pen.akm.mybluehostin.me Open in urlscan Pro
162.214.80.97 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://capiitalonne.stivsolutions.net/
Effective URL:
https://pen.akm.mybluehostin.me/capitalone/signin.php?q=citizens+za&source=hp&ei=bgdhZN7LB6ieptQP0aufoAU&iflsig
Submission: On September 06 via api (September 6th 2023, 5:09:51 pm UTC) from US — Scanned from DE

Summary HTTP 35 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 35 HTTP transactions. The main IP is 162.214.80.97, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is pen.akm.mybluehostin.me.
TLS certificate: Issued by R3 on August 5th 2023. Valid for: 3 months.

This is the only time pen.akm.mybluehostin.me was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: CapitalOne (Financial)

Domain & IP information

	IP Address	AS Autonomous System
1 1	185.119.88.30 185.119.88.30	207604 (UNITED) (UNITED)
1 17	162.214.80.97 162.214.80.97	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
10	184.86.251.9 184.86.251.9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
35	3

1 185.119.88.30 (Belgrade, Serbia) 1 redirects

ASN207604 (UNITED, RS)
PTR: s10.unlimited.rs

capiitalonne.stivsolutions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 162.214.80.97 (United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: sh040.webhostingservices.com

pen.akm.mybluehostin.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 184.86.251.9 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-251-9.deploy.static.akamaitechnologies.com

ecm.capitalone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	mybluehostin.me 1 redirects pen.akm.mybluehostin.me	318 KB
10	capitalone.com ecm.capitalone.com — Cisco Umbrella Rank: 13788	92 KB
1	stivsolutions.net 1 redirects capiitalonne.stivsolutions.net	246 B
35	3

	Domain	Requested by
17	pen.akm.mybluehostin.me	1 redirects pen.akm.mybluehostin.me
10	ecm.capitalone.com	pen.akm.mybluehostin.me
1	capiitalonne.stivsolutions.net	1 redirects
35	3

This site contains no links.

Subject Issuer	Validity	Valid
cpcontacts.pen.akm.mybluehostin.me R3	`2023-08-05` - `2023-11-03`	3 months	crt.sh
ecm.capitalone.com DigiCert EV RSA CA G2	`2023-06-23` - `2024-06-25`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://pen.akm.mybluehostin.me/capitalone/signin.php?q=citizens+za&source=hp&ei=bgdhZN7LB6ieptQP0aufoAU&iflsig
Frame ID: 51B90ECED2917219E66BC9A8184C1E32
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://capiitalonne.stivsolutions.net/ HTTP 301
https://pen.akm.mybluehostin.me/capitalone HTTP 301
https://pen.akm.mybluehostin.me/capitalone/ Page URL
https://pen.akm.mybluehostin.me/capitalone/signin.php?q=citizens+za&source=hp&ei=bgdhZN7LB6ieptQP0aufoAU&iflsig Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

35
Requests

74 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

410 kB
Transfer

1525 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://capiitalonne.stivsolutions.net/ HTTP 301
https://pen.akm.mybluehostin.me/capitalone HTTP 301
https://pen.akm.mybluehostin.me/capitalone/ Page URL
https://pen.akm.mybluehostin.me/capitalone/signin.php?q=citizens+za&source=hp&ei=bgdhZN7LB6ieptQP0aufoAU&iflsig Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://capiitalonne.stivsolutions.net/ HTTP 301
https://pen.akm.mybluehostin.me/capitalone HTTP 301
https://pen.akm.mybluehostin.me/capitalone/

35 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
pen.akm.mybluehostin.me/capitalone/
Redirect Chain

http://capiitalonne.stivsolutions.net/
https://pen.akm.mybluehostin.me/capitalone
https://pen.akm.mybluehostin.me/capitalone/

4 KB
2 KB

675ms
675ms

Document
text/html

162.214.80.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://pen.akm.mybluehostin.me/capitalone/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.214.80.97 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

sh040.webhostingservices.com

Software

Apache /

Resource Hash

8fff0506f83587ea1a3bf034d2c68564736cd394ce847ed6eb9c4a3d8c105974

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 1394
content-type: text/html; charset=UTF-8
date: Wed, 06 Sep 2023 17:09:39 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Apache
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

content-length: 251
content-type: text/html; charset=iso-8859-1
date: Wed, 06 Sep 2023 17:09:39 GMT
location: https://pen.akm.mybluehostin.me/capitalone/
server: Apache

GET
H2 200 cf.css
pen.akm.mybluehostin.me/capitalone/Antibot/ 2 KB
809 B 248ms
247ms Stylesheet
text/css 162.214.80.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://pen.akm.mybluehostin.me/capitalone/Antibot/cf.css

Requested by

Host: pen.akm.mybluehostin.me
URL: https://pen.akm.mybluehostin.me/capitalone/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.214.80.97 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

sh040.webhostingservices.com

Software

Apache /

Resource Hash

6026255cc26e031389358227ccd1b7de6cba842c3978f9144d31cb30032276ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pen.akm.mybluehostin.me/capitalone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 17:09:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 02 Jun 2021 01:15:22 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 717
x-xss-protection: 1; mode=block

GET
H2 200 Primary Request signin.php Show response
pen.akm.mybluehostin.me/capitalone/ 78 KB
19 KB 798ms
797ms Document
text/html 162.214.80.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://pen.akm.mybluehostin.me/capitalone/signin.php?q=citizens+za&source=hp&ei=bgdhZN7LB6ieptQP0aufoAU&iflsig

Requested by

Host: pen.akm.mybluehostin.me
URL: https://pen.akm.mybluehostin.me/capitalone/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.214.80.97 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

sh040.webhostingservices.com

Software

Apache /

Resource Hash

0eb9d031560f59a3a6edfc6da6e24af7e183c76ea92beaa258a1762760b55ada

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pen.akm.mybluehostin.me/capitalone/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 06 Sep 2023 17:09:42 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Apache
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 712ff787f143e2fedc740cf96cd0f80b.js Show response
pen.akm.mybluehostin.me/capitalone/assets/ 285 B
314 B 256ms
253ms Script
application/javascript 162.214.80.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://pen.akm.mybluehostin.me/capitalone/assets/712ff787f143e2fedc740cf96cd0f80b.js

Requested by

Host: pen.akm.mybluehostin.me
URL: https://pen.akm.mybluehostin.me/capitalone/signin.php?q=citizens+za&source=hp&ei=bgdhZN7LB6ieptQP0aufoAU&iflsig

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.214.80.97 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

sh040.webhostingservices.com

Software

Apache /

Resource Hash

ce674d66d3b3716b71e616dd8aa4e7f12f7a605b31c2281d59b192d005cff1ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pen.akm.mybluehostin.me/capitalone/signin.php?q=citizens+za&source=hp&ei=bgdhZN7LB6ieptQP0aufoAU&iflsig
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 17:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Aug 2023 06:28:34 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 218
x-xss-protection: 1; mode=block

GET
H2 200 2d6b9362638574d196874650cdb28cd6.js Show response
pen.akm.mybluehostin.me/capitalone/assets/ 11 KB
4 KB 1747ms
1744ms Script
application/javascript 162.214.80.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://pen.akm.mybluehostin.me/capitalone/assets/2d6b9362638574d196874650cdb28cd6.js

Requested by

Host: pen.akm.mybluehostin.me
URL: https://pen.akm.mybluehostin.me/capitalone/signin.php?q=citizens+za&source=hp&ei=bgdhZN7LB6ieptQP0aufoAU&iflsig

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.214.80.97 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

sh040.webhostingservices.com

Software

Apache /

Resource Hash

f26e12141906e997408c12ad3b3b2832a13e09847ef9fb18fac722e9838b6c1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pen.akm.mybluehostin.me/capitalone/signin.php?q=citizens+za&source=hp&ei=bgdhZN7LB6ieptQP0aufoAU&iflsig
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 17:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Aug 2023 06:28:34 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 4513
x-xss-protection: 1; mode=block

GET 914a4a6f3a23a11a51feb0d6f6a68751.js
pen.akm.mybluehostin.me/capitalone/assets/ 0
0

GET c0d84295063dcdfcd1cc1f640130de02.js
pen.akm.mybluehostin.me/capitalone/assets/ 0
0

GET
H2 200 serverComponent.php Show response
pen.akm.mybluehostin.me/capitalone/assets/ 603 B
343 B 1193ms
1190ms Script
text/html 162.214.80.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://pen.akm.mybluehostin.me/capitalone/assets/serverComponent.php

Requested by

Host: pen.akm.mybluehostin.me
URL: https://pen.akm.mybluehostin.me/capitalone/signin.php?q=citizens+za&source=hp&ei=bgdhZN7LB6ieptQP0aufoAU&iflsig

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.214.80.97 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

sh040.webhostingservices.com

Software

Apache /

Resource Hash

cfbbc2e93e4f406033b3515a6e125de8def971a904805a3d9d007cd8b4394d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pen.akm.mybluehostin.me/capitalone/signin.php?q=citizens+za&source=hp&ei=bgdhZN7LB6ieptQP0aufoAU&iflsig
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 17:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
content-length: 312
x-xss-protection: 1; mode=block

GET
H2 200 Optimist_W_Lt.woff2
ecm.capitalone.com/CI_Common/assets/fonts/ 27 KB
28 KB 550ms
58ms Font
binary/octet-stream 184.86.251.9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ecm.capitalone.com/CI_Common/assets/fonts/Optimist_W_Lt.woff2
Requested by: Host: pen.akm.mybluehostin.me
URL: https://pen.akm.mybluehostin.me/capitalone/signin.php?q=citizens+za&source=hp&ei=bgdhZN7LB6ieptQP0aufoAU&iflsig
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.251.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-251-9.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 902c5a9d8ad932630fb2021fe1a1a7f4f06513b19e8d073866178ee65ff33fe9

Request headers

Referer: https://pen.akm.mybluehostin.me/
Origin: https://pen.akm.mybluehostin.me
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id: Q75rYxmglrbgkwTTGgaHL71RQB9n5YCD
date: Wed, 06 Sep 2023 17:09:43 GMT
access-control-request-method: POST,GET,PUT,DELETE
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
content-length: 27852
last-modified: Fri, 28 Jun 2019 00:26:02 GMT
server: AmazonS3
etag: "cb37fa55f3dfdd26d61901032a53644f"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=849834
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: hp21dpMAx1mudH4E2W2GUUBPjANcPr_meGVu_MbHUKrJyHHsAchxyg==
expires: Sat, 16 Sep 2023 13:13:37 GMT

GET
H2 200 Optimist_W_Rg.woff2
ecm.capitalone.com/CI_Common/assets/fonts/ 28 KB
28 KB 524ms
32ms Font
binary/octet-stream 184.86.251.9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ecm.capitalone.com/CI_Common/assets/fonts/Optimist_W_Rg.woff2
Requested by: Host: pen.akm.mybluehostin.me
URL: https://pen.akm.mybluehostin.me/capitalone/signin.php?q=citizens+za&source=hp&ei=bgdhZN7LB6ieptQP0aufoAU&iflsig
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.251.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-251-9.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 9b98e19f831844b3dae8e1fd65b6802bc778446fbdacac8203e34bbc02eacbcd

Request headers

Referer: https://pen.akm.mybluehostin.me/
Origin: https://pen.akm.mybluehostin.me
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id: 1GgM.ruzxSoQhqV._aklwOsuyVwoqFBE
date: Wed, 06 Sep 2023 17:09:43 GMT
access-control-request-method: POST,GET,PUT,DELETE
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
content-length: 28388
last-modified: Fri, 28 Jun 2019 00:26:02 GMT
server: AmazonS3
etag: "f4e1fbca28c954a486a90828b2ee7543"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=1890920
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: fNVsSCKoY373PQp2lbEKAUgzrJEu57HdBLiyL1V2v27nJSI5e1Pe7Q==
expires: Thu, 28 Sep 2023 14:25:03 GMT

GET
H2 200 Optimist_W_SBd.woff2
ecm.capitalone.com/CI_Common/assets/fonts/ 28 KB
28 KB 565ms
73ms Font
binary/octet-stream 184.86.251.9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ecm.capitalone.com/CI_Common/assets/fonts/Optimist_W_SBd.woff2
Requested by: Host: pen.akm.mybluehostin.me
URL: https://pen.akm.mybluehostin.me/capitalone/signin.php?q=citizens+za&source=hp&ei=bgdhZN7LB6ieptQP0aufoAU&iflsig
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.251.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-251-9.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 48b4ed4ba8ee0eaeddfba861e6772c61f818931816102636a888ec0b49bce056

Request headers

Referer: https://pen.akm.mybluehostin.me/
Origin: https://pen.akm.mybluehostin.me
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id: QmX7yv6RJT4hT4UTSJmqyU0reaonF3KP
date: Wed, 06 Sep 2023 17:09:43 GMT
access-control-request-method: POST,GET,PUT,DELETE
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
content-length: 28188
last-modified: Fri, 28 Jun 2019 00:26:02 GMT
server: AmazonS3
etag: "d647937062406e5cc182de0cc77947d8"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=1890825
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: UtxhvpaSMX052Ww3o2EnaalZOSMiicvTtL2I55a8hphxUCl1xyNDEA==
expires: Thu, 28 Sep 2023 14:23:28 GMT

GET
H2 200 Bootstrap.js Show response
pen.akm.mybluehostin.me/capitalone/assets/ 88 KB
34 KB 2163ms
2160ms Script
application/javascript 162.214.80.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://pen.akm.mybluehostin.me/capitalone/assets/Bootstrap.js

Requested by

Host: pen.akm.mybluehostin.me
URL: https://pen.akm.mybluehostin.me/capitalone/signin.php?q=citizens+za&source=hp&ei=bgdhZN7LB6ieptQP0aufoAU&iflsig

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.214.80.97 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

sh040.webhostingservices.com

Software

Apache /

Resource Hash

5d628e1ddf6ffedec9504eb52e487f9d8ab421e862e300ecf9196f00c8352d91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pen.akm.mybluehostin.me/capitalone/signin.php?q=citizens+za&source=hp&ei=bgdhZN7LB6ieptQP0aufoAU&iflsig
Origin: https://pen.akm.mybluehostin.me
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 17:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Aug 2023 06:28:34 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 cp_common.js Show response
pen.akm.mybluehostin.me/capitalone/assets/ 299 KB
176 KB 1931ms
1928ms Script
application/javascript 162.214.80.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://pen.akm.mybluehostin.me/capitalone/assets/cp_common.js

Requested by

Host: pen.akm.mybluehostin.me
URL: https://pen.akm.mybluehostin.me/capitalone/signin.php?q=citizens+za&source=hp&ei=bgdhZN7LB6ieptQP0aufoAU&iflsig

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.214.80.97 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

sh040.webhostingservices.com

Software

Apache /

Resource Hash

dcc9cb669bad21d9d506a9fa4473324f3c92a92eac61f009b01e924065a8bf48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pen.akm.mybluehostin.me/capitalone/signin.php?q=citizens+za&source=hp&ei=bgdhZN7LB6ieptQP0aufoAU&iflsig
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 17:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Aug 2023 06:28:34 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET 6.js
pen.akm.mybluehostin.me/capitalone/assets/ 0
0

GET
H2 200 c344d59e90 Show response
pen.akm.mybluehostin.me/capitalone/assets/ 56 B
86 B 1594ms
1592ms Script
text/plain 162.214.80.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://pen.akm.mybluehostin.me/capitalone/assets/c344d59e90

Requested by

Host: pen.akm.mybluehostin.me
URL: https://pen.akm.mybluehostin.me/capitalone/signin.php?q=citizens+za&source=hp&ei=bgdhZN7LB6ieptQP0aufoAU&iflsig

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.214.80.97 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

sh040.webhostingservices.com

Software

Apache /

Resource Hash

f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pen.akm.mybluehostin.me/capitalone/signin.php?q=citizens+za&source=hp&ei=bgdhZN7LB6ieptQP0aufoAU&iflsig
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 17:09:43 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Aug 2023 06:28:34 GMT
server: Apache
accept-ranges: bytes
content-length: 56
x-xss-protection: 1; mode=block

GET cc.js
pen.akm.mybluehostin.me/capitalone/assets/ 0
0

GET
H2 200 nr-spa-1169.min.js Show response
pen.akm.mybluehostin.me/capitalone/assets/ 37 KB
16 KB 1379ms
1376ms Script
application/javascript 162.214.80.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://pen.akm.mybluehostin.me/capitalone/assets/nr-spa-1169.min.js

Requested by

Host: pen.akm.mybluehostin.me
URL: https://pen.akm.mybluehostin.me/capitalone/signin.php?q=citizens+za&source=hp&ei=bgdhZN7LB6ieptQP0aufoAU&iflsig

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.214.80.97 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

sh040.webhostingservices.com

Software

Apache /

Resource Hash

37072a42526245f257b725698d7e70dfab281bfd00d38f1112dafd36a6e04176

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pen.akm.mybluehostin.me/capitalone/signin.php?q=citizens+za&source=hp&ei=bgdhZN7LB6ieptQP0aufoAU&iflsig
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 17:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Aug 2023 06:28:34 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 styles.d7eeec1c93eef5e61473.css
pen.akm.mybluehostin.me/capitalone/assets/ 97 KB
13 KB 1593ms
1591ms Stylesheet
text/css 162.214.80.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://pen.akm.mybluehostin.me/capitalone/assets/styles.d7eeec1c93eef5e61473.css

Requested by

Host: pen.akm.mybluehostin.me
URL: https://pen.akm.mybluehostin.me/capitalone/signin.php?q=citizens+za&source=hp&ei=bgdhZN7LB6ieptQP0aufoAU&iflsig

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.214.80.97 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

sh040.webhostingservices.com

Software

Apache /

Resource Hash

0c4f7f58335b6375e7a4500ab43f4057d09ac3017fd5f2f408259fc762b7ab15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pen.akm.mybluehostin.me/capitalone/signin.php?q=citizens+za&source=hp&ei=bgdhZN7LB6ieptQP0aufoAU&iflsig
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 17:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Aug 2023 06:28:34 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 12802
x-xss-protection: 1; mode=block

GET
H2 200 browserFingerPrintv1.min.js Show response
pen.akm.mybluehostin.me/capitalone/assets/ 28 KB
12 KB 2160ms
2158ms Script
application/javascript 162.214.80.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://pen.akm.mybluehostin.me/capitalone/assets/browserFingerPrintv1.min.js

Requested by

Host: pen.akm.mybluehostin.me
URL: https://pen.akm.mybluehostin.me/capitalone/signin.php?q=citizens+za&source=hp&ei=bgdhZN7LB6ieptQP0aufoAU&iflsig

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.214.80.97 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

sh040.webhostingservices.com

Software

Apache /

Resource Hash

559d96c9ff8af5055471707c21b22ac1a7bca706d199dc9f5659a65c02d7e944

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pen.akm.mybluehostin.me/capitalone/signin.php?q=citizens+za&source=hp&ei=bgdhZN7LB6ieptQP0aufoAU&iflsig
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 17:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Aug 2023 06:28:34 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 12075
x-xss-protection: 1; mode=block

GET
H2 200 smartBanner.js Show response
pen.akm.mybluehostin.me/capitalone/assets/ 2 KB
755 B 1745ms
1743ms Script
application/javascript 162.214.80.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://pen.akm.mybluehostin.me/capitalone/assets/smartBanner.js

Requested by

Host: pen.akm.mybluehostin.me
URL: https://pen.akm.mybluehostin.me/capitalone/signin.php?q=citizens+za&source=hp&ei=bgdhZN7LB6ieptQP0aufoAU&iflsig

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.214.80.97 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

sh040.webhostingservices.com

Software

Apache /

Resource Hash

fb506dd556d29c2b2b968853f96a25fa748753e2d26b1aa5eef0e9464802e4b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pen.akm.mybluehostin.me/capitalone/signin.php?q=citizens+za&source=hp&ei=bgdhZN7LB6ieptQP0aufoAU&iflsig
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 17:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Aug 2023 06:28:34 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 722
x-xss-protection: 1; mode=block

GET capital-one-logo.svg
pen.akm.mybluehostin.me/capitalone/assets/ 0
0

GET icon-user.svg
pen.akm.mybluehostin.me/capitalone/assets/ 0
0

GET bfp-ah-min.js
pen.akm.mybluehostin.me/capitalone/assets/ 0
0

GET browserDecom.min.js
pen.akm.mybluehostin.me/capitalone/assets/ 0
0

GET
H2 200 runtime-es2015.4841d630314072471de4.js Show response
pen.akm.mybluehostin.me/capitalone/assets/ 3 KB
2 KB 2161ms
2160ms Script
application/javascript 162.214.80.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://pen.akm.mybluehostin.me/capitalone/assets/runtime-es2015.4841d630314072471de4.js

Requested by

Host: pen.akm.mybluehostin.me
URL: https://pen.akm.mybluehostin.me/capitalone/signin.php?q=citizens+za&source=hp&ei=bgdhZN7LB6ieptQP0aufoAU&iflsig

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.214.80.97 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

sh040.webhostingservices.com

Software

Apache /

Resource Hash

bb54d25466ba32e1e216052a5ff613cd848aeacff91408657ad7dcfbf7e4f39a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pen.akm.mybluehostin.me/capitalone/signin.php?q=citizens+za&source=hp&ei=bgdhZN7LB6ieptQP0aufoAU&iflsig
Origin: https://pen.akm.mybluehostin.me
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 17:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Aug 2023 06:28:34 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1850
x-xss-protection: 1; mode=block

GET
H2 200 polyfills-es2015.1f21046fdc3daaa6c766.js Show response
pen.akm.mybluehostin.me/capitalone/assets/ 94 KB
39 KB 2160ms
2159ms Script
application/javascript 162.214.80.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://pen.akm.mybluehostin.me/capitalone/assets/polyfills-es2015.1f21046fdc3daaa6c766.js

Requested by

Host: pen.akm.mybluehostin.me
URL: https://pen.akm.mybluehostin.me/capitalone/signin.php?q=citizens+za&source=hp&ei=bgdhZN7LB6ieptQP0aufoAU&iflsig

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.214.80.97 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

sh040.webhostingservices.com

Software

Apache /

Resource Hash

3b7a63a71579e82fc95a9c5b4f34c22475463b48f95aebff6101d268e677bdb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pen.akm.mybluehostin.me/capitalone/signin.php?q=citizens+za&source=hp&ei=bgdhZN7LB6ieptQP0aufoAU&iflsig
Origin: https://pen.akm.mybluehostin.me
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 17:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Aug 2023 06:28:34 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 main-es2015.c0fde801fa62411faeec.js
pen.akm.mybluehostin.me/capitalone/assets/ 690 KB
0 2161ms
2159ms Script
application/javascript 162.214.80.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://pen.akm.mybluehostin.me/capitalone/assets/main-es2015.c0fde801fa62411faeec.js

Requested by

Host: pen.akm.mybluehostin.me
URL: https://pen.akm.mybluehostin.me/capitalone/signin.php?q=citizens+za&source=hp&ei=bgdhZN7LB6ieptQP0aufoAU&iflsig

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.214.80.97 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

sh040.webhostingservices.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pen.akm.mybluehostin.me/capitalone/signin.php?q=citizens+za&source=hp&ei=bgdhZN7LB6ieptQP0aufoAU&iflsig
Origin: https://pen.akm.mybluehostin.me
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 17:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Aug 2023 06:28:34 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET styles.d7eeec1c93eef5e61473.css
pen.akm.mybluehostin.me/capitalone/assets/ 0
0

GET
DATA 200
OK truncated
/ 291 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: daff34dbec6780c3e9a246fb30f52cd3c79911d8baba4c69284f4b48512373ff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 96 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2814ae645f0912212718a9e26255a2794a76096ac59f1a45adc32b64e6de7c5d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 twitter-social.svg
ecm.capitalone.com/CI_Common/assets/images/footer/social-icons/ 1 KB
1 KB 112ms
42ms Image
image/svg+xml 184.86.251.9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ecm.capitalone.com/CI_Common/assets/images/footer/social-icons/twitter-social.svg
Requested by: Host: pen.akm.mybluehostin.me
URL: https://pen.akm.mybluehostin.me/capitalone/signin.php?q=citizens+za&source=hp&ei=bgdhZN7LB6ieptQP0aufoAU&iflsig
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.251.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-251-9.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: d1b4860dcce83c4c73736dedeafe3b09403b267d087ef721a35dbffd5e564c68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pen.akm.mybluehostin.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id: WY8VBzDyq7FctDDX8MrQBW0rTz7Flw8l
content-encoding: gzip
access-control-request-method: POST,GET,PUT,DELETE
date: Wed, 06 Sep 2023 17:09:51 GMT
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
content-length: 734
last-modified: Fri, 28 Jun 2019 00:26:05 GMT
server: AmazonS3
etag: W/"c2f1acf6f29c52f793f66b65ba91d49f"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=1557304
access-control-allow-credentials: false
access-control-allow-headers: *
x-amz-cf-id: VZZ6-zlyU-pJn94tjQXymSHFo66DpShBUQK00hFC3VWCvVi0Bd6C4Q==
expires: Sun, 24 Sep 2023 17:44:55 GMT

GET
H2 200 facebook-social.svg
ecm.capitalone.com/CI_Common/assets/images/footer/social-icons/ 431 B
769 B 114ms
46ms Image
image/svg+xml 184.86.251.9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ecm.capitalone.com/CI_Common/assets/images/footer/social-icons/facebook-social.svg
Requested by: Host: pen.akm.mybluehostin.me
URL: https://pen.akm.mybluehostin.me/capitalone/signin.php?q=citizens+za&source=hp&ei=bgdhZN7LB6ieptQP0aufoAU&iflsig
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.251.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-251-9.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b312fb49b19387ededa2729f0c384686ce7c83811b0ea0367ef63767e612da03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pen.akm.mybluehostin.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id: sp5rcJ_CixBIFs_Kbc9AtTIkRc82cd4R
content-encoding: gzip
access-control-request-method: POST,GET,PUT,DELETE
date: Wed, 06 Sep 2023 17:09:51 GMT
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
content-length: 282
last-modified: Fri, 28 Jun 2019 00:26:05 GMT
server: AmazonS3
etag: "e43c5a7e7fb8c3c12579162a4986b1ad"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=682118
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: 0FGbFItbx8DW3GHWgduXYxjSW5Mzk89QtEvQZpIuK4XAQtVJl7hIOw==
expires: Thu, 14 Sep 2023 14:38:29 GMT

GET
H2 200 you-tube-social.svg
ecm.capitalone.com/CI_Common/assets/images/footer/social-icons/ 491 B
783 B 111ms
43ms Image
image/svg+xml 184.86.251.9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ecm.capitalone.com/CI_Common/assets/images/footer/social-icons/you-tube-social.svg
Requested by: Host: pen.akm.mybluehostin.me
URL: https://pen.akm.mybluehostin.me/capitalone/signin.php?q=citizens+za&source=hp&ei=bgdhZN7LB6ieptQP0aufoAU&iflsig
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.251.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-251-9.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: bb29a96bd1b20b9dedd8197ce7f9a29fc742aa6555df924453b5561c6ef3564f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pen.akm.mybluehostin.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id: 5PqSeWnBhEvAtcPgf2XAbVZCtyvnbUxM
content-encoding: gzip
access-control-request-method: POST,GET,PUT,DELETE
date: Wed, 06 Sep 2023 17:09:51 GMT
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
content-length: 295
last-modified: Fri, 28 Jun 2019 00:26:05 GMT
server: AmazonS3
etag: "0a9ec1ae291522dcb84befe6a44c3830"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=677777
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: Lpgx_64L8UlmeVTx0yG-PjAChIVcfWbnlouGycTfefOAiVsfaHCHpA==
expires: Thu, 14 Sep 2023 13:26:08 GMT

GET
H2 200 linkedin-social.svg
ecm.capitalone.com/CI_Common/assets/images/footer/social-icons/ 605 B
840 B 114ms
47ms Image
image/svg+xml 184.86.251.9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ecm.capitalone.com/CI_Common/assets/images/footer/social-icons/linkedin-social.svg
Requested by: Host: pen.akm.mybluehostin.me
URL: https://pen.akm.mybluehostin.me/capitalone/signin.php?q=citizens+za&source=hp&ei=bgdhZN7LB6ieptQP0aufoAU&iflsig
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.251.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-251-9.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: bb0c33cd3e05dfff3f5fe39c013a2afc5ddd457d3b76b0bc7ee231cf5d0f01f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pen.akm.mybluehostin.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id: V4.R2G9M5ytZINKkEHFYF7hbdLSExGPo
content-encoding: gzip
access-control-request-method: POST,GET,PUT,DELETE
date: Wed, 06 Sep 2023 17:09:51 GMT
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
content-length: 349
last-modified: Fri, 28 Jun 2019 00:26:05 GMT
server: AmazonS3
etag: "4135a3d131493d86e0db3c8ad0420602"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=705486
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: mZR5VcWxCPb6-7a9BKxcTTRmA0XTkT9qCn7Qcvs4vwrw_Gn5VlHbQw==
expires: Thu, 14 Sep 2023 21:07:57 GMT

GET
H2 200 instagram-social.svg
ecm.capitalone.com/CI_Common/assets/images/footer/social-icons/ 2 KB
1 KB 112ms
45ms Image
image/svg+xml 184.86.251.9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ecm.capitalone.com/CI_Common/assets/images/footer/social-icons/instagram-social.svg
Requested by: Host: pen.akm.mybluehostin.me
URL: https://pen.akm.mybluehostin.me/capitalone/signin.php?q=citizens+za&source=hp&ei=bgdhZN7LB6ieptQP0aufoAU&iflsig
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.251.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-251-9.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: bb4babc75eb6ef45fd42a6fb5f50b059473aaf36c607bef28a4aedb514e238fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pen.akm.mybluehostin.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id: FUfIizReL1r02BrKB1G0_CUQXIQQ79Tx
content-encoding: gzip
access-control-request-method: POST,GET,PUT,DELETE
date: Wed, 06 Sep 2023 17:09:51 GMT
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
content-length: 768
last-modified: Fri, 28 Jun 2019 00:26:05 GMT
server: AmazonS3
etag: W/"7ff5bca5e93664bc612cc91ae53ac496"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=1820267
access-control-allow-credentials: false
access-control-allow-headers: *
x-amz-cf-id: dB3PQP-4VvYXc2OiPPmaeaX_uS-tyT4sfMBZQwULgWRSYYz3FBGvpA==
expires: Wed, 27 Sep 2023 18:47:38 GMT

GET
H2 200 capital-one-logo.svg
ecm.capitalone.com/CI_Common/assets/images/logos/ 4 KB
2 KB 111ms
44ms Image
image/svg+xml 184.86.251.9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ecm.capitalone.com/CI_Common/assets/images/logos/capital-one-logo.svg
Requested by: Host: pen.akm.mybluehostin.me
URL: https://pen.akm.mybluehostin.me/capitalone/signin.php?q=citizens+za&source=hp&ei=bgdhZN7LB6ieptQP0aufoAU&iflsig
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.251.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-251-9.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 57dfca5b95599a613da940f4a49ab6378fcf0586366a47cae679796930bf0eed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pen.akm.mybluehostin.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id: 8LzbBBEj8zCeatCBoYuv1q1dFFpTcVNl
content-encoding: gzip
access-control-request-method: POST,GET,PUT,DELETE
date: Wed, 06 Sep 2023 17:09:51 GMT
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
content-length: 1737
last-modified: Wed, 20 Jan 2021 18:06:43 GMT
server: AmazonS3
etag: W/"f0b7ad81821effc52540e39cafda48f9"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=1222284
access-control-allow-credentials: false
access-control-allow-headers: *
x-amz-cf-id: 8uyzTCeVQkWbsaKQL1uoyNsg55KDtppM7VDD1Z6n9FI_q1D9yxu5vw==
expires: Wed, 20 Sep 2023 20:41:15 GMT

GET
H2 200 www-ehl.svg
ecm.capitalone.com/CI_Common/assets/images/footer/ 437 B
789 B 112ms
45ms Image
image/svg+xml 184.86.251.9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ecm.capitalone.com/CI_Common/assets/images/footer/www-ehl.svg
Requested by: Host: pen.akm.mybluehostin.me
URL: https://pen.akm.mybluehostin.me/capitalone/signin.php?q=citizens+za&source=hp&ei=bgdhZN7LB6ieptQP0aufoAU&iflsig
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.251.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-251-9.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2d23c63e03fb685ed80f2554da2069dbc431720b6ed4f3f7cce579f52aaa62af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pen.akm.mybluehostin.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id: Cfpp_Ya_3POEKViDatTY.UH0GBjWHzjx
content-encoding: gzip
access-control-request-method: POST,GET,PUT,DELETE
date: Wed, 06 Sep 2023 17:09:51 GMT
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
content-length: 299
last-modified: Fri, 28 Jun 2019 00:26:06 GMT
server: AmazonS3
etag: "30d0ea03dfc7173265c5896affca1ad9"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=1203438
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: qEHtBCgHd1pZLjiS0RexM5jNCPGbGzgty-r45O9FkdyZ3c1SSBQfHQ==
expires: Wed, 20 Sep 2023 15:27:09 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pen.akm.mybluehostin.me
URL: https://pen.akm.mybluehostin.me/capitalone/assets/914a4a6f3a23a11a51feb0d6f6a68751.js

Domain: pen.akm.mybluehostin.me
URL: https://pen.akm.mybluehostin.me/capitalone/assets/c0d84295063dcdfcd1cc1f640130de02.js

Domain: pen.akm.mybluehostin.me
URL: https://pen.akm.mybluehostin.me/capitalone/assets/6.js

Domain: pen.akm.mybluehostin.me
URL: https://pen.akm.mybluehostin.me/capitalone/assets/cc.js

Domain: pen.akm.mybluehostin.me
URL: https://pen.akm.mybluehostin.me/capitalone/assets/capital-one-logo.svg

Domain: pen.akm.mybluehostin.me
URL: https://pen.akm.mybluehostin.me/capitalone/assets/icon-user.svg

Domain: pen.akm.mybluehostin.me
URL: https://pen.akm.mybluehostin.me/capitalone/assets/bfp-ah-min.js

Domain: pen.akm.mybluehostin.me
URL: https://pen.akm.mybluehostin.me/capitalone/assets/browserDecom.min.js

Domain: pen.akm.mybluehostin.me
URL: https://pen.akm.mybluehostin.me/capitalone/assets/styles.d7eeec1c93eef5e61473.css

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: CapitalOne (Financial)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			pen.akm.mybluehostin.me/	1969-12-31 23:59:59	Name: PHPSESSID Value: c2d78c525582a84274785450a372dee6

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://pen.akm.mybluehostin.me/capitalone/signin.php?q=citizens+za&source=hp&ei=bgdhZN7LB6ieptQP0aufoAU&iflsig Message: Refused to execute script from 'https://pen.akm.mybluehostin.me/capitalone/assets/serverComponent.php' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://pen.akm.mybluehostin.me/capitalone/signin.php?q=citizens+za&source=hp&ei=bgdhZN7LB6ieptQP0aufoAU&iflsig Message: Refused to execute script from 'https://pen.akm.mybluehostin.me/capitalone/assets/c344d59e90' because its MIME type ('') is not executable, and strict MIME type checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

capiitalonne.stivsolutions.net
ecm.capitalone.com
pen.akm.mybluehostin.me
pen.akm.mybluehostin.me
162.214.80.97
184.86.251.9
185.119.88.30
0c4f7f58335b6375e7a4500ab43f4057d09ac3017fd5f2f408259fc762b7ab15
0eb9d031560f59a3a6edfc6da6e24af7e183c76ea92beaa258a1762760b55ada
2814ae645f0912212718a9e26255a2794a76096ac59f1a45adc32b64e6de7c5d
2d23c63e03fb685ed80f2554da2069dbc431720b6ed4f3f7cce579f52aaa62af
37072a42526245f257b725698d7e70dfab281bfd00d38f1112dafd36a6e04176
3b7a63a71579e82fc95a9c5b4f34c22475463b48f95aebff6101d268e677bdb6
48b4ed4ba8ee0eaeddfba861e6772c61f818931816102636a888ec0b49bce056
559d96c9ff8af5055471707c21b22ac1a7bca706d199dc9f5659a65c02d7e944
57dfca5b95599a613da940f4a49ab6378fcf0586366a47cae679796930bf0eed
5d628e1ddf6ffedec9504eb52e487f9d8ab421e862e300ecf9196f00c8352d91
6026255cc26e031389358227ccd1b7de6cba842c3978f9144d31cb30032276ef
8fff0506f83587ea1a3bf034d2c68564736cd394ce847ed6eb9c4a3d8c105974
902c5a9d8ad932630fb2021fe1a1a7f4f06513b19e8d073866178ee65ff33fe9
9b98e19f831844b3dae8e1fd65b6802bc778446fbdacac8203e34bbc02eacbcd
b312fb49b19387ededa2729f0c384686ce7c83811b0ea0367ef63767e612da03
bb0c33cd3e05dfff3f5fe39c013a2afc5ddd457d3b76b0bc7ee231cf5d0f01f7
bb29a96bd1b20b9dedd8197ce7f9a29fc742aa6555df924453b5561c6ef3564f
bb4babc75eb6ef45fd42a6fb5f50b059473aaf36c607bef28a4aedb514e238fc
bb54d25466ba32e1e216052a5ff613cd848aeacff91408657ad7dcfbf7e4f39a
ce674d66d3b3716b71e616dd8aa4e7f12f7a605b31c2281d59b192d005cff1ec
cfbbc2e93e4f406033b3515a6e125de8def971a904805a3d9d007cd8b4394d36
d1b4860dcce83c4c73736dedeafe3b09403b267d087ef721a35dbffd5e564c68
daff34dbec6780c3e9a246fb30f52cd3c79911d8baba4c69284f4b48512373ff
dcc9cb669bad21d9d506a9fa4473324f3c92a92eac61f009b01e924065a8bf48
f26e12141906e997408c12ad3b3b2832a13e09847ef9fb18fac722e9838b6c1c
f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d
fb506dd556d29c2b2b968853f96a25fa748753e2d26b1aa5eef0e9464802e4b8

pen.akm.mybluehostin.me Open in urlscan Pro 162.214.80.97 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

35 Requests

74 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

410 kBTransfer

1525 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

pen.akm.mybluehostin.me Open in urlscan Pro
162.214.80.97 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

74 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

410 kB
Transfer

1525 kB
Size

1
Cookies

35 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!