www.se-regionsbank.com Open in urlscan Pro
35.237.16.154 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.se-regionsbank.com/
Effective URL:
https://www.se-regionsbank.com/a50dd/
Submission: On July 14 via automatic, source certstream-suspicious (July 14th 2022, 7:34:04 pm UTC) — Scanned from SE

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 14 HTTP transactions. The main IP is 35.237.16.154, located in North Charleston, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.se-regionsbank.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on July 14th 2022. Valid for: 3 months.

This is the only time www.se-regionsbank.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Regions Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
2 15	35.237.16.154 35.237.16.154	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	159.45.2.177 159.45.2.177	10837 (WELLSFARG...) (WELLSFARGO-10837)
14	2

15 35.237.16.154 (North Charleston, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 154.16.237.35.bc.googleusercontent.com

www.se-regionsbank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.45.2.177 (United States)

ASN10837 (WELLSFARGO-10837, US)

apply.wellsfargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	se-regionsbank.com 2 redirects www.se-regionsbank.com	688 KB
1	wellsfargo.com apply.wellsfargo.com — Cisco Umbrella Rank: 54131	2 KB
14	2

	Domain	Requested by
15	www.se-regionsbank.com	2 redirects www.se-regionsbank.com
1	apply.wellsfargo.com	www.se-regionsbank.com
14	2

This site contains no links.

Subject Issuer	Validity	Valid
se-regionsbank.com cPanel, Inc. Certification Authority	`2022-07-14` - `2022-10-12`	3 months	crt.sh
apply.wellsfargo.com Wells Fargo Public Trust Certification Authority 01 G2	`2022-05-18` - `2023-05-26`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.se-regionsbank.com/a50dd/
Frame ID: 6FFBA8D9EEE038A9963CDF17008B69D5
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Regions Online Banking - Verification

Page URL History Show full URLs

https://www.se-regionsbank.com/ HTTP 302
https://www.se-regionsbank.com/a50dd HTTP 301
https://www.se-regionsbank.com/a50dd/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

689 kB
Transfer

685 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.se-regionsbank.com/ HTTP 302
https://www.se-regionsbank.com/a50dd HTTP 301
https://www.se-regionsbank.com/a50dd/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.se-regionsbank.com/a50dd/
Redirect Chain

https://www.se-regionsbank.com/
https://www.se-regionsbank.com/a50dd
https://www.se-regionsbank.com/a50dd/

16 KB
16 KB

1186ms
1185ms

Document
text/html

35.237.16.154
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.se-regionsbank.com/a50dd/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.237.16.154 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 154.16.237.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: d8b85623959a782c7fce40f2c449dd48487caa5dd988dc7d4a3f19ea78c2b9bc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Thu, 14 Jul 2022 19:33:53 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=98
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked

Redirect headers

Connection: Keep-Alive
Content-Length: 245
Content-Type: text/html; charset=iso-8859-1
Date: Thu, 14 Jul 2022 19:33:52 GMT
Keep-Alive: timeout=5, max=99
Location: https://www.se-regionsbank.com/a50dd/
Server: Apache

GET
H/1.1 200
OK com-regions.min.css
www.se-regionsbank.com/a50dd/Assets/cdx/Assets/Themes/Desktop/Shared/ResponsiveCore/ 250 KB
250 KB 283ms
165ms Stylesheet
text/css 35.237.16.154
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.se-regionsbank.com/a50dd/Assets/cdx/Assets/Themes/Desktop/Shared/ResponsiveCore/com-regions.min.css
Requested by: Host: www.se-regionsbank.com
URL: https://www.se-regionsbank.com/a50dd/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.237.16.154 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 154.16.237.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 420bf3610d128e741b67e83c3b4ead9f589725cfdb0e1a2c34aa09b4cf8b9c1e

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.se-regionsbank.com/a50dd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 19:33:54 GMT
Last-Modified: Thu, 14 Jul 2022 19:33:52 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 256016

GET
H/1.1 200
OK combined.css.d29a50bbb70d0c0a23215edec79ea1cd7aec5528974e270207f957109a0963d0.css
www.se-regionsbank.com/a50dd/Assets/cdx/Themes/Desktop/Shared/fiserv.ps.customerservice/ 2 KB
3 KB 540ms
267ms Stylesheet
text/css 35.237.16.154
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.se-regionsbank.com/a50dd/Assets/cdx/Themes/Desktop/Shared/fiserv.ps.customerservice/combined.css.d29a50bbb70d0c0a23215edec79ea1cd7aec5528974e270207f957109a0963d0.css
Requested by: Host: www.se-regionsbank.com
URL: https://www.se-regionsbank.com/a50dd/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.237.16.154 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 154.16.237.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: d29a50bbb70d0c0a23215edec79ea1cd7aec5528974e270207f957109a0963d0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.se-regionsbank.com/a50dd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 19:33:54 GMT
Last-Modified: Thu, 14 Jul 2022 19:33:52 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2512

GET
H/1.1 200
OK combined.css.dd3247782798b09752f4758c2f290fc0e6a87f98411f2b8eed6571d84e603c71.css
www.se-regionsbank.com/a50dd/Assets/cdx/Themes/Desktop/Shared/fiserv.ps.customerservice/ 149 KB
149 KB 511ms
239ms Stylesheet
text/css 35.237.16.154
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.se-regionsbank.com/a50dd/Assets/cdx/Themes/Desktop/Shared/fiserv.ps.customerservice/combined.css.dd3247782798b09752f4758c2f290fc0e6a87f98411f2b8eed6571d84e603c71.css
Requested by: Host: www.se-regionsbank.com
URL: https://www.se-regionsbank.com/a50dd/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.237.16.154 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 154.16.237.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 1aa4c1bbce0d546e38542fb5e118914a75cf8f2013adfe59416e2626bc071d35

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.se-regionsbank.com/a50dd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 19:33:54 GMT
Last-Modified: Thu, 14 Jul 2022 19:33:52 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 152381

GET
H/1.1 200
OK regions-logo-no-r.svg
www.se-regionsbank.com/a50dd/Assets/Images/ 5 KB
6 KB 484ms
253ms Image
image/svg+xml 35.237.16.154
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.se-regionsbank.com/a50dd/Assets/Images/regions-logo-no-r.svg
Requested by: Host: www.se-regionsbank.com
URL: https://www.se-regionsbank.com/a50dd/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.237.16.154 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 154.16.237.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 912f72af9fe61099bc2452960df7b72ee662d5c3e6188ab246767de1fe367913

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.se-regionsbank.com/a50dd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 19:33:54 GMT
Last-Modified: Thu, 14 Jul 2022 19:33:52 GMT
Server: Apache
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 5627

GET
H/1.1 200 visa.svg
apply.wellsfargo.com/assets/images/osmp/ 1 KB
2 KB 869ms
400ms Image
image/svg+xml 159.45.2.177
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apply.wellsfargo.com/assets/images/osmp/visa.svg

Requested by

Host: www.se-regionsbank.com
URL: https://www.se-regionsbank.com/a50dd/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.2.177 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

44539b5f80bc87b91fba5dab40e5b8105c99d3ba5e07375d41c49679c9206564

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.se-regionsbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000;includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Sat, 12 Nov 2016 13:01:24 GMT
Server: KONICHIWA/1.1
ETag: W/"1351-1478955684000"
X-Frame-Options: DENY
Content-Type: image/svg+xml
Date: Thu, 14 Jul 2022 19:33:55 GMT
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=600
Content-Length: 1351
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK equal-housing-lender.svg
www.se-regionsbank.com/a50dd/Assets/Images/ 4 KB
4 KB 410ms
224ms Image
image/svg+xml 35.237.16.154
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.se-regionsbank.com/a50dd/Assets/Images/equal-housing-lender.svg
Requested by: Host: www.se-regionsbank.com
URL: https://www.se-regionsbank.com/a50dd/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.237.16.154 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 154.16.237.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: e4bc94279e093f25720c2867e7a08dbfaaa140636f11eab5ac4e204a93a3751e

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.se-regionsbank.com/a50dd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 19:33:54 GMT
Last-Modified: Thu, 14 Jul 2022 19:33:52 GMT
Server: Apache
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3790

GET
H/1.1 200
OK member-fdic.svg
www.se-regionsbank.com/a50dd/Assets/Images/ 6 KB
6 KB 425ms
164ms Image
image/svg+xml 35.237.16.154
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.se-regionsbank.com/a50dd/Assets/Images/member-fdic.svg
Requested by: Host: www.se-regionsbank.com
URL: https://www.se-regionsbank.com/a50dd/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.237.16.154 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 154.16.237.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 8b69a3707a2ef4a748dd6c9923a1fa17d1ed5d32eee6e60240540217cf30b324

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.se-regionsbank.com/a50dd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 19:33:54 GMT
Last-Modified: Thu, 14 Jul 2022 19:33:52 GMT
Server: Apache
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 6001

GET
H/1.1 200
OK jquery.min.js Show response
www.se-regionsbank.com/a50dd/Assets/ 156 KB
156 KB 222ms
220ms Script
application/javascript 35.237.16.154
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.se-regionsbank.com/a50dd/Assets/jquery.min.js
Requested by: Host: www.se-regionsbank.com
URL: https://www.se-regionsbank.com/a50dd/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.237.16.154 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 154.16.237.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 89db88fadaf63fd4e91d869fed81834918debd6eacbe6e47b5ad54e061996aed

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.se-regionsbank.com/a50dd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 19:33:54 GMT
Last-Modified: Thu, 14 Jul 2022 19:33:52 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 159536

GET
H/1.1 200
OK jquery.validate.min.js Show response
www.se-regionsbank.com/a50dd/Assets/ 34 KB
34 KB 207ms
206ms Script
application/javascript 35.237.16.154
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.se-regionsbank.com/a50dd/Assets/jquery.validate.min.js
Requested by: Host: www.se-regionsbank.com
URL: https://www.se-regionsbank.com/a50dd/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.237.16.154 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 154.16.237.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: f59dc66c08474ec52a21ab66cd6ba46a4e4ace29b0b82e2306add18741ae9c2a

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.se-regionsbank.com/a50dd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 19:33:54 GMT
Last-Modified: Thu, 14 Jul 2022 19:33:52 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 34429

GET
H/1.1 200
OK form.js Show response
www.se-regionsbank.com/a50dd/Assets/ 6 KB
6 KB 185ms
185ms Script
application/javascript 35.237.16.154
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.se-regionsbank.com/a50dd/Assets/form.js
Requested by: Host: www.se-regionsbank.com
URL: https://www.se-regionsbank.com/a50dd/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.237.16.154 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 154.16.237.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 2ec13872d1c04136834372351ffbab078b67263e84f98d9b4c546c521ef85d7f

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.se-regionsbank.com/a50dd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 19:33:54 GMT
Last-Modified: Thu, 14 Jul 2022 19:33:52 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 5907

GET
H/1.1 200
OK jquery.mask.js Show response
www.se-regionsbank.com/a50dd/Assets/ 20 KB
20 KB 202ms
201ms Script
application/javascript 35.237.16.154
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.se-regionsbank.com/a50dd/Assets/jquery.mask.js
Requested by: Host: www.se-regionsbank.com
URL: https://www.se-regionsbank.com/a50dd/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.237.16.154 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 154.16.237.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: be483938eb34538b970684f72e312f62652e84b42b7ad86953962d1ce2217c44

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.se-regionsbank.com/a50dd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 19:33:54 GMT
Last-Modified: Thu, 14 Jul 2022 19:33:52 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 20120

GET
H/1.1 200
OK source-sans-pro-700-webfont.woff
www.se-regionsbank.com/a50dd/Assets/cdx/Assets/Themes/Desktop/Shared/ResponsiveCore/Fonts/ 18 KB
19 KB 191ms
191ms Font
font/woff 35.237.16.154
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.se-regionsbank.com/a50dd/Assets/cdx/Assets/Themes/Desktop/Shared/ResponsiveCore/Fonts/source-sans-pro-700-webfont.woff
Requested by: Host: www.se-regionsbank.com
URL: https://www.se-regionsbank.com/a50dd/Assets/cdx/Assets/Themes/Desktop/Shared/ResponsiveCore/com-regions.min.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.237.16.154 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 154.16.237.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 8cd9ec1f69dc5eae76225efcb7e0e4f067d70f6d67f936b4ba98f6e7c317ece2

Request headers

Referer: https://www.se-regionsbank.com/a50dd/Assets/cdx/Assets/Themes/Desktop/Shared/ResponsiveCore/com-regions.min.css
Origin: https://www.se-regionsbank.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 19:33:55 GMT
Last-Modified: Thu, 14 Jul 2022 19:33:52 GMT
Server: Apache
Content-Type: font/woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 18720

GET
H/1.1 200
OK source-sans-pro-regular-webfont.woff
www.se-regionsbank.com/a50dd/Assets/cdx/Assets/Themes/Desktop/Shared/ResponsiveCore/Fonts/ 19 KB
19 KB 175ms
175ms Font
font/woff 35.237.16.154
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.se-regionsbank.com/a50dd/Assets/cdx/Assets/Themes/Desktop/Shared/ResponsiveCore/Fonts/source-sans-pro-regular-webfont.woff
Requested by: Host: www.se-regionsbank.com
URL: https://www.se-regionsbank.com/a50dd/Assets/cdx/Assets/Themes/Desktop/Shared/ResponsiveCore/com-regions.min.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.237.16.154 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 154.16.237.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: c76d1157888f0e90d43d4a1d347081f2c6aa56b4fdd4f30950d421fef844756f

Request headers

Referer: https://www.se-regionsbank.com/a50dd/Assets/cdx/Assets/Themes/Desktop/Shared/ResponsiveCore/com-regions.min.css
Origin: https://www.se-regionsbank.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 19:33:55 GMT
Last-Modified: Thu, 14 Jul 2022 19:33:52 GMT
Server: Apache
Content-Type: font/woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 19156

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Regions Bank (Banking)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.se-regionsbank.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: d1ea5d09545b7575e4d1282651f93c9e
			apply.wellsfargo.com/	1969-12-31 23:59:59	Name: ISD_OSM_COOKIE Value: bHFK1cp93dqffDVVL0p/QMrUKfYIPxZ0gyYZWYhboWrMDEIYubUwTdBuD0Z8wCWXxJWWRoBUkdASKx4AAAAB

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apply.wellsfargo.com
www.se-regionsbank.com
159.45.2.177
35.237.16.154
1aa4c1bbce0d546e38542fb5e118914a75cf8f2013adfe59416e2626bc071d35
2ec13872d1c04136834372351ffbab078b67263e84f98d9b4c546c521ef85d7f
420bf3610d128e741b67e83c3b4ead9f589725cfdb0e1a2c34aa09b4cf8b9c1e
44539b5f80bc87b91fba5dab40e5b8105c99d3ba5e07375d41c49679c9206564
89db88fadaf63fd4e91d869fed81834918debd6eacbe6e47b5ad54e061996aed
8b69a3707a2ef4a748dd6c9923a1fa17d1ed5d32eee6e60240540217cf30b324
8cd9ec1f69dc5eae76225efcb7e0e4f067d70f6d67f936b4ba98f6e7c317ece2
912f72af9fe61099bc2452960df7b72ee662d5c3e6188ab246767de1fe367913
be483938eb34538b970684f72e312f62652e84b42b7ad86953962d1ce2217c44
c76d1157888f0e90d43d4a1d347081f2c6aa56b4fdd4f30950d421fef844756f
d29a50bbb70d0c0a23215edec79ea1cd7aec5528974e270207f957109a0963d0
d8b85623959a782c7fce40f2c449dd48487caa5dd988dc7d4a3f19ea78c2b9bc
e4bc94279e093f25720c2867e7a08dbfaaa140636f11eab5ac4e204a93a3751e
f59dc66c08474ec52a21ab66cd6ba46a4e4ace29b0b82e2306add18741ae9c2a

www.se-regionsbank.com Open in urlscan Pro 35.237.16.154 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

689 kBTransfer

685 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

13 JavaScript Global Variables

2 Cookies

Indicators

www.se-regionsbank.com Open in urlscan Pro
35.237.16.154 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

689 kB
Transfer

685 kB
Size

2
Cookies

14 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!