urlscan.io logo urlscan.io
SecurityTrails logo

ecm.capitalone.com Open in urlscan Pro
23.45.105.44  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click-notification.capitalone.com/f/a/HV5wNzXWdh2uByHt7ZLSzQ~~/AAAAAQA~/RgRgr-H-P0RGaHR0cHM6Ly9lY20uY2FwaXRhbG9uZS5jb20vTWVzc2FnaW...
Effective URL: https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
Submission: On May 26 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 5 countries across 3 domains to perform 17 HTTP transactions. The main IP is 23.45.105.44, located in Netherlands and belongs to AKAMAI-ASN1, EU. The main domain is ecm.capitalone.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on August 1st 2019. Valid for: 2 years.
This is the only time ecm.capitalone.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.187.21.230 16509 (AMAZON-02)
7 23.45.105.44 20940 (AKAMAI-ASN1)
3 23.45.109.22 20940 (AKAMAI-ASN1)
1 18.197.253.20 16509 (AMAZON-02)
3 3.124.119.57 16509 (AMAZON-02)
1 2 34.250.224.170 16509 (AMAZON-02)
1 3.226.78.161 14618 (AMAZON-AES)
1 15.188.105.205 16509 (AMAZON-02)
17 7
1    54.187.21.230 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-187-21-230.us-west-2.compute.amazonaws.com
click-notification.capitalone.com
7    23.45.105.44 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-45-105-44.deploy.static.akamaitechnologies.com
ecm.capitalone.com
3    23.45.109.22 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-45-109-22.deploy.static.akamaitechnologies.com
www.capitalone.com
1    18.197.253.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
nexus.ensighten.com
3    3.124.119.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
tms.capitalone.com
2    34.250.224.170 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-224-170.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    3.226.78.161 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-78-161.compute-1.amazonaws.com
potomac-clickstream.capitalone.com
1    15.188.105.205 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-105-205.eu-west-3.compute.amazonaws.com
smetrics.capitalone.com
Domain Requested by
7 ecm.capitalone.com ecm.capitalone.com
3 tms.capitalone.com nexus.ensighten.com
3 www.capitalone.com ecm.capitalone.com
2 dpm.demdex.net 1 redirects
1 smetrics.capitalone.com tms.capitalone.com
1 potomac-clickstream.capitalone.com tms.capitalone.com
1 nexus.ensighten.com ecm.capitalone.com
1 click-notification.capitalone.com 1 redirects
17 8

This site contains no links.

Subject Issuer Validity Valid
ecm.capitalone.com
DigiCert SHA2 Extended Validation Server CA		 2019-08-01 -
2021-08-01		 2 years crt.sh
www.capitalone.com
DigiCert SHA2 Extended Validation Server CA		 2019-04-15 -
2021-04-14		 2 years crt.sh
nexus.ensighten.com
DigiCert SHA2 Secure Server CA		 2019-10-03 -
2020-10-02		 a year crt.sh
tms.capitalone.com
DigiCert SHA2 Extended Validation Server CA		 2018-11-06 -
2020-11-05		 2 years crt.sh
*.demdex.net
DigiCert SHA2 High Assurance Server CA		 2018-01-09 -
2021-02-12		 3 years crt.sh
potomac-clickstream.capitalone.com
DigiCert SHA2 Extended Validation Server CA		 2020-04-23 -
2022-04-23		 2 years crt.sh
smetrics.capitalone.com
DigiCert SHA2 High Assurance Server CA		 2019-12-02 -
2021-03-04		 a year crt.sh

This page contains 1 frames:

Primary Page: https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
Frame ID: 8423FCD422A86D4F20E3AF6971A7D6E6
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://click-notification.capitalone.com/f/a/HV5wNzXWdh2uByHt7ZLSzQ~~/AAAAAQA~/RgRgr-H-P0RGaHR0cHM6Ly9lY20uY2FwaXRhbG... HTTP 302
    https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^AmazonS3$/i
Overall confidence: 100%
Detected patterns
  • headers server /^AmazonS3$/i

Page Statistics

17
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

8
Subdomains

7
IPs

5
Countries

247 kB
Transfer

606 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click-notification.capitalone.com/f/a/HV5wNzXWdh2uByHt7ZLSzQ~~/AAAAAQA~/RgRgr-H-P0RGaHR0cHM6Ly9lY20uY2FwaXRhbG9uZS5jb20vTWVzc2FnaW5nL3BhZ2VzL0NBL2VuLXRoYW5reW91LWNvbmZpcm0uaHRtbFcGY2Fwb25lQgoALP5czV6KJuz5Uhdqb2UuZmFycmVsbEBhcmNvbmljLmNvbVgEAAAAAA~~ HTTP 302
    https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://dpm.demdex.net/id?d_visid_ver=1.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=317906C354252E890A4C98BC%40AdobeOrg&d_nsid=0&ts=1590522906769 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=1.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=317906C354252E890A4C98BC%40AdobeOrg&d_nsid=0&ts=1590522906769

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request en-thankyou-confirm.html
ecm.capitalone.com/Messaging/pages/CA/
Redirect Chain
  • https://click-notification.capitalone.com/f/a/HV5wNzXWdh2uByHt7ZLSzQ~~/AAAAAQA~/RgRgr-H-P0RGaHR0cHM6Ly9lY20uY2FwaXRhbG9uZS5jb20vTWVzc2FnaW5nL3BhZ2VzL0NBL2VuLXRoYW5reW91LWNvbmZpcm0uaHRtbFcGY2Fwb25lQ...
  • https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.105.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-45-105-44.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
dfa0d93332b364547d187395572c4f42abd666fd6bd32c54ff748eb2e670fa39

Request headers

:method
GET
:authority
ecm.capitalone.com
:scheme
https
:path
/Messaging/pages/CA/en-thankyou-confirm.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
content-type
text/html
last-modified
Thu, 19 Sep 2019 13:45:04 GMT
x-amz-server-side-encryption
AES256
x-amz-version-id
yQrjlLl8IjZ7_iltU4RZ3yke34pAMqBQ
server
AmazonS3
content-encoding
gzip
vary
Accept-Encoding
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
GMtLO5MSggHtw1TKwhv5IkKVUyFq8CppYZeYmVQnN9C0ocineMHueQ==
content-length
1199
date
Tue, 26 May 2020 19:55:05 GMT
access-control-max-age
86400
access-control-allow-credentials
false
access-control-allow-headers
*
access-control-allow-methods
GET,POST
access-control-allow-origin
*

Redirect headers

status
302
date
Tue, 26 May 2020 19:55:05 GMT
content-type
text/plain
location
https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
x-robots-tag
noindex
server
msys-http
ods-core.0.8.2.min.css
www.capitalone.com/assets/enterprise/css/ods-core/ 		145 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.capitalone.com/assets/enterprise/css/ods-core/ods-core.0.8.2.min.css
Requested by
Host: ecm.capitalone.com
URL: https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.109.22 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-45-109-22.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e3c05e99d2578bde07cd43cdba5603d4fb60fcd7f8ce84023dda9a2a972c2825
Security Headers
Name Value
Strict-Transport-Security max-age=15560000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
uJovwV0BYqA1LaKrfmWBnRmVG3mjT_jb
content-encoding
gzip
vary
Accept-Encoding
last-modified
Fri, 06 Mar 2020 03:21:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA53
x-amz-server-side-encryption
AES256
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
date
Tue, 26 May 2020 19:55:06 GMT
x-amz-replication-status
REPLICA
strict-transport-security
max-age=15560000
content-length
17949
x-amz-cf-id
ucHdOsmTlHOgogJu0pFo3e1pVHIOTDMgkLkTStBwgyKRNKr8xZSznQ==
styles.css
ecm.capitalone.com/Messaging/assets/css/pages/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ecm.capitalone.com/Messaging/assets/css/pages/styles.css
Requested by
Host: ecm.capitalone.com
URL: https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.105.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-45-105-44.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ba291c9e1df22a89a942f7dab78487b73ac6354a1c78becfc7ecb623b378720d

Request headers

Referer
https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
8iDJGMG5a4kkPm9tVGHU4m81VFX88_f2
content-encoding
gzip
vary
Accept-Encoding
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
status
200
content-length
822
last-modified
Thu, 14 Nov 2019 15:43:56 GMT
server
AmazonS3
date
Tue, 26 May 2020 19:55:06 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
text/css
access-control-allow-origin
*
access-control-allow-credentials
false
access-control-allow-headers
*
x-amz-cf-id
z_esUd-naaeCxWDsyfF_6EZKvEMC_hrE3eT7bPUp7nLvylUBq44I0A==
jquery.js
ecm.capitalone.com/Messaging/assets/js/pages/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecm.capitalone.com/Messaging/assets/js/pages/jquery.js
Requested by
Host: ecm.capitalone.com
URL: https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.105.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-45-105-44.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855

Request headers

Referer
https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
xCG65QHqPLrL0jAV_wBKdbJoI1Dysm9X
content-encoding
gzip
vary
Accept-Encoding
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
status
200
content-length
30275
last-modified
Fri, 28 Jun 2019 01:21:36 GMT
server
AmazonS3
date
Tue, 26 May 2020 19:55:06 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-credentials
false
access-control-allow-headers
*
x-amz-cf-id
cWxkxX0UDSqJpML_hxfu7ZZfDUDSfiX2R2DQ-A-LHtZpO8DBj_yDQQ==
Bootstrap.js
nexus.ensighten.com/capitalone/ 		83 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/capitalone/Bootstrap.js
Requested by
Host: ecm.capitalone.com
URL: https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cefae93721c6c4638a7a17f9272358c7d906b4455ec52899764d354ef2533587

Request headers

Referer
https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 19:55:06 GMT
content-encoding
gzip
last-modified
Tue, 26 May 2020 18:10:37 GMT
server
nginx
etag
W/"5ecd5b9d-14a78"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=300
blue_check_mark.png
ecm.capitalone.com/Messaging/assets/images/42000/800/42849/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecm.capitalone.com/Messaging/assets/images/42000/800/42849/blue_check_mark.png
Requested by
Host: ecm.capitalone.com
URL: https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.105.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-45-105-44.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
29332b6e7267bd8d9af48dcbc9bba23cd10e71d0d01c61be61e3681cdc30ae3b

Request headers

Referer
https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 19:55:06 GMT
last-modified
Thu, 14 May 2020 22:10:49 GMT
server
Akamai Image Manager
status
200
etag
"82403680fe0a66a5af8116499a4e7311"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
no-transform, max-age=690
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
36752
expires
Tue, 26 May 2020 20:06:36 GMT
includes.js
ecm.capitalone.com/Messaging/assets/js/pages/ 		12 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecm.capitalone.com/Messaging/assets/js/pages/includes.js
Requested by
Host: ecm.capitalone.com
URL: https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.105.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-45-105-44.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
bed9e7d0cb9d2dec167671ab138891f370e2ae6fb72f277873a569e7b75164a4

Request headers

Referer
https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
uzwaTJ5qbPoGW.o6nkBhmUDrRMJ04zeG
content-encoding
gzip
vary
Accept-Encoding
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
status
200
content-length
1992
last-modified
Wed, 18 Mar 2020 18:21:03 GMT
server
AmazonS3
date
Tue, 26 May 2020 19:55:06 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-credentials
false
access-control-allow-headers
*
x-amz-cf-id
fm_zj3xXlP2CWRoKWfDJywvnXYW6hmHvRzer5x9T9qDbIsq3mBvzZw==
Optimist_W_Lt.woff2
www.capitalone.com/assets/enterprise/fonts/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.capitalone.com/assets/enterprise/fonts/Optimist_W_Lt.woff2
Requested by
Host: ecm.capitalone.com
URL: https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.109.22 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-45-109-22.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
902c5a9d8ad932630fb2021fe1a1a7f4f06513b19e8d073866178ee65ff33fe9
Security Headers
Name Value
Strict-Transport-Security max-age=15560000
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.capitalone.com/assets/enterprise/css/ods-core/ods-core.0.8.2.min.css
Origin
https://ecm.capitalone.com

Response headers

x-amz-version-id
rYmOtYrbvt9ICgKXcMXVAYj7Y7XuDLlD
etag
"cb37fa55f3dfdd26d61901032a53644f"
x-amz-cf-pop
FRA54
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
REPLICA
strict-transport-security
max-age=15560000
content-length
27852
last-modified
Fri, 06 Mar 2020 03:21:16 GMT
server
AmazonS3
date
Tue, 26 May 2020 19:55:06 GMT
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,OPTIONS
content-type
binary/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
t9qwTrIHmeFgFoV1cblsOcExD1je4QCWM4b0HtyH7H0gKTVTvLc3Jw==
Optimist_W_Rg.woff2
www.capitalone.com/assets/enterprise/fonts/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.capitalone.com/assets/enterprise/fonts/Optimist_W_Rg.woff2
Requested by
Host: ecm.capitalone.com
URL: https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.109.22 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-45-109-22.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
9b98e19f831844b3dae8e1fd65b6802bc778446fbdacac8203e34bbc02eacbcd
Security Headers
Name Value
Strict-Transport-Security max-age=15560000
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.capitalone.com/assets/enterprise/css/ods-core/ods-core.0.8.2.min.css
Origin
https://ecm.capitalone.com

Response headers

x-amz-version-id
mOMER8t2ZgCGu0bM4bmwB2pUBL0ihOvA
etag
"f4e1fbca28c954a486a90828b2ee7543"
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
REPLICA
strict-transport-security
max-age=15560000
content-length
28388
last-modified
Fri, 06 Mar 2020 03:21:16 GMT
server
AmazonS3
date
Tue, 26 May 2020 19:55:06 GMT
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,OPTIONS
content-type
binary/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
4KxMtn7F3rnnkgRppZdEV-yJqOCL4Kbo9AOLsrp7bM-WK-Ui59YrMw==
serverComponent.php
tms.capitalone.com/capitalone/prod/ 		389 B
414 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tms.capitalone.com/capitalone/prod/serverComponent.php?r=81.95540541614474&ClientID=581&PageID=https%3A%2F%2Fecm.capitalone.com%2FMessaging%2Fpages%2FCA%2Fen-thankyou-confirm.html%3Fwebview%3Dundefined
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/capitalone/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
bb39a323f91b89ed66abbbe406c30f177d5de0be85ef8a29d8dfe10baea94691

Request headers

Referer
https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 19:55:06 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
no-cache, no-store
expires
Tue, 26 May 2020 19:55:05 GMT
58029603afc6f0c3bb8cc28d623ad332.js
tms.capitalone.com/capitalone/prod/code/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tms.capitalone.com/capitalone/prod/code/58029603afc6f0c3bb8cc28d623ad332.js?conditionId0=421879
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/capitalone/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e11dc325e3aa207a204db14b6744a996a103db25843c3d9e930ef34bc2babd26

Request headers

Referer
https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 19:55:06 GMT
content-encoding
gzip
last-modified
Wed, 20 May 2020 18:18:48 GMT
server
nginx
etag
W/"5ec57488-2212"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=315360000
594a0500e3b0ae342dc9643372de918c.js
tms.capitalone.com/capitalone/prod/code/ 		161 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tms.capitalone.com/capitalone/prod/code/594a0500e3b0ae342dc9643372de918c.js?conditionId0=1172917
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/capitalone/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
acd7c6892cf737a5a4526ffdcc34d6ac2bc269b981fc1dc292daf70d123bed4f

Request headers

Referer
https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 19:55:06 GMT
content-encoding
gzip
last-modified
Wed, 20 May 2020 18:18:48 GMT
server
nginx
etag
W/"5ec57488-28545"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=315360000
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=1.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=317906C354252E890A4C98BC%40AdobeOrg&d_nsid=0&ts=1590522906769
  • https://dpm.demdex.net/id/rd?d_visid_ver=1.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=317906C354252E890A4C98BC%40AdobeOrg&d_nsid=0&ts=1590522906769
227 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=1.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=317906C354252E890A4C98BC%40AdobeOrg&d_nsid=0&ts=1590522906769
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.224.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-224-170.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
66477ec1269d0bbdc1859971731b5c3b33b4dc103423631481ffa427f773e073
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v069-0171f3f38.edge-irl1.demdex.com 5.71.1.20200513095924 3ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
o/nDvS2KR6Y=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://ecm.capitalone.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
227
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Origin
https://ecm.capitalone.com
X-TID
8KEupOqLSsc=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=1.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=317906C354252E890A4C98BC%40AdobeOrg&d_nsid=0&ts=1590522906769
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tp2
potomac-clickstream.capitalone.com/com.snowplowanalytics.snowplow/ 		2 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://potomac-clickstream.capitalone.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: tms.capitalone.com
URL: https://tms.capitalone.com/capitalone/prod/code/594a0500e3b0ae342dc9643372de918c.js?conditionId0=1172917
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.78.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-78-161.compute-1.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://ecm.capitalone.com
Date
Tue, 26 May 2020 19:55:07 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/plain; charset=UTF-8
Content-Length
2
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
logo_core_can_2x.png
ecm.capitalone.com/Messaging/assets/images/pages/global/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecm.capitalone.com/Messaging/assets/images/pages/global/logo_core_can_2x.png
Requested by
Host: ecm.capitalone.com
URL: https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.105.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-45-105-44.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
dea6d45c3362791edb38c05ac1cbe097cba6a212986f2f988497532a100dc026

Request headers

Referer
https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 19:55:06 GMT
last-modified
Tue, 26 May 2020 07:37:47 GMT
server
Akamai Image Manager
status
200
etag
"7410bbfbdba411cbfb4d18c5602229b2"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
no-transform, max-age=813
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
8350
expires
Tue, 26 May 2020 20:08:39 GMT
logo_core-footer_2x.png
ecm.capitalone.com/Messaging/assets/images/pages/global/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecm.capitalone.com/Messaging/assets/images/pages/global/logo_core-footer_2x.png
Requested by
Host: ecm.capitalone.com
URL: https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.105.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-45-105-44.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
ef0a4339c1d4dfc8a44f5b32342806ba95028b756495c1fed26ce31395b7f6ac

Request headers

Referer
https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 19:55:06 GMT
last-modified
Tue, 28 Apr 2020 22:05:23 GMT
server
Akamai Image Manager
status
200
etag
"770b591f7b3b428e644ca31cfda6f33d"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
no-transform, max-age=512
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
5824
expires
Tue, 26 May 2020 20:03:38 GMT
id
smetrics.capitalone.com/ 		48 B
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://smetrics.capitalone.com/id?d_visid_ver=1.6.0&d_fieldgroup=A&mcorgid=317906C354252E890A4C98BC%40AdobeOrg&mid=60304490539817099633655418776761536074&ts=1590522906940
Requested by
Host: tms.capitalone.com
URL: https://tms.capitalone.com/capitalone/prod/code/594a0500e3b0ae342dc9643372de918c.js?conditionId0=1172917
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.105.205 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-105-205.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
1507dd9de7b5150b05cf19b7214bbf526d018969bba7cd28639dc8f480a0e25f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ecm.capitalone.com/Messaging/pages/CA/en-thankyou-confirm.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

status
200
date
Tue, 26 May 2020 19:55:07 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-65fb49f79-pm62p
vary
Origin
x-c
master-1221.I0e927e.M0-376
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://ecm.capitalone.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-type
application/x-javascript;charset=utf-8
content-length
48
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

click-notification.capitalone.com
dpm.demdex.net
ecm.capitalone.com
nexus.ensighten.com
potomac-clickstream.capitalone.com
smetrics.capitalone.com
tms.capitalone.com
www.capitalone.com
15.188.105.205
18.197.253.20
23.45.105.44
23.45.109.22
3.124.119.57
3.226.78.161
34.250.224.170
54.187.21.230
1507dd9de7b5150b05cf19b7214bbf526d018969bba7cd28639dc8f480a0e25f
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
29332b6e7267bd8d9af48dcbc9bba23cd10e71d0d01c61be61e3681cdc30ae3b
66477ec1269d0bbdc1859971731b5c3b33b4dc103423631481ffa427f773e073
902c5a9d8ad932630fb2021fe1a1a7f4f06513b19e8d073866178ee65ff33fe9
9b98e19f831844b3dae8e1fd65b6802bc778446fbdacac8203e34bbc02eacbcd
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
acd7c6892cf737a5a4526ffdcc34d6ac2bc269b981fc1dc292daf70d123bed4f
ba291c9e1df22a89a942f7dab78487b73ac6354a1c78becfc7ecb623b378720d
bb39a323f91b89ed66abbbe406c30f177d5de0be85ef8a29d8dfe10baea94691
bed9e7d0cb9d2dec167671ab138891f370e2ae6fb72f277873a569e7b75164a4
cefae93721c6c4638a7a17f9272358c7d906b4455ec52899764d354ef2533587
dea6d45c3362791edb38c05ac1cbe097cba6a212986f2f988497532a100dc026
dfa0d93332b364547d187395572c4f42abd666fd6bd32c54ff748eb2e670fa39
e11dc325e3aa207a204db14b6744a996a103db25843c3d9e930ef34bc2babd26
e3c05e99d2578bde07cd43cdba5603d4fb60fcd7f8ce84023dda9a2a972c2825
ef0a4339c1d4dfc8a44f5b32342806ba95028b756495c1fed26ce31395b7f6ac