fs-personal-mfe.aws-fs1-qa.capitalonegslbex.com Open in urlscan Pro
18.160.46.76  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response fs-personal-mfe.aws-fs1-qa.capitalonegslbex.com/	2 KB 1 KB	154ms 45ms	Document text/html	18.160.46.76 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fs-personal-mfe.aws-fs1-qa.capitalonegslbex.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.46.76 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-46-76.iad55.r.cloudfront.net Software AmazonS3 / Resource Hash 570270480a7c28a26a13012d1f2538ef806809065cabfd3bba50988953092fd2 Security Headers Name Value Strict-Transport-Security max-age=3153600; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers age 52516 content-encoding gzip content-type text/html date Sun, 14 Jul 2024 03:25:18 GMT etag W/"f57ab0775b59af9c7a7089cd4d4d02d4" last-modified Wed, 10 Jul 2024 19:53:09 GMT referrer-policy strict-origin-when-cross-origin server AmazonS3 strict-transport-security max-age=3153600; includeSubDomains vary Accept-Encoding Origin via 1.1 3d088826d90526f82c740c9ebe467f50.cloudfront.net (CloudFront) x-amz-cf-id _5ok241fvKJxsDce5taR_pcZRJyOSf4Nyg83j_Y_2-UHXdsX7BYtDg== x-amz-cf-pop IAD55-P2 x-amz-server-side-encryption AES256 x-amz-version-id 6pB2ClVsu4M1AiUNCjc_7LTy0hBdshZo x-cache Hit from cloudfront x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 1; mode=block
GET H2	200	personal-mfe.js Show response fs-personal-mfe.aws-fs1-qa.capitalonegslbex.com/	766 KB 173 KB	53ms 52ms	Script text/javascript	18.160.46.76 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fs-personal-mfe.aws-fs1-qa.capitalonegslbex.com/personal-mfe.js Requested by Host: fs-personal-mfe.aws-fs1-qa.capitalonegslbex.com URL: https://fs-personal-mfe.aws-fs1-qa.capitalonegslbex.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.46.76 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-46-76.iad55.r.cloudfront.net Software AmazonS3 / Resource Hash cab80ced7a9315378314bc195a744c216aadfc5ea7d5c1104cf9f9dfc6567520 Security Headers Name Value Strict-Transport-Security max-age=3153600; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://fs-personal-mfe.aws-fs1-qa.capitalonegslbex.com/ Origin https://fs-personal-mfe.aws-fs1-qa.capitalonegslbex.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 13 Jul 2024 19:52:30 GMT x-amz-version-id dIZ9JYQDSr.Kuhcc7_ywnGrL8T9rTW5I content-encoding gzip x-content-type-options nosniff via 1.1 3d088826d90526f82c740c9ebe467f50.cloudfront.net (CloudFront) strict-transport-security max-age=3153600; includeSubDomains x-amz-cf-pop IAD55-P2 age 79684 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Wed, 10 Jul 2024 19:53:09 GMT server AmazonS3 etag W/"89a8db55d14e6ab07cd1b5d8fcd0a5e8" vary Accept-Encoding, Origin x-frame-options SAMEORIGIN content-type text/javascript x-amz-cf-id WJT3pbIhx6y8Jln4Yl3I2wJiVqG8fTYBOXJwp6L8-pdxpxcpyjjTcA==
GET H2	200	keys Show response fs-personal-mfe.aws-fs1-qa.capitalonegslbex.com/developer-platform/key-management/certificates/	2 KB 1 KB	342ms 342ms	Fetch text/html	18.160.46.76 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fs-personal-mfe.aws-fs1-qa.capitalonegslbex.com/developer-platform/key-management/certificates/keys?productId=refi-prequalify-bff-np Requested by Host: fs-personal-mfe.aws-fs1-qa.capitalonegslbex.com URL: https://fs-personal-mfe.aws-fs1-qa.capitalonegslbex.com/personal-mfe.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.46.76 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-46-76.iad55.r.cloudfront.net Software AmazonS3 / Resource Hash 570270480a7c28a26a13012d1f2538ef806809065cabfd3bba50988953092fd2 Security Headers Name Value Strict-Transport-Security max-age=3153600; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept application/json;v=1 Referer https://fs-personal-mfe.aws-fs1-qa.capitalonegslbex.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type application/json;v=1 Response headers date Sun, 14 Jul 2024 03:49:46 GMT x-amz-version-id 6pB2ClVsu4M1AiUNCjc_7LTy0hBdshZo content-encoding br x-content-type-options nosniff via 1.1 3d088826d90526f82c740c9ebe467f50.cloudfront.net (CloudFront) strict-transport-security max-age=3153600; includeSubDomains x-amz-cf-pop IAD55-P2 age 51048 x-amz-server-side-encryption AES256 x-cache Error from cloudfront x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Wed, 10 Jul 2024 19:53:09 GMT server AmazonS3 etag W/"f57ab0775b59af9c7a7089cd4d4d02d4" vary Accept-Encoding, Origin x-frame-options SAMEORIGIN content-type text/html x-amz-cf-id H1oMRBOoozC6-ID8P9iY8oatBJ00aE9FF22-IQYYLUfA6RQv8lwNFQ==
GET DATA	200 OK	truncated /	278 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 29184d4092d9d9e413c6a286fec2f68179943bab05e153f07cfd92ea4c52a503 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	at.js Show response www.capitalone.com/assets/shell/adobe/	101 KB 36 KB	276ms 73ms	Script application/javascript	23.48.203.105 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.capitalone.com/assets/shell/adobe/at.js Requested by Host: fs-personal-mfe.aws-fs1-qa.capitalonegslbex.com URL: https://fs-personal-mfe.aws-fs1-qa.capitalonegslbex.com/personal-mfe.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.48.203.105 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-48-203-105.deploy.static.akamaitechnologies.com Software / Resource Hash 20025e3f29cb337b56771354d5628622919d2c3d49a9fc6b58d40d68ccc6eff3 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://fs-personal-mfe.aws-fs1-qa.capitalonegslbex.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers x-amz-version-id Xl21jA0p9D0hTeU0KJXUq7rYU9P8tSwN content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000 date Sun, 14 Jul 2024 18:00:33 GMT x-amz-cf-pop IAD12-P3 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED content-length 35985 referrer-policy origin-when-cross-origin last-modified Thu, 11 Jul 2024 17:54:18 GMT etag W/"f9cbb4678c20130e710c5dea4eed5595" x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/javascript x-amz-cf-id WSyydm0Lfd3kPCbmkdMJThE35FNvoX_OTbUHf8nPm9AZRFPGetWmyg==
GET H2	200	http.worker-fa807c79.js fs-personal-mfe.aws-fs1-qa.capitalonegslbex.com/	197 B 775 B	85ms 85ms	Other text/javascript	18.160.46.76 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fs-personal-mfe.aws-fs1-qa.capitalonegslbex.com/http.worker-fa807c79.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.46.76 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-46-76.iad55.r.cloudfront.net Software AmazonS3 / Resource Hash 09970ba9ff3f78428d9dcf9332dc393d46a798c8245847b379815aa323dd8ffc Security Headers Name Value Strict-Transport-Security max-age=3153600; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://fs-personal-mfe.aws-fs1-qa.capitalonegslbex.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers x-amz-version-id EJjQRBOl.xDjw1zZitTrxPq20PosZovf date Sun, 14 Jul 2024 18:00:34 GMT via 1.1 3d088826d90526f82c740c9ebe467f50.cloudfront.net (CloudFront) x-content-type-options nosniff strict-transport-security max-age=3153600; includeSubDomains x-amz-cf-pop IAD55-P2 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront content-length 197 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Wed, 10 Jul 2024 19:53:09 GMT server AmazonS3 etag "314dded66738de03eedd1c679f717873" vary Accept-Encoding, Origin x-frame-options SAMEORIGIN content-type text/javascript accept-ranges bytes x-amz-cf-id 2blLUZtta2ZV3lScUfLAwmigkvErBvMaM3PHo_jG_MvDO3ltEglgng==
GET H2	200	favicon.ico fs-personal-mfe.aws-fs1-qa.capitalonegslbex.com/assets/	15 KB 15 KB	98ms 97ms	Other image/vnd.microsoft.icon	18.160.46.76 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fs-personal-mfe.aws-fs1-qa.capitalonegslbex.com/assets/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.46.76 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-46-76.iad55.r.cloudfront.net Software AmazonS3 / Resource Hash 5f2123af80970c0478de7f373c9d861d886e070592ebcd55fa372d8dfc9752ec Security Headers Name Value Strict-Transport-Security max-age=3153600; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://fs-personal-mfe.aws-fs1-qa.capitalonegslbex.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 18:00:34 GMT x-amz-version-id T1E24ZGAOdD1ynkeOmHMKB3l52ecsa37 via 1.1 3d088826d90526f82c740c9ebe467f50.cloudfront.net (CloudFront) x-content-type-options nosniff strict-transport-security max-age=3153600; includeSubDomains x-amz-cf-pop IAD55-P2 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-length 15086 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Wed, 10 Jul 2024 19:53:09 GMT server AmazonS3 etag "d27e1739c7477b10ec6917546ae61f1d" x-frame-options SAMEORIGIN vary Origin content-type image/vnd.microsoft.icon accept-ranges bytes x-amz-cf-id 4sjrkztGwpzBFWx8hTqojeVZ7fkAXMnGM4tFdGXqG8L569mGCj12ng==

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| process object| reactiveElementVersions object| litHtmlVersions object| litElementVersions boolean| stratumdb object| stratum_config_fs-personal-mfe-staticassets function| construct function| targetPageParams function| setImmediate function| clearImmediate object| targetGlobalSettings object| adobe object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.capitalonegslbex.com/	1969-12-31 23:59:59	Name: at_check Value: true
			.capitalonegslbex.com/	1970-01-20 22:03:01	Name: mbox Value: session#58477a2e8b864637a6750832903a59b9#1720981894

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=3153600; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fs-personal-mfe.aws-fs1-qa.capitalonegslbex.com
www.capitalone.com
18.160.46.76
23.48.203.105
09970ba9ff3f78428d9dcf9332dc393d46a798c8245847b379815aa323dd8ffc
20025e3f29cb337b56771354d5628622919d2c3d49a9fc6b58d40d68ccc6eff3
29184d4092d9d9e413c6a286fec2f68179943bab05e153f07cfd92ea4c52a503
570270480a7c28a26a13012d1f2538ef806809065cabfd3bba50988953092fd2
5f2123af80970c0478de7f373c9d861d886e070592ebcd55fa372d8dfc9752ec
cab80ced7a9315378314bc195a744c216aadfc5ea7d5c1104cf9f9dfc6567520