urlscan.io logo urlscan.io
SecurityTrails logo

www.regionssupport.info Open in urlscan Pro
68.178.247.189  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.regionssupport.info/
Effective URL: https://www.regionssupport.info/AccountUpdate/login/index.php?actionType=AcctLogin&LoginSession=True&SessionId=c9e835f7763062d52...
Submission: On December 05 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 23 HTTP transactions. The main IP is 68.178.247.189, located in United States and belongs to GO-DADDY-COM-LLC, US. The main domain is www.regionssupport.info.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on December 5th 2021. Valid for: a year.
This is the only time www.regionssupport.info was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Regions Bank (Banking)

Domain & IP information

IP Address AS Autonomous System
1 18 68.178.247.189 398101 (GO-DADDY-...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 18.195.42.228 16509 (AMAZON-02)
23 3
Apex Domain
Subdomains		 Transfer
18 regionssupport.info
www.regionssupport.info
2 MB
4 ensighten.com
nexus.ensighten.com
4 KB
2 jsdelivr.net
cdn.jsdelivr.net
46 KB
23 3
Domain Requested by
18 www.regionssupport.info 1 redirects www.regionssupport.info
4 nexus.ensighten.com www.regionssupport.info
2 cdn.jsdelivr.net www.regionssupport.info
23 3

This site contains links to these domains. Also see Links.

Domain
www.regions.com
survey.regions.com
Subject Issuer Validity Valid
regionssupport.info
Go Daddy Secure Certificate Authority - G2		 2021-12-05 -
2023-01-06		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-03 -
2022-07-02		 a year crt.sh
nexus.ensighten.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-14 -
2022-10-12		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.regionssupport.info/AccountUpdate/login/index.php?actionType=AcctLogin&LoginSession=True&SessionId=c9e835f7763062d527418320ec9e04a3&__ENVAR=
Frame ID: 38E9B05E4870024DA0FBFA78BD35E2AF
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Regions Online Banking - Log in to your accounts | Regions

Page URL History Show full URLs

  1. https://www.regionssupport.info/ HTTP 302
    https://www.regionssupport.info/AccountUpdate/login/index.php?actionType=AcctLogin&LoginSession=True&Session... Page URL

Page Statistics

23
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

2137 kB
Transfer

4646 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.regionssupport.info/ HTTP 302
    https://www.regionssupport.info/AccountUpdate/login/index.php?actionType=AcctLogin&LoginSession=True&SessionId=c9e835f7763062d527418320ec9e04a3&__ENVAR= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.php
www.regionssupport.info/AccountUpdate/login/
Redirect Chain
  • https://www.regionssupport.info/
  • https://www.regionssupport.info/AccountUpdate/login/index.php?actionType=AcctLogin&LoginSession=True&SessionId=c9e835f7763062d527418320ec9e04a3&__ENVAR=
8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.regionssupport.info/AccountUpdate/login/index.php?actionType=AcctLogin&LoginSession=True&SessionId=c9e835f7763062d527418320ec9e04a3&__ENVAR=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.178.247.189 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
ip-68-178-247-189.ip.secureserver.net
Software
Apache / PHP/7.4.24
Resource Hash
176d4569e4483527c06f7f248f0099a1d9e7f8763a68c15c1744cc2a737c50a8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

x-powered-by
PHP/7.4.24
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Accept-Encoding
content-encoding
gzip
content-length
2640
content-type
text/html; charset=UTF-8
date
Sun, 05 Dec 2021 21:22:03 GMT
server
Apache

Redirect headers

x-powered-by
PHP/7.4.24
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
location
AccountUpdate/login/index.php?actionType=AcctLogin&LoginSession=True&SessionId=c9e835f7763062d527418320ec9e04a3&__ENVAR=#
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 05 Dec 2021 21:22:03 GMT
server
Apache
6ecf86ad9b4511b37d16156ceb162c34.js.download
www.regionssupport.info/AccountUpdate/login/Regions%20Online%20Banking%20-%20Log%20in%20to%20your%20accounts%20_%20Regions_files/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.regionssupport.info/AccountUpdate/login/Regions%20Online%20Banking%20-%20Log%20in%20to%20your%20accounts%20_%20Regions_files/6ecf86ad9b4511b37d16156ceb162c34.js.download
Requested by
Host: www.regionssupport.info
URL: https://www.regionssupport.info/AccountUpdate/login/index.php?actionType=AcctLogin&LoginSession=True&SessionId=c9e835f7763062d527418320ec9e04a3&__ENVAR=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.178.247.189 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
ip-68-178-247-189.ip.secureserver.net
Software
Apache /
Resource Hash
3be3373680ff685f39a6d078e0f82e5d417316dd5d37bdebbd9c55135983462b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.regionssupport.info/AccountUpdate/login/index.php?actionType=AcctLogin&LoginSession=True&SessionId=c9e835f7763062d527418320ec9e04a3&__ENVAR=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 21:22:03 GMT
content-encoding
gzip
last-modified
Fri, 05 Feb 2021 02:24:50 GMT
server
Apache
etag
"2b40d0c-1b4a-5ba8d864e8080-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
2497
serverComponent.php
www.regionssupport.info/AccountUpdate/login/Regions%20Online%20Banking%20-%20Log%20in%20to%20your%20accounts%20_%20Regions_files/ 		282 B
252 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.regionssupport.info/AccountUpdate/login/Regions%20Online%20Banking%20-%20Log%20in%20to%20your%20accounts%20_%20Regions_files/serverComponent.php
Requested by
Host: www.regionssupport.info
URL: https://www.regionssupport.info/AccountUpdate/login/index.php?actionType=AcctLogin&LoginSession=True&SessionId=c9e835f7763062d527418320ec9e04a3&__ENVAR=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.178.247.189 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
ip-68-178-247-189.ip.secureserver.net
Software
Apache / PHP/7.4.24
Resource Hash
452fbf76ed27ebd10a4bf8995939b51c67da43e4c039b4f0091ad585383e9336

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.regionssupport.info/AccountUpdate/login/index.php?actionType=AcctLogin&LoginSession=True&SessionId=c9e835f7763062d527418320ec9e04a3&__ENVAR=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 21:22:03 GMT
content-encoding
gzip
server
Apache
x-powered-by
PHP/7.4.24
content-length
222
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
com-regions.css
www.regionssupport.info/AccountUpdate/login/Regions%20Online%20Banking%20-%20Log%20in%20to%20your%20accounts%20_%20Regions_files/ 		369 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.regionssupport.info/AccountUpdate/login/Regions%20Online%20Banking%20-%20Log%20in%20to%20your%20accounts%20_%20Regions_files/com-regions.css
Requested by
Host: www.regionssupport.info
URL: https://www.regionssupport.info/AccountUpdate/login/index.php?actionType=AcctLogin&LoginSession=True&SessionId=c9e835f7763062d527418320ec9e04a3&__ENVAR=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.178.247.189 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
ip-68-178-247-189.ip.secureserver.net
Software
Apache /
Resource Hash
c7c7b774b9f2c64c84544b920465ce2514ce5b14c4312c6dc336b2732a33208f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.regionssupport.info/AccountUpdate/login/index.php?actionType=AcctLogin&LoginSession=True&SessionId=c9e835f7763062d527418320ec9e04a3&__ENVAR=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 21:22:03 GMT
content-encoding
gzip
last-modified
Fri, 05 Feb 2021 02:24:50 GMT
server
Apache
etag
"2b40d0e-5c2ab-5ba8d864e8080-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
43563
olbAuth.min.css
www.regionssupport.info/AccountUpdate/login/Regions%20Online%20Banking%20-%20Log%20in%20to%20your%20accounts%20_%20Regions_files/ 		2 KB
988 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.regionssupport.info/AccountUpdate/login/Regions%20Online%20Banking%20-%20Log%20in%20to%20your%20accounts%20_%20Regions_files/olbAuth.min.css
Requested by
Host: www.regionssupport.info
URL: https://www.regionssupport.info/AccountUpdate/login/index.php?actionType=AcctLogin&LoginSession=True&SessionId=c9e835f7763062d527418320ec9e04a3&__ENVAR=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.178.247.189 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
ip-68-178-247-189.ip.secureserver.net
Software
Apache /
Resource Hash
9d782980884a0c3a5631f5534c0a957d08d714097a24de9b7fed6b108406d75c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.regionssupport.info/AccountUpdate/login/index.php?actionType=AcctLogin&LoginSession=True&SessionId=c9e835f7763062d527418320ec9e04a3&__ENVAR=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 21:22:03 GMT
content-encoding
gzip
last-modified
Fri, 05 Feb 2021 02:24:50 GMT
server
Apache
etag
"2b40d13-8b6-5ba8d864e8080-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
922
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.0-beta1/dist/css/ 		150 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.0-beta1/dist/css/bootstrap.min.css
Requested by
Host: www.regionssupport.info
URL: https://www.regionssupport.info/AccountUpdate/login/index.php?actionType=AcctLogin&LoginSession=True&SessionId=c9e835f7763062d527418320ec9e04a3&__ENVAR=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0267260045096457f26914277f49eef5da5ec54ac6aee8579be4810332e518b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.regionssupport.info/
Origin
https://www.regionssupport.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 21:22:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
3516948
x-jsd-version
5.0.0-beta1
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19140-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"25617-q3SIoVyTmtfFSq15BDC3uaLXfq4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6b9053e69ca2061c-FRA
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.0.0-beta1/dist/js/ 		79 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.0-beta1/dist/js/bootstrap.bundle.min.js
Requested by
Host: www.regionssupport.info
URL: https://www.regionssupport.info/AccountUpdate/login/index.php?actionType=AcctLogin&LoginSession=True&SessionId=c9e835f7763062d527418320ec9e04a3&__ENVAR=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
886a0d1005f4d663e11473c81ea20b2b9d618372313df55223d2c571dffc5698
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.regionssupport.info/
Origin
https://www.regionssupport.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 21:22:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
3544509
x-jsd-version
5.0.0-beta1
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19157-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"13bb5-zUKjci8NkL/tAMsum+NysHqoVi8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6b9053e69ca4061c-FRA
regions-logo-no-r.svg
www.regionssupport.info/AccountUpdate/login/Regions%20Online%20Banking%20-%20Log%20in%20to%20your%20accounts%20_%20Regions_files/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.regionssupport.info/AccountUpdate/login/Regions%20Online%20Banking%20-%20Log%20in%20to%20your%20accounts%20_%20Regions_files/regions-logo-no-r.svg
Requested by
Host: www.regionssupport.info
URL: https://www.regionssupport.info/AccountUpdate/login/index.php?actionType=AcctLogin&LoginSession=True&SessionId=c9e835f7763062d527418320ec9e04a3&__ENVAR=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.178.247.189 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
ip-68-178-247-189.ip.secureserver.net
Software
Apache /
Resource Hash
912f72af9fe61099bc2452960df7b72ee662d5c3e6188ab246767de1fe367913

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.regionssupport.info/AccountUpdate/login/index.php?actionType=AcctLogin&LoginSession=True&SessionId=c9e835f7763062d527418320ec9e04a3&__ENVAR=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 21:22:04 GMT
last-modified
Fri, 05 Feb 2021 02:24:52 GMT
server
Apache
accept-ranges
bytes
etag
"2b40d14-15fb-5ba8d866d0500"
content-length
5627
content-type
image/svg+xml
xmui.css
www.regionssupport.info/AccountUpdate/login/Regions%20Online%20Banking%20-%20Log%20in%20to%20your%20accounts%20_%20Regions_files/ 		798 KB
345 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.regionssupport.info/AccountUpdate/login/Regions%20Online%20Banking%20-%20Log%20in%20to%20your%20accounts%20_%20Regions_files/xmui.css
Requested by
Host: www.regionssupport.info
URL: https://www.regionssupport.info/AccountUpdate/login/index.php?actionType=AcctLogin&LoginSession=True&SessionId=c9e835f7763062d527418320ec9e04a3&__ENVAR=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.178.247.189 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
ip-68-178-247-189.ip.secureserver.net
Software
Apache /
Resource Hash
4a270d9251352ad9754048eda6681b85464fd24a6b78ed809a069a830497cba6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.regionssupport.info/AccountUpdate/login/index.php?actionType=AcctLogin&LoginSession=True&SessionId=c9e835f7763062d527418320ec9e04a3&__ENVAR=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 21:22:04 GMT
content-encoding
gzip
last-modified
Fri, 05 Feb 2021 02:24:52 GMT
server
Apache
etag
"2b40d19-c7836-5ba8d866d0500-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
xmui-no-vars.css
www.regionssupport.info/AccountUpdate/login/Regions%20Online%20Banking%20-%20Log%20in%20to%20your%20accounts%20_%20Regions_files/ 		764 KB
341 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.regionssupport.info/AccountUpdate/login/Regions%20Online%20Banking%20-%20Log%20in%20to%20your%20accounts%20_%20Regions_files/xmui-no-vars.css
Requested by
Host: www.regionssupport.info
URL: https://www.regionssupport.info/AccountUpdate/login/index.php?actionType=AcctLogin&LoginSession=True&SessionId=c9e835f7763062d527418320ec9e04a3&__ENVAR=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.178.247.189 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
ip-68-178-247-189.ip.secureserver.net
Software
Apache /
Resource Hash
dbbff1d268355ba09966710bfbe0226aa56c48e5c327d8bd8be0e3599f5c2c7e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.regionssupport.info/AccountUpdate/login/index.php?actionType=AcctLogin&LoginSession=True&SessionId=c9e835f7763062d527418320ec9e04a3&__ENVAR=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 21:22:04 GMT
content-encoding
gzip
last-modified
Fri, 05 Feb 2021 02:24:52 GMT
server
Apache
etag
"2b40d18-bef18-5ba8d866d0500-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
Common.css
www.regionssupport.info/AccountUpdate/login/Regions%20Online%20Banking%20-%20Log%20in%20to%20your%20accounts%20_%20Regions_files/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.regionssupport.info/AccountUpdate/login/Regions%20Online%20Banking%20-%20Log%20in%20to%20your%20accounts%20_%20Regions_files/Common.css
Requested by
Host: www.regionssupport.info
URL: https://www.regionssupport.info/AccountUpdate/login/index.php?actionType=AcctLogin&LoginSession=True&SessionId=c9e835f7763062d527418320ec9e04a3&__ENVAR=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.178.247.189 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
ip-68-178-247-189.ip.secureserver.net
Software
Apache /
Resource Hash
71d89feac24a5e17ba2748b0a87787d3b6ba4613ab2476a2107beb52a25a00e1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.regionssupport.info/AccountUpdate/login/index.php?actionType=AcctLogin&LoginSession=True&SessionId=c9e835f7763062d527418320ec9e04a3&__ENVAR=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 21:22:04 GMT
content-encoding
gzip
last-modified
Fri, 05 Feb 2021 02:24:52 GMT
server
Apache
etag
"2b40d0f-1881-5ba8d866d0500-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
1720
login.min.js.download
www.regionssupport.info/AccountUpdate/login/Regions%20Online%20Banking%20-%20Log%20in%20to%20your%20accounts%20_%20Regions_files/ 		1 MB
263 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.regionssupport.info/AccountUpdate/login/Regions%20Online%20Banking%20-%20Log%20in%20to%20your%20accounts%20_%20Regions_files/login.min.js.download
Requested by
Host: www.regionssupport.info
URL: https://www.regionssupport.info/AccountUpdate/login/index.php?actionType=AcctLogin&LoginSession=True&SessionId=c9e835f7763062d527418320ec9e04a3&__ENVAR=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.178.247.189 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
ip-68-178-247-189.ip.secureserver.net
Software
Apache /
Resource Hash
8769789308d298586ca2c37d62179466c3c7084febdf177d37c3e38d8f2493db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.regionssupport.info/AccountUpdate/login/index.php?actionType=AcctLogin&LoginSession=True&SessionId=c9e835f7763062d527418320ec9e04a3&__ENVAR=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 21:22:04 GMT
content-encoding
gzip
last-modified
Fri, 05 Feb 2021 02:24:52 GMT
server
Apache
etag
"2b40d11-110255-5ba8d866d0500-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
equal-housing-lender.svg
www.regionssupport.info/AccountUpdate/login/Regions%20Online%20Banking%20-%20Log%20in%20to%20your%20accounts%20_%20Regions_files/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.regionssupport.info/AccountUpdate/login/Regions%20Online%20Banking%20-%20Log%20in%20to%20your%20accounts%20_%20Regions_files/equal-housing-lender.svg
Requested by
Host: www.regionssupport.info
URL: https://www.regionssupport.info/AccountUpdate/login/index.php?actionType=AcctLogin&LoginSession=True&SessionId=c9e835f7763062d527418320ec9e04a3&__ENVAR=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.178.247.189 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
ip-68-178-247-189.ip.secureserver.net
Software
Apache /
Resource Hash
e4bc94279e093f25720c2867e7a08dbfaaa140636f11eab5ac4e204a93a3751e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.regionssupport.info/AccountUpdate/login/index.php?actionType=AcctLogin&LoginSession=True&SessionId=c9e835f7763062d527418320ec9e04a3&__ENVAR=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 21:22:04 GMT
last-modified
Fri, 05 Feb 2021 02:24:52 GMT
server
Apache
accept-ranges
bytes
etag
"2b40d10-ece-5ba8d866d0500"
content-length
3790
content-type
image/svg+xml
member-fdic.svg
www.regionssupport.info/AccountUpdate/login/Regions%20Online%20Banking%20-%20Log%20in%20to%20your%20accounts%20_%20Regions_files/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.regionssupport.info/AccountUpdate/login/Regions%20Online%20Banking%20-%20Log%20in%20to%20your%20accounts%20_%20Regions_files/member-fdic.svg
Requested by
Host: www.regionssupport.info
URL: https://www.regionssupport.info/AccountUpdate/login/index.php?actionType=AcctLogin&LoginSession=True&SessionId=c9e835f7763062d527418320ec9e04a3&__ENVAR=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.178.247.189 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
ip-68-178-247-189.ip.secureserver.net
Software
Apache /
Resource Hash
8b69a3707a2ef4a748dd6c9923a1fa17d1ed5d32eee6e60240540217cf30b324

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.regionssupport.info/AccountUpdate/login/index.php?actionType=AcctLogin&LoginSession=True&SessionId=c9e835f7763062d527418320ec9e04a3&__ENVAR=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 21:22:04 GMT
last-modified
Fri, 05 Feb 2021 02:24:52 GMT
server
Apache
accept-ranges
bytes
etag
"2b40d12-1771-5ba8d866d0500"
content-length
6001
content-type
image/svg+xml
regionslib.min.js(1).download
www.regionssupport.info/AccountUpdate/login/Regions%20Online%20Banking%20-%20Log%20in%20to%20your%20accounts%20_%20Regions_files/ 		994 KB
995 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.regionssupport.info/AccountUpdate/login/Regions%20Online%20Banking%20-%20Log%20in%20to%20your%20accounts%20_%20Regions_files/regionslib.min.js(1).download
Requested by
Host: www.regionssupport.info
URL: https://www.regionssupport.info/AccountUpdate/login/index.php?actionType=AcctLogin&LoginSession=True&SessionId=c9e835f7763062d527418320ec9e04a3&__ENVAR=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.178.247.189 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
ip-68-178-247-189.ip.secureserver.net
Software
Apache /
Resource Hash
1ed5153894d62b5899a70d0697cc3e7133312b24ee1c28dd26896a6016ecb813

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.regionssupport.info/AccountUpdate/login/index.php?actionType=AcctLogin&LoginSession=True&SessionId=c9e835f7763062d527418320ec9e04a3&__ENVAR=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 21:22:04 GMT
last-modified
Fri, 05 Feb 2021 02:24:52 GMT
server
Apache
accept-ranges
bytes
etag
"2b40d15-f88a7-5ba8d866d0500"
content-length
1018023
Bootstrap.js.download
www.regionssupport.info/AccountUpdate/login/Regions%20Online%20Banking%20-%20Log%20in%20to%20your%20accounts%20_%20Regions_files/ 		355 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.regionssupport.info/AccountUpdate/login/Regions%20Online%20Banking%20-%20Log%20in%20to%20your%20accounts%20_%20Regions_files/Bootstrap.js.download
Requested by
Host: www.regionssupport.info
URL: https://www.regionssupport.info/AccountUpdate/login/index.php?actionType=AcctLogin&LoginSession=True&SessionId=c9e835f7763062d527418320ec9e04a3&__ENVAR=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.178.247.189 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
ip-68-178-247-189.ip.secureserver.net
Software
Apache /
Resource Hash
31bc0d76620dabf00a7873643c4bf89cb51a6ef176d6ff68ea38463a1ad2f5d4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.regionssupport.info/AccountUpdate/login/index.php?actionType=AcctLogin&LoginSession=True&SessionId=c9e835f7763062d527418320ec9e04a3&__ENVAR=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 21:22:04 GMT
content-encoding
gzip
last-modified
Fri, 05 Feb 2021 02:24:52 GMT
server
Apache
etag
"2b40d0d-58deb-5ba8d866d0500-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
source-sans-pro-regular-webfont.woff
www.regionssupport.info/AccountUpdate/login/Regions%20Online%20Banking%20-%20Log%20in%20to%20your%20accounts%20_%20Regions_files/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://www.regionssupport.info/AccountUpdate/login/Regions%20Online%20Banking%20-%20Log%20in%20to%20your%20accounts%20_%20Regions_files/fonts/source-sans-pro-regular-webfont.woff
Requested by
Host: www.regionssupport.info
URL: https://www.regionssupport.info/AccountUpdate/login/Regions%20Online%20Banking%20-%20Log%20in%20to%20your%20accounts%20_%20Regions_files/com-regions.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.178.247.189 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
ip-68-178-247-189.ip.secureserver.net
Software
Apache /
Resource Hash

Request headers

Referer
https://www.regionssupport.info/AccountUpdate/login/Regions%20Online%20Banking%20-%20Log%20in%20to%20your%20accounts%20_%20Regions_files/com-regions.css
Origin
https://www.regionssupport.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 21:22:04 GMT
server
Apache
content-length
315
content-type
text/html; charset=iso-8859-1
1.gif
nexus.ensighten.com/privacy/v1/b/ 		0
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nexus.ensighten.com/privacy/v1/b/1.gif?n=0&c=1202&i=4uz00g&p=transmit-prod&s=314&d=8HZ7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNDI1IiwiY2xpZW50SWQiOjEyMDIsInB1Ymxpc2hQYXRoIjoidHJhbnNtaXQtcHJvZCIsImluc3RhbmNlSWQiOiI0dXowMGciLCJwYWNrZXQiOjAsIm1vZGUiOiJvYnNlcnZlYADyJ29va2llcyI6e30sImVudmlyb25tZW50Ijoibm9uZSIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLkA8BkiLCJ0eXBlIjoiYmlsbGluZyIsInN0YXJ0IjoxNjM4NzM5MzI3MDEyWgDAZCI6LTEsInNvdXJjMgACKwBhdHVzIjoiZgBAYXNvbmUA010sImRhdGFQYXR0ZXISAMAibGlzdCI6W119XX0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.regionssupport.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 21:22:07 GMT
cache-control
no-cache, no-store
server
nginx
expires
Sun, 05 Dec 2021 21:22:06 GMT
serverComponent.php
nexus.ensighten.com/regions/transmit-prod/ 		282 B
424 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/regions/transmit-prod/serverComponent.php?r=1290001355.6129065&namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/regions/transmit-prod/code/&publishedOn=Wed%20Oct%2021%2019:05:54%20GMT%202020&ClientID=1202&PageID=https%3A%2F%2Fwww.regionssupport.info%2FAccountUpdate%2Flogin%2Findex.php%3FactionType%3DAcctLogin%26LoginSession%3DTrue%26SessionId%3Dc9e835f7763062d527418320ec9e04a3%26__ENVAR%3D%23
Requested by
Host: www.regionssupport.info
URL: https://www.regionssupport.info/AccountUpdate/login/Regions%20Online%20Banking%20-%20Log%20in%20to%20your%20accounts%20_%20Regions_files/Bootstrap.js.download
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4337eec4ae7e137340767affcb6356853b65954d881d784aa3f119f195164e57

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.regionssupport.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 21:22:07 GMT
cache-control
no-cache, no-store
server
nginx
content-type
text/javascript
content-length
282
expires
Sun, 05 Dec 2021 21:22:06 GMT
f7431caa1ca81557178898866a70818a.js
nexus.ensighten.com/regions/transmit-prod/code/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/regions/transmit-prod/code/f7431caa1ca81557178898866a70818a.js?conditionId0=423026
Requested by
Host: www.regionssupport.info
URL: https://www.regionssupport.info/AccountUpdate/login/Regions%20Online%20Banking%20-%20Log%20in%20to%20your%20accounts%20_%20Regions_files/Bootstrap.js.download
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e5ec6358137e0bfd2e0fa87ec48b58f57d5b3ff8cff500d0f8ea0a3f77f17995

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.regionssupport.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 21:22:07 GMT
content-encoding
gzip
last-modified
Mon, 16 Aug 2021 21:05:01 GMT
server
nginx
etag
W/"611ad2fd-26e7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
e.gif
nexus.ensighten.com/error/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nexus.ensighten.com/error/e.gif?msg=Cannot%20read%20properties%20of%20undefined%20(reading%20%27resolve%27)&lnn=-1&fn=&cid=1202&client=regions&publishPath=transmit-prod&rid=-1&did=-1&errorName=TypeError
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.regionssupport.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 21:22:07 GMT
cache-control
no-cache, no-store
server
nginx
expires
Sun, 05 Dec 2021 21:22:06 GMT
source-sans-pro-600-webfont.woff
www.regionssupport.info/AccountUpdate/login/Regions%20Online%20Banking%20-%20Log%20in%20to%20your%20accounts%20_%20Regions_files/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://www.regionssupport.info/AccountUpdate/login/Regions%20Online%20Banking%20-%20Log%20in%20to%20your%20accounts%20_%20Regions_files/fonts/source-sans-pro-600-webfont.woff
Requested by
Host: www.regionssupport.info
URL: https://www.regionssupport.info/AccountUpdate/login/Regions%20Online%20Banking%20-%20Log%20in%20to%20your%20accounts%20_%20Regions_files/com-regions.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.178.247.189 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
ip-68-178-247-189.ip.secureserver.net
Software
Apache /
Resource Hash

Request headers

Referer
https://www.regionssupport.info/AccountUpdate/login/Regions%20Online%20Banking%20-%20Log%20in%20to%20your%20accounts%20_%20Regions_files/com-regions.css
Origin
https://www.regionssupport.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 21:22:07 GMT
server
Apache
content-length
315
content-type
text/html; charset=iso-8859-1
source-sans-pro-700-webfont.woff
www.regionssupport.info/AccountUpdate/login/Regions%20Online%20Banking%20-%20Log%20in%20to%20your%20accounts%20_%20Regions_files/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://www.regionssupport.info/AccountUpdate/login/Regions%20Online%20Banking%20-%20Log%20in%20to%20your%20accounts%20_%20Regions_files/fonts/source-sans-pro-700-webfont.woff
Requested by
Host: www.regionssupport.info
URL: https://www.regionssupport.info/AccountUpdate/login/Regions%20Online%20Banking%20-%20Log%20in%20to%20your%20accounts%20_%20Regions_files/com-regions.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.178.247.189 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
ip-68-178-247-189.ip.secureserver.net
Software
Apache /
Resource Hash

Request headers

Referer
https://www.regionssupport.info/AccountUpdate/login/Regions%20Online%20Banking%20-%20Log%20in%20to%20your%20accounts%20_%20Regions_files/com-regions.css
Origin
https://www.regionssupport.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 21:22:07 GMT
server
Apache
content-length
315
content-type
text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Regions Bank (Banking)

125 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler number| uidEvent object| bootstrap function| progressBarForm function| passwordAuthenticator function| getQuestions function| pwdChange function| challengeQuestionAuth function| lockedOptions function| secQuestionOptions function| _instanceof function| _typeof function| _classCallCheck function| _defineProperties function| _createClass function| _inherits function| _setPrototypeOf function| _createSuper function| _possibleConstructorReturn function| _assertThisInitialized function| _isNativeReflectConstruct function| _getPrototypeOf function| debugOut function| clearUIContainer function| displayPagelevelError function| clearPagelevelError function| clearCustomValidationError function| addCustomValidationError function| handleGetQuestionKeyEvents function| handleChangePasswordKeyEvents function| handleChallengeQuestionKeyEvents function| handlePasswordKeyEvents function| validateCurrentPassword function| validateNewPassword function| validateConfirmPassword function| validateChallengeAnswer function| validateQuestion1 function| validateQuestion2 function| validateQuestion3 function| validateAnswer1 function| validateAnswer2 function| validateAnswer3 function| validateVerifyAnswer1 function| validateVerifyAnswer2 function| validateVerifyAnswer3 function| onSecurityQuestionChange function| AlignCenter function| sessionMonitor function| AddAriaHidden function| RemoveAriaHidden function| StopSessionTimer function| InitiateLoginJourney function| getRelyingParty function| RememberMe function| GetConfiguration function| ValidateOnlineID function| ErrorLogger function| PageLevelInfo function| RedirectToLoginPage string| demoOptionTagList undefined| _expirationTimeoutID undefined| _warningTimeoutID string| authFailed string| invalidPassword string| invalidCurrentPassword object| passwordPattern string| errorBlockCNP string| errorBlockNP string| emptyErrorBlockCNP string| emptyErrorBlockNP string| emptyErrorBlockCUP string| errorBlockConfirmPassword string| errorSameNewPassword string| maxCharacterPassword object| answerPattern string| notSelectedQuestionErrMSG string| duplicateQuestionSelectedErrMSG string| errorBlockDDL string| errorEmptySecurityAnswer string| errorA1Unique string| errorA2Unique string| errorA3Unique string| errorBlock string| errorEmptyVerifyAnswer string| pageLevelError string| patternError string| errorEmptyChallengeAnswer string| tryAgain string| notSelected boolean| pageLevelMessageDisplayed function| RegUIHandler function| PasswordAuthenticatorSession function| FormSession object| tsConfigSetting string| accountOverViewURL undefined| tsLevel string| verifyIdentityURL string| systemUnavailableURL string| genericErrorURL function| $ function| jQuery object| xmsdk object| com object| aesjs object| elliptic function| sha256 function| sha224 object| base64js object| __XMSDK_PLUGINS object| xmui boolean| cookiesDisabled function| _toConsumableArray function| _typeof2 object| validator object| RDS function| zxcvbn object| ensBootstraps object| Bootstrapper object| ensClientConfig object| ensLogger boolean| ensBrowserSupported object| gateway

2 Cookies

Domain/Path Name / Value
www.regionssupport.info/ Name: PHPSESSID
Value: 05f07eebe04cc88969f294fa5b19c4f5
www.regionssupport.info/ Name: TestCookie
Value: testcookie

4 Console Messages

Source Level URL
Text
network error URL: https://www.regionssupport.info/AccountUpdate/login/Regions%20Online%20Banking%20-%20Log%20in%20to%20your%20accounts%20_%20Regions_files/fonts/source-sans-pro-regular-webfont.woff
Message:
Failed to load resource: the server responded with a status of 404 ()
deprecation warning URL: https://www.regionssupport.info/AccountUpdate/login/Regions%20Online%20Banking%20-%20Log%20in%20to%20your%20accounts%20_%20Regions_files/login.min.js.download(Line 13)
Message:
RTP data channels are no longer supported. The "RtpDataChannels" constraint is currently ignored, and may cause an error at a later date.
network error URL: https://www.regionssupport.info/AccountUpdate/login/Regions%20Online%20Banking%20-%20Log%20in%20to%20your%20accounts%20_%20Regions_files/fonts/source-sans-pro-600-webfont.woff
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.regionssupport.info/AccountUpdate/login/Regions%20Online%20Banking%20-%20Log%20in%20to%20your%20accounts%20_%20Regions_files/fonts/source-sans-pro-700-webfont.woff
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
nexus.ensighten.com
www.regionssupport.info
18.195.42.228
2606:4700::6810:5714
68.178.247.189
0267260045096457f26914277f49eef5da5ec54ac6aee8579be4810332e518b6
176d4569e4483527c06f7f248f0099a1d9e7f8763a68c15c1744cc2a737c50a8
1ed5153894d62b5899a70d0697cc3e7133312b24ee1c28dd26896a6016ecb813
31bc0d76620dabf00a7873643c4bf89cb51a6ef176d6ff68ea38463a1ad2f5d4
3be3373680ff685f39a6d078e0f82e5d417316dd5d37bdebbd9c55135983462b
4337eec4ae7e137340767affcb6356853b65954d881d784aa3f119f195164e57
452fbf76ed27ebd10a4bf8995939b51c67da43e4c039b4f0091ad585383e9336
4a270d9251352ad9754048eda6681b85464fd24a6b78ed809a069a830497cba6
71d89feac24a5e17ba2748b0a87787d3b6ba4613ab2476a2107beb52a25a00e1
8769789308d298586ca2c37d62179466c3c7084febdf177d37c3e38d8f2493db
886a0d1005f4d663e11473c81ea20b2b9d618372313df55223d2c571dffc5698
8b69a3707a2ef4a748dd6c9923a1fa17d1ed5d32eee6e60240540217cf30b324
912f72af9fe61099bc2452960df7b72ee662d5c3e6188ab246767de1fe367913
9d782980884a0c3a5631f5534c0a957d08d714097a24de9b7fed6b108406d75c
c7c7b774b9f2c64c84544b920465ce2514ce5b14c4312c6dc336b2732a33208f
dbbff1d268355ba09966710bfbe0226aa56c48e5c327d8bd8be0e3599f5c2c7e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4bc94279e093f25720c2867e7a08dbfaaa140636f11eab5ac4e204a93a3751e
e5ec6358137e0bfd2e0fa87ec48b58f57d5b3ff8cff500d0f8ea0a3f77f17995