menards.aws-card.capitalonegslbex.com
Open in
urlscan Pro
99.84.156.73
Malicious Activity!
Public Scan
Effective URL: https://menards.aws-card.capitalonegslbex.com/
Submission: On April 15 via manual from US
Summary
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on March 24th 2021. Valid for: a year.
This is the only time menards.aws-card.capitalonegslbex.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: CapitalOne (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 7 | 99.84.156.73 99.84.156.73 | 16509 (AMAZON-02) (AMAZON-02) | |
12 | 23.45.105.36 23.45.105.36 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
3 | 3.124.119.57 3.124.119.57 | 16509 (AMAZON-02) (AMAZON-02) | |
21 | 4 |
ASN16509 (AMAZON-02, US)
PTR: server-99-84-156-73.txl52.r.cloudfront.net
menards.aws-card.capitalonegslbex.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-45-105-36.deploy.static.akamaitechnologies.com
ecm.capitalone.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
tms.capitalone.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
capitalone.com
ecm.capitalone.com tms.capitalone.com |
249 KB |
7 |
capitalonegslbex.com
1 redirects
menards.aws-card.capitalonegslbex.com |
938 KB |
21 | 2 |
Domain | Requested by | |
---|---|---|
12 | ecm.capitalone.com |
menards.aws-card.capitalonegslbex.com
|
7 | menards.aws-card.capitalonegslbex.com |
1 redirects
menards.aws-card.capitalonegslbex.com
|
3 | tms.capitalone.com |
menards.aws-card.capitalonegslbex.com
tms.capitalone.com |
21 | 3 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
partnerships-primer-pages.capitalone.com DigiCert SHA2 Extended Validation Server CA |
2021-03-24 - 2022-03-29 |
a year | crt.sh |
ecm.capitalone.com DigiCert SHA2 Extended Validation Server CA |
2019-08-01 - 2021-08-01 |
2 years | crt.sh |
tms.capitalone.com DigiCert SHA2 Extended Validation Server CA |
2020-10-22 - 2021-10-21 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://menards.aws-card.capitalonegslbex.com/
Frame ID: E35015AF0704951F8B355D133BE37D4F
Requests: 22 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://menards.aws-card.capitalonegslbex.com/
HTTP 301
https://menards.aws-card.capitalonegslbex.com/ Page URL
Detected technologies
Amazon Web Services (PaaS) ExpandDetected patterns
- headers via /\(CloudFront\)$/i
- headers server /^AmazonS3$/i
Amazon Cloudfront (CDN) Expand
Detected patterns
- headers via /\(CloudFront\)$/i
Amazon S3 (Miscellaneous) Expand
Detected patterns
- headers server /^AmazonS3$/i
Page Statistics
35 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Sign In
Search URL Search Domain Scan URL
Title: Set Up My Account
Search URL Search Domain Scan URL
Title: Forgot Username or Password?
Search URL Search Domain Scan URL
Title: Personal Credit Cards
Search URL Search Domain Scan URL
Title: Business Credit Cards
Search URL Search Domain Scan URL
Title: Personal Banking
Search URL Search Domain Scan URL
Title: Small Business Banking
Search URL Search Domain Scan URL
Title: Commercial Banking
Search URL Search Domain Scan URL
Title: Auto Loans
Search URL Search Domain Scan URL
Title: Canada
Search URL Search Domain Scan URL
Title: UK
Search URL Search Domain Scan URL
Title: About Capital One
Search URL Search Domain Scan URL
Title: Investors
Search URL Search Domain Scan URL
Title: Press
Search URL Search Domain Scan URL
Title: Investing for Good
Search URL Search Domain Scan URL
Title: Financial Education
Search URL Search Domain Scan URL
Title: Diversity & Inclusion
Search URL Search Domain Scan URL
Title: Search Jobs
Search URL Search Domain Scan URL
Title: Servicemembers Civil Relief Act
Search URL Search Domain Scan URL
Title: Patriot Act Cert
Search URL Search Domain Scan URL
Title: Subpoena Policy
Search URL Search Domain Scan URL
Title: Additional Disclosures
Search URL Search Domain Scan URL
Title: Contact Us
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Security
Search URL Search Domain Scan URL
Title: Terms & Conditions
Search URL Search Domain Scan URL
Title: Accessibility
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://menards.aws-card.capitalonegslbex.com/
HTTP 301
https://menards.aws-card.capitalonegslbex.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
menards.aws-card.capitalonegslbex.com/ Redirect Chain
|
763 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.dac20590287a8fab954e.css
menards.aws-card.capitalonegslbex.com/ |
88 KB 89 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime.80ab492fe3d778817936.js
menards.aws-card.capitalonegslbex.com/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfills.28ff8ff11bf30e648258.js
menards.aws-card.capitalonegslbex.com/ |
97 KB 98 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scripts.4bb4a22f1285f1fb2d9c.js
menards.aws-card.capitalonegslbex.com/ |
31 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.ca21904d4ab58f832866.js
menards.aws-card.capitalonegslbex.com/ |
715 KB 716 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
primer_config.json
ecm.capitalone.com/EASE/Partnership/Primer/configs/ |
419 B 818 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Bootstrap.js
tms.capitalone.com/capitalone/dev/ |
88 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
capital-one-logo.svg
ecm.capitalone.com/CI_Common/assets/images/logos/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
96 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
www-fdic.svg
ecm.capitalone.com/CI_Common/assets/images/footer/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
www-ehl.svg
ecm.capitalone.com/CI_Common/assets/images/footer/ |
437 B 758 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Optimist_W_Lt.woff2
ecm.capitalone.com/CI_Common/assets/fonts/ |
27 KB 28 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
serverComponent.php
tms.capitalone.com/capitalone/dev/ |
279 B 376 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0d069977d88c211203584e4bad8da422.js
tms.capitalone.com/capitalone/dev/code/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ci_header_footer_en_us.json
ecm.capitalone.com/CI_Common/content/ |
5 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
primer_content_en_us.json
ecm.capitalone.com/EASE/Partnership/Primer/configs/ |
16 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
menards_primer_cardart.png
ecm.capitalone.com/EASE/Partnership/Primer/images/ |
9 KB 10 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
menards_primer_logo.png
ecm.capitalone.com/EASE/Partnership/Primer/images/ |
105 KB 106 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
menards_primer_background.png
ecm.capitalone.com/EASE/Partnership/Primer/images/ |
8 KB 9 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Optimist_W_SBd.woff2
ecm.capitalone.com/CI_Common/assets/fonts/ |
28 KB 28 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Optimist_W_Rg.woff2
ecm.capitalone.com/CI_Common/assets/fonts/ |
28 KB 28 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: CapitalOne (Financial)207 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| webpackJsonp object| __core-js_shared__ object| core function| Zone function| __zone_symbol__Promise function| __zone_symbol__ZoneAwarePromise function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononmessageerrorpatched undefined| usabillaUsername function| setUsabillaUsername function| getUsabillaUsername function| loadUsabillaJS object| Cof_sic function| InstalledFontDetector function| fnBrowserDevicePrintVersion function| fnZeroPad function| fnBrowserCurrentTimeStamp function| fnBrowserUserAgent function| fnBrowserTimeZone function| fnBrowserScreen function| fnBrowserFontSmoothingEnabled function| fnBrowserLanguage function| fnBrowserFonts function| fnBrowserFontsOld function| fnBrowserPlugins function| fnBrowserPluginsOld function| fnBrowserCookieEnabled function| fnBrowserJavaEnabled function| fnBrowserTouchEnabled function| fnBrowserSilverLightDetails function| fnBrowserFlashDetails function| fnBrowserCanvasHash function| fnBrowserTrueAgent function| fnBrowserConnectionInfo function| fnBrowserLatency function| fnBrowserInfo function| fnBrowserSystemInfo function| fnBrowserFormFields object| B64 function| fnB64Enc function| fnStripExtension function| fnIsBlank function| fnGetArrIndexValue function| fnB64Dec function| webProperties_on_sic function| clearCookiesOnSignInPageLoad_on_sic function| createC1CCIDCookie_on_sic function| collectDFPAH function| fnGetTime function| fnCSM function| mathEval function| fnTCN object| Sha256 object| ng object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse object| __zone_symbol__resizefalse object| __zone_symbol__orientationchangefalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers object| ensBootstraps object| __zone_symbol__loadfalse object| Bootstrapper object| GlobalSnowplowNamespace function| sp object| publisherFW object| __zone_symbol__beforeunloadfalse object| __zone_symbol__unloadfalse string| k object| __zone_symbol__focusfalse function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ecm.capitalone.com
menards.aws-card.capitalonegslbex.com
tms.capitalone.com
23.45.105.36
3.124.119.57
99.84.156.73
017d9cf1015d4388c0069e8f2e147d998616605a8fdbb461cd964ff5cda545e3
08dd24494c09f7bd07baf8424c322826de87cb130acac5e66a7de4e44ac1cea5
18bd01f07ff9e6b0483e8eafd85b4a0f080e5816169afb7e3a86877b1db1dd86
18fe4ac308766f396bdc05e118261df32902009135789d7091dc4ea000e18771
2814ae645f0912212718a9e26255a2794a76096ac59f1a45adc32b64e6de7c5d
2d23c63e03fb685ed80f2554da2069dbc431720b6ed4f3f7cce579f52aaa62af
301e4f999a3252c012b7cbc8316a03d6fd3712b7d97db3140f2b66343077c1d1
39c85beaa08ecd102e44c3e248587ff1d9350f93926496ed06878417793e122f
459536b2c2509a7091e3e2b3494bd8c3e09833e3f9f09c7e6bb7baddb7d23ae1
48b4ed4ba8ee0eaeddfba861e6772c61f818931816102636a888ec0b49bce056
5322d8831db6a02b66bb4bf05cb8bd432bd84c08156fe0331a6c7c55f8152e1f
53ec4f3ca52d1caddc0e79967004c59269dd3fceb1de552eb0fae1c76e12c89b
57dfca5b95599a613da940f4a49ab6378fcf0586366a47cae679796930bf0eed
750b884b64ece841fca9b78f6c86ccea133a3aa28959b88cb2323372060ba004
76a332d74d1be27f6d0b2b14595e5847b1940ead7a24c816cf6e15c14895134c
902c5a9d8ad932630fb2021fe1a1a7f4f06513b19e8d073866178ee65ff33fe9
9b98e19f831844b3dae8e1fd65b6802bc778446fbdacac8203e34bbc02eacbcd
b9269e3cb0bbff786ee8782acc6f6a90877b4d027b58b320ac3d9878161f4be1
cdefef72bebdcde8ee1a31844ecd97620178c65eda5ffbd92eb4a4bd6f121ab7
df4aa5f6454434deb5b91a23022cf395175131f78aef36ae8868f19471d28d88
eb3d5f2600910179bef8b0709214b7c721ea66e92ebb35bc282264beb2631eaf
fc2e9d2392e31aacc14df1b8cd3812e7b9e501ae32c65b6d88ea19352d460b81