Submitted URL: https://onlinebanking.regions.com/accounts/details
Effective URL: https://login.regions.com/?wa=wsignin1.0&wtrealm=http%3a%2f%2fonlinebanking.regions.com%2f&wctx=rm%3d0%26id%3dpassive%26ru...
Submission: On February 05 via api from US — Scanned from DE

Summary

This website contacted 9 IPs in 2 countries across 5 domains to perform 55 HTTP transactions. The main IP is 18.66.147.70, located in United States and belongs to AMAZON-02, US. The main domain is login.regions.com. The Cisco Umbrella rank of the primary domain is 141087.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on January 22nd 2024. Valid for: a year.
This is the only time login.regions.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
28 regions.com
onlinebanking.regions.com — Cisco Umbrella Rank: 122393
login.regions.com — Cisco Umbrella Rank: 141087
tm.regions.com — Cisco Umbrella Rank: 66164
smetrics.regions.com — Cisco Umbrella Rank: 76346
510 KB
4 ensighten.com
nexus.ensighten.com — Cisco Umbrella Rank: 3810
14 KB
3 online-metrix.net
h.online-metrix.net — Cisco Umbrella Rank: 2734
3uc6h1j9pznq2ljn7ik6tcn3rqdqmlddb4axwyljef45ba0dcbc7f20eam1.e.aa.online-metrix.net
16 KB
3 gstatic.com
fonts.gstatic.com
44 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
1 KB
55 5
Domain Requested by
14 tm.regions.com login.regions.com
tm.regions.com
11 login.regions.com login.regions.com
4 nexus.ensighten.com login.regions.com
nexus.ensighten.com
3 fonts.gstatic.com fonts.googleapis.com
2 h.online-metrix.net tm.regions.com
2 smetrics.regions.com 1 redirects
1 3uc6h1j9pznq2ljn7ik6tcn3rqdqmlddb4axwyljef45ba0dcbc7f20eam1.e.aa.online-metrix.net
1 fonts.googleapis.com login.regions.com
1 onlinebanking.regions.com 1 redirects
55 9

This site contains links to these domains. Also see Links.

Domain
www.regions.com
onlinebanking.regions.com
survey.regions.com
Subject Issuer Validity Valid
login.regions.com
Sectigo RSA Organization Validation Secure Server CA
2024-01-22 -
2025-01-21
a year crt.sh
upload.video.google.com
GTS CA 1C3
2024-01-09 -
2024-04-02
3 months crt.sh
nexus.ensighten.com
Amazon RSA 2048 M02
2023-09-29 -
2024-10-27
a year crt.sh
tm.regions.com
Sectigo RSA Extended Validation Secure Server CA
2023-03-15 -
2024-03-14
a year crt.sh
*.gstatic.com
GTS CA 1C3
2024-01-09 -
2024-04-02
3 months crt.sh
online-metrix.net
Viking Cloud Organization Validation CA, Level 1
2023-10-20 -
2024-10-21
a year crt.sh
*.aa.online-metrix.net
Viking Cloud Organization Validation CA, Level 1
2023-10-20 -
2024-10-21
a year crt.sh

This page contains 5 frames:

Primary Page: https://login.regions.com/?wa=wsignin1.0&wtrealm=http%3a%2f%2fonlinebanking.regions.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%2faccounts%2foverview&wct=2024-02-05T21%3a06%3a27Z
Frame ID: 6C81FBE6E7B1FC651D125FDA1BA96070
Requests: 21 HTTP requests in this frame

Frame: https://tm.regions.com/9xTCJgVbwvpJln8E?cd4a922fe4ad5291=xQ8-QcjGcNkyaHvbYzRFCShu8RI0PzRdpea-WrF0FtwBjefbbrfeyhtf8Cg7j74S7JXmDVWFE7Sl8jR48za5Wnz7cy3OyiphTSJUJRa3Wu278-ZrbhtvlNKzXLNYa-0LBQe4izrL9vJLncsTnFPszJcKaNjQW5Cohclk6SW1EJZ0cHPzN2S7eo8WAe65RpZc2w24wrLZaIK1c8xO&jb=353124266a736d773557696e66677771246a7b6d3f576166646f75712732303139246a73627d3f4368726d6f6d266a736035436a706f6567273238393231
Frame ID: 28842FDEE9B741D85E877F4AEF7E2B4A
Requests: 29 HTTP requests in this frame

Frame: https://tm.regions.com/TwUOgW3Hiz-I83Uu?6e574d1141ba10f9=-gfQLDaF9eNNbFxyeqkuy47SlkSdlclOE5y7Tpswm2oebOuBEF6GyX-Tt9pDRXEJj5x8B6C6f7nzop3ZOU85vOix8O4YtxwCgV2bpYFMBc35BxY0VBLJwZmXpgeZrKoEG9MYoFJGCAa69HA6-hpHuRcRLSDnCFjg_LqLDVTl3F-a6vUzG7wHLJS_outGecj8ONBi7a_DsNwblupvYXY
Frame ID: A03416A5A89D5866969B98DC4CF57404
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/es0WdE1FvXirKg4_?f1e7ed422d1dbac4=vNzDzUOVQtsshiWRf9HqRdhB5A3pJDLyjUzxcXS5dSkoePztTmoFkmuKTgvasbyP89MABzg7269x90u7GE4eLPfIHnAuWla8R9XbDZ7-yGnbjU8GXaN8EBUNQog_2J19CcmUMNeVFiA5gZdp2vt4zJApuJnbZCo0rhW82XGohf8HIzodnE3zCmKEuAY8CARG4M8xwDwoOX5uKFw7O1Fq
Frame ID: FB230F97256FDB984F86C9DA582DFECC
Requests: 2 HTTP requests in this frame

Frame: https://tm.regions.com/szNMkeFYp7Z5RggW?4cc876aa435f81dd=ekJWyhrRLJWL-MvN1ZoSSEkQHwMvBBSYq-Dsyyqpi_79TOUrZQoa_ds4xmcUOENmn8NooIQVEET5kapGvRXY2_7qVPGbwD164yc-JnoqwQdZSKjqtFlAakZjxAEX6XyQ07OQMRx0LjsHqC1-t5XaJxPqN4qVeS1Vig5dgPOh3kzUB6kwL9WvRh1bVmW5BgoRCl4z3xgaNmWhB4BQwuTR
Frame ID: 6D0F5BBE142B9286D4AABD97BF833B0D
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Log In to Regions Online Banking | Regions Bank

Page URL History Show full URLs

  1. https://onlinebanking.regions.com/accounts/details HTTP 302
    https://login.regions.com/?wa=wsignin1.0&wtrealm=http%3a%2f%2fonlinebanking.regions.com%2f&wctx=rm%3d0... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • //nexus\.ensighten\.com/

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

55
Requests

65 %
HTTPS

33 %
IPv6

5
Domains

9
Subdomains

9
IPs

2
Countries

584 kB
Transfer

2844 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://onlinebanking.regions.com/accounts/details HTTP 302
    https://login.regions.com/?wa=wsignin1.0&wtrealm=http%3a%2f%2fonlinebanking.regions.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%2faccounts%2foverview&wct=2024-02-05T21%3a06%3a27Z Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://smetrics.regions.com/b/ss/regionsbankprod/1?&ch=olb&v1=eap&c1=eap&pageName=eap|login|enterusername&v3=eap|login|enterusername&c2=eap|login|enterusername&mid=&v12=&g=https%3A%2F%2Flogin.regions.com%2Fsignin%3Fchannel%3Dolb%26product%3Daccountoverview&v10=https%3A%2F%2Flogin.regions.com%2Fsignin%3Fchannel%3Dolb%26product%3Daccountoverview&v4=https%3A%2F%2Flogin.regions.com%2Fsignin%3Fchannel%3Dolb%26product%3Daccountoverview&c4=https%3A%2F%2Flogin.regions.com%2Fsignin%3Fchannel%3Dolb%26product%3Daccountoverview&c3=eap|login|enterusername&c23=https%3A%2F%2Flogin.regions.com%2Fsignin%3Fchannel%3Dolb%26product%3Daccountoverview&r=&v8=&c8=&s=1600x1200&v6=en&c6=en&v15=&v0=null&v11=&rand=0.8205440027058029 HTTP 302
  • https://smetrics.regions.com/b/ss/regionsbankprod/1?AQB=1&pccr=true&vidn=32E0A6EA26F76E9D-60001F5AC30F1727&ch=olb&v1=eap&c1=eap&pageName=eap%7Clogin%7Centerusername&v3=eap%7Clogin%7Centerusername&c2=eap%7Clogin%7Centerusername&mid=&v12=&g=https%3A%2F%2Flogin.regions.com%2Fsignin%3Fchannel%3Dolb%26product%3Daccountoverview&v10=https%3A%2F%2Flogin.regions.com%2Fsignin%3Fchannel%3Dolb%26product%3Daccountoverview&v4=https%3A%2F%2Flogin.regions.com%2Fsignin%3Fchannel%3Dolb%26product%3Daccountoverview&c4=https%3A%2F%2Flogin.regions.com%2Fsignin%3Fchannel%3Dolb%26product%3Daccountoverview&c3=eap%7Clogin%7Centerusername&c23=https%3A%2F%2Flogin.regions.com%2Fsignin%3Fchannel%3Dolb%26product%3Daccountoverview&r=&v8=&c8=&s=1600x1200&v6=en&c6=en&v15=&v0=null&v11=&rand=0.8205440027058029&AQE=1

55 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
login.regions.com/
Redirect Chain
  • https://onlinebanking.regions.com/accounts/details
  • https://login.regions.com/?wa=wsignin1.0&wtrealm=http%3a%2f%2fonlinebanking.regions.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%2faccounts%2foverview&wct=2024-02-05T21%3a06%3a27Z
5 KB
3 KB
Document
General
Full URL
https://login.regions.com/?wa=wsignin1.0&wtrealm=http%3a%2f%2fonlinebanking.regions.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%2faccounts%2foverview&wct=2024-02-05T21%3a06%3a27Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-70.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
a67e1a24843046ff5130071a738f0987adfeca733c43804672b2e5807f845551
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.regions.com *.regionstest.com ; font-src 'self' *.rgbk.com *.regions.com *.regionstest.com fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.regions.com *.regionstest.com ajax.googleapis.com nexus.ensighten.com *.rgbk.com ; worker-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob: ; frame-src 'self' *.regions.com *.regionstest.com *.rgbk.com *.online-metrix.net ; style-src 'self' *.regions.com *.regionstest.com *.rgbk.com fonts.googleapis.com 'sha256-BreOq6e1wcF1D+T+VhWl6cPwgMWJLnFdXcJN4ewb7FI=' ; media-src 'self' *.regions.com *.regionstest.com *.rgbk.com ; img-src 'self' *.regions.com *.regionstest.com *.rgbk.com nexus.ensighten.com *.online-metrix.net ; object-src 'self' *.regions.com *.regionstest.com *.rgbk.com ; connect-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob: ;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
content-encoding
br
content-security-policy
default-src 'self' *.regions.com *.regionstest.com ; font-src 'self' *.rgbk.com *.regions.com *.regionstest.com fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.regions.com *.regionstest.com ajax.googleapis.com nexus.ensighten.com *.rgbk.com ; worker-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob: ; frame-src 'self' *.regions.com *.regionstest.com *.rgbk.com *.online-metrix.net ; style-src 'self' *.regions.com *.regionstest.com *.rgbk.com fonts.googleapis.com 'sha256-BreOq6e1wcF1D+T+VhWl6cPwgMWJLnFdXcJN4ewb7FI=' ; media-src 'self' *.regions.com *.regionstest.com *.rgbk.com ; img-src 'self' *.regions.com *.regionstest.com *.rgbk.com nexus.ensighten.com *.online-metrix.net ; object-src 'self' *.regions.com *.regionstest.com *.rgbk.com ; connect-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob: ;
content-type
text/html
date
Mon, 05 Feb 2024 21:06:28 GMT
etag
W/"bb124bd15f9416214b9840b797d78ef6"
last-modified
Wed, 06 Dec 2023 02:17:10 GMT
server
CloudFront
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
x-amz-cf-id
Sqpm2EaYAnflFIQejzoiOUSIiGXVs8W24-lILy6iO1s19TkzJBbUmQ==
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block

Redirect headers

Cache-Control
no-cache, no-store
Content-Length
305
Content-Type
text/html; charset=utf-8
Date
Mon, 05 Feb 2024 21:06:26 GMT
Expires
-1
Location
https://login.regions.com/?wa=wsignin1.0&wtrealm=http%3a%2f%2fonlinebanking.regions.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%2faccounts%2foverview&wct=2024-02-05T21%3a06%3a27Z
Pragma
no-cache
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=157680000
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
css2
fonts.googleapis.com/
7 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;600&display=swap
Requested by
Host: login.regions.com
URL: https://login.regions.com/?wa=wsignin1.0&wtrealm=http%3a%2f%2fonlinebanking.regions.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%2faccounts%2foverview&wct=2024-02-05T21%3a06%3a27Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5c67777e859ba4ffabd0a44c84c2eb71e19ac7388cf0fc51c82115993c3b8abc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.regions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 05 Feb 2024 21:06:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 20:54:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 05 Feb 2024 21:06:27 GMT
info-panel.css
login.regions.com/xm/css/
2 KB
2 KB
Stylesheet
General
Full URL
https://login.regions.com/xm/css/info-panel.css
Requested by
Host: login.regions.com
URL: https://login.regions.com/?wa=wsignin1.0&wtrealm=http%3a%2f%2fonlinebanking.regions.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%2faccounts%2foverview&wct=2024-02-05T21%3a06%3a27Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-70.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
5d7162ad34b87aea938fb0227d7fbe179a5118ca97070c136ae2eb08b6629a33
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.regions.com *.regionstest.com ; font-src 'self' *.rgbk.com *.regions.com *.regionstest.com fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.regions.com *.regionstest.com ajax.googleapis.com nexus.ensighten.com *.rgbk.com ; worker-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob: ; frame-src 'self' *.regions.com *.regionstest.com *.rgbk.com *.online-metrix.net ; style-src 'self' *.regions.com *.regionstest.com *.rgbk.com fonts.googleapis.com 'sha256-BreOq6e1wcF1D+T+VhWl6cPwgMWJLnFdXcJN4ewb7FI=' ; media-src 'self' *.regions.com *.regionstest.com *.rgbk.com ; img-src 'self' *.regions.com *.regionstest.com *.rgbk.com nexus.ensighten.com *.online-metrix.net ; object-src 'self' *.regions.com *.regionstest.com *.rgbk.com ; connect-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob: ;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.regions.com/?wa=wsignin1.0&wtrealm=http%3a%2f%2fonlinebanking.regions.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%2faccounts%2foverview&wct=2024-02-05T21%3a06%3a27Z
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 08:11:14 GMT
content-encoding
br
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
46514
x-amz-cf-pop
FRA60-P4
content-security-policy
default-src 'self' *.regions.com *.regionstest.com ; font-src 'self' *.rgbk.com *.regions.com *.regionstest.com fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.regions.com *.regionstest.com ajax.googleapis.com nexus.ensighten.com *.rgbk.com ; worker-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob: ; frame-src 'self' *.regions.com *.regionstest.com *.rgbk.com *.online-metrix.net ; style-src 'self' *.regions.com *.regionstest.com *.rgbk.com fonts.googleapis.com 'sha256-BreOq6e1wcF1D+T+VhWl6cPwgMWJLnFdXcJN4ewb7FI=' ; media-src 'self' *.regions.com *.regionstest.com *.rgbk.com ; img-src 'self' *.regions.com *.regionstest.com *.rgbk.com nexus.ensighten.com *.online-metrix.net ; object-src 'self' *.regions.com *.regionstest.com *.rgbk.com ; connect-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob: ;
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 06 Dec 2023 02:17:10 GMT
server
CloudFront
etag
W/"6b1c80c0aca4215c3e067711f4016545"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css
x-amz-cf-id
fhJ4nFSSDjQZ53sFx3x6DqBp6dnUWVrgghbzP9r7YdGb7oZX6iEgrQ==
fp-clientlib-v4.js
login.regions.com/scripts/tm/
3 KB
2 KB
Script
General
Full URL
https://login.regions.com/scripts/tm/fp-clientlib-v4.js
Requested by
Host: login.regions.com
URL: https://login.regions.com/?wa=wsignin1.0&wtrealm=http%3a%2f%2fonlinebanking.regions.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%2faccounts%2foverview&wct=2024-02-05T21%3a06%3a27Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-70.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
4f746801f1fcded44422f295bf218687b3a84d6fbfafdb6db78724dd0b1d2ed9
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.regions.com *.regionstest.com ; font-src 'self' *.rgbk.com *.regions.com *.regionstest.com fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.regions.com *.regionstest.com ajax.googleapis.com nexus.ensighten.com *.rgbk.com ; worker-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob: ; frame-src 'self' *.regions.com *.regionstest.com *.rgbk.com *.online-metrix.net ; style-src 'self' *.regions.com *.regionstest.com *.rgbk.com fonts.googleapis.com 'sha256-BreOq6e1wcF1D+T+VhWl6cPwgMWJLnFdXcJN4ewb7FI=' ; media-src 'self' *.regions.com *.regionstest.com *.rgbk.com ; img-src 'self' *.regions.com *.regionstest.com *.rgbk.com nexus.ensighten.com *.online-metrix.net ; object-src 'self' *.regions.com *.regionstest.com *.rgbk.com ; connect-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob: ;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.regions.com/?wa=wsignin1.0&wtrealm=http%3a%2f%2fonlinebanking.regions.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%2faccounts%2foverview&wct=2024-02-05T21%3a06%3a27Z
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 06:29:37 GMT
content-encoding
br
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
52611
x-amz-cf-pop
FRA60-P4
content-security-policy
default-src 'self' *.regions.com *.regionstest.com ; font-src 'self' *.rgbk.com *.regions.com *.regionstest.com fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.regions.com *.regionstest.com ajax.googleapis.com nexus.ensighten.com *.rgbk.com ; worker-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob: ; frame-src 'self' *.regions.com *.regionstest.com *.rgbk.com *.online-metrix.net ; style-src 'self' *.regions.com *.regionstest.com *.rgbk.com fonts.googleapis.com 'sha256-BreOq6e1wcF1D+T+VhWl6cPwgMWJLnFdXcJN4ewb7FI=' ; media-src 'self' *.regions.com *.regionstest.com *.rgbk.com ; img-src 'self' *.regions.com *.regionstest.com *.rgbk.com nexus.ensighten.com *.online-metrix.net ; object-src 'self' *.regions.com *.regionstest.com *.rgbk.com ; connect-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob: ;
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 06 Dec 2023 02:17:10 GMT
server
CloudFront
etag
W/"011d2cdbc6195b4090560599b01cb966"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
x-amz-cf-id
61KN0Kr8PVHy8MZN1DbaLJzopFrbrdobZ0KBuVJoUL_PFQEgDyQP1A==
2.204f95dc.chunk.css
login.regions.com/static/css/
84 KB
11 KB
Stylesheet
General
Full URL
https://login.regions.com/static/css/2.204f95dc.chunk.css
Requested by
Host: login.regions.com
URL: https://login.regions.com/?wa=wsignin1.0&wtrealm=http%3a%2f%2fonlinebanking.regions.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%2faccounts%2foverview&wct=2024-02-05T21%3a06%3a27Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-70.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
a0a84fec9c1f1b3001f53d381de75c25a1598fe2271ab3539d65fc536b63e450
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.regions.com *.regionstest.com ; font-src 'self' *.rgbk.com *.regions.com *.regionstest.com fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.regions.com *.regionstest.com ajax.googleapis.com nexus.ensighten.com *.rgbk.com ; worker-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob: ; frame-src 'self' *.regions.com *.regionstest.com *.rgbk.com *.online-metrix.net ; style-src 'self' *.regions.com *.regionstest.com *.rgbk.com fonts.googleapis.com 'sha256-BreOq6e1wcF1D+T+VhWl6cPwgMWJLnFdXcJN4ewb7FI=' ; media-src 'self' *.regions.com *.regionstest.com *.rgbk.com ; img-src 'self' *.regions.com *.regionstest.com *.rgbk.com nexus.ensighten.com *.online-metrix.net ; object-src 'self' *.regions.com *.regionstest.com *.rgbk.com ; connect-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob: ;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.regions.com/?wa=wsignin1.0&wtrealm=http%3a%2f%2fonlinebanking.regions.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%2faccounts%2foverview&wct=2024-02-05T21%3a06%3a27Z
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 22:24:24 GMT
content-encoding
gzip
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
81724
x-amz-cf-pop
FRA60-P4
content-security-policy
default-src 'self' *.regions.com *.regionstest.com ; font-src 'self' *.rgbk.com *.regions.com *.regionstest.com fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.regions.com *.regionstest.com ajax.googleapis.com nexus.ensighten.com *.rgbk.com ; worker-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob: ; frame-src 'self' *.regions.com *.regionstest.com *.rgbk.com *.online-metrix.net ; style-src 'self' *.regions.com *.regionstest.com *.rgbk.com fonts.googleapis.com 'sha256-BreOq6e1wcF1D+T+VhWl6cPwgMWJLnFdXcJN4ewb7FI=' ; media-src 'self' *.regions.com *.regionstest.com *.rgbk.com ; img-src 'self' *.regions.com *.regionstest.com *.rgbk.com nexus.ensighten.com *.online-metrix.net ; object-src 'self' *.regions.com *.regionstest.com *.rgbk.com ; connect-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob: ;
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 06 Dec 2023 02:17:10 GMT
server
CloudFront
etag
W/"02a416b5d80d4b1173553aa75ebb1f4f"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css
x-amz-cf-id
m0ZHw0LGOEZUQQ9u3s6yoKp--WfcaN471xeQPJNVN2EsTNGe1peeWQ==
main.344c59c5.chunk.css
login.regions.com/static/css/
9 KB
3 KB
Stylesheet
General
Full URL
https://login.regions.com/static/css/main.344c59c5.chunk.css
Requested by
Host: login.regions.com
URL: https://login.regions.com/?wa=wsignin1.0&wtrealm=http%3a%2f%2fonlinebanking.regions.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%2faccounts%2foverview&wct=2024-02-05T21%3a06%3a27Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-70.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
90d0c2523652cc5a8a3fd77987a01699668c62be01a908b5952ccbbaa7503a3d
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.regions.com *.regionstest.com ; font-src 'self' *.rgbk.com *.regions.com *.regionstest.com fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.regions.com *.regionstest.com ajax.googleapis.com nexus.ensighten.com *.rgbk.com ; worker-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob: ; frame-src 'self' *.regions.com *.regionstest.com *.rgbk.com *.online-metrix.net ; style-src 'self' *.regions.com *.regionstest.com *.rgbk.com fonts.googleapis.com 'sha256-BreOq6e1wcF1D+T+VhWl6cPwgMWJLnFdXcJN4ewb7FI=' ; media-src 'self' *.regions.com *.regionstest.com *.rgbk.com ; img-src 'self' *.regions.com *.regionstest.com *.rgbk.com nexus.ensighten.com *.online-metrix.net ; object-src 'self' *.regions.com *.regionstest.com *.rgbk.com ; connect-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob: ;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.regions.com/?wa=wsignin1.0&wtrealm=http%3a%2f%2fonlinebanking.regions.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%2faccounts%2foverview&wct=2024-02-05T21%3a06%3a27Z
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 06:40:14 GMT
content-encoding
br
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
51974
x-amz-cf-pop
FRA60-P4
content-security-policy
default-src 'self' *.regions.com *.regionstest.com ; font-src 'self' *.rgbk.com *.regions.com *.regionstest.com fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.regions.com *.regionstest.com ajax.googleapis.com nexus.ensighten.com *.rgbk.com ; worker-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob: ; frame-src 'self' *.regions.com *.regionstest.com *.rgbk.com *.online-metrix.net ; style-src 'self' *.regions.com *.regionstest.com *.rgbk.com fonts.googleapis.com 'sha256-BreOq6e1wcF1D+T+VhWl6cPwgMWJLnFdXcJN4ewb7FI=' ; media-src 'self' *.regions.com *.regionstest.com *.rgbk.com ; img-src 'self' *.regions.com *.regionstest.com *.rgbk.com nexus.ensighten.com *.online-metrix.net ; object-src 'self' *.regions.com *.regionstest.com *.rgbk.com ; connect-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob: ;
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 06 Dec 2023 02:17:10 GMT
server
CloudFront
etag
W/"265acd0bf1043361db39f1cd1c9c52b7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css
x-amz-cf-id
T6ISUyIXLIdbP5MyTx9YEurIhuOcjXUJxP79HNjygxbuyVx3p9suDA==
2.cc7f1aec.chunk.js
login.regions.com/static/js/
443 KB
109 KB
Script
General
Full URL
https://login.regions.com/static/js/2.cc7f1aec.chunk.js
Requested by
Host: login.regions.com
URL: https://login.regions.com/?wa=wsignin1.0&wtrealm=http%3a%2f%2fonlinebanking.regions.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%2faccounts%2foverview&wct=2024-02-05T21%3a06%3a27Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-70.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
39e36b5da45fded3bd91e2fe00231ae2837c83d1fc225d2e813ebd16c5eaf56d
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.regions.com *.regionstest.com ; font-src 'self' *.rgbk.com *.regions.com *.regionstest.com fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.regions.com *.regionstest.com ajax.googleapis.com nexus.ensighten.com *.rgbk.com ; worker-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob: ; frame-src 'self' *.regions.com *.regionstest.com *.rgbk.com *.online-metrix.net ; style-src 'self' *.regions.com *.regionstest.com *.rgbk.com fonts.googleapis.com 'sha256-BreOq6e1wcF1D+T+VhWl6cPwgMWJLnFdXcJN4ewb7FI=' ; media-src 'self' *.regions.com *.regionstest.com *.rgbk.com ; img-src 'self' *.regions.com *.regionstest.com *.rgbk.com nexus.ensighten.com *.online-metrix.net ; object-src 'self' *.regions.com *.regionstest.com *.rgbk.com ; connect-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob: ;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.regions.com/?wa=wsignin1.0&wtrealm=http%3a%2f%2fonlinebanking.regions.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%2faccounts%2foverview&wct=2024-02-05T21%3a06%3a27Z
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 21:51:39 GMT
content-encoding
gzip
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
83689
x-amz-cf-pop
FRA60-P4
content-security-policy
default-src 'self' *.regions.com *.regionstest.com ; font-src 'self' *.rgbk.com *.regions.com *.regionstest.com fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.regions.com *.regionstest.com ajax.googleapis.com nexus.ensighten.com *.rgbk.com ; worker-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob: ; frame-src 'self' *.regions.com *.regionstest.com *.rgbk.com *.online-metrix.net ; style-src 'self' *.regions.com *.regionstest.com *.rgbk.com fonts.googleapis.com 'sha256-BreOq6e1wcF1D+T+VhWl6cPwgMWJLnFdXcJN4ewb7FI=' ; media-src 'self' *.regions.com *.regionstest.com *.rgbk.com ; img-src 'self' *.regions.com *.regionstest.com *.rgbk.com nexus.ensighten.com *.online-metrix.net ; object-src 'self' *.regions.com *.regionstest.com *.rgbk.com ; connect-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob: ;
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 06 Dec 2023 02:17:10 GMT
server
CloudFront
etag
W/"9d4367fd9639a7525f75f948ebf40e94"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
x-amz-cf-id
82h6TNHsA8v1rSkuZHdGY-U1VAs456ytfRO6ZrI8XtNyL1V1bv9BSw==
main.97958764.chunk.js
login.regions.com/static/js/
1 MB
235 KB
Script
General
Full URL
https://login.regions.com/static/js/main.97958764.chunk.js
Requested by
Host: login.regions.com
URL: https://login.regions.com/?wa=wsignin1.0&wtrealm=http%3a%2f%2fonlinebanking.regions.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%2faccounts%2foverview&wct=2024-02-05T21%3a06%3a27Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-70.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
48d64c4cd2e059eba50534a6a0908e69052d300d3167802bea888e847b978db2
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.regions.com *.regionstest.com ; font-src 'self' *.rgbk.com *.regions.com *.regionstest.com fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.regions.com *.regionstest.com ajax.googleapis.com nexus.ensighten.com *.rgbk.com ; worker-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob: ; frame-src 'self' *.regions.com *.regionstest.com *.rgbk.com *.online-metrix.net ; style-src 'self' *.regions.com *.regionstest.com *.rgbk.com fonts.googleapis.com 'sha256-BreOq6e1wcF1D+T+VhWl6cPwgMWJLnFdXcJN4ewb7FI=' ; media-src 'self' *.regions.com *.regionstest.com *.rgbk.com ; img-src 'self' *.regions.com *.regionstest.com *.rgbk.com nexus.ensighten.com *.online-metrix.net ; object-src 'self' *.regions.com *.regionstest.com *.rgbk.com ; connect-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob: ;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.regions.com/?wa=wsignin1.0&wtrealm=http%3a%2f%2fonlinebanking.regions.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%2faccounts%2foverview&wct=2024-02-05T21%3a06%3a27Z
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 05:57:01 GMT
content-encoding
br
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
54567
x-amz-cf-pop
FRA60-P4
content-security-policy
default-src 'self' *.regions.com *.regionstest.com ; font-src 'self' *.rgbk.com *.regions.com *.regionstest.com fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.regions.com *.regionstest.com ajax.googleapis.com nexus.ensighten.com *.rgbk.com ; worker-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob: ; frame-src 'self' *.regions.com *.regionstest.com *.rgbk.com *.online-metrix.net ; style-src 'self' *.regions.com *.regionstest.com *.rgbk.com fonts.googleapis.com 'sha256-BreOq6e1wcF1D+T+VhWl6cPwgMWJLnFdXcJN4ewb7FI=' ; media-src 'self' *.regions.com *.regionstest.com *.rgbk.com ; img-src 'self' *.regions.com *.regionstest.com *.rgbk.com nexus.ensighten.com *.online-metrix.net ; object-src 'self' *.regions.com *.regionstest.com *.rgbk.com ; connect-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob: ;
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 06 Dec 2023 02:17:10 GMT
server
CloudFront
etag
W/"eecce5e4077acfba10cec8003a6a0e9d"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
x-amz-cf-id
7ZG2SQN_gm2_3FVsFPCjarUt8ox_UaK8hSyAaiC-tFVSXmRbXjSlJg==
Bootstrap.js
nexus.ensighten.com/regions/ciam-prod/
29 KB
10 KB
Script
General
Full URL
https://nexus.ensighten.com/regions/ciam-prod/Bootstrap.js
Requested by
Host: login.regions.com
URL: https://login.regions.com/?wa=wsignin1.0&wtrealm=http%3a%2f%2fonlinebanking.regions.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%2faccounts%2foverview&wct=2024-02-05T21%3a06%3a27Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:3a00:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
2e2318fade9b72bb01d25d4c6d5096fb3313581b31bc2f7d4bfe689d1812df71

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.regions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 00:39:35 GMT
x-amz-version-id
6TMfcxfWeb9i7tX9ugk69SDNRxBu3B6m
content-encoding
br
via
1.1 4f114016fe4d6c05531b0486ec2868be.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
4393613
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 22 Feb 2023 17:11:02 GMT
server
CloudFront
etag
W/"d4953bf71921f6a45632e9ddab782950"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
x-amz-cf-id
uGhi4LPXfCRIO9cYE8Kht8VznpHh354dFDb0hW2YdBpsVtLhHqVKVg==
zu895ab3v1t5exsn.js
tm.regions.com/
95 KB
13 KB
Script
General
Full URL
https://tm.regions.com/zu895ab3v1t5exsn.js?7cgixrsnfgoyew7w=3uc6h1j9&uv7srx4do9u2cnae=48251036-1003-4bb0-b618-10cf2e5a93ee
Requested by
Host: login.regions.com
URL: https://login.regions.com/scripts/tm/fp-clientlib-v4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.72 , United States, ASN30286 (THM, US),
Reverse DNS
h.threatmetrix.com
Software
Apache /
Resource Hash
287692336a029b521834539f2e65fbb9fb1150842e7168d583fba62033eaaa51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.regions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 21:06:27 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
CP=IVAa PSAa
Connection
Keep-Alive, Keep-Alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
X-Robots-Tag
noindex, nofollow
Keep-Alive
timeout=2, max=100
Expires
Thu, 01 Jan 1970 00:00:00 GMT
channelModeConfig.json
login.regions.com/switches/
759 B
2 KB
Fetch
General
Full URL
https://login.regions.com/switches/channelModeConfig.json
Requested by
Host: login.regions.com
URL: https://login.regions.com/static/js/main.97958764.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.147.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-70.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
b5f11407b4d41e95ba766acf93333105408d422821bc9b527f01325d2e8e91c5
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.regions.com *.regionstest.com ; font-src 'self' *.rgbk.com *.regions.com *.regionstest.com fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.regions.com *.regionstest.com ajax.googleapis.com nexus.ensighten.com *.rgbk.com ; worker-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob: ; frame-src 'self' *.regions.com *.regionstest.com *.rgbk.com *.online-metrix.net ; style-src 'self' *.regions.com *.regionstest.com *.rgbk.com fonts.googleapis.com 'sha256-BreOq6e1wcF1D+T+VhWl6cPwgMWJLnFdXcJN4ewb7FI=' ; media-src 'self' *.regions.com *.regionstest.com *.rgbk.com ; img-src 'self' *.regions.com *.regionstest.com *.rgbk.com nexus.ensighten.com *.online-metrix.net ; object-src 'self' *.regions.com *.regionstest.com *.rgbk.com ; connect-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob: ;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.regions.com/signin?channel=olb&product=accountoverview
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 16:34:55 GMT
via
1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self' *.regions.com *.regionstest.com ; font-src 'self' *.rgbk.com *.regions.com *.regionstest.com fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.regions.com *.regionstest.com ajax.googleapis.com nexus.ensighten.com *.rgbk.com ; worker-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob: ; frame-src 'self' *.regions.com *.regionstest.com *.rgbk.com *.online-metrix.net ; style-src 'self' *.regions.com *.regionstest.com *.rgbk.com fonts.googleapis.com 'sha256-BreOq6e1wcF1D+T+VhWl6cPwgMWJLnFdXcJN4ewb7FI=' ; media-src 'self' *.regions.com *.regionstest.com *.rgbk.com ; img-src 'self' *.regions.com *.regionstest.com *.rgbk.com nexus.ensighten.com *.online-metrix.net ; object-src 'self' *.regions.com *.regionstest.com *.rgbk.com ; connect-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob: ;
x-amz-cf-pop
FRA60-P4
age
16293
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
759
x-xss-protection
1; mode=block
last-modified
Wed, 06 Dec 2023 02:17:10 GMT
server
CloudFront
etag
"3e265058b6d47ca7bf120223a685b726"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/json
accept-ranges
bytes
x-amz-cf-id
SYcCXZDB3DpgbG5YBec9585w2xwEExkhwRDi9YIH3cEQBtGEJ5GjvQ==
serverComponent.php
nexus.ensighten.com/regions/ciam-prod/
294 B
627 B
Script
General
Full URL
https://nexus.ensighten.com/regions/ciam-prod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/regions/ciam-prod/code/&publishedOn=Wed%20Feb%2022%2017:10:59%20GMT%202023&ClientID=1202&PageID=https%3A%2F%2Flogin.regions.com%2Fsignin%3Fchannel%3Dolb%26product%3Daccountoverview
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/regions/ciam-prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:3a00:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
30f89c3531fcaa5065819323c9f2d377fde3267cd02e1dcd3575253d3ce81d5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.regions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 21:06:27 GMT
via
1.1 4f114016fe4d6c05531b0486ec2868be.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
content-type
text/javascript
cache-control
no-cache, no-store
alt-svc
h3=":443"; ma=86400
content-length
294
x-amz-cf-id
E70cWZQNAKfPOthJw5OzwXkxyfzKdo87ZE82ATID5XFg635ctjBkdw==
expires
Mon, 05 Feb 2024 21:06:26 GMT
icon-checkmark.98f6b506.svg
login.regions.com/static/media/
333 B
1 KB
Image
General
Full URL
https://login.regions.com/static/media/icon-checkmark.98f6b506.svg
Requested by
Host: login.regions.com
URL: https://login.regions.com/static/css/2.204f95dc.chunk.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.147.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-70.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
90e880b4dc5c807b98f815783776c037f2246d9031a9082632729f0a06231352
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.regions.com *.regionstest.com ; font-src 'self' *.rgbk.com *.regions.com *.regionstest.com fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.regions.com *.regionstest.com ajax.googleapis.com nexus.ensighten.com *.rgbk.com ; worker-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob: ; frame-src 'self' *.regions.com *.regionstest.com *.rgbk.com *.online-metrix.net ; style-src 'self' *.regions.com *.regionstest.com *.rgbk.com fonts.googleapis.com 'sha256-BreOq6e1wcF1D+T+VhWl6cPwgMWJLnFdXcJN4ewb7FI=' ; media-src 'self' *.regions.com *.regionstest.com *.rgbk.com ; img-src 'self' *.regions.com *.regionstest.com *.rgbk.com nexus.ensighten.com *.online-metrix.net ; object-src 'self' *.regions.com *.regionstest.com *.rgbk.com ; connect-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob: ;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.regions.com/static/css/2.204f95dc.chunk.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 16:34:56 GMT
via
1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self' *.regions.com *.regionstest.com ; font-src 'self' *.rgbk.com *.regions.com *.regionstest.com fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.regions.com *.regionstest.com ajax.googleapis.com nexus.ensighten.com *.rgbk.com ; worker-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob: ; frame-src 'self' *.regions.com *.regionstest.com *.rgbk.com *.online-metrix.net ; style-src 'self' *.regions.com *.regionstest.com *.rgbk.com fonts.googleapis.com 'sha256-BreOq6e1wcF1D+T+VhWl6cPwgMWJLnFdXcJN4ewb7FI=' ; media-src 'self' *.regions.com *.regionstest.com *.rgbk.com ; img-src 'self' *.regions.com *.regionstest.com *.rgbk.com nexus.ensighten.com *.online-metrix.net ; object-src 'self' *.regions.com *.regionstest.com *.rgbk.com ; connect-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob: ;
x-amz-cf-pop
FRA60-P4
age
16292
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
333
x-xss-protection
1; mode=block
last-modified
Wed, 06 Dec 2023 02:17:10 GMT
server
CloudFront
etag
"2369dbfbfad690f976164d63a157c834"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/svg+xml
accept-ranges
bytes
x-amz-cf-id
-VGcs85SJOQtC0CxCgVRCrP5ICsEcuiH9zxCYU0YkV_Ch5t75JUVZA==
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/
14 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://login.regions.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:50:43 GMT
x-content-type-options
nosniff
age
526544
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 18:50:43 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/
14 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://login.regions.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 03:37:51 GMT
x-content-type-options
nosniff
age
581316
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14780
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 03:37:51 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://login.regions.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:52:14 GMT
x-content-type-options
nosniff
age
526453
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 18:52:14 GMT
icon-equal-housing.060c2ed4.svg
login.regions.com/static/media/
3 KB
2 KB
Image
General
Full URL
https://login.regions.com/static/media/icon-equal-housing.060c2ed4.svg
Requested by
Host: login.regions.com
URL: https://login.regions.com/signin?channel=olb&product=accountoverview
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.147.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-70.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
defc04959b42e0920da0e67fe0112e4812a931bf8af7d22542e1f5c58158e351
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.regions.com *.regionstest.com ; font-src 'self' *.rgbk.com *.regions.com *.regionstest.com fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.regions.com *.regionstest.com ajax.googleapis.com nexus.ensighten.com *.rgbk.com ; worker-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob: ; frame-src 'self' *.regions.com *.regionstest.com *.rgbk.com *.online-metrix.net ; style-src 'self' *.regions.com *.regionstest.com *.rgbk.com fonts.googleapis.com 'sha256-BreOq6e1wcF1D+T+VhWl6cPwgMWJLnFdXcJN4ewb7FI=' ; media-src 'self' *.regions.com *.regionstest.com *.rgbk.com ; img-src 'self' *.regions.com *.regionstest.com *.rgbk.com nexus.ensighten.com *.online-metrix.net ; object-src 'self' *.regions.com *.regionstest.com *.rgbk.com ; connect-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob: ;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.regions.com/signin?channel=olb&product=accountoverview
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 09:42:28 GMT
content-encoding
br
via
1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P4
age
41040
content-security-policy
default-src 'self' *.regions.com *.regionstest.com ; font-src 'self' *.rgbk.com *.regions.com *.regionstest.com fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.regions.com *.regionstest.com ajax.googleapis.com nexus.ensighten.com *.rgbk.com ; worker-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob: ; frame-src 'self' *.regions.com *.regionstest.com *.rgbk.com *.online-metrix.net ; style-src 'self' *.regions.com *.regionstest.com *.rgbk.com fonts.googleapis.com 'sha256-BreOq6e1wcF1D+T+VhWl6cPwgMWJLnFdXcJN4ewb7FI=' ; media-src 'self' *.regions.com *.regionstest.com *.rgbk.com ; img-src 'self' *.regions.com *.regionstest.com *.rgbk.com nexus.ensighten.com *.online-metrix.net ; object-src 'self' *.regions.com *.regionstest.com *.rgbk.com ; connect-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob: ;
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 06 Dec 2023 02:17:10 GMT
server
CloudFront
etag
W/"95186e79b13ce7a70fd9d85d0afd34c4"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/svg+xml
x-amz-cf-id
uKEaNgDLZC6hfZDY9xVi-ba_K6l6j-vSf8QHoRJ2lDKcFCtljkGXDQ==
icon-fdic.eaf9a6a8.svg
login.regions.com/static/media/
3 KB
2 KB
Image
General
Full URL
https://login.regions.com/static/media/icon-fdic.eaf9a6a8.svg
Requested by
Host: login.regions.com
URL: https://login.regions.com/signin?channel=olb&product=accountoverview
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.147.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-70.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
acf047ce1d5c9844ef764d1f7494d2370a717f277fa5a880365bec0528b006b6
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.regions.com *.regionstest.com ; font-src 'self' *.rgbk.com *.regions.com *.regionstest.com fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.regions.com *.regionstest.com ajax.googleapis.com nexus.ensighten.com *.rgbk.com ; worker-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob: ; frame-src 'self' *.regions.com *.regionstest.com *.rgbk.com *.online-metrix.net ; style-src 'self' *.regions.com *.regionstest.com *.rgbk.com fonts.googleapis.com 'sha256-BreOq6e1wcF1D+T+VhWl6cPwgMWJLnFdXcJN4ewb7FI=' ; media-src 'self' *.regions.com *.regionstest.com *.rgbk.com ; img-src 'self' *.regions.com *.regionstest.com *.rgbk.com nexus.ensighten.com *.online-metrix.net ; object-src 'self' *.regions.com *.regionstest.com *.rgbk.com ; connect-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob: ;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.regions.com/signin?channel=olb&product=accountoverview
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 20:22:49 GMT
content-encoding
gzip
via
1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P4
age
3114
content-security-policy
default-src 'self' *.regions.com *.regionstest.com ; font-src 'self' *.rgbk.com *.regions.com *.regionstest.com fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.regions.com *.regionstest.com ajax.googleapis.com nexus.ensighten.com *.rgbk.com ; worker-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob: ; frame-src 'self' *.regions.com *.regionstest.com *.rgbk.com *.online-metrix.net ; style-src 'self' *.regions.com *.regionstest.com *.rgbk.com fonts.googleapis.com 'sha256-BreOq6e1wcF1D+T+VhWl6cPwgMWJLnFdXcJN4ewb7FI=' ; media-src 'self' *.regions.com *.regionstest.com *.rgbk.com ; img-src 'self' *.regions.com *.regionstest.com *.rgbk.com nexus.ensighten.com *.online-metrix.net ; object-src 'self' *.regions.com *.regionstest.com *.rgbk.com ; connect-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob: ;
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 06 Dec 2023 02:17:10 GMT
server
CloudFront
etag
W/"729ca6fe2587f082c16ff7b6f31b4f96"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/svg+xml
x-amz-cf-id
tNW5yHRrKRdTZBp-6hkNtIsPqJ6fqyRNc13yO0EjfZ59lNL_F2LNmA==
a27fd455055ab4b2dd2fc19aedcaf61e.js
nexus.ensighten.com/regions/ciam-prod/code/
10 KB
4 KB
Script
General
Full URL
https://nexus.ensighten.com/regions/ciam-prod/code/a27fd455055ab4b2dd2fc19aedcaf61e.js?conditionId0=423026
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/regions/ciam-prod/Bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:206f:3a00:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
1b24cacc4c691731453fb5d3f6744182d882f92b79fe83a4474c3af0dbfa1375

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.regions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 23:19:15 GMT
x-amz-version-id
76uxlGoV6QNMYv_0vjb.V0xxKDWGcH_d
content-encoding
br
via
1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
age
4571233
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 22 Feb 2023 17:11:02 GMT
server
CloudFront
etag
W/"d365ec259330d9489da1c7d39602f240"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
x-amz-cf-id
sC_xnIXY5ke-BBPGj_OPkRbsuiq-jviUm6jWfSfsIUIs10Z5te9YBA==
e.gif
nexus.ensighten.com/error/
0
217 B
Image
General
Full URL
https://nexus.ensighten.com/error/e.gif?msg=Cannot%20read%20properties%20of%20undefined%20(reading%20%27resolve%27)&lnn=-1&fn=&cid=1202&client=regions&publishPath=ciam-prod&rid=-1&did=-1&errorName=TypeError
Requested by
Host: login.regions.com
URL: https://login.regions.com/signin?channel=olb&product=accountoverview
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:206f:3a00:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.regions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 02:10:56 GMT
via
1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
server
CloudFront
age
68131
x-amz-cf-pop
FRA56-C1
x-cache
Hit from cloudfront
cache-control
no-cache, no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
9VOOewJJ0R2VRf4XZscymyFIMZ8lqs73JNdDdUuJiPoIL6pMar-xNQ==
1
smetrics.regions.com/b/ss/regionsbankprod/
Redirect Chain
  • https://smetrics.regions.com/b/ss/regionsbankprod/1?&ch=olb&v1=eap&c1=eap&pageName=eap|login|enterusername&v3=eap|login|enterusername&c2=eap|login|enterusername&mid=&v12=&g=https%3A%2F%2Flogin.regi...
  • https://smetrics.regions.com/b/ss/regionsbankprod/1?AQB=1&pccr=true&vidn=32E0A6EA26F76E9D-60001F5AC30F1727&ch=olb&v1=eap&c1=eap&pageName=eap%7Clogin%7Centerusername&v3=eap%7Clogin%7Centerusername&c...
43 B
248 B
Image
General
Full URL
https://smetrics.regions.com/b/ss/regionsbankprod/1?AQB=1&pccr=true&vidn=32E0A6EA26F76E9D-60001F5AC30F1727&ch=olb&v1=eap&c1=eap&pageName=eap%7Clogin%7Centerusername&v3=eap%7Clogin%7Centerusername&c2=eap%7Clogin%7Centerusername&mid=&v12=&g=https%3A%2F%2Flogin.regions.com%2Fsignin%3Fchannel%3Dolb%26product%3Daccountoverview&v10=https%3A%2F%2Flogin.regions.com%2Fsignin%3Fchannel%3Dolb%26product%3Daccountoverview&v4=https%3A%2F%2Flogin.regions.com%2Fsignin%3Fchannel%3Dolb%26product%3Daccountoverview&c4=https%3A%2F%2Flogin.regions.com%2Fsignin%3Fchannel%3Dolb%26product%3Daccountoverview&c3=eap%7Clogin%7Centerusername&c23=https%3A%2F%2Flogin.regions.com%2Fsignin%3Fchannel%3Dolb%26product%3Daccountoverview&r=&v8=&c8=&s=1600x1200&v6=en&c6=en&v15=&v0=null&v11=&rand=0.8205440027058029&AQE=1
Protocol
H2
Server
63.140.62.27 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
ip-63-140-62-27.data.adobedc.net
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.regions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 21:06:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Tue, 06 Feb 2024 21:06:28 GMT
server
jag
etag
3666113621167079424-4617543500791675782
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 04 Feb 2024 21:06:28 GMT

Redirect headers

pragma
no-cache
date
Mon, 05 Feb 2024 21:06:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Tue, 06 Feb 2024 21:06:28 GMT
server
jag
vary
Origin
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
location
https://smetrics.regions.com/b/ss/regionsbankprod/1?AQB=1&pccr=true&vidn=32E0A6EA26F76E9D-60001F5AC30F1727&ch=olb&v1=eap&c1=eap&pageName=eap%7Clogin%7Centerusername&v3=eap%7Clogin%7Centerusername&c2=eap%7Clogin%7Centerusername&mid=&v12=&g=https%3A%2F%2Flogin.regions.com%2Fsignin%3Fchannel%3Dolb%26product%3Daccountoverview&v10=https%3A%2F%2Flogin.regions.com%2Fsignin%3Fchannel%3Dolb%26product%3Daccountoverview&v4=https%3A%2F%2Flogin.regions.com%2Fsignin%3Fchannel%3Dolb%26product%3Daccountoverview&c4=https%3A%2F%2Flogin.regions.com%2Fsignin%3Fchannel%3Dolb%26product%3Daccountoverview&c3=eap%7Clogin%7Centerusername&c23=https%3A%2F%2Flogin.regions.com%2Fsignin%3Fchannel%3Dolb%26product%3Daccountoverview&r=&v8=&c8=&s=1600x1200&v6=en&c6=en&v15=&v0=null&v11=&rand=0.8205440027058029&AQE=1
content-type
text/plain;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
0
x-xss-protection
1; mode=block
expires
Sun, 04 Feb 2024 21:06:28 GMT
9xTCJgVbwvpJln8E
tm.regions.com/ Frame 2884
495 KB
91 KB
Script
General
Full URL
https://tm.regions.com/9xTCJgVbwvpJln8E?cd4a922fe4ad5291=xQ8-QcjGcNkyaHvbYzRFCShu8RI0PzRdpea-WrF0FtwBjefbbrfeyhtf8Cg7j74S7JXmDVWFE7Sl8jR48za5Wnz7cy3OyiphTSJUJRa3Wu278-ZrbhtvlNKzXLNYa-0LBQe4izrL9vJLncsTnFPszJcKaNjQW5Cohclk6SW1EJZ0cHPzN2S7eo8WAe65RpZc2w24wrLZaIK1c8xO&jb=353124266a736d773557696e66677771246a7b6d3f576166646f75712732303139246a73627d3f4368726d6f6d266a736035436a706f6567273238393231
Requested by
Host: tm.regions.com
URL: https://tm.regions.com/zu895ab3v1t5exsn.js?7cgixrsnfgoyew7w=3uc6h1j9&uv7srx4do9u2cnae=48251036-1003-4bb0-b618-10cf2e5a93ee
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.72 , United States, ASN30286 (THM, US),
Reverse DNS
h.threatmetrix.com
Software
Apache /
Resource Hash
377508b05bbd8041deacb5db351917057ab6f538eea7f51597181b2d45b6e73c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.regions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 21:06:27 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
tmx-nonce
ef45ba0dcbc7f20e
Connection
Keep-Alive, Keep-Alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
X-Robots-Tag
noindex, nofollow
Keep-Alive
timeout=2, max=99
Expires
Thu, 01 Jan 1970 00:00:00 GMT
meopRK2yMF6l5GWC
tm.regions.com/ Frame 2884
81 B
475 B
Image
General
Full URL
https://tm.regions.com/meopRK2yMF6l5GWC?3b8e91a2ba43350a=EBgQ7paDFijhV4l1llY8xUXjmsF5ivD9-WC1fC39FfsJo_UfJGixprfdRLRzgIgInbBdAc0UOUPThErErMyi13IcO4puu4uWRtaWUFwaKpD079P90Uwz-VJHpJKSO4KUz3cXilvWnh7V_zztizvew_25j69kFRUImdblLn4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.72 , United States, ASN30286 (THM, US),
Reverse DNS
h.threatmetrix.com
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.regions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Feb 2024 21:06:27 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
EpmakvIC1B1DHRgM
tm.regions.com/ Frame 2884
81 B
475 B
Image
General
Full URL
https://tm.regions.com/EpmakvIC1B1DHRgM?f1ac147a09e1864f=AOixbsaVVVHDqs2drdFxj9vhkhpxRB94wOiN6HmTUf4FsGGfQLvhMvhg51oz8yL5rZO47fLAYxZ8lKtC7_TH61TgFTZSftsXGLmtyJoiezhnImXDzKXLGG4lbNDMxyLn0pSD7iXgzQh2M07RHQtTk1WELIi5UxzqoZK-Z8Q
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.72 , United States, ASN30286 (THM, US),
Reverse DNS
h.threatmetrix.com
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.regions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Feb 2024 21:06:27 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear.png
tm.regions.com/fp/ Frame 2884
81 B
533 B
XHR
General
Full URL
https://tm.regions.com/fp/clear.png
Requested by
Host: tm.regions.com
URL: https://tm.regions.com/9xTCJgVbwvpJln8E?cd4a922fe4ad5291=xQ8-QcjGcNkyaHvbYzRFCShu8RI0PzRdpea-WrF0FtwBjefbbrfeyhtf8Cg7j74S7JXmDVWFE7Sl8jR48za5Wnz7cy3OyiphTSJUJRa3Wu278-ZrbhtvlNKzXLNYa-0LBQe4izrL9vJLncsTnFPszJcKaNjQW5Cohclk6SW1EJZ0cHPzN2S7eo8WAe65RpZc2w24wrLZaIK1c8xO&jb=353124266a736d773557696e66677771246a7b6d3f576166646f75712732303139246a73627d3f4368726d6f6d266a736035436a706f6567273238393231
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.72 , United States, ASN30286 (THM, US),
Reverse DNS
h.threatmetrix.com
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*, 3uc6h1j9/ef45ba0dcbc7f20e48251036-1003-4bb0-b618-10cf2e5a93ee
Referer
https://login.regions.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 21:06:28 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Mon, 05 Feb 2024 21:06:28 GMT
Server
Apache
Etag
f4ec68235aeb4da38e900651902f439c
Content-Type
image/png
Access-Control-Allow-Origin
https://login.regions.com
Cache-Control
private, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
81
Expires
Sat, 03 Feb 2029 21:06:28 GMT
TwUOgW3Hiz-I83Uu
tm.regions.com/ Frame A034
90 KB
13 KB
Document
General
Full URL
https://tm.regions.com/TwUOgW3Hiz-I83Uu?6e574d1141ba10f9=-gfQLDaF9eNNbFxyeqkuy47SlkSdlclOE5y7Tpswm2oebOuBEF6GyX-Tt9pDRXEJj5x8B6C6f7nzop3ZOU85vOix8O4YtxwCgV2bpYFMBc35BxY0VBLJwZmXpgeZrKoEG9MYoFJGCAa69HA6-hpHuRcRLSDnCFjg_LqLDVTl3F-a6vUzG7wHLJS_outGecj8ONBi7a_DsNwblupvYXY
Requested by
Host: tm.regions.com
URL: https://tm.regions.com/9xTCJgVbwvpJln8E?cd4a922fe4ad5291=xQ8-QcjGcNkyaHvbYzRFCShu8RI0PzRdpea-WrF0FtwBjefbbrfeyhtf8Cg7j74S7JXmDVWFE7Sl8jR48za5Wnz7cy3OyiphTSJUJRa3Wu278-ZrbhtvlNKzXLNYa-0LBQe4izrL9vJLncsTnFPszJcKaNjQW5Cohclk6SW1EJZ0cHPzN2S7eo8WAe65RpZc2w24wrLZaIK1c8xO&jb=353124266a736d773557696e66677771246a7b6d3f576166646f75712732303139246a73627d3f4368726d6f6d266a736035436a706f6567273238393231
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.72 , United States, ASN30286 (THM, US),
Reverse DNS
h.threatmetrix.com
Software
Apache /
Resource Hash
4299324341387ca93bc37cc423527682580ed041f877722a2ff5774912d53984
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://login.regions.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Mon, 05 Feb 2024 21:06:28 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=98
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
nq-GtxPUvymoadP9
tm.regions.com/ Frame 2884
0
387 B
Script
General
Full URL
https://tm.regions.com/nq-GtxPUvymoadP9?1fabf512dac5e77b=aBltVTPP1SHnPbNeVe3X6RJD4E65iZIPfXn1s78OsVycR5grz3CNPVI1UgATR4tFLvxsIc7Z9NOUqwf_WgK1aaa5hmcNg9lbgyihjoKDl6dLq8_Syg86_IJc2cYBFayZcVbCEIJdwPXguT2DdXY06DXOy_0&jb=333e246c73613f366a663962343d663331646b363533313162353633306337346e676362663a61
Requested by
Host: tm.regions.com
URL: https://tm.regions.com/9xTCJgVbwvpJln8E?cd4a922fe4ad5291=xQ8-QcjGcNkyaHvbYzRFCShu8RI0PzRdpea-WrF0FtwBjefbbrfeyhtf8Cg7j74S7JXmDVWFE7Sl8jR48za5Wnz7cy3OyiphTSJUJRa3Wu278-ZrbhtvlNKzXLNYa-0LBQe4izrL9vJLncsTnFPszJcKaNjQW5Cohclk6SW1EJZ0cHPzN2S7eo8WAe65RpZc2w24wrLZaIK1c8xO&jb=353124266a736d773557696e66677771246a7b6d3f576166646f75712732303139246a73627d3f4368726d6f6d266a736035436a706f6567273238393231
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.72 , United States, ASN30286 (THM, US),
Reverse DNS
h.threatmetrix.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.regions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Feb 2024 21:06:28 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=99
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
es0WdE1FvXirKg4_
h.online-metrix.net/ Frame FB23
103 KB
15 KB
Document
General
Full URL
https://h.online-metrix.net/es0WdE1FvXirKg4_?f1e7ed422d1dbac4=vNzDzUOVQtsshiWRf9HqRdhB5A3pJDLyjUzxcXS5dSkoePztTmoFkmuKTgvasbyP89MABzg7269x90u7GE4eLPfIHnAuWla8R9XbDZ7-yGnbjU8GXaN8EBUNQog_2J19CcmUMNeVFiA5gZdp2vt4zJApuJnbZCo0rhW82XGohf8HIzodnE3zCmKEuAY8CARG4M8xwDwoOX5uKFw7O1Fq
Requested by
Host: tm.regions.com
URL: https://tm.regions.com/9xTCJgVbwvpJln8E?cd4a922fe4ad5291=xQ8-QcjGcNkyaHvbYzRFCShu8RI0PzRdpea-WrF0FtwBjefbbrfeyhtf8Cg7j74S7JXmDVWFE7Sl8jR48za5Wnz7cy3OyiphTSJUJRa3Wu278-ZrbhtvlNKzXLNYa-0LBQe4izrL9vJLncsTnFPszJcKaNjQW5Cohclk6SW1EJZ0cHPzN2S7eo8WAe65RpZc2w24wrLZaIK1c8xO&jb=353124266a736d773557696e66677771246a7b6d3f576166646f75712732303139246a73627d3f4368726d6f6d266a736035436a706f6567273238393231
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.130 , United States, ASN30286 (THM, US),
Reverse DNS
h.online-metrix.net
Software
Apache /
Resource Hash
6049cb3c830c484d01c9460f73be9a82752a181d3e61f17e31a253175a9424b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://login.regions.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Mon, 05 Feb 2024 21:06:28 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=100
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
szNMkeFYp7Z5RggW
tm.regions.com/ Frame 6D0F
90 KB
13 KB
Document
General
Full URL
https://tm.regions.com/szNMkeFYp7Z5RggW?4cc876aa435f81dd=ekJWyhrRLJWL-MvN1ZoSSEkQHwMvBBSYq-Dsyyqpi_79TOUrZQoa_ds4xmcUOENmn8NooIQVEET5kapGvRXY2_7qVPGbwD164yc-JnoqwQdZSKjqtFlAakZjxAEX6XyQ07OQMRx0LjsHqC1-t5XaJxPqN4qVeS1Vig5dgPOh3kzUB6kwL9WvRh1bVmW5BgoRCl4z3xgaNmWhB4BQwuTR
Requested by
Host: tm.regions.com
URL: https://tm.regions.com/9xTCJgVbwvpJln8E?cd4a922fe4ad5291=xQ8-QcjGcNkyaHvbYzRFCShu8RI0PzRdpea-WrF0FtwBjefbbrfeyhtf8Cg7j74S7JXmDVWFE7Sl8jR48za5Wnz7cy3OyiphTSJUJRa3Wu278-ZrbhtvlNKzXLNYa-0LBQe4izrL9vJLncsTnFPszJcKaNjQW5Cohclk6SW1EJZ0cHPzN2S7eo8WAe65RpZc2w24wrLZaIK1c8xO&jb=353124266a736d773557696e66677771246a7b6d3f576166646f75712732303139246a73627d3f4368726d6f6d266a736035436a706f6567273238393231
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.72 , United States, ASN30286 (THM, US),
Reverse DNS
h.threatmetrix.com
Software
Apache /
Resource Hash
b8efe6886ea277ab672fef8e7008f079d27c9aa5d01b8c9d78577db5b8d281c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://login.regions.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Mon, 05 Feb 2024 21:06:28 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=97
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
nq-GtxPUvymoadP9
tm.regions.com/ Frame 2884
0
218 B
Script
General
Full URL
https://tm.regions.com/nq-GtxPUvymoadP9?1fabf512dac5e77b=aBltVTPP1SHnPbNeVe3X6RJD4E65iZIPfXn1s78OsVycR5grz3CNPVI1UgATR4tFLvxsIc7Z9NOUqwf_WgK1aaa5hmcNg9lbgyihjoKDl6dLq8_Syg86_IJc2cYBFayZcVbCEIJdwPXguT2DdXY06DXOy_0&ja=313136372626613f3e30267a3f3e3024643d3934323070393230322463663d313e323078313a323026737a7b35307830246c70703f31243334303824313232322e313630382e313230382e313630322e393230302e393632322c3930323024382c30246f763d613830306162636c6137376466646c6639656330343333343f32346231693761246f6c3d34267b61643d323c246c683d6a767c7073253149253044253a446e6f6f616e2e706765696f6e7b2c636f6d2d30467369656c616e2533446b68636c6e6d6e27334c676c6227303470726f6c776374253b466163636d7766746f76677a766b67772e726e3d3b2e70683f353a66323869633662636e6065313131603f333837636d306631626c6030643c2e68683f303a3937656c366531616d32366465613a3c383365633b65373035393a3764382e6a736d3f55696e646775732532383331266a7160354368726d656527303039303326627b6f753f556b6e646f7f71266a736a773d4368706d6565266e6a6b3d36246e6c6f3f382e666d74723f3226747a6c3f457572677265253244406d726c696c2e6d6376687a3f3630383b64316130606563303a673663633d3430303830636c3135353638316466343d3a3a313c3964366763633234646b3b3461666a66373233333139393661246c723f6a747c7271253b492532442730466c6f6f6b6e2e726d65696f6e712c6b6f6d25304e736b656e616c27334e6b68616c6c676c25334c6d6c62253a3470726f66776b742533466963616d7566766d766d7a7669677524703d70647767696e57646c61736a273d4566616e7b6523726c7d656b6e577f696e666d75735f6d6d6669615f786e61796570273d4566616e7b6523726c7d656b6e5769646f60675d61637267606174253d4766616c716729706c7565616e5d73756161697461656525374764616c736d23706c756f6b6e5f736a6d6b6b7761746d25374766696e716529786c75656b6c5f7265696e706c6171677225354764696c736523786c776569665d746c6b57706c637b677225354d64616c736d23706c75656b665f646574696c7470253d476461647b6521726e7767696e577176675f7e6b65776570273d4566616e7b6523726c7d656b6e576261766327374566616471652667645d633d7767606f6c5765604f4c273030392c32253a38284f72676c474c253a324553253a32322e302730384368726d6569776f295f676047442d3230454e514c2532384753253238332e30253032204f70656c4f4c2730304d512732384f4c534e27303045532d3030312e38273230436a70676d69756f215767604b617655656a4369742730325765624f4e414e4744475f696e7176696e6365665761707061717127334a2d3230475a565f626c6d6c645f6d616c6d617827314a2532304750545d616f646d705f6a7d666667705d68616c6e5d666c6f69762533422730384558545d6c6572766857616e61657825334027303045585c5d666c6f69765f626c676c6c253342273a30475a54576470616f57646572766a2533422d303045585c5d73686166677a5f74657a7c7570675f646d66253b4a253232475a545f746d7a7475726d5d636f6d72706d7373696d665f6072746b2731422d3a30455a565d7465787c7772655f6b6d6d707267717b696f6e5d7a677661253b402732384d58545d76677874757a675f6669647665725f636c61736f747067706b61253b402732384d58545d71504742253b402532304747535f656e6765656e745d616e66677857776b6e7c2d33422730324f45535764626f5f7a676e6465705d6569706d6378253140253a324d455b577374636c6661726457666572697e6374697667712d33422530384f47515f7c677a747d7a655f646e6d6174253b402532304747535f74677a7c7572655d6e6c6d6374576e6b6e6d69722531402732304f4d515f746570767572655d6a696c665f64646f6376253b402732384745535d76677874757a675f686164645f666c6d637c5f6c696c6d617027334a273030474d535f7467707465785763727261715d6f626a67617c253342273a305547424f4e5d6367646f725d60776666657a5d666c6f697625334227303857454245445f616d6d787067737b6d645f76677a7475726d5d6173746b2733422530325f4542474e57636d6f707a6771736d6c5f74677a7675726557677463253b4025323055474a474c5f61676d7270657b716764577c6578767770655f657c613125334a2732305747404f4c5f636d65707067737b67665f7c6d78747770675f73337c612533422d303057454045445f636f6f78726771736d665d746d70747570675d7333746b5d7372676a2733422530325f4542474e57646760756f5d7065666c657267705d696e6667273342253a32574542454e5764657076605f7667787c7770652d3b4225303255454247445d6472617f5d62756664677a732533402d323255454a454e5f646773655d616d6e746570762533422d303057454045445f6d756e7c695d6672697527334a2d3230554740474c5f786d6c7967676c5f6d6f6667393626676e57683f36353f613b303f3866316332676430613c376531643c676339643b6430633063613c62616662693b24776f64763d4b6c76656c253a32496e63262477676c703f416e74656e2d32324b7261712732384770656c454e2532304d6c67696e6d246363643f30&jb=313d37266c713f4f677a696c6e692530443526322732382057696c666d7773253a324e54253a3231302e32273b422532325f696c34342d3140253a387836362b2732304178726c65576d604b697427304e3533372c3b3627303020494a5445442532412730306c6963672532304f67636b6f2b273a30436870676d6727324e33303126382e363334352e31333127323053696461726927304e3533372c3b36
Requested by
Host: tm.regions.com
URL: https://tm.regions.com/9xTCJgVbwvpJln8E?cd4a922fe4ad5291=xQ8-QcjGcNkyaHvbYzRFCShu8RI0PzRdpea-WrF0FtwBjefbbrfeyhtf8Cg7j74S7JXmDVWFE7Sl8jR48za5Wnz7cy3OyiphTSJUJRa3Wu278-ZrbhtvlNKzXLNYa-0LBQe4izrL9vJLncsTnFPszJcKaNjQW5Cohclk6SW1EJZ0cHPzN2S7eo8WAe65RpZc2w24wrLZaIK1c8xO&jb=353124266a736d773557696e66677771246a7b6d3f576166646f75712732303139246a73627d3f4368726d6f6d266a736035436a706f6567273238393231
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.72 , United States, ASN30286 (THM, US),
Reverse DNS
h.threatmetrix.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.regions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 21:06:28 GMT
Strict-Transport-Security
max-age=31536000
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=2, max=98
Content-Type
text/javascript;charset=UTF-8
X0eyhzGTVsiPF0QH
3uc6h1j9pznq2ljn7ik6tcn3rqdqmlddb4axwyljef45ba0dcbc7f20eam1.e.aa.online-metrix.net/ Frame 2884
81 B
438 B
Image
General
Full URL
https://3uc6h1j9pznq2ljn7ik6tcn3rqdqmlddb4axwyljef45ba0dcbc7f20eam1.e.aa.online-metrix.net/X0eyhzGTVsiPF0QH?a70081e50fd88f1e=ZrBu69n5vqs-firm_a1pikbrkjdxCEAOCy2U6jG1hVa29KXUPoXTdGkPYwz32t3woUg2g1PLaMa3gMvUNI2ZjjCAd-rSWeqs3P9xXF8RTnvLDf6DlmjRzCiCRNJoex133dkbp8UoCe_1462vTlGqGAs4bNSsom8p4MJr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.134.131 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.regions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Feb 2024 21:06:28 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cca81658-d92f-46b1-a7ea-eb735aa7abb4
https://login.regions.com/ Frame 2884
0
0
Other
General
Full URL
blob:https://login.regions.com/cca81658-d92f-46b1-a7ea-eb735aa7abb4
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length
0
Content-Type
application/javascript
d1e8b75e-2812-4161-8a7b-8bae3e104a46
https://login.regions.com/ Frame 2884
2 KB
0
Other
General
Full URL
blob:https://login.regions.com/d1e8b75e-2812-4161-8a7b-8bae3e104a46
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
51a6fc83eb6f24d2ad47cd9d24003b60673fe714766d8cc149c5e445d70ea2c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length
1720
Content-Type
application/javascript
aa18f2fe-9670-4e3a-838c-dcaea7289358
https://login.regions.com/ Frame 2884
2 KB
0
Other
General
Full URL
blob:https://login.regions.com/aa18f2fe-9670-4e3a-838c-dcaea7289358
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
51a6fc83eb6f24d2ad47cd9d24003b60673fe714766d8cc149c5e445d70ea2c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length
1720
Content-Type
application/javascript
8cd13543-af69-4497-af72-b51f5347be62
https://login.regions.com/ Frame 2884
2 KB
0
Other
General
Full URL
blob:https://login.regions.com/8cd13543-af69-4497-af72-b51f5347be62
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
51a6fc83eb6f24d2ad47cd9d24003b60673fe714766d8cc149c5e445d70ea2c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length
1720
Content-Type
application/javascript
b3892473-17bf-446b-83c7-cd310d28f8f2
https://login.regions.com/ Frame 2884
2 KB
0
Other
General
Full URL
blob:https://login.regions.com/b3892473-17bf-446b-83c7-cd310d28f8f2
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
51a6fc83eb6f24d2ad47cd9d24003b60673fe714766d8cc149c5e445d70ea2c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length
1720
Content-Type
application/javascript
2d742886-84ec-431a-8124-537d228ecde3
https://login.regions.com/ Frame 2884
2 KB
0
Other
General
Full URL
blob:https://login.regions.com/2d742886-84ec-431a-8124-537d228ecde3
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
51a6fc83eb6f24d2ad47cd9d24003b60673fe714766d8cc149c5e445d70ea2c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length
1720
Content-Type
application/javascript
915466ed-a2be-47fd-a9ee-39e2be85650e
https://login.regions.com/ Frame 2884
2 KB
0
Other
General
Full URL
blob:https://login.regions.com/915466ed-a2be-47fd-a9ee-39e2be85650e
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
51a6fc83eb6f24d2ad47cd9d24003b60673fe714766d8cc149c5e445d70ea2c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length
1720
Content-Type
application/javascript
a4fffcf8-4706-40c9-9209-3f490dbbb652
https://login.regions.com/ Frame 2884
2 KB
0
Other
General
Full URL
blob:https://login.regions.com/a4fffcf8-4706-40c9-9209-3f490dbbb652
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
51a6fc83eb6f24d2ad47cd9d24003b60673fe714766d8cc149c5e445d70ea2c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length
1720
Content-Type
application/javascript
e3cc39e8-d2df-40fd-bd9c-9cae2dd5dbe3
https://login.regions.com/ Frame 2884
2 KB
0
Other
General
Full URL
blob:https://login.regions.com/e3cc39e8-d2df-40fd-bd9c-9cae2dd5dbe3
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
51a6fc83eb6f24d2ad47cd9d24003b60673fe714766d8cc149c5e445d70ea2c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length
1720
Content-Type
application/javascript
11da334b-f56e-4074-a401-3aa7cf2e5e7a
https://login.regions.com/ Frame 2884
2 KB
0
Other
General
Full URL
blob:https://login.regions.com/11da334b-f56e-4074-a401-3aa7cf2e5e7a
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
51a6fc83eb6f24d2ad47cd9d24003b60673fe714766d8cc149c5e445d70ea2c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length
1720
Content-Type
application/javascript
302b94ab-502b-4de8-b928-83edc5439ead
https://login.regions.com/ Frame 2884
2 KB
0
Other
General
Full URL
blob:https://login.regions.com/302b94ab-502b-4de8-b928-83edc5439ead
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
51a6fc83eb6f24d2ad47cd9d24003b60673fe714766d8cc149c5e445d70ea2c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length
1720
Content-Type
application/javascript
fa27899b-8a94-4717-accd-b27b34fcfd20
https://login.regions.com/ Frame 2884
2 KB
0
Other
General
Full URL
blob:https://login.regions.com/fa27899b-8a94-4717-accd-b27b34fcfd20
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
51a6fc83eb6f24d2ad47cd9d24003b60673fe714766d8cc149c5e445d70ea2c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length
1720
Content-Type
application/javascript
6e973d5c-ef25-40b1-a799-4711fa2a1dbb
https://login.regions.com/ Frame 2884
2 KB
0
Other
General
Full URL
blob:https://login.regions.com/6e973d5c-ef25-40b1-a799-4711fa2a1dbb
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
51a6fc83eb6f24d2ad47cd9d24003b60673fe714766d8cc149c5e445d70ea2c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length
1720
Content-Type
application/javascript
cfe9933a-32a6-4bd8-a04d-3bfb96b12333
https://login.regions.com/ Frame 2884
2 KB
0
Other
General
Full URL
blob:https://login.regions.com/cfe9933a-32a6-4bd8-a04d-3bfb96b12333
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
51a6fc83eb6f24d2ad47cd9d24003b60673fe714766d8cc149c5e445d70ea2c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length
1720
Content-Type
application/javascript
88ebef4f-6eb9-4ecd-bc43-76f4ae2f7cd7
https://login.regions.com/ Frame 2884
2 KB
0
Other
General
Full URL
blob:https://login.regions.com/88ebef4f-6eb9-4ecd-bc43-76f4ae2f7cd7
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
51a6fc83eb6f24d2ad47cd9d24003b60673fe714766d8cc149c5e445d70ea2c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length
1720
Content-Type
application/javascript
ae47f990-4197-4f33-913e-1b7e54e2bb1b
https://login.regions.com/ Frame 2884
2 KB
0
Other
General
Full URL
blob:https://login.regions.com/ae47f990-4197-4f33-913e-1b7e54e2bb1b
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
51a6fc83eb6f24d2ad47cd9d24003b60673fe714766d8cc149c5e445d70ea2c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length
1720
Content-Type
application/javascript
b60cccd4-aed9-4cfb-82d0-08970bb4d416
https://login.regions.com/ Frame 2884
2 KB
0
Other
General
Full URL
blob:https://login.regions.com/b60cccd4-aed9-4cfb-82d0-08970bb4d416
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
51a6fc83eb6f24d2ad47cd9d24003b60673fe714766d8cc149c5e445d70ea2c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length
1720
Content-Type
application/javascript
494834b0-9e46-4aff-a0e0-cee600d749f2
https://login.regions.com/ Frame 2884
1 KB
0
Other
General
Full URL
blob:https://login.regions.com/494834b0-9e46-4aff-a0e0-cee600d749f2
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8ed22e9a0ad69af719553fce92e12b5526e40e3bf3d047acfd78eb1f49f54768

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length
1357
Content-Type
application/javascript
9v_Hm7Y_5XqTcmbr
tm.regions.com/ Frame A034
0
387 B
Script
General
Full URL
https://tm.regions.com/9v_Hm7Y_5XqTcmbr?a1dee9b576ec1ff2=ck4PSG3u9LWb2rJhwF58nnHXa4654YHj9_HG6TpnUhXfkb7FD5Bh3GAcO2tgkmlPNp2vE6uHg9irL8YWlIxrFauenthHEyKYlGY8dhcXEdpZZKD3Oq3jp8L1GoI_zajVFBLE4l1tipWcApe4WFS3CD_Xlyg&jf=333e246c73623f6630336266666d313b64363b3631336b6a66316335303232393a3b303134693b
Requested by
Host: tm.regions.com
URL: https://tm.regions.com/TwUOgW3Hiz-I83Uu?6e574d1141ba10f9=-gfQLDaF9eNNbFxyeqkuy47SlkSdlclOE5y7Tpswm2oebOuBEF6GyX-Tt9pDRXEJj5x8B6C6f7nzop3ZOU85vOix8O4YtxwCgV2bpYFMBc35BxY0VBLJwZmXpgeZrKoEG9MYoFJGCAa69HA6-hpHuRcRLSDnCFjg_LqLDVTl3F-a6vUzG7wHLJS_outGecj8ONBi7a_DsNwblupvYXY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.72 , United States, ASN30286 (THM, US),
Reverse DNS
h.threatmetrix.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tm.regions.com/TwUOgW3Hiz-I83Uu?6e574d1141ba10f9=-gfQLDaF9eNNbFxyeqkuy47SlkSdlclOE5y7Tpswm2oebOuBEF6GyX-Tt9pDRXEJj5x8B6C6f7nzop3ZOU85vOix8O4YtxwCgV2bpYFMBc35BxY0VBLJwZmXpgeZrKoEG9MYoFJGCAa69HA6-hpHuRcRLSDnCFjg_LqLDVTl3F-a6vUzG7wHLJS_outGecj8ONBi7a_DsNwblupvYXY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Feb 2024 21:06:28 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=96
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
aETU3lr6taxmKDz0
tm.regions.com/ Frame 2884
0
218 B
Script
General
Full URL
https://tm.regions.com/aETU3lr6taxmKDz0?16334600e6d64567=tZzDEiSzBajkSyVlbdPg22RCruGsOIj9xu-4zHURcezBEoxbGg6mPPbSNIrOk4azbCza97yg_l8u85NT6gYy1wf4AXDuF8rm1u0GGZTAwJ5FqdlCjjE_GsJ4fM1pAAcveOvEGxnpsH0S90MrT5S8xke0jdBTJbkDekSKKVa3mZk_lwErTP1wRdpG1MaRLlX91mwQ7bIqIo7mz2dNAlc&je=313a322672643f247a64743d343b3331312d3d2e373938382d352e373b30312d3d2e3539303a2f352c353b323b2d352c313b383b2f3624373b353825352c373b31312d35243739333925372c3630313b25352c353b3c342f372c3e323630253d2c353b313a2d352c3d3037392d3d2e373037322f3d2c3231333a2d37
Requested by
Host: tm.regions.com
URL: https://tm.regions.com/9xTCJgVbwvpJln8E?cd4a922fe4ad5291=xQ8-QcjGcNkyaHvbYzRFCShu8RI0PzRdpea-WrF0FtwBjefbbrfeyhtf8Cg7j74S7JXmDVWFE7Sl8jR48za5Wnz7cy3OyiphTSJUJRa3Wu278-ZrbhtvlNKzXLNYa-0LBQe4izrL9vJLncsTnFPszJcKaNjQW5Cohclk6SW1EJZ0cHPzN2S7eo8WAe65RpZc2w24wrLZaIK1c8xO&jb=353124266a736d773557696e66677771246a7b6d3f576166646f75712732303139246a73627d3f4368726d6f6d266a736035436a706f6567273238393231
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.72 , United States, ASN30286 (THM, US),
Reverse DNS
h.threatmetrix.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.regions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 21:06:28 GMT
Strict-Transport-Security
max-age=31536000
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=2, max=95
Content-Type
text/javascript;charset=UTF-8
xv6RANC5A1siXRCe
tm.regions.com/ Frame 2884
0
400 B
Image
General
Full URL
https://tm.regions.com/xv6RANC5A1siXRCe?d13f3af0f8527231=ECsIuxeE5w0hdNf5XKRY6nc2dO6E4HInDZ2eGt0G4Kdh0bqWO-sVx0ZV5uB5vuTdD0zPWxN4X6TMReF_ken5VVzjuCp8wWUv8aZZOTojwa1RxHwczIh9cEx7hq-j35QYjjWv9AcqNNT8RCWAWeA7BLl2dBEUOsisnJA9AoNQWx8qTQ27A0QCbEOvCm1YQ-KSKHVD8qKu3CL0qWgdNrc&jf=343934267369665d7a6e643d766c725d76355c68694a427c62794b4c645477362e7169645f6c6374653d3335383731363539383a247361665d747178653d7567603a65636c7161267361665f6b657b3f3b30353931383131323638353061303e343861673164303238333036303030613836363a6b653364323b303332373831363238383034303a3734323531643334353e37343230676169306661643d37673b313c663233316e62386035346533663a663931343e3330303937336d353862366932323539693567353d3833666736336166336a663966313b676539623a3b3d663035363b363133336b6435633e3135373b33343931373b333861303a613638663663696126736b6c5f716b67353132343d3832323332326362336b376439356d336134393a666d6435343769656064303f343a326d6b65393263603034633130326132383661396330303d396533373a666763366a3460303a3a30306633343733393f613534346c37393561603539313332313a65603562313430363a6e65356164313137346e333061383a613032346730396635623730353536267b6b64723538
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.72 , United States, ASN30286 (THM, US),
Reverse DNS
h.threatmetrix.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.regions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Feb 2024 21:06:28 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=2, max=97
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
oG8fjV8o5qmiVbwm
h.online-metrix.net/ Frame FB23
0
400 B
Image
General
Full URL
https://h.online-metrix.net/oG8fjV8o5qmiVbwm?ef2a5c61ccbaf430=co9iV4pbE-426aY0kzPjyCrjXhcKuLUl4nZRMqHWoT3bLmDq3ybelP75-ZkZI1DZvm5orJ8dTo7CSAWxtoVRj5VQD7nU8rtK6RE1ksyYrKHCP0zTgljLMAIHLCwL0xhUzNnN90m56x3t3FNBd2BeOzDEJhLx_UqaIvoIs00e-jdX_GOsbRPI5stgk5uz6ye2rI6I0G5LSz0I9gyL6XU&jf=343934267369665d7a6e643d766c725d74583b53604258716f717235763259592e7169645f6c6374653d3335383731363539383a247361665d747178653d7567603a65636c7161267361665f6b657b3f3b30353931383131323638353061303e343861673164303238333036303030613836363a6b653364323b3033323738313632383830343464603533626e676463396d6463643536616a316432313038673566303b34313b6b36636434616637373e3a3738303f333933663a663e386464663c333b3a33696631323d6e65626761373332313967386535393133393337616d323239633b623b30333f3764383f6962356361606462313a633338663f3562636532373b6126736b6c5f716b67353132343d3832323332323937383e3b3530396c67363738326131633837313b383a34383a3b67636b39623061373b366237313a6662653831393664663038383464663d623361323a3b3b303a3a303532313732373938613761613f60613435376630396465326e34603b386c6432623f3c6261646764613064693a3632656a61336533313a303632336739343266267b6b64723539
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.130 , United States, ASN30286 (THM, US),
Reverse DNS
h.online-metrix.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://h.online-metrix.net/es0WdE1FvXirKg4_?f1e7ed422d1dbac4=vNzDzUOVQtsshiWRf9HqRdhB5A3pJDLyjUzxcXS5dSkoePztTmoFkmuKTgvasbyP89MABzg7269x90u7GE4eLPfIHnAuWla8R9XbDZ7-yGnbjU8GXaN8EBUNQog_2J19CcmUMNeVFiA5gZdp2vt4zJApuJnbZCo0rhW82XGohf8HIzodnE3zCmKEuAY8CARG4M8xwDwoOX5uKFw7O1Fq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Feb 2024 21:06:28 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=2, max=99
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
aETU3lr6taxmKDz0
tm.regions.com/ Frame 2884
0
218 B
Script
General
Full URL
https://tm.regions.com/aETU3lr6taxmKDz0?16334600e6d64567=tZzDEiSzBajkSyVlbdPg22RCruGsOIj9xu-4zHURcezBEoxbGg6mPPbSNIrOk4azbCza97yg_l8u85NT6gYy1wf4AXDuF8rm1u0GGZTAwJ5FqdlCjjE_GsJ4fM1pAAcveOvEGxnpsH0S90MrT5S8xke0jdBTJbkDekSKKVa3mZk_lwErTP1wRdpG1MaRLlX91mwQ7bIqIo7mz2dNAlc&je=313a3526266a636135312670656d5f7772646976673d2d3f42253030322532322d314125374a2732327667702d3232253149332735442d3041253a3a31253030273341253f40253232616c7075745d3431383736313d352730322d3143253d4a66616e71672532432d303263686d616b626f7a273a322532413c253746253f4627374c
Requested by
Host: tm.regions.com
URL: https://tm.regions.com/9xTCJgVbwvpJln8E?cd4a922fe4ad5291=xQ8-QcjGcNkyaHvbYzRFCShu8RI0PzRdpea-WrF0FtwBjefbbrfeyhtf8Cg7j74S7JXmDVWFE7Sl8jR48za5Wnz7cy3OyiphTSJUJRa3Wu278-ZrbhtvlNKzXLNYa-0LBQe4izrL9vJLncsTnFPszJcKaNjQW5Cohclk6SW1EJZ0cHPzN2S7eo8WAe65RpZc2w24wrLZaIK1c8xO&jb=353124266a736d773557696e66677771246a7b6d3f576166646f75712732303139246a73627d3f4368726d6f6d266a736035436a706f6567273238393231
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.72 , United States, ASN30286 (THM, US),
Reverse DNS
h.threatmetrix.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.regions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 21:06:28 GMT
Strict-Transport-Security
max-age=31536000
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=2, max=96
Content-Type
text/javascript;charset=UTF-8
nq-GtxPUvymoadP9
tm.regions.com/ Frame 2884
0
387 B
Script
General
Full URL
https://tm.regions.com/nq-GtxPUvymoadP9?1fabf512dac5e77b=aBltVTPP1SHnPbNeVe3X6RJD4E65iZIPfXn1s78OsVycR5grz3CNPVI1UgATR4tFLvxsIc7Z9NOUqwf_WgK1aaa5hmcNg9lbgyihjoKDl6dLq8_Syg86_IJc2cYBFayZcVbCEIJdwPXguT2DdXY06DXOy_0&jac=1&je=35303026266a646c3533266a64603d3b3b36393533666a6e39373135673336376a633735346a6033396261363a633826686e746c3f3032373a3a3b2e77656b3f31372e35302c35372e3d24706d3d6c6d2e626174717c3d2735422d30306c6d7e656c273030253341392c3030253a41253232717669747573273a322731412d303063606972676b6c652532322d354426617d66683d6363356a396536673e38336163696134663a693763333b303933363b363662356b3131373934603c643864663c383432303b3a64653c6e3033646166383435312465783335613133633667383539653a39643235376e3164646a3864383a35633938343c633862656b31633362247769683d25354a253030617a616a697c6d63747770672532322d314125323a2732322530412d3232626b7c6e6771732d3030253b4925323027303225324b273232627a636e647327303a253341273d422737442d3041253a3a66756e6e54657273616d6e4c697b76253232273149253542273d442730432d30306d676a696c6727303225334964616c736d273243253030656f64656e2d32302733492730322d3a3225304127323270646374666f7a6f253232273149253232273a322730432d303070646974666d706f5665727b6b6f6e253a3025334127303a253232273a432730327f6d75363c2d323227314366616c7b672537442e77616c3d27354a253232607a616c66732d3030253b4925354027374425324b2732326d6760696c6527303a25334164696c7167253a4127323a786c6176646d726d253a302533412d3032253230273f44
Requested by
Host: tm.regions.com
URL: https://tm.regions.com/9xTCJgVbwvpJln8E?cd4a922fe4ad5291=xQ8-QcjGcNkyaHvbYzRFCShu8RI0PzRdpea-WrF0FtwBjefbbrfeyhtf8Cg7j74S7JXmDVWFE7Sl8jR48za5Wnz7cy3OyiphTSJUJRa3Wu278-ZrbhtvlNKzXLNYa-0LBQe4izrL9vJLncsTnFPszJcKaNjQW5Cohclk6SW1EJZ0cHPzN2S7eo8WAe65RpZc2w24wrLZaIK1c8xO&jb=353124266a736d773557696e66677771246a7b6d3f576166646f75712732303139246a73627d3f4368726d6f6d266a736035436a706f6567273238393231
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.72 , United States, ASN30286 (THM, US),
Reverse DNS
h.threatmetrix.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.regions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Feb 2024 21:06:28 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=95
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| regionstm function| OnceLoaded function| uuidv4 function| getEnv object| hp_frame object| tmx_frame object| tmx_script object| webpackJsonpenterprise-auth-prototype function| DOMPurify object| com object| aesjs object| elliptic function| sha256 function| sha224 object| __XMSDK_PLUGINS object| ensBootstraps object| Bootstrapper function| tmx_run_page_fingerprinting boolean| tmx_profiling_started function| tmx_post_session_params_fixed string| lang

5 Cookies

Domain/Path Name / Value
onlinebanking.regions.com/ Name: DeviceName
Value: desktop
onlinebanking.regions.com/ Name: AnonToken
Value: ANONYMOUS-4f90e64a-aa65-4873-b195-90255003b38a
onlinebanking.regions.com/ Name: NSC_JOlv3bx3ccryh4kbsoqu11csy0pulcc
Value: ffffffff09aece0045525d5f4f58455e445a4a423660
tm.regions.com/ Name: thx_guid
Value: 3b6b6751a0ccd0dd4b793acc7df6494a
.regions.com/ Name: s_vi
Value: [CS]v1|32E0A6EA26F76E9D-60001F5AC30F1727[CE]

16 Console Messages

Source Level URL
Text
worker error URL: blob:https://login.regions.com/d1e8b75e-2812-4161-8a7b-8bae3e104a46(Line 14)
Message:
Refused to connect to 'wss://127.0.0.1:63333/' because it violates the following Content Security Policy directive: "connect-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob:".
worker error URL: blob:https://login.regions.com/8cd13543-af69-4497-af72-b51f5347be62(Line 14)
Message:
Refused to connect to 'wss://127.0.0.1:5901/' because it violates the following Content Security Policy directive: "connect-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob:".
worker error URL: blob:https://login.regions.com/b3892473-17bf-446b-83c7-cd310d28f8f2(Line 14)
Message:
Refused to connect to 'wss://127.0.0.1:5902/' because it violates the following Content Security Policy directive: "connect-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob:".
worker error URL: blob:https://login.regions.com/2d742886-84ec-431a-8124-537d228ecde3(Line 14)
Message:
Refused to connect to 'wss://127.0.0.1:5903/' because it violates the following Content Security Policy directive: "connect-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob:".
worker error URL: blob:https://login.regions.com/aa18f2fe-9670-4e3a-838c-dcaea7289358(Line 14)
Message:
Refused to connect to 'wss://127.0.0.1:5900/' because it violates the following Content Security Policy directive: "connect-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob:".
worker error URL: blob:https://login.regions.com/a4fffcf8-4706-40c9-9209-3f490dbbb652(Line 14)
Message:
Refused to connect to 'wss://127.0.0.1:5950/' because it violates the following Content Security Policy directive: "connect-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob:".
worker error URL: blob:https://login.regions.com/915466ed-a2be-47fd-a9ee-39e2be85650e(Line 14)
Message:
Refused to connect to 'wss://127.0.0.1:3389/' because it violates the following Content Security Policy directive: "connect-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob:".
worker error URL: blob:https://login.regions.com/e3cc39e8-d2df-40fd-bd9c-9cae2dd5dbe3(Line 14)
Message:
Refused to connect to 'wss://127.0.0.1:5931/' because it violates the following Content Security Policy directive: "connect-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob:".
worker error URL: blob:https://login.regions.com/302b94ab-502b-4de8-b928-83edc5439ead(Line 14)
Message:
Refused to connect to 'wss://127.0.0.1:6039/' because it violates the following Content Security Policy directive: "connect-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob:".
worker error URL: blob:https://login.regions.com/fa27899b-8a94-4717-accd-b27b34fcfd20(Line 14)
Message:
Refused to connect to 'wss://127.0.0.1:5944/' because it violates the following Content Security Policy directive: "connect-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob:".
worker error URL: blob:https://login.regions.com/cfe9933a-32a6-4bd8-a04d-3bfb96b12333(Line 14)
Message:
Refused to connect to 'wss://127.0.0.1:5938/' because it violates the following Content Security Policy directive: "connect-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob:".
worker error URL: blob:https://login.regions.com/6e973d5c-ef25-40b1-a799-4711fa2a1dbb(Line 14)
Message:
Refused to connect to 'wss://127.0.0.1:6040/' because it violates the following Content Security Policy directive: "connect-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob:".
worker error URL: blob:https://login.regions.com/ae47f990-4197-4f33-913e-1b7e54e2bb1b(Line 14)
Message:
Refused to connect to 'wss://127.0.0.1:7070/' because it violates the following Content Security Policy directive: "connect-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob:".
worker error URL: blob:https://login.regions.com/88ebef4f-6eb9-4ecd-bc43-76f4ae2f7cd7(Line 14)
Message:
Refused to connect to 'wss://127.0.0.1:5279/' because it violates the following Content Security Policy directive: "connect-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob:".
worker error URL: blob:https://login.regions.com/11da334b-f56e-4074-a401-3aa7cf2e5e7a(Line 14)
Message:
Refused to connect to 'wss://127.0.0.1:5939/' because it violates the following Content Security Policy directive: "connect-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob:".
worker error URL: blob:https://login.regions.com/b60cccd4-aed9-4cfb-82d0-08970bb4d416(Line 14)
Message:
Refused to connect to 'wss://127.0.0.1:2112/' because it violates the following Content Security Policy directive: "connect-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob:".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' *.regions.com *.regionstest.com ; font-src 'self' *.rgbk.com *.regions.com *.regionstest.com fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.regions.com *.regionstest.com ajax.googleapis.com nexus.ensighten.com *.rgbk.com ; worker-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob: ; frame-src 'self' *.regions.com *.regionstest.com *.rgbk.com *.online-metrix.net ; style-src 'self' *.regions.com *.regionstest.com *.rgbk.com fonts.googleapis.com 'sha256-BreOq6e1wcF1D+T+VhWl6cPwgMWJLnFdXcJN4ewb7FI=' ; media-src 'self' *.regions.com *.regionstest.com *.rgbk.com ; img-src 'self' *.regions.com *.regionstest.com *.rgbk.com nexus.ensighten.com *.online-metrix.net ; object-src 'self' *.regions.com *.regionstest.com *.rgbk.com ; connect-src 'self' *.regions.com *.regionstest.com *.rgbk.com blob: ;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3uc6h1j9pznq2ljn7ik6tcn3rqdqmlddb4axwyljef45ba0dcbc7f20eam1.e.aa.online-metrix.net
fonts.googleapis.com
fonts.gstatic.com
h.online-metrix.net
login.regions.com
nexus.ensighten.com
onlinebanking.regions.com
smetrics.regions.com
tm.regions.com
18.66.147.70
205.255.100.241
2600:9000:206f:3a00:2:8f43:5780:93a1
2a00:1450:4001:80e::2003
2a00:1450:4001:830::200a
63.140.62.27
91.235.132.130
91.235.132.72
91.235.134.131
1b24cacc4c691731453fb5d3f6744182d882f92b79fe83a4474c3af0dbfa1375
287692336a029b521834539f2e65fbb9fb1150842e7168d583fba62033eaaa51
2e2318fade9b72bb01d25d4c6d5096fb3313581b31bc2f7d4bfe689d1812df71
30f89c3531fcaa5065819323c9f2d377fde3267cd02e1dcd3575253d3ce81d5d
377508b05bbd8041deacb5db351917057ab6f538eea7f51597181b2d45b6e73c
39e36b5da45fded3bd91e2fe00231ae2837c83d1fc225d2e813ebd16c5eaf56d
4299324341387ca93bc37cc423527682580ed041f877722a2ff5774912d53984
48d64c4cd2e059eba50534a6a0908e69052d300d3167802bea888e847b978db2
4f746801f1fcded44422f295bf218687b3a84d6fbfafdb6db78724dd0b1d2ed9
51a6fc83eb6f24d2ad47cd9d24003b60673fe714766d8cc149c5e445d70ea2c0
5c67777e859ba4ffabd0a44c84c2eb71e19ac7388cf0fc51c82115993c3b8abc
5d7162ad34b87aea938fb0227d7fbe179a5118ca97070c136ae2eb08b6629a33
6049cb3c830c484d01c9460f73be9a82752a181d3e61f17e31a253175a9424b2
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
8ed22e9a0ad69af719553fce92e12b5526e40e3bf3d047acfd78eb1f49f54768
90d0c2523652cc5a8a3fd77987a01699668c62be01a908b5952ccbbaa7503a3d
90e880b4dc5c807b98f815783776c037f2246d9031a9082632729f0a06231352
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
a0a84fec9c1f1b3001f53d381de75c25a1598fe2271ab3539d65fc536b63e450
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a67e1a24843046ff5130071a738f0987adfeca733c43804672b2e5807f845551
acf047ce1d5c9844ef764d1f7494d2370a717f277fa5a880365bec0528b006b6
b5f11407b4d41e95ba766acf93333105408d422821bc9b527f01325d2e8e91c5
b8efe6886ea277ab672fef8e7008f079d27c9aa5d01b8c9d78577db5b8d281c8
c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
defc04959b42e0920da0e67fe0112e4812a931bf8af7d22542e1f5c58158e351
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855