions.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.255.100.240 , United States, ASN19905 (NEUSTAR-AS6, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
1ed5153894d62b5899a70d0697cc3e7133312b24ee1c28dd26896a6016ecb813
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://login.regions.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 02:52:54 GMT
Via
NS-CACHE-12-B
X-Content-Type-Options
nosniff
Age
56217
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
500574
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
Cteonnt-Length
1018023
Last-Modified
Fri, 08 Jan 2021 03:21:16 GMT
Server
Microsoft-IIS/10.0
ETag
"1d6e56d52fa96a7"
X-Frame-Options
DENY
Strict-Transport-Security
max-age=157680000
Content-Type
application/javascript
Cache-Control
max-age= 86400
Accept-Ranges
bytes
Bootstrap.js
nexus.ensighten.com/regions/transmit-prod/ 		355 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/regions/transmit-prod/Bootstrap.js
Requested by
Host: login.regions.com
URL: https://login.regions.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
31bc0d76620dabf00a7873643c4bf89cb51a6ef176d6ff68ea38463a1ad2f5d4

Request headers

Referer
https://login.regions.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 18:29:50 GMT
content-encoding
gzip
last-modified
Wed, 21 Oct 2020 19:05:55 GMT
server
nginx
etag
W/"5f908693-58deb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
source-sans-pro-regular-webfont.woff
login.regions.com/Assets/Styles/Library/RegionsBootstrap/fonts/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://login.regions.com/Assets/Styles/Library/RegionsBootstrap/fonts/source-sans-pro-regular-webfont.woff
Requested by
Host: login.regions.com
URL: https://login.regions.com/Assets/Styles/Library/RegionsBootstrap/com-regions.css?v=x8e3dLnyxkyEVEuSBGXOJRTOWxTEMSxtwzaycyozII8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.255.100.240 , United States, ASN19905 (NEUSTAR-AS6, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c76d1157888f0e90d43d4a1d347081f2c6aa56b4fdd4f30950d421fef844756f
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Origin
https://login.regions.com
Referer
https://login.regions.com/Assets/Styles/Library/RegionsBootstrap/com-regions.css?v=x8e3dLnyxkyEVEuSBGXOJRTOWxTEMSxtwzaycyozII8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 02:52:53 GMT
Via
NS-CACHE-12-B
X-Content-Type-Options
nosniff
Age
56219
Connection
Keep-Alive
Content-Length
19156
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
Last-Modified
Fri, 08 Jan 2021 03:21:16 GMT
Server
Microsoft-IIS/10.0
X-Frame-Options
DENY
ETag
"1d6e56d52f554d4"
Strict-Transport-Security
max-age=157680000
Content-Type
application/font-woff
Cache-Control
max-age= 86400
Accept-Ranges
bytes
source-sans-pro-700-webfont.woff
login.regions.com/Assets/Styles/Library/RegionsBootstrap/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://login.regions.com/Assets/Styles/Library/RegionsBootstrap/fonts/source-sans-pro-700-webfont.woff
Requested by
Host: login.regions.com
URL: https://login.regions.com/Assets/Styles/Library/RegionsBootstrap/com-regions.css?v=x8e3dLnyxkyEVEuSBGXOJRTOWxTEMSxtwzaycyozII8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.255.100.240 , United States, ASN19905 (NEUSTAR-AS6, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
8cd9ec1f69dc5eae76225efcb7e0e4f067d70f6d67f936b4ba98f6e7c317ece2
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Origin
https://login.regions.com
Referer
https://login.regions.com/Assets/Styles/Library/RegionsBootstrap/com-regions.css?v=x8e3dLnyxkyEVEuSBGXOJRTOWxTEMSxtwzaycyozII8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 02:52:54 GMT
Via
NS-CACHE-12-B
X-Content-Type-Options
nosniff
Age
56218
Connection
Keep-Alive
Content-Length
18720
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
Last-Modified
Fri, 08 Jan 2021 03:21:16 GMT
Server
Microsoft-IIS/10.0
X-Frame-Options
DENY
ETag
"1d6e56d52f55720"
Strict-Transport-Security
max-age=157680000
Content-Type
application/font-woff
Cache-Control
max-age= 86400
Accept-Ranges
bytes
1.gif
nexus.ensighten.com/privacy/v1/b/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nexus.ensighten.com/privacy/v1/b/1.gif?n=0&c=1202&i=7phlbc&p=transmit-prod&s=314&d=8HZ7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNDI1IiwiY2xpZW50SWQiOjEyMDIsInB1Ymxpc2hQYXRoIjoidHJhbnNtaXQtcHJvZCIsImluc3RhbmNlSWQiOiI3cGhsYmMiLCJwYWNrZXQiOjAsIm1vZGUiOiJvYnNlcnZlYADyJ29va2llcyI6e30sImVudmlyb25tZW50Ijoibm9uZSIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLkA8BkiLCJ0eXBlIjoiYmlsbGluZyIsInN0YXJ0IjoxNjE0MzY0MTkxNjA5WgDAZCI6LTEsInNvdXJjMgACKwBhdHVzIjoiZgBAYXNvbmUA010sImRhdGFQYXR0ZXISAMAibGlzdCI6W119XX0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://login.regions.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 18:29:51 GMT
cache-control
no-cache, no-store
server
nginx
expires
Fri, 26 Feb 2021 18:29:50 GMT
serverComponent.php
nexus.ensighten.com/regions/transmit-prod/ 		282 B
424 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/regions/transmit-prod/serverComponent.php?r=96522945.2663352&namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/regions/transmit-prod/code/&publishedOn=Wed%20Oct%2021%2019:05:54%20GMT%202020&ClientID=1202&PageID=https%3A%2F%2Flogin.regions.com%2F
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/regions/transmit-prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
718496946425188baa59aac60ad56e25f6953a3703a17e8ceb7ba48e310d653a

Request headers

Referer
https://login.regions.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 18:29:51 GMT
cache-control
no-cache, no-store
server
nginx
content-type
text/javascript
content-length
282
expires
Fri, 26 Feb 2021 18:29:50 GMT
6ecf86ad9b4511b37d16156ceb162c34.js
nexus.ensighten.com/regions/transmit-prod/code/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/regions/transmit-prod/code/6ecf86ad9b4511b37d16156ceb162c34.js?conditionId0=423026
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/regions/transmit-prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3be3373680ff685f39a6d078e0f82e5d417316dd5d37bdebbd9c55135983462b

Request headers

Referer
https://login.regions.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 18:29:51 GMT
content-encoding
gzip
last-modified
Wed, 21 Oct 2020 19:05:55 GMT
server
nginx
etag
W/"5f908693-1b4a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
e.gif
nexus.ensighten.com/error/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nexus.ensighten.com/error/e.gif?msg=Cannot%20read%20property%20%27resolve%27%20of%20undefined&lnn=-1&fn=&cid=1202&client=regions&publishPath=transmit-prod&rid=-1&did=-1&errorName=TypeError
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://login.regions.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 18:29:51 GMT
cache-control
no-cache, no-store
server
nginx
expires
Fri, 26 Feb 2021 18:29:50 GMT
source-sans-pro-600-webfont.woff
login.regions.com/Assets/Styles/Library/RegionsBootstrap/fonts/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://login.regions.com/Assets/Styles/Library/RegionsBootstrap/fonts/source-sans-pro-600-webfont.woff
Requested by
Host: login.regions.com
URL: https://login.regions.com/Assets/Styles/Library/RegionsBootstrap/com-regions.css?v=x8e3dLnyxkyEVEuSBGXOJRTOWxTEMSxtwzaycyozII8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.255.100.240 , United States, ASN19905 (NEUSTAR-AS6, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
abe8e02ce1db420dae8a4c2ba86576df0407511e7c463eed283d86a7e3112077
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Origin
https://login.regions.com
Referer
https://login.regions.com/Assets/Styles/Library/RegionsBootstrap/com-regions.css?v=x8e3dLnyxkyEVEuSBGXOJRTOWxTEMSxtwzaycyozII8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 02:53:00 GMT
Via
NS-CACHE-12-B
X-Content-Type-Options
nosniff
Age
56213
Connection
Keep-Alive
Content-Length
19052
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
Last-Modified
Fri, 08 Jan 2021 03:21:16 GMT
Server
Microsoft-IIS/10.0
X-Frame-Options
DENY
ETag
"1d6e56d52f5546c"
Strict-Transport-Security
max-age=157680000
Content-Type
application/font-woff
Cache-Control
max-age= 86400
Accept-Ranges
bytes

Verdicts & Comments Add Verdict or Comment

128 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| progressBarForm function| passwordAuthenticator function| getQuestions function| pwdChange function| challengeQuestionAuth function| lockedOptions function| secQuestionOptions function| _instanceof function| _typeof function| _classCallCheck function| _defineProperties function| _createClass function| _inherits function| _setPrototypeOf function| _createSuper function| _possibleConstructorReturn function| _assertThisInitialized function| _isNativeReflectConstruct function| _getPrototypeOf function| debugOut function| clearUIContainer function| displayPagelevelError function| clearPagelevelError function| clearCustomValidationError function| addCustomValidationError function| handleGetQuestionKeyEvents function| handleChangePasswordKeyEvents function| handleChallengeQuestionKeyEvents function| handlePasswordKeyEvents function| validateCurrentPassword function| validateNewPassword function| validateConfirmPassword function| validateChallengeAnswer function| validateQuestion1 function| validateQuestion2 function| validateQuestion3 function| validateAnswer1 function| validateAnswer2 function| validateAnswer3 function| validateVerifyAnswer1 function| validateVerifyAnswer2 function| validateVerifyAnswer3 function| onSecurityQuestionChange function| AlignCenter function| sessionMonitor function| AddAriaHidden function| RemoveAriaHidden function| StopSessionTimer function| InitiateLoginJourney function| getRelyingParty function| RememberMe function| GetConfiguration function| ValidateOnlineID function| ErrorLogger function| PageLevelInfo function| RedirectToLoginPage string| demoOptionTagList undefined| _expirationTimeoutID undefined| _warningTimeoutID string| authFailed string| invalidPassword string| invalidCurrentPassword object| passwordPattern string| errorBlockCNP string| errorBlockNP string| emptyErrorBlockCNP string| emptyErrorBlockNP string| emptyErrorBlockCUP string| errorBlockConfirmPassword string| errorSameNewPassword string| maxCharacterPassword object| answerPattern string| notSelectedQuestionErrMSG string| duplicateQuestionSelectedErrMSG string| errorBlockDDL string| errorEmptySecurityAnswer string| errorA1Unique string| errorA2Unique string| errorA3Unique string| errorBlock string| errorEmptyVerifyAnswer string| pageLevelError string| patternError string| errorEmptyChallengeAnswer string| tryAgain string| notSelected boolean| pageLevelMessageDisplayed function| RegUIHandler function| PasswordAuthenticatorSession function| FormSession object| tsConfigSetting string| accountOverViewURL undefined| tsLevel string| verifyIdentityURL string| systemUnavailableURL string| genericErrorURL function| $ function| jQuery object| xmsdk object| com object| aesjs object| elliptic function| sha256 function| sha224 object| base64js object| __XMSDK_PLUGINS object| xmui boolean| cookiesDisabled function| _toConsumableArray function| _typeof2 object| validator object| RDS function| zxcvbn object| ensBootstraps object| Bootstrapper object| ensClientConfig object| ensLogger boolean| ensBrowserSupported object| gateway

3 Cookies

Domain/Path Name / Value
login.regions.com/ Name: TestCookie
Value: testcookie
login.regions.com/ Name: NSC_JOcl5skrbzftt3bboixitgckd0txvec
Value: ffffffff09aece3045525d5f4f58455e445a4a423660
login.regions.com/ Name: .AspNetCore.Antiforgery.fKNFS50r15A
Value: CfDJ8DeENtDT7xpAqS4LI0aPrvq4W-dCXrtPJPck4GNVw__SvrPXT2zVgtOuaOO80ybRWrdrp_nseKTYAfuiDq38gKkOhOhGpbAv5udKx_meJWsd1JwhasvfM-e6gt3fGgom6nt-mrHBgDqb_rKAKGzN0WE

1 Console Messages

Source Level URL
Text
console-api warning URL: https://login.regions.com/Assets/Scripts/login.min.js?v=h2l4kwjSmFhsosN9YheUZsPHCE_r3xd9N8PjjY8kk9s(Line 14)
Message:
Failed to use browser storage. Resorting to cookies.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
goo.io
login.regions.com
nexus.ensighten.com
puskesmas-terminal.com
reurl.cc
smarturl.it
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
18.197.253.20
205.255.100.240
2606:4700:3037::ac43:b492
2607:fcd0:100:4600::5:750
2a00:1450:4001:800::200e
2a00:1450:4001:810::2004
2a00:1450:4001:827::2003
2a00:1450:400c:c07::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
35.194.141.193
54.161.197.52
03ed1d6b8dd950567aa5a710804a2b6bd1db57a7dc67fcf0b998385738e35026
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
1ed5153894d62b5899a70d0697cc3e7133312b24ee1c28dd26896a6016ecb813
31bc0d76620dabf00a7873643c4bf89cb51a6ef176d6ff68ea38463a1ad2f5d4
3be3373680ff685f39a6d078e0f82e5d417316dd5d37bdebbd9c55135983462b
4a270d9251352ad9754048eda6681b85464fd24a6b78ed809a069a830497cba6
718496946425188baa59aac60ad56e25f6953a3703a17e8ceb7ba48e310d653a
71d89feac24a5e17ba2748b0a87787d3b6ba4613ab2476a2107beb52a25a00e1
8769789308d298586ca2c37d62179466c3c7084febdf177d37c3e38d8f2493db
8b69a3707a2ef4a748dd6c9923a1fa17d1ed5d32eee6e60240540217cf30b324
8cd9ec1f69dc5eae76225efcb7e0e4f067d70f6d67f936b4ba98f6e7c317ece2
912f72af9fe61099bc2452960df7b72ee662d5c3e6188ab246767de1fe367913
9d782980884a0c3a5631f5534c0a957d08d714097a24de9b7fed6b108406d75c
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
abe8e02ce1db420dae8a4c2ba86576df0407511e7c463eed283d86a7e3112077
befd138c09d232d486212867cb57ec428889c3103a4f42b105ceaed655807b9b
c76d1157888f0e90d43d4a1d347081f2c6aa56b4fdd4f30950d421fef844756f
c7c7b774b9f2c64c84544b920465ce2514ce5b14c4312c6dc336b2732a33208f
dbbff1d268355ba09966710bfbe0226aa56c48e5c327d8bd8be0e3599f5c2c7e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4bc94279e093f25720c2867e7a08dbfaaa140636f11eab5ac4e204a93a3751e
f46d23db314d71241b4c7556d24787bfab96a008b11cd432d3a71954f3c6fec8