urlscan.io logo urlscan.io
SecurityTrails logo

ecm.capitalone.com Open in urlscan Pro
23.45.105.44  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click-notification.capitalone.com/f/a/GviXfThb3yDw2Jx-wgWRCA~~/AAAAAQA~/RgRgr-n2P0RGaHR0cHM6Ly9lY20uY2FwaXRhbG9uZS5jb20vTWVzc2FnaW...
Effective URL: https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
Submission: On May 26 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 5 countries across 3 domains to perform 17 HTTP transactions. The main IP is 23.45.105.44, located in Netherlands and belongs to AKAMAI-ASN1, EU. The main domain is ecm.capitalone.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on August 1st 2019. Valid for: 2 years.
This is the only time ecm.capitalone.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.187.21.230 16509 (AMAZON-02)
7 23.45.105.44 20940 (AKAMAI-ASN1)
3 23.45.109.22 20940 (AKAMAI-ASN1)
1 18.197.253.20 16509 (AMAZON-02)
3 3.124.173.63 16509 (AMAZON-02)
1 2 52.208.89.132 16509 (AMAZON-02)
1 18.204.187.183 14618 (AMAZON-AES)
1 35.181.91.36 16509 (AMAZON-02)
17 7
1    54.187.21.230 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-187-21-230.us-west-2.compute.amazonaws.com
click-notification.capitalone.com
7    23.45.105.44 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-45-105-44.deploy.static.akamaitechnologies.com
ecm.capitalone.com
3    23.45.109.22 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-45-109-22.deploy.static.akamaitechnologies.com
www.capitalone.com
1    18.197.253.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
nexus.ensighten.com
3    3.124.173.63 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
tms.capitalone.com
2    52.208.89.132 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-89-132.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    18.204.187.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-204-187-183.compute-1.amazonaws.com
potomac-clickstream.capitalone.com
1    35.181.91.36 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-181-91-36.eu-west-3.compute.amazonaws.com
smetrics.capitalone.com
Domain Requested by
7 ecm.capitalone.com ecm.capitalone.com
3 tms.capitalone.com nexus.ensighten.com
3 www.capitalone.com ecm.capitalone.com
2 dpm.demdex.net 1 redirects ecm.capitalone.com
1 smetrics.capitalone.com tms.capitalone.com
1 potomac-clickstream.capitalone.com tms.capitalone.com
1 nexus.ensighten.com ecm.capitalone.com
1 click-notification.capitalone.com 1 redirects
17 8

This site contains links to these domains. Also see Links.

Domain
mi.capitalone.com
Subject Issuer Validity Valid
ecm.capitalone.com
DigiCert SHA2 Extended Validation Server CA		 2019-08-01 -
2021-08-01		 2 years crt.sh
www.capitalone.com
DigiCert SHA2 Extended Validation Server CA		 2019-04-15 -
2021-04-14		 2 years crt.sh
nexus.ensighten.com
DigiCert SHA2 Secure Server CA		 2019-10-03 -
2020-10-02		 a year crt.sh
tms.capitalone.com
DigiCert SHA2 Extended Validation Server CA		 2018-11-06 -
2020-11-05		 2 years crt.sh
*.demdex.net
DigiCert SHA2 High Assurance Server CA		 2018-01-09 -
2021-02-12		 3 years crt.sh
potomac-clickstream.capitalone.com
DigiCert SHA2 Extended Validation Server CA		 2020-04-23 -
2022-04-23		 2 years crt.sh
smetrics.capitalone.com
DigiCert SHA2 High Assurance Server CA		 2019-12-02 -
2021-03-04		 a year crt.sh

This page contains 1 frames:

Primary Page: https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
Frame ID: B5975EB2CC1ED081A12286619D4057A8
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://click-notification.capitalone.com/f/a/GviXfThb3yDw2Jx-wgWRCA~~/AAAAAQA~/RgRgr-n2P0RGaHR0cHM6Ly9lY20uY2FwaXRhbG... HTTP 302
    https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /^AmazonS3$/i
Overall confidence: 100%
Detected patterns
  • headers server /^AmazonS3$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/nexus\.ensighten\.com\//i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

17
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

8
Subdomains

7
IPs

5
Countries

248 kB
Transfer

606 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click-notification.capitalone.com/f/a/GviXfThb3yDw2Jx-wgWRCA~~/AAAAAQA~/RgRgr-n2P0RGaHR0cHM6Ly9lY20uY2FwaXRhbG9uZS5jb20vTWVzc2FnaW5nL3BhZ2VzL0NBL2VuLXRoYW5reW91LWNvbmZpcm0uaHRtbFcGY2Fwb25lQgoAG_ZkzV5fcptaUhtkZ2FyZGVuZXJAc3BlY3RyYWVuZXJneS5jb21YBAAAAAA~ HTTP 302
    https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://dpm.demdex.net/id?d_visid_ver=1.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=317906C354252E890A4C98BC%40AdobeOrg&d_nsid=0&ts=1590520505196 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=1.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=317906C354252E890A4C98BC%40AdobeOrg&d_nsid=0&ts=1590520505196

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request en-thankyou-confirm.html
ecm.capitalone.com/Messaging/pages/CA/
Redirect Chain
  • https://click-notification.capitalone.com/f/a/GviXfThb3yDw2Jx-wgWRCA~~/AAAAAQA~/RgRgr-n2P0RGaHR0cHM6Ly9lY20uY2FwaXRhbG9uZS5jb20vTWVzc2FnaW5nL3BhZ2VzL0NBL2VuLXRoYW5reW91LWNvbmZpcm0uaHRtbFcGY2Fwb25lQ...
  • https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.105.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-45-105-44.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
dfa0d93332b364547d187395572c4f42abd666fd6bd32c54ff748eb2e670fa39

Request headers

:method
GET
:authority
ecm.capitalone.com
:scheme
https
:path
/Messaging/pages/CA/en-thankyou-confirm.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
content-type
text/html
last-modified
Thu, 19 Sep 2019 13:45:04 GMT
x-amz-server-side-encryption
AES256
x-amz-version-id
yQrjlLl8IjZ7_iltU4RZ3yke34pAMqBQ
server
AmazonS3
content-encoding
gzip
vary
Accept-Encoding
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
P7g2aaeHW_CUld-dLP412mlQoTW6Yxc3VH_aQDnvp-ezQGqhseU5-A==
content-length
1199
date
Tue, 26 May 2020 19:15:04 GMT
access-control-max-age
86400
access-control-allow-credentials
false
access-control-allow-headers
*
access-control-allow-methods
GET,POST
access-control-allow-origin
*

Redirect headers

status
302
date
Tue, 26 May 2020 19:15:03 GMT
content-type
text/plain
location
https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
x-robots-tag
noindex
server
msys-http
ods-core.0.8.2.min.css
www.capitalone.com/assets/enterprise/css/ods-core/ 		145 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.capitalone.com/assets/enterprise/css/ods-core/ods-core.0.8.2.min.css
Requested by
Host: ecm.capitalone.com
URL: https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.109.22 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-45-109-22.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e3c05e99d2578bde07cd43cdba5603d4fb60fcd7f8ce84023dda9a2a972c2825
Security Headers
Name Value
Strict-Transport-Security max-age=15560000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
uJovwV0BYqA1LaKrfmWBnRmVG3mjT_jb
content-encoding
gzip
vary
Accept-Encoding
last-modified
Fri, 06 Mar 2020 03:21:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA53
x-amz-server-side-encryption
AES256
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
date
Tue, 26 May 2020 19:15:04 GMT
x-amz-replication-status
REPLICA
strict-transport-security
max-age=15560000
content-length
17949
x-amz-cf-id
ucHdOsmTlHOgogJu0pFo3e1pVHIOTDMgkLkTStBwgyKRNKr8xZSznQ==
styles.css
ecm.capitalone.com/Messaging/assets/css/pages/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ecm.capitalone.com/Messaging/assets/css/pages/styles.css
Requested by
Host: ecm.capitalone.com
URL: https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.105.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-45-105-44.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ba291c9e1df22a89a942f7dab78487b73ac6354a1c78becfc7ecb623b378720d

Request headers

Referer
https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
8iDJGMG5a4kkPm9tVGHU4m81VFX88_f2
content-encoding
gzip
vary
Accept-Encoding
x-amz-cf-pop
FRA53
x-amz-server-side-encryption
AES256
status
200
content-length
822
last-modified
Thu, 14 Nov 2019 15:43:56 GMT
server
AmazonS3
date
Tue, 26 May 2020 19:15:04 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
text/css
access-control-allow-origin
*
access-control-allow-credentials
false
access-control-allow-headers
*
x-amz-cf-id
h-fKAlxMonmFXm-hVBHC0FYLJMzjYyZvMLVeCvtqiXGFk7sxPmIdhg==
jquery.js
ecm.capitalone.com/Messaging/assets/js/pages/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecm.capitalone.com/Messaging/assets/js/pages/jquery.js
Requested by
Host: ecm.capitalone.com
URL: https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.105.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-45-105-44.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855

Request headers

Referer
https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
xCG65QHqPLrL0jAV_wBKdbJoI1Dysm9X
content-encoding
gzip
vary
Accept-Encoding
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
status
200
content-length
30275
last-modified
Fri, 28 Jun 2019 01:21:36 GMT
server
AmazonS3
date
Tue, 26 May 2020 19:15:04 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-credentials
false
access-control-allow-headers
*
x-amz-cf-id
7urnGYk0dCUCGWSIf5WN_xgquAO8bDugNNZf9GZQ2AWZxaM4j3RQWw==
Bootstrap.js
nexus.ensighten.com/capitalone/ 		83 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/capitalone/Bootstrap.js
Requested by
Host: ecm.capitalone.com
URL: https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cefae93721c6c4638a7a17f9272358c7d906b4455ec52899764d354ef2533587

Request headers

Referer
https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 19:15:04 GMT
content-encoding
gzip
last-modified
Tue, 26 May 2020 18:10:37 GMT
server
nginx
etag
W/"5ecd5b9d-14a78"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=300
blue_check_mark.png
ecm.capitalone.com/Messaging/assets/images/42000/800/42849/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecm.capitalone.com/Messaging/assets/images/42000/800/42849/blue_check_mark.png
Requested by
Host: ecm.capitalone.com
URL: https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.105.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-45-105-44.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
29332b6e7267bd8d9af48dcbc9bba23cd10e71d0d01c61be61e3681cdc30ae3b

Request headers

Referer
https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 19:15:05 GMT
last-modified
Thu, 14 May 2020 22:10:49 GMT
server
Akamai Image Manager
status
200
etag
"82403680fe0a66a5af8116499a4e7311"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
no-transform, max-age=3091
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
36752
expires
Tue, 26 May 2020 20:06:36 GMT
includes.js
ecm.capitalone.com/Messaging/assets/js/pages/ 		12 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecm.capitalone.com/Messaging/assets/js/pages/includes.js
Requested by
Host: ecm.capitalone.com
URL: https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.105.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-45-105-44.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
bed9e7d0cb9d2dec167671ab138891f370e2ae6fb72f277873a569e7b75164a4

Request headers

Referer
https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
uzwaTJ5qbPoGW.o6nkBhmUDrRMJ04zeG
content-encoding
gzip
vary
Accept-Encoding
x-amz-cf-pop
FRA53
x-amz-server-side-encryption
AES256
status
200
content-length
1992
last-modified
Wed, 18 Mar 2020 18:21:03 GMT
server
AmazonS3
date
Tue, 26 May 2020 19:15:05 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-credentials
false
access-control-allow-headers
*
x-amz-cf-id
9Sr8dVFPk3seHH9nubhFlFkNl-FevRRYVJvIUijm77GDNbH0sdfulQ==
Optimist_W_Lt.woff2
www.capitalone.com/assets/enterprise/fonts/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.capitalone.com/assets/enterprise/fonts/Optimist_W_Lt.woff2
Requested by
Host: ecm.capitalone.com
URL: https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.109.22 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-45-109-22.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
902c5a9d8ad932630fb2021fe1a1a7f4f06513b19e8d073866178ee65ff33fe9
Security Headers
Name Value
Strict-Transport-Security max-age=15560000
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.capitalone.com/assets/enterprise/css/ods-core/ods-core.0.8.2.min.css
Origin
https://ecm.capitalone.com

Response headers

x-amz-version-id
rYmOtYrbvt9ICgKXcMXVAYj7Y7XuDLlD
etag
"cb37fa55f3dfdd26d61901032a53644f"
x-amz-cf-pop
FRA54
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
REPLICA
strict-transport-security
max-age=15560000
content-length
27852
last-modified
Fri, 06 Mar 2020 03:21:16 GMT
server
AmazonS3
date
Tue, 26 May 2020 19:15:04 GMT
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,OPTIONS
content-type
binary/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
t9qwTrIHmeFgFoV1cblsOcExD1je4QCWM4b0HtyH7H0gKTVTvLc3Jw==
Optimist_W_Rg.woff2
www.capitalone.com/assets/enterprise/fonts/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.capitalone.com/assets/enterprise/fonts/Optimist_W_Rg.woff2
Requested by
Host: ecm.capitalone.com
URL: https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.109.22 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-45-109-22.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
9b98e19f831844b3dae8e1fd65b6802bc778446fbdacac8203e34bbc02eacbcd
Security Headers
Name Value
Strict-Transport-Security max-age=15560000
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.capitalone.com/assets/enterprise/css/ods-core/ods-core.0.8.2.min.css
Origin
https://ecm.capitalone.com

Response headers

x-amz-version-id
mOMER8t2ZgCGu0bM4bmwB2pUBL0ihOvA
etag
"f4e1fbca28c954a486a90828b2ee7543"
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
REPLICA
strict-transport-security
max-age=15560000
content-length
28388
last-modified
Fri, 06 Mar 2020 03:21:16 GMT
server
AmazonS3
date
Tue, 26 May 2020 19:15:04 GMT
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,OPTIONS
content-type
binary/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
4KxMtn7F3rnnkgRppZdEV-yJqOCL4Kbo9AOLsrp7bM-WK-Ui59YrMw==
serverComponent.php
tms.capitalone.com/capitalone/prod/ 		388 B
413 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tms.capitalone.com/capitalone/prod/serverComponent.php?r=65577014.32958045&ClientID=581&PageID=https%3A%2F%2Fecm.capitalone.com%2FMessaging%2Fpages%2FCA%2Fen-thankyou-confirm.html%3Fwebview%3Dundefined
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/capitalone/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ecbe7fae440cfdb2c6c874089d4629077e4bcc96279fc170e37f83f885b1c045

Request headers

Referer
https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 19:15:04 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
no-cache, no-store
expires
Tue, 26 May 2020 19:15:03 GMT
58029603afc6f0c3bb8cc28d623ad332.js
tms.capitalone.com/capitalone/prod/code/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tms.capitalone.com/capitalone/prod/code/58029603afc6f0c3bb8cc28d623ad332.js?conditionId0=421879
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/capitalone/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e11dc325e3aa207a204db14b6744a996a103db25843c3d9e930ef34bc2babd26

Request headers

Referer
https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 19:15:05 GMT
content-encoding
gzip
last-modified
Wed, 20 May 2020 18:18:48 GMT
server
nginx
etag
W/"5ec57488-2212"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=315360000
594a0500e3b0ae342dc9643372de918c.js
tms.capitalone.com/capitalone/prod/code/ 		161 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tms.capitalone.com/capitalone/prod/code/594a0500e3b0ae342dc9643372de918c.js?conditionId0=1172917
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/capitalone/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
acd7c6892cf737a5a4526ffdcc34d6ac2bc269b981fc1dc292daf70d123bed4f

Request headers

Referer
https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 19:15:05 GMT
content-encoding
gzip
last-modified
Wed, 20 May 2020 18:18:48 GMT
server
nginx
etag
W/"5ec57488-28545"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=315360000
logo_core_can_2x.png
ecm.capitalone.com/Messaging/assets/images/pages/global/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecm.capitalone.com/Messaging/assets/images/pages/global/logo_core_can_2x.png
Requested by
Host: ecm.capitalone.com
URL: https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.105.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-45-105-44.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
dea6d45c3362791edb38c05ac1cbe097cba6a212986f2f988497532a100dc026

Request headers

Referer
https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 19:15:05 GMT
last-modified
Tue, 26 May 2020 07:37:47 GMT
server
Akamai Image Manager
status
200
etag
"7410bbfbdba411cbfb4d18c5602229b2"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
no-transform, max-age=3214
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
8350
expires
Tue, 26 May 2020 20:08:39 GMT
logo_core-footer_2x.png
ecm.capitalone.com/Messaging/assets/images/pages/global/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecm.capitalone.com/Messaging/assets/images/pages/global/logo_core-footer_2x.png
Requested by
Host: ecm.capitalone.com
URL: https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.105.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-45-105-44.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
ef0a4339c1d4dfc8a44f5b32342806ba95028b756495c1fed26ce31395b7f6ac

Request headers

Referer
https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 19:15:05 GMT
last-modified
Tue, 28 Apr 2020 22:05:23 GMT
server
Akamai Image Manager
status
200
etag
"770b591f7b3b428e644ca31cfda6f33d"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
no-transform, max-age=2913
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
5824
expires
Tue, 26 May 2020 20:03:38 GMT
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=1.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=317906C354252E890A4C98BC%40AdobeOrg&d_nsid=0&ts=1590520505196
  • https://dpm.demdex.net/id/rd?d_visid_ver=1.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=317906C354252E890A4C98BC%40AdobeOrg&d_nsid=0&ts=1590520505196
227 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=1.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=317906C354252E890A4C98BC%40AdobeOrg&d_nsid=0&ts=1590520505196
Requested by
Host: ecm.capitalone.com
URL: https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.89.132 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-89-132.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
167298fb1ede15eeee09bd156eefa148639f3d2393eeaa938103aba19f5a568e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v069-0240ea2c6.edge-irl1.demdex.com 5.71.1.20200513095924 5ms (+0ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
tw516pZ7SMI=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://ecm.capitalone.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
227
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Origin
https://ecm.capitalone.com
X-TID
dUi0FgwQSmQ=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=1.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=317906C354252E890A4C98BC%40AdobeOrg&d_nsid=0&ts=1590520505196
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tp2
potomac-clickstream.capitalone.com/com.snowplowanalytics.snowplow/ 		2 B
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://potomac-clickstream.capitalone.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: tms.capitalone.com
URL: https://tms.capitalone.com/capitalone/prod/code/594a0500e3b0ae342dc9643372de918c.js?conditionId0=1172917
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.204.187.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-187-183.compute-1.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://ecm.capitalone.com
Date
Tue, 26 May 2020 19:15:06 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/plain; charset=UTF-8
Content-Length
2
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
id
smetrics.capitalone.com/ 		48 B
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://smetrics.capitalone.com/id?d_visid_ver=1.6.0&d_fieldgroup=A&mcorgid=317906C354252E890A4C98BC%40AdobeOrg&mid=84474940061811060372334456795036305105&ts=1590520505584
Requested by
Host: tms.capitalone.com
URL: https://tms.capitalone.com/capitalone/prod/code/594a0500e3b0ae342dc9643372de918c.js?conditionId0=1172917
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.181.91.36 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-91-36.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
aff24773b60ee0a1af594d5e2ded3def332856d9f3e21a02890ea129038f13d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

status
200
date
Tue, 26 May 2020 19:15:05 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-65fb49f79-6zwp6
vary
Origin
x-c
master-1221.I0e927e.M0-376
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://ecm.capitalone.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-type
application/x-javascript;charset=utf-8
content-length
48
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery object| ensBootstraps object| Bootstrapper object| GlobalSnowplowNamespace function| sp object| publisherFW string| k string| framework object| header function| headers function| footers number| s_objectID number| s_giq function| AppMeasurement object| s_c_il number| s_c_in function| Visitor object| s object| Snowplow

7 Cookies

Domain/Path Name / Value
.capitalone.com/ Name: AMCV_317906C354252E890A4C98BC%40AdobeOrg
Value: 817868104%7CMCIDTS%7C18409%7CMCMID%7C84474940061811060372334456795036305105%7CMCAAMLH-1591125305%7C6%7CMCAAMB-1591125305%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1590527705s%7CNONE%7CMCAID%7CNONE
.capitalone.com/ Name: TLTSID
Value: 256E6DE06634A55EF25FA98A358EF1C5
.capitalone.com/ Name: AMCVS_317906C354252E890A4C98BC%40AdobeOrg
Value: 1
.capitalone.com/ Name: s_ecid
Value: MCMID%7C84474940061811060372334456795036305105
.capitalone.com/ Name: TLTUID
Value: A34DB723A130B549210C2CD8C117CE07
.capitalone.com/ Name: _sp_ses.73e1
Value: *
.capitalone.com/ Name: _sp_id.73e1
Value: 60adcc8e-961b-4b99-9e9e-88f669a2c8c0.1590520505.1.1590520505.1590520505.875f07d3-dd9b-48aa-8732-d701f7abce97

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

click-notification.capitalone.com
dpm.demdex.net
ecm.capitalone.com
nexus.ensighten.com
potomac-clickstream.capitalone.com
smetrics.capitalone.com
tms.capitalone.com
www.capitalone.com
18.197.253.20
18.204.187.183
23.45.105.44
23.45.109.22
3.124.173.63
35.181.91.36
52.208.89.132
54.187.21.230
167298fb1ede15eeee09bd156eefa148639f3d2393eeaa938103aba19f5a568e
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
29332b6e7267bd8d9af48dcbc9bba23cd10e71d0d01c61be61e3681cdc30ae3b
902c5a9d8ad932630fb2021fe1a1a7f4f06513b19e8d073866178ee65ff33fe9
9b98e19f831844b3dae8e1fd65b6802bc778446fbdacac8203e34bbc02eacbcd
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
acd7c6892cf737a5a4526ffdcc34d6ac2bc269b981fc1dc292daf70d123bed4f
aff24773b60ee0a1af594d5e2ded3def332856d9f3e21a02890ea129038f13d5
ba291c9e1df22a89a942f7dab78487b73ac6354a1c78becfc7ecb623b378720d
bed9e7d0cb9d2dec167671ab138891f370e2ae6fb72f277873a569e7b75164a4
cefae93721c6c4638a7a17f9272358c7d906b4455ec52899764d354ef2533587
dea6d45c3362791edb38c05ac1cbe097cba6a212986f2f988497532a100dc026
dfa0d93332b364547d187395572c4f42abd666fd6bd32c54ff748eb2e670fa39
e11dc325e3aa207a204db14b6744a996a103db25843c3d9e930ef34bc2babd26
e3c05e99d2578bde07cd43cdba5603d4fb60fcd7f8ce84023dda9a2a972c2825
ecbe7fae440cfdb2c6c874089d4629077e4bcc96279fc170e37f83f885b1c045
ef0a4339c1d4dfc8a44f5b32342806ba95028b756495c1fed26ce31395b7f6ac