urlscan.io logo urlscan.io
SecurityTrails logo

remas.regroup.com Open in urlscan Pro
104.130.72.30  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://remas.regroup.com/
Effective URL: https://remas.regroup.com/signup
Submission: On October 22 via manual from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 9 domains to perform 18 HTTP transactions. The main IP is 104.130.72.30, located in San Antonio, United States and belongs to RACKSPACE, US. The main domain is remas.regroup.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 19th 2020. Valid for: 2 years.
This is the only time remas.regroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

8    104.130.72.30 (San Antonio, United States)

ASN19994 (RACKSPACE, US)
PTR: vinayaka.regroup.com
remas.regroup.com
1    2a00:1450:4001:819::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:821::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
2    13.224.186.200 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-200.fra2.r.cloudfront.net
d36mpcpuzc4ztk.cloudfront.net
1    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    3.83.57.246 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-83-57-246.compute-1.amazonaws.com
chat.freshdesk.com
Domain Requested by
8 remas.regroup.com 2 redirects remas.regroup.com
2 d36mpcpuzc4ztk.cloudfront.net remas.regroup.com
2 ssl.google-analytics.com remas.regroup.com
2 connect.facebook.net remas.regroup.com
connect.facebook.net
2 fonts.googleapis.com remas.regroup.com
1 chat.freshdesk.com d36mpcpuzc4ztk.cloudfront.net
1 www.facebook.com connect.facebook.net
1 fonts.gstatic.com fonts.googleapis.com
1 www.gstatic.com remas.regroup.com
1 www.google.com 1 redirects
18 10

This site contains no links.

Subject Issuer Validity Valid
*.regroup.com
Go Daddy Secure Certificate Authority - G2		 2020-06-19 -
2022-08-18		 2 years crt.sh
*.gstatic.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-09-11 -
2020-12-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2020-05-26 -
2021-04-21		 a year crt.sh
*.freshdesk.com
Amazon		 2020-06-25 -
2021-07-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://remas.regroup.com/signup
Frame ID: 70BD3BF94AAE972DFD3603F0A2018A47
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://remas.regroup.com/ HTTP 302
    https://remas.regroup.com/ HTTP 302
    https://remas.regroup.com/signup Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i
Overall confidence: 100%
Detected patterns
  • headers server /Phusion Passenger ([\d.]+)/i

Page Statistics

18
Requests

100 %
HTTPS

70 %
IPv6

9
Domains

10
Subdomains

9
IPs

3
Countries

754 kB
Transfer

2644 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://remas.regroup.com/ HTTP 302
    https://remas.regroup.com/ HTTP 302
    https://remas.regroup.com/signup Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.google.com/jsapi HTTP 301
  • https://www.gstatic.com/charts/loader.js

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set signup
remas.regroup.com/
Redirect Chain
  • http://remas.regroup.com/
  • https://remas.regroup.com/
  • https://remas.regroup.com/signup
14 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://remas.regroup.com/signup
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.130.72.30 San Antonio, United States, ASN19994 (RACKSPACE, US),
Reverse DNS
vinayaka.regroup.com
Software
nginx/1.14.2 + Phusion Passenger 6.0.2 / Phusion Passenger 6.0.2
Resource Hash
97a852ff3bf7cf279df4bbc81b4bd1f8beedd71931a27a869067977c61d64128

Request headers

Host
remas.regroup.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
text/html; charset=utf-8
Status
200 OK
Cache-Control
must-revalidate, private, max-age=0
Vary
Origin
X-Request-Id
8513a99ff2ff20b75c1486bb8224f348
X-UA-Compatible
IE=Edge,chrome=1
ETag
"ffd481440307f46e039c769bb3dd5726"
X-Runtime
0.013715
X-Rack-Cache
miss
Set-Cookie
_session_id=e2808ac8ac10a421a3df2ddd33a06136; path=/; HttpOnly uid=fwAAAV+RKMOtZQZzJOiqAg==; path=/
X-Powered-By
Phusion Passenger 6.0.2
Server
nginx/1.14.2 + Phusion Passenger 6.0.2
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
X-Cacheable
NO:Not Cacheable
Content-Length
14152
Accept-Ranges
bytes
Date
Thu, 22 Oct 2020 06:37:55 GMT
X-Varnish
1998410794
Age
0
Via
1.1 varnish
Connection
close

Redirect headers

Cache-Control
no-cache
Content-length
0
Location
/signup
loader.js
www.gstatic.com/charts/
Redirect Chain
  • https://www.google.com/jsapi
  • https://www.gstatic.com/charts/loader.js
64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/charts/loader.js
Requested by
Host: remas.regroup.com
URL: https://remas.regroup.com/signup
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d48c95e39e7dcd31ebeee1191f77770fa1cb0a4213bb84ac925406066218c841
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://remas.regroup.com/signup
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 06:37:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19830
x-xss-protection
0
pragma
no-cache
last-modified
Thu, 23 Jul 2020 17:43:26 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 22 Oct 2020 06:28:01 GMT
x-content-type-options
nosniff
server
sffe
age
594
status
301
content-type
text/html; charset=UTF-8
location
https://www.gstatic.com/charts/loader.js
cache-control
public, max-age=1800
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Thu, 22 Oct 2020 06:58:01 GMT
css
fonts.googleapis.com/ 		12 KB
941 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,400i,600,700&subset=latin-ext
Requested by
Host: remas.regroup.com
URL: https://remas.regroup.com/signup
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8be5c6301da1b9998a2eda72be2f3fa24ae903241e176be45031da127cb7f4ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://remas.regroup.com/signup
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 22 Oct 2020 06:37:55 GMT
server
ESF
date
Thu, 22 Oct 2020 06:37:55 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Oct 2020 06:37:55 GMT
icon
fonts.googleapis.com/ 		574 B
465 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: remas.regroup.com
URL: https://remas.regroup.com/signup
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f43ed67b5dbe01a3b359d5af3077afe6543a88bc32088c322171335e09b39e76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://remas.regroup.com/signup
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 22 Oct 2020 06:37:55 GMT
server
ESF
date
Thu, 22 Oct 2020 06:37:55 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Oct 2020 06:37:55 GMT
application-9e3366eba8aa5c201df868e45cbd158b.css
remas.regroup.com/assets/ 		211 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://remas.regroup.com/assets/application-9e3366eba8aa5c201df868e45cbd158b.css
Requested by
Host: remas.regroup.com
URL: https://remas.regroup.com/signup
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.130.72.30 San Antonio, United States, ASN19994 (RACKSPACE, US),
Reverse DNS
vinayaka.regroup.com
Software
nginx/1.14.2 /
Resource Hash
af4ae7af48b9a084a06a5b92ee915694d201e8d56ed88966fa3d653dc14c503c

Request headers

Referer
https://remas.regroup.com/signup
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 22 Oct 2020 06:37:55 GMT
Content-Encoding
gzip
X-Cacheable
YES
Server
nginx/1.14.2
Age
0
Content-Type
text/css
Via
1.1 varnish
Cache-Control
max-age=315360000, public
X-Varnish
1998410796
Connection
close
Accept-Ranges
bytes
Content-Length
38800
Expires
Thu, 31 Dec 2037 23:55:55 GMT
application-da674fe8265b8d18ab3cf4a2d79aacfa.js
remas.regroup.com/assets/ 		2 MB
450 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://remas.regroup.com/assets/application-da674fe8265b8d18ab3cf4a2d79aacfa.js
Requested by
Host: remas.regroup.com
URL: https://remas.regroup.com/signup
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.130.72.30 San Antonio, United States, ASN19994 (RACKSPACE, US),
Reverse DNS
vinayaka.regroup.com
Software
nginx/1.14.2 /
Resource Hash
9515786b394163ab8783305fc2fd6e108cdd1a2216e76ed552f0af5d8a614b8a

Request headers

Referer
https://remas.regroup.com/signup
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 22 Oct 2020 06:37:55 GMT
Content-Encoding
gzip
X-Cacheable
YES
Server
nginx/1.14.2
Age
0
Content-Type
application/javascript
Via
1.1 varnish
Cache-Control
max-age=315360000, public
X-Varnish
1647600600
Connection
close
Accept-Ranges
bytes
Content-Length
460772
Expires
Thu, 31 Dec 2037 23:55:55 GMT
networks
remas.regroup.com/css/ 		344 B
915 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://remas.regroup.com/css/networks
Requested by
Host: remas.regroup.com
URL: https://remas.regroup.com/signup
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.130.72.30 San Antonio, United States, ASN19994 (RACKSPACE, US),
Reverse DNS
vinayaka.regroup.com
Software
nginx/1.14.2 + Phusion Passenger 6.0.2 / Phusion Passenger 6.0.2
Resource Hash
fb1ec13407326d66519bea6b1da2bdc610a06e1d328d86a17555d1b74206dc8d

Request headers

Referer
https://remas.regroup.com/signup
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 22 Oct 2020 06:37:55 GMT
Via
1.1 varnish
X-Cacheable
NO:Not Cacheable
Age
0
X-Powered-By
Phusion Passenger 6.0.2
Status
200 OK
Connection
close
Content-Length
344
X-Request-Id
492efec2a89a6f9436b263693fa4de52
X-UA-Compatible
IE=Edge,chrome=1
X-Runtime
0.009109
Server
nginx/1.14.2 + Phusion Passenger 6.0.2
ETag
"9b2ea3ee3c4a39fb177a2cde17725984"
Vary
Origin
X-Varnish
989461285
Cache-Control
must-revalidate, private, max-age=0
Accept-Ranges
bytes
Content-Type
text/css; charset=utf-8
X-Rack-Cache
miss
logo.png
remas.regroup.com/assets/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://remas.regroup.com/assets/logo.png
Requested by
Host: remas.regroup.com
URL: https://remas.regroup.com/signup
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.130.72.30 San Antonio, United States, ASN19994 (RACKSPACE, US),
Reverse DNS
vinayaka.regroup.com
Software
nginx/1.14.2 /
Resource Hash
69b7fc7000f1446c47eefb0b565e80798d6e86ee761abcc08647692fd35ecc1d

Request headers

Referer
https://remas.regroup.com/signup
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 22 Oct 2020 06:37:56 GMT
Via
1.1 varnish
X-Cacheable
YES
Server
nginx/1.14.2
Age
0
Content-Type
image/png
Cache-Control
max-age=315360000, public
X-Varnish
989461290
Connection
close
Accept-Ranges
bytes
Content-Length
2765
Expires
Thu, 31 Dec 2037 23:55:55 GMT
messages_en.js
remas.regroup.com/assets/new_ui_v2/ 		0
369 B 		Script
General
Check archive.org
Download Go to
Full URL
https://remas.regroup.com/assets/new_ui_v2/messages_en.js
Requested by
Host: remas.regroup.com
URL: https://remas.regroup.com/signup
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.130.72.30 San Antonio, United States, ASN19994 (RACKSPACE, US),
Reverse DNS
vinayaka.regroup.com
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://remas.regroup.com/signup
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 22 Oct 2020 06:37:56 GMT
Content-Encoding
gzip
X-Cacheable
YES
Server
nginx/1.14.2
Age
0
Content-Type
application/javascript
Via
1.1 varnish
Cache-Control
max-age=315360000, public
X-Varnish
989461288
Connection
close
Accept-Ranges
bytes
Content-Length
20
Expires
Thu, 31 Dec 2037 23:55:55 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400i,600,700&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://remas.regroup.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,400i,600,700&subset=latin-ext
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 19 Oct 2020 11:20:33 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:28 GMT
server
sffe
age
242243
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Tue, 19 Oct 2021 11:20:33 GMT
all.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: remas.regroup.com
URL: https://remas.regroup.com/signup
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e37b720c8f9d00b2946c0ccc1b8c73dd24894b43c1e1f4426f854f3408535bca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://remas.regroup.com/signup
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
54HtRG4zfsSrKMOvEObIOw==
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1778
etag
"69a589d20d647c7daf4e1864ccb91c79"
x-fb-debug
mAyzgOZ5mxjyxRuaHLW8jCUSaCHuY9mehYDC5uTv9sGS9Ni11xWXfOjoC8iwSlLmGjjTvGjzGVz3kdqjLrBEDQ==
x-fb-trip-id
664085054
x-fb-content-md5
a1f5f6b4076879aeeb6288d67a99d5ce
x-frame-options
DENY
date
Thu, 22 Oct 2020 06:37:56 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 22 Oct 2020 06:43:42 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: remas.regroup.com
URL: https://remas.regroup.com/signup
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://remas.regroup.com/signup
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
517
date
Thu, 22 Oct 2020 06:29:19 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Thu, 22 Oct 2020 08:29:19 GMT
all.js
connect.facebook.net/en_US/ 		188 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=0b0e0ddf080309bfe4a767ab7e0ca51b&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c463a4096ed56f89903199cff55369ee33e2db95dd4fb86f30b224f859704149
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://remas.regroup.com
Referer
https://remas.regroup.com/signup
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
H58TCGLgi1psIbeo6t2/uQ==
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
57587
etag
"a7a12f012b8b8f5ad1d1e5ad005c65fc"
x-fb-debug
W4dQfv3ANqLyPj0Uu/dbfJFMgwUvkeoNb0ZoXj3oit8s3lzYBlMaIRMmZz0R835rps5xJXwMh4tuQ6JmvotmbA==
x-fb-trip-id
664085054
x-fb-content-md5
f0db30263692ce17303d7a14408d7b60
x-frame-options
DENY
date
Thu, 22 Oct 2020 06:37:56 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Fri, 22 Oct 2021 05:14:41 GMT
__utm.gif
ssl.google-analytics.com/r/ 		35 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=720627479&utmhn=remas.regroup.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Regroup%20%3A&utmhid=63360816&utmr=-&utmp=%2Fsignup&utmht=1603348676548&utmac=UA-5102373-1&utmcc=__utma%3D79176855.2028648116.1603348677.1603348677.1603348677.1%3B%2B__utmz%3D79176855.1603348677.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=581343915&utmredir=1&utmu=HAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: remas.regroup.com
URL: https://remas.regroup.com/signup
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://remas.regroup.com/signup
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Oct 2020 06:37:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
visitor.css
d36mpcpuzc4ztk.cloudfront.net/css/ 		34 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d36mpcpuzc4ztk.cloudfront.net/css/visitor.css
Requested by
Host: remas.regroup.com
URL: https://remas.regroup.com/signup
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.200 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-200.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
40df5b48285c44114e73ebc7a8d0074ee9ed2860f5f34df6f55a9409a078ce3d

Request headers

Referer
https://remas.regroup.com/signup
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
JhnYRMcCz2MB8Zf8wKskybvgnDpWXezd
content-encoding
gzip
etag
"426961e4795ac51b976bcdbcd8ab3ce0"
age
35497
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-length
5485
last-modified
Fri, 09 Oct 2020 14:33:16 GMT
server
AmazonS3
date
Wed, 21 Oct 2020 20:46:20 GMT
content-type
text/css; charset=UTF-8
via
1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
ZTNx4HBdf5IDjTD3Gc2y0UVnH4PNW4PAUsCG_G6IPb3YAFbS8mnc2A==
expires
Fri, 16 Oct 2020 14:32:44 GMT
visitor.js
d36mpcpuzc4ztk.cloudfront.net/js/ 		443 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d36mpcpuzc4ztk.cloudfront.net/js/visitor.js
Requested by
Host: remas.regroup.com
URL: https://remas.regroup.com/signup
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.200 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-200.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cb3bb8d9c49b9efbfae30bb65d70074d5f3c3b1d7b251ce50267878d13886302

Request headers

Referer
https://remas.regroup.com/signup
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
bxUM5FyTkWQCRHRxJWoDHXqzJxHp5CqY
content-encoding
gzip
etag
"e043e9f17420f946404b057b22b38309"
age
57985
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-length
135445
last-modified
Fri, 09 Oct 2020 14:33:16 GMT
server
AmazonS3
date
Wed, 21 Oct 2020 14:31:32 GMT
content-type
application/javascript
via
1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
RDS5T-cdOkkwOeEsL55TPNThjDHUAZGL-LoKXCm_ZJF10fR9iPAXCw==
expires
Fri, 16 Oct 2020 14:32:44 GMT
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=54650208791&input_token&origin=1&redirect_uri=https%3A%2F%2Fremas.regroup.com%2Fsignup&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=0b0e0ddf080309bfe4a767ab7e0ca51b&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://remas.regroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
x-fb-debug
bjZtpL1HWFzR8maToSgO5srozsFJIqnpsiBekdxZECzN9xOKoIMN+CqahIbWMyfahGnpIAwevCXsg7qNK2AFcg==
fb-s
unknown
status
200
date
Thu, 22 Oct 2020 06:37:56 GMT
strict-transport-security
max-age=15552000; preload
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://remas.regroup.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
teamstatus
chat.freshdesk.com/visitors/ 		101 B
883 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://chat.freshdesk.com/visitors/teamstatus?siteId=edd4de9e589d830e722323405b4f5109&vid=visitor572773281477&c=fd&widget_id=ff2c805c-5d7c-469a-bb33-4f00f4d17891&_=1603348676745
Requested by
Host: d36mpcpuzc4ztk.cloudfront.net
URL: https://d36mpcpuzc4ztk.cloudfront.net/js/visitor.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.83.57.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-83-57-246.compute-1.amazonaws.com
Software
/
Resource Hash
6ff94849d78c33a19b8b1bd721ecf5d5bead14a6a7a509cd00b8ef87536b5bd0

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://remas.regroup.com/signup
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 22 Oct 2020 06:37:57 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, PUT, DELETE, OPTIONS
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://remas.regroup.com
Access-Control-Allow-Credentials
true
Connection
close
Access-Control-Allow-Headers
X-CSRF-Token, X-Requested-With, Accept

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| google function| closeOtherDropdowns function| toggleDropdown function| search function| linkForm function| ManageLoadIndicator function| LoggedInNetwork function| GetCampusIds function| pp function| sort_search_users function| show_modal function| submit_topic_delete_form function| showToast object| data object| items function| jconfirm function| Jconfirm object| I18n function| $ function| jQuery string| recaptcha object| jQuery110207116877695780413 function| Sifter object| MicroPlugin function| Selectize object| toastr function| moment object| bootbox object| Chartkick object| LoadIndicator function| fb_login function| fb_login1 function| fb_login_after_logout function| fb_login_pages function| fbAsyncInit string| gaJsHost object| FB object| _gat object| _gaq object| pageTracker object| gaGlobal function| showMessage object| fc_CSS boolean| fc_isSecured object| fc_lang object| fc_rtlLanguages string| fc_rtlSuffix object| fc_JS object| FRESHCHAT_VISITORINFO string| livechat_setting function| nativeReduce object| livechat function| jsonStringify function| AbstractChannel function| WebSocketChannel function| SocketIoChannel function| PostMessageChannel function| PostMessageIncomingChannel string| CHROME_CHANNEL_EVENT function| ChromePostMessageChannel function| ChromePostMessageIncomingChannel function| PortChannel function| PortProxyChannel function| PortIncomingChannel function| EchoProxy function| getElementPosition function| doOnLoad function| getScreenRange function| iterNodes function| expandRange function| showRange function| containsElement function| getNextElement function| splitTextBefore function| splitTextAfter function| splitTextBetween number| TEMPORARY_HIGHLIGHT_DELAY function| temporaryHighlight function| binder function| chatjQuery undefined| ELEMENT_NODE object| Freeze function| adaptCanvas function| windowWidthHeightListener function| resizeCanvas function| createCanvas function| Master undefined| io function| Pusher function| PUBNUBVisitor undefined| _ undefined| JSON3 object| OneClickCbUtils

6 Cookies

Domain/Path Name / Value
remas.regroup.com/ Name: pnctest
Value: 1
.remas.regroup.com/ Name: __utmb
Value: 79176855.1.10.1603348677
.remas.regroup.com/ Name: __utmt
Value: 1
.remas.regroup.com/ Name: __utma
Value: 79176855.2028648116.1603348677.1603348677.1603348677.1
.remas.regroup.com/ Name: __utmz
Value: 79176855.1603348677.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.remas.regroup.com/ Name: __utmc
Value: 79176855

1 Console Messages

Source Level URL
Text
console-api log URL: https://d36mpcpuzc4ztk.cloudfront.net/js/visitor.js(Line 2)
Message:
Chat Disabled or Visitor blocked!

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

chat.freshdesk.com
connect.facebook.net
d36mpcpuzc4ztk.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
remas.regroup.com
ssl.google-analytics.com
www.facebook.com
www.google.com
www.gstatic.com
104.130.72.30
13.224.186.200
2a00:1450:4001:801::200a
2a00:1450:4001:808::2003
2a00:1450:4001:816::2003
2a00:1450:4001:819::2004
2a00:1450:4001:821::2008
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.83.57.246
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
40df5b48285c44114e73ebc7a8d0074ee9ed2860f5f34df6f55a9409a078ce3d
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
69b7fc7000f1446c47eefb0b565e80798d6e86ee761abcc08647692fd35ecc1d
6ff94849d78c33a19b8b1bd721ecf5d5bead14a6a7a509cd00b8ef87536b5bd0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8be5c6301da1b9998a2eda72be2f3fa24ae903241e176be45031da127cb7f4ac
9515786b394163ab8783305fc2fd6e108cdd1a2216e76ed552f0af5d8a614b8a
97a852ff3bf7cf279df4bbc81b4bd1f8beedd71931a27a869067977c61d64128
af4ae7af48b9a084a06a5b92ee915694d201e8d56ed88966fa3d653dc14c503c
c463a4096ed56f89903199cff55369ee33e2db95dd4fb86f30b224f859704149
cb3bb8d9c49b9efbfae30bb65d70074d5f3c3b1d7b251ce50267878d13886302
d48c95e39e7dcd31ebeee1191f77770fa1cb0a4213bb84ac925406066218c841
e37b720c8f9d00b2946c0ccc1b8c73dd24894b43c1e1f4426f854f3408535bca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f43ed67b5dbe01a3b359d5af3077afe6543a88bc32088c322171335e09b39e76
fb1ec13407326d66519bea6b1da2bdc610a06e1d328d86a17555d1b74206dc8d