urlscan.io logo urlscan.io
SecurityTrails logo

hudsonsbay.capitalone.com Open in urlscan Pro
184.24.18.214  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://hudsonsbay.capitalone.com/
Effective URL: https://hudsonsbay.capitalone.com/
Submission: On January 18 via manual from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 2 domains to perform 32 HTTP transactions. The main IP is 184.24.18.214, located in United States and belongs to AKAMAI-AS, US. The main domain is hudsonsbay.capitalone.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on January 29th 2020. Valid for: a year.
This is the only time hudsonsbay.capitalone.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 25 184.24.18.214 16625 (AKAMAI-AS)
1 18.197.253.20 16509 (AMAZON-02)
6 3.124.119.57 16509 (AMAZON-02)
1 13.224.194.121 16509 (AMAZON-02)
32 4
25    184.24.18.214 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-18-214.deploy.static.akamaitechnologies.com
hudsonsbay.capitalone.com
1    18.197.253.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
nexus.ensighten.com
6    3.124.119.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
tms.capitalone.com
1    13.224.194.121 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-121.fra2.r.cloudfront.net
bfp.capitalone.com
Domain Requested by
25 hudsonsbay.capitalone.com 1 redirects hudsonsbay.capitalone.com
6 tms.capitalone.com nexus.ensighten.com
1 bfp.capitalone.com hudsonsbay.capitalone.com
1 nexus.ensighten.com hudsonsbay.capitalone.com
32 4

This site contains links to these domains. Also see Links.

Domain
www.capitalone.ca
www.thebay.com
Subject Issuer Validity Valid
pcos-prod.capitalone.com
DigiCert SHA2 Extended Validation Server CA		 2020-01-29 -
2021-02-05		 a year crt.sh
nexus.ensighten.com
DigiCert SHA2 Secure Server CA		 2020-09-09 -
2021-10-11		 a year crt.sh
tms.capitalone.com
DigiCert SHA2 Extended Validation Server CA		 2020-10-22 -
2021-10-21		 a year crt.sh
bfp.capitalone.com
DigiCert SHA2 Extended Validation Server CA		 2020-04-29 -
2022-04-29		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://hudsonsbay.capitalone.com/
Frame ID: 137923A6156684A1A30C676AB7E38090
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://hudsonsbay.capitalone.com/ HTTP 301
    https://hudsonsbay.capitalone.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/nexus\.ensighten\.com\//i

Page Statistics

32
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

4
Subdomains

4
IPs

2
Countries

875 kB
Transfer

3018 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://hudsonsbay.capitalone.com/ HTTP 301
    https://hudsonsbay.capitalone.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
hudsonsbay.capitalone.com/
Redirect Chain
  • http://hudsonsbay.capitalone.com/
  • https://hudsonsbay.capitalone.com/
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hudsonsbay.capitalone.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.18.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-18-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a814733f8bda3386956cac14e52123cee8d31fc0b3d09e64a9d282db85b64c77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
hudsonsbay.capitalone.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type
text/html
x-frame-options
DENY
x-xss-protection
1; mode=block
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 02 Oct 2020 15:03:11 GMT
etag
"a15-5b0b16e5f69c0"
accept-ranges
bytes
cache-control
no-cache, no-store, must-revalidate
expires
0
pragma
no-cache
vary
Accept-Encoding
content-encoding
gzip
date
Mon, 18 Jan 2021 14:31:03 GMT
content-length
1243

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://hudsonsbay.capitalone.com/
Date
Mon, 18 Jan 2021 14:31:02 GMT
Connection
keep-alive
core.min.css
hudsonsbay.capitalone.com/styles/ 		265 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hudsonsbay.capitalone.com/styles/core.min.css?1601650904506
Requested by
Host: hudsonsbay.capitalone.com
URL: https://hudsonsbay.capitalone.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.18.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-18-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2b0124594b071e49d6b34fe6e630a2a7c36aceaeb9aebc81d8c7db12549e18bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hudsonsbay.capitalone.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 17 Dec 2020 19:44:05 GMT
etag
"4246a-5b6ae36ec03eb"
x-frame-options
DENY
content-type
text/css
cache-control
max-age=21600
date
Mon, 18 Jan 2021 14:31:03 GMT
accept-ranges
bytes
vary
Accept-Encoding
x-xss-protection
1; mode=block
expires
0
dependencies.min.js
hudsonsbay.capitalone.com/scripts/ 		393 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hudsonsbay.capitalone.com/scripts/dependencies.min.js?1601650904506
Requested by
Host: hudsonsbay.capitalone.com
URL: https://hudsonsbay.capitalone.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.18.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-18-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a5de42d96136ab304ebe6013ba8362ccd28c0a3f69ee86cb8423e4fc09b0c967
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hudsonsbay.capitalone.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 02 Oct 2020 15:02:52 GMT
etag
"62578-5b0b16d3d7f00"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=21600
date
Mon, 18 Jan 2021 14:31:03 GMT
accept-ranges
bytes
vary
Accept-Encoding
x-xss-protection
1; mode=block
expires
0
app.min.js
hudsonsbay.capitalone.com/scripts/ 		2 MB
447 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hudsonsbay.capitalone.com/scripts/app.min.js?1601650904506
Requested by
Host: hudsonsbay.capitalone.com
URL: https://hudsonsbay.capitalone.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.18.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-18-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a07f0c670ad4bb7e6fa96cf499a442d4bcd3f5feec45339b2dc82812f73b654f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hudsonsbay.capitalone.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 17 Dec 2020 19:43:58 GMT
etag
"1fc2a7-5b6ae3684ec2d"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=21600
date
Mon, 18 Jan 2021 14:31:03 GMT
accept-ranges
bytes
vary
Accept-Encoding
x-xss-protection
1; mode=block
expires
0
print.min.css
hudsonsbay.capitalone.com/styles/ 		347 B
588 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hudsonsbay.capitalone.com/styles/print.min.css?1601650904506
Requested by
Host: hudsonsbay.capitalone.com
URL: https://hudsonsbay.capitalone.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.18.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-18-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2fcc2497ac661711a0ef511ad6a0cff17874fe38ad29d8762c0b0b37c5640b00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hudsonsbay.capitalone.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Thu, 17 Dec 2020 19:43:54 GMT
etag
"15b-5b6ae363d7f3e"
x-frame-options
DENY
content-type
text/css
cache-control
max-age=21600
date
Mon, 18 Jan 2021 14:31:03 GMT
accept-ranges
bytes
content-length
347
x-xss-protection
1; mode=block
expires
0
hudsonsbay_logo.svg
hudsonsbay.capitalone.com/assets/images/hudsonsbay/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hudsonsbay.capitalone.com/assets/images/hudsonsbay/hudsonsbay_logo.svg
Requested by
Host: hudsonsbay.capitalone.com
URL: https://hudsonsbay.capitalone.com/styles/core.min.css?1601650904506
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.18.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-18-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
98b448af990c81486df0af62193d4a222175729ac05c4f6ec9fd488dbe27c899
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hudsonsbay.capitalone.com/styles/core.min.css?1601650904506
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 02 Oct 2020 15:03:11 GMT
etag
"1e7a-5b0b16e5f69c0"
x-frame-options
DENY
content-type
image/svg+xml
cache-control
max-age=21600
date
Mon, 18 Jan 2021 14:31:03 GMT
accept-ranges
bytes
vary
Accept-Encoding
content-length
2373
x-xss-protection
1; mode=block
expires
0
ProximaNovaRegular.woff
hudsonsbay.capitalone.com/assets/fonts/oneui-core-style/dist/fonts/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hudsonsbay.capitalone.com/assets/fonts/oneui-core-style/dist/fonts/ProximaNovaRegular.woff
Requested by
Host: hudsonsbay.capitalone.com
URL: https://hudsonsbay.capitalone.com/styles/core.min.css?1601650904506
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.18.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-18-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8229ebc323cac6583044ec8b720d29492cf56e72298803cab75d3ac460ca3d32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Origin
https://hudsonsbay.capitalone.com
Referer
https://hudsonsbay.capitalone.com/styles/core.min.css?1601650904506
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 02 Oct 2020 15:03:11 GMT
etag
"6574-5b0b16e5f69c0"
x-frame-options
DENY
content-type
application/font-woff
cache-control
max-age=21600
date
Mon, 18 Jan 2021 14:31:04 GMT
accept-ranges
bytes
content-length
25972
x-xss-protection
1; mode=block
expires
0
Bootstrap.js
nexus.ensighten.com/capitalone/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/capitalone/Bootstrap.js
Requested by
Host: hudsonsbay.capitalone.com
URL: https://hudsonsbay.capitalone.com/scripts/app.min.js?1601650904506
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1c8b94b6a197d27ff115f0145064d51009e9d57d35b3f9086531dda4455a5abf

Request headers

Referer
https://hudsonsbay.capitalone.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 18 Jan 2021 14:31:04 GMT
content-encoding
gzip
last-modified
Tue, 12 Jan 2021 17:35:14 GMT
server
nginx
etag
W/"5ffdddd2-154ea"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
start
hudsonsbay.capitalone.com/api/ 		589 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hudsonsbay.capitalone.com/api/start
Requested by
Host: hudsonsbay.capitalone.com
URL: https://hudsonsbay.capitalone.com/scripts/dependencies.min.js?1601650904506
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.18.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-18-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bfa87960ba4b5dd0c860cabfd082e816c1145d29525b266ba834e096b8649500
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://hudsonsbay.capitalone.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
date
Mon, 18 Jan 2021 14:31:04 GMT
x-frame-options
DENY
content-type
application/json;charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
content-length
589
x-xss-protection
1; mode=block
expires
0
serverComponent.php
tms.capitalone.com/capitalone/prod/ 		409 B
422 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tms.capitalone.com/capitalone/prod/serverComponent.php?r=214054.30812486247&namespace=Bootstrapper&staticJsPath=tms.capitalone.com/capitalone/prod/code/&publishedOn=Tue%20Jan%2012%2017:35:02%20GMT%202021&ClientID=581&PageID=https%3A%2F%2Fhudsonsbay.capitalone.com%2F%3Fwebview%3Dundefined%23%2Fsign-in
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/capitalone/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
af7ec330119f1271c2e923ab008cc8af2758bb1f887b98fb84ee97ce8702c8b7

Request headers

Referer
https://hudsonsbay.capitalone.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 18 Jan 2021 14:31:04 GMT
cache-control
no-cache, no-store
content-type
text/javascript
server
nginx
content-encoding
gzip
vary
Accept-Encoding
expires
Mon, 18 Jan 2021 14:31:03 GMT
features
hudsonsbay.capitalone.com/api/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hudsonsbay.capitalone.com/api/features
Requested by
Host: hudsonsbay.capitalone.com
URL: https://hudsonsbay.capitalone.com/scripts/dependencies.min.js?1601650904506
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.18.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-18-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e1d70f1c582d0714d6aaea5a6363c7100568d15c31a6931922d51f8e4f99c0c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://hudsonsbay.capitalone.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
date
Mon, 18 Jan 2021 14:31:05 GMT
x-frame-options
DENY
content-type
application/json;charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
content-length
1062
x-xss-protection
1; mode=block
expires
0
view
hudsonsbay.capitalone.com/api/content/type/modals/ 		4 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hudsonsbay.capitalone.com/api/content/type/modals/view
Requested by
Host: hudsonsbay.capitalone.com
URL: https://hudsonsbay.capitalone.com/scripts/dependencies.min.js?1601650904506
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.18.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-18-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5abeb0852a7fc13c6a414d37acb27c3bc330aae5d91c956c16b7641e693e9afe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://hudsonsbay.capitalone.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
date
Mon, 18 Jan 2021 14:31:05 GMT
x-frame-options
DENY
content-type
application/json;charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
content-length
4603
x-xss-protection
1; mode=block
expires
0
translations
hudsonsbay.capitalone.com/api/ 		67 KB
67 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hudsonsbay.capitalone.com/api/translations?locale=en-CA&partner=hudsonsbay
Requested by
Host: hudsonsbay.capitalone.com
URL: https://hudsonsbay.capitalone.com/scripts/dependencies.min.js?1601650904506
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.18.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-18-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f3234a2cd871c80760bc357f0db3a6a2b73a95c5d04b3bdf64919c606baf1152
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://hudsonsbay.capitalone.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
date
Mon, 18 Jan 2021 14:31:05 GMT
x-frame-options
DENY
content-type
application/json;charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
x-xss-protection
1; mode=block
expires
0
a6d996a0628d04716d5b570cf366da88.js
tms.capitalone.com/capitalone/prod/code/ 		571 B
744 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tms.capitalone.com/capitalone/prod/code/a6d996a0628d04716d5b570cf366da88.js?conditionId0=4875225&conditionId1=4875868
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/capitalone/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
bce7deeccbf707cd7c3faa53650b6ad7205996199815a6e82fbfce6e694c34ce

Request headers

Referer
https://hudsonsbay.capitalone.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 18 Jan 2021 14:31:04 GMT
last-modified
Mon, 22 Jun 2020 17:41:41 GMT
server
nginx
etag
"5ef0ed55-23b"
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
accept-ranges
bytes
content-length
571
0eb5b22ecd671d200150d835c9bcf793.js
tms.capitalone.com/capitalone/prod/code/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tms.capitalone.com/capitalone/prod/code/0eb5b22ecd671d200150d835c9bcf793.js?conditionId0=421879
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/capitalone/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b59ccb0c45020a14cac9db1ecf23c9955e25c3bc3d0e3a430ec60c4ee052acc2

Request headers

Referer
https://hudsonsbay.capitalone.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 18 Jan 2021 14:31:04 GMT
content-encoding
gzip
last-modified
Mon, 07 Dec 2020 17:11:47 GMT
server
nginx
etag
W/"5fce6253-2405"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
angular-locale_en-ca.js
hudsonsbay.capitalone.com/scripts/locale/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hudsonsbay.capitalone.com/scripts/locale/angular-locale_en-ca.js
Requested by
Host: hudsonsbay.capitalone.com
URL: https://hudsonsbay.capitalone.com/scripts/dependencies.min.js?1601650904506
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.18.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-18-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
67563318f781475915e443fef24576ea64e5de5a80e7ab3fd6b967de15538dcc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hudsonsbay.capitalone.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 02 Oct 2020 15:03:11 GMT
etag
"a9a-5b0b16e5f69c0"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=21600
date
Mon, 18 Jan 2021 14:31:05 GMT
accept-ranges
bytes
vary
Accept-Encoding
content-length
962
x-xss-protection
1; mode=block
expires
0
partner
hudsonsbay.capitalone.com/api/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hudsonsbay.capitalone.com/api/partner?locale=en-CA
Requested by
Host: hudsonsbay.capitalone.com
URL: https://hudsonsbay.capitalone.com/scripts/dependencies.min.js?1601650904506
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.18.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-18-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b8cf430f531c7d4b461bfdc720ea22cf32597bd08acc57837d3ec8a8af533d47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://hudsonsbay.capitalone.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
date
Mon, 18 Jan 2021 14:31:05 GMT
x-frame-options
DENY
content-type
application/json;charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
content-length
1419
x-xss-protection
1; mode=block
expires
0
view
hudsonsbay.capitalone.com/api/content/type/modals/ 		4 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hudsonsbay.capitalone.com/api/content/type/modals/view
Requested by
Host: hudsonsbay.capitalone.com
URL: https://hudsonsbay.capitalone.com/scripts/dependencies.min.js?1601650904506
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.18.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-18-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5abeb0852a7fc13c6a414d37acb27c3bc330aae5d91c956c16b7641e693e9afe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://hudsonsbay.capitalone.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
date
Mon, 18 Jan 2021 14:31:05 GMT
x-frame-options
DENY
content-type
application/json;charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
content-length
4603
x-xss-protection
1; mode=block
expires
0
header
hudsonsbay.capitalone.com/api/content/type/ 		283 B
512 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hudsonsbay.capitalone.com/api/content/type/header
Requested by
Host: hudsonsbay.capitalone.com
URL: https://hudsonsbay.capitalone.com/scripts/dependencies.min.js?1601650904506
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.18.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-18-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f5ecdb283c61a7e89618b8a1494ea18bd0e582ef0dcb116c72ae28e2db333c70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://hudsonsbay.capitalone.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
date
Mon, 18 Jan 2021 14:31:05 GMT
x-frame-options
DENY
content-type
application/json;charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
content-length
283
x-xss-protection
1; mode=block
expires
0
browserFingerPrintv1.min.js
bfp.capitalone.com/ 		28 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bfp.capitalone.com/browserFingerPrintv1.min.js
Requested by
Host: hudsonsbay.capitalone.com
URL: https://hudsonsbay.capitalone.com/scripts/app.min.js?1601650904506
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.121 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-121.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
559d96c9ff8af5055471707c21b22ac1a7bca706d199dc9f5659a65c02d7e944

Request headers

Referer
https://hudsonsbay.capitalone.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
0jX_DUFrz0Q6dONfVTSLzsM7Q36K1OWF
via
1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
etag
"0f537e63c621f88c0c4bf4257394b2c2"
last-modified
Sat, 16 Sep 2017 03:10:05 GMT
server
AmazonS3
age
69511
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript
date
Mon, 18 Jan 2021 01:16:26 GMT
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
28442
x-amz-cf-id
iNoGAuRLaFlJGt-H7YkeD7R-j_ZXffHmZ9XYAMmFLZShHMKiUCiEOw==
48.app.min.js
hudsonsbay.capitalone.com/scripts/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hudsonsbay.capitalone.com/scripts/48.app.min.js
Requested by
Host: hudsonsbay.capitalone.com
URL: https://hudsonsbay.capitalone.com/scripts/app.min.js?1601650904506
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.18.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-18-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
04b6a661b626ca2c7eb4498533f30d80475a08936568528d3e83151ea0445141
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hudsonsbay.capitalone.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 17 Dec 2020 19:43:54 GMT
etag
"1e87-5b6ae363d5c16"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=21600
date
Mon, 18 Jan 2021 14:31:05 GMT
accept-ranges
bytes
vary
Accept-Encoding
content-length
2456
x-xss-protection
1; mode=block
expires
0
view
hudsonsbay.capitalone.com/api/login/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hudsonsbay.capitalone.com/api/login/view
Requested by
Host: hudsonsbay.capitalone.com
URL: https://hudsonsbay.capitalone.com/scripts/dependencies.min.js?1601650904506
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.18.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-18-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6dca58fc888b0803138ee6046bb67ddd89136b45db21083290f952dcacee3b6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://hudsonsbay.capitalone.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
date
Mon, 18 Jan 2021 14:31:05 GMT
x-frame-options
DENY
content-type
application/json;charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
content-length
2834
x-xss-protection
1; mode=block
expires
0
data
hudsonsbay.capitalone.com/api/login/ 		60 B
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hudsonsbay.capitalone.com/api/login/data
Requested by
Host: hudsonsbay.capitalone.com
URL: https://hudsonsbay.capitalone.com/scripts/dependencies.min.js?1601650904506
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.18.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-18-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6b54b39008b6355b1ac89f0bcf7c711621f0782cb0145628b4bf84805dbe40f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://hudsonsbay.capitalone.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
date
Mon, 18 Jan 2021 14:31:05 GMT
x-frame-options
DENY
content-type
application/json;charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
content-length
60
x-xss-protection
1; mode=block
expires
0
view
hudsonsbay.capitalone.com/api/partner/locale/ 		709 B
938 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hudsonsbay.capitalone.com/api/partner/locale/view
Requested by
Host: hudsonsbay.capitalone.com
URL: https://hudsonsbay.capitalone.com/scripts/dependencies.min.js?1601650904506
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.18.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-18-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
857f8577ed23b025417f2d77c9ad4bf0cf086a2bdac9f4f20d2b1086156552e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://hudsonsbay.capitalone.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
date
Mon, 18 Jan 2021 14:31:05 GMT
x-frame-options
DENY
content-type
application/json;charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
content-length
709
x-xss-protection
1; mode=block
expires
0
data
hudsonsbay.capitalone.com/api/partner/locales/ 		102 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hudsonsbay.capitalone.com/api/partner/locales/data
Requested by
Host: hudsonsbay.capitalone.com
URL: https://hudsonsbay.capitalone.com/scripts/dependencies.min.js?1601650904506
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.18.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-18-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8880bdf8c7b2cb95101e9a0d7d5062cc086733337d27e68033e051be6716fcfc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://hudsonsbay.capitalone.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
date
Mon, 18 Jan 2021 14:31:05 GMT
x-frame-options
DENY
content-type
application/json;charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
content-length
102
x-xss-protection
1; mode=block
expires
0
ProximaNovaSemiBold.woff
hudsonsbay.capitalone.com/assets/fonts/oneui-core-style/dist/fonts/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hudsonsbay.capitalone.com/assets/fonts/oneui-core-style/dist/fonts/ProximaNovaSemiBold.woff
Requested by
Host: hudsonsbay.capitalone.com
URL: https://hudsonsbay.capitalone.com/styles/core.min.css?1601650904506
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.18.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-18-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cdfad3923e63ec744a8ff847cfa7a61f5da721a5d0765e84c9e629abe570bb30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Origin
https://hudsonsbay.capitalone.com
Referer
https://hudsonsbay.capitalone.com/styles/core.min.css?1601650904506
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 02 Oct 2020 15:03:11 GMT
etag
"6644-5b0b16e5f69c0"
x-frame-options
DENY
content-type
application/font-woff
cache-control
max-age=21600
date
Mon, 18 Jan 2021 14:31:05 GMT
accept-ranges
bytes
content-length
26180
x-xss-protection
1; mode=block
expires
0
e.gif
tms.capitalone.com/error/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tms.capitalone.com/error/e.gif?msg=Bootstrapper.trackCallWhiteList%20is%20undefined&lnn=-1&fn=&cid=581&client=capitalone&publishPath=prod&rid=3330747&did=378606&errorName=Error
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hudsonsbay.capitalone.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 18 Jan 2021 14:31:05 GMT
cache-control
no-cache, no-store
server
nginx
expires
Mon, 18 Jan 2021 14:31:04 GMT
hudsonsbay_frenchToggle.svg
hudsonsbay.capitalone.com/assets/images/hudsonsbay/ 		1 KB
977 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hudsonsbay.capitalone.com/assets/images/hudsonsbay/hudsonsbay_frenchToggle.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.18.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-18-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
68abd546e087e16f2cdf80136a793ee80a8abdffaa57632ed0b5a4e03114e13a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hudsonsbay.capitalone.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 02 Oct 2020 15:03:11 GMT
etag
"5f2-5b0b16e5f69c0"
x-frame-options
DENY
content-type
image/svg+xml
cache-control
max-age=21600
date
Mon, 18 Jan 2021 14:31:05 GMT
accept-ranges
bytes
vary
Accept-Encoding
content-length
712
x-xss-protection
1; mode=block
expires
0
ui-icons.woff
hudsonsbay.capitalone.com/assets/fonts/oneui-icons/dist/fonts/ 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hudsonsbay.capitalone.com/assets/fonts/oneui-icons/dist/fonts/ui-icons.woff?-uwt19b
Requested by
Host: hudsonsbay.capitalone.com
URL: https://hudsonsbay.capitalone.com/styles/core.min.css?1601650904506
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.18.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-18-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
faeaf2eef848fdd260b00cbec6b90dbeb82ed83955503cc626641f833046e357
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Origin
https://hudsonsbay.capitalone.com
Referer
https://hudsonsbay.capitalone.com/styles/core.min.css?1601650904506
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 02 Oct 2020 15:03:11 GMT
etag
"b394-5b0b16e5f69c0"
x-frame-options
DENY
content-type
application/font-woff
cache-control
max-age=21600
date
Mon, 18 Jan 2021 14:31:06 GMT
accept-ranges
bytes
content-length
45972
x-xss-protection
1; mode=block
expires
0
avatar_filled_brand.svg
hudsonsbay.capitalone.com/assets/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hudsonsbay.capitalone.com/assets/images/avatar_filled_brand.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.18.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-18-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
20fbfb96910c6bcd759e85a8a2d63e307a69bc75e3876659fea5a713a4d8e0e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hudsonsbay.capitalone.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 02 Oct 2020 15:03:11 GMT
etag
"e76-5b0b16e5f69c0"
x-frame-options
DENY
content-type
image/svg+xml
cache-control
max-age=21600
date
Mon, 18 Jan 2021 14:31:05 GMT
accept-ranges
bytes
vary
Accept-Encoding
content-length
1564
x-xss-protection
1; mode=block
expires
0
e.gif
tms.capitalone.com/error/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tms.capitalone.com/error/e.gif?msg=s%20object%20not%20available%20after%207000%20ms&lnn=-1&fn=&cid=581&client=capitalone&publishPath=prod&rid=3330747&did=378606&errorName=Error
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hudsonsbay.capitalone.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 18 Jan 2021 14:31:08 GMT
cache-control
no-cache, no-store
server
nginx
expires
Mon, 18 Jan 2021 14:31:07 GMT
e.gif
tms.capitalone.com/error/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tms.capitalone.com/error/e.gif?msg=s%20object%20not%20available%20after%207100%20ms&lnn=-1&fn=&cid=581&client=capitalone&publishPath=prod&rid=3330747&did=378606&errorName=Error
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hudsonsbay.capitalone.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 18 Jan 2021 14:31:08 GMT
cache-control
no-cache, no-store
server
nginx
expires
Mon, 18 Jan 2021 14:31:07 GMT

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| c1 object| datePickerController object| angular number| ng339 string| angularCacheModuleName object| webpackJsonp object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| ensBootstraps object| Bootstrapper object| GlobalSnowplowNamespace function| sp object| publisherFW string| k string| sc_level1 string| sc_level2 string| sc_level3 string| sc_level4 string| sc_level5 string| sc_country string| sc_language string| sc_system function| InstalledFontDetector function| fnBrowserDevicePrintVersion function| fnZeroPad function| fnBrowserCurrentTimeStamp function| fnBrowserUserAgent function| fnBrowserTimeZone function| fnBrowserScreen function| fnBrowserFontSmoothingEnabled function| fnBrowserLanguage function| fnBrowserFonts function| fnBrowserFontsOld function| fnBrowserPlugins function| fnBrowserPluginsOld function| fnBrowserCookieEnabled function| fnBrowserJavaEnabled function| fnBrowserTouchEnabled function| fnBrowserSilverLightDetails function| fnBrowserFlashDetails function| fnBrowserCanvasHash function| fnBrowserTrueAgent function| fnBrowserConnectionInfo function| fnBrowserLatency function| fnBrowserInfo function| fnBrowserSystemInfo function| fnBrowserFormFields object| B64 function| fnB64Enc function| fnB64Dec function| fnStripExtension function| fnIsBlank function| fnGetArrIndexValue function| collectDFP function| fnGetTime function| fnCSM function| mathEval function| fnTCN object| Sha256

7 Cookies

Domain/Path Name / Value
hudsonsbay.capitalone.com/ Name: startApiComplete
Value: true
.hudsonsbay.capitalone.com/ Name: locale_pref
Value: en_CA
.hudsonsbay.capitalone.com/ Name: BNES_scDLSessionID_PARTNERSHIP
Value: woW9p9j9W/Fjcjo2DIx97SVXrEuzb4XxuXXFL1E+dMJxxo+1GcorlPScjOVHlDa0kPRHfROmDo+uPnyH0EWukx9IiySdvWEFeTKREthmF7lwOTzQFHojLyQWulTX8YyOlHHyoBsvckMv1R6BL90qAG4JOed7s+3uB/4q+yYifiKDkTM27OeqylJzRu/LO841SXiI2npZn/Q=
.hudsonsbay.capitalone.com/ Name: TLTUID
Value: 75767ED59066BD462CF47D074050DCEB
.hudsonsbay.capitalone.com/ Name: TLTSID
Value: BFD05943609B135A11C0CBAD45A209BE
.hudsonsbay.capitalone.com/ Name: scDLSessionID_PARTNERSHIP
Value: C1R6SSO34K7680DA4H43QOTMUU3STVQRLOSI6BOIDUEDFI5F1IVL3FL1JMC39OJC
.hudsonsbay.capitalone.com/ Name: C1_PARTNERSHIP_PID
Value: C1R6SSO34K7680DA4H43QOTMUU3STVQRLOSI6BOIDUEDFI5F1IVL3FL1JMC39OJC

2 Console Messages

Source Level URL
Text
console-api warning URL: https://nexus.ensighten.com/capitalone/Bootstrap.js(Line 177)
Message:
window.s not defined!!! Aborting track call after 7000 ms
console-api warning URL: https://nexus.ensighten.com/capitalone/Bootstrap.js(Line 177)
Message:
window.s not defined!!! Aborting track call after 7100 ms

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bfp.capitalone.com
hudsonsbay.capitalone.com
nexus.ensighten.com
tms.capitalone.com
13.224.194.121
18.197.253.20
184.24.18.214
3.124.119.57
04b6a661b626ca2c7eb4498533f30d80475a08936568528d3e83151ea0445141
1c8b94b6a197d27ff115f0145064d51009e9d57d35b3f9086531dda4455a5abf
20fbfb96910c6bcd759e85a8a2d63e307a69bc75e3876659fea5a713a4d8e0e6
2b0124594b071e49d6b34fe6e630a2a7c36aceaeb9aebc81d8c7db12549e18bf
2fcc2497ac661711a0ef511ad6a0cff17874fe38ad29d8762c0b0b37c5640b00
559d96c9ff8af5055471707c21b22ac1a7bca706d199dc9f5659a65c02d7e944
5abeb0852a7fc13c6a414d37acb27c3bc330aae5d91c956c16b7641e693e9afe
67563318f781475915e443fef24576ea64e5de5a80e7ab3fd6b967de15538dcc
68abd546e087e16f2cdf80136a793ee80a8abdffaa57632ed0b5a4e03114e13a
6b54b39008b6355b1ac89f0bcf7c711621f0782cb0145628b4bf84805dbe40f7
6dca58fc888b0803138ee6046bb67ddd89136b45db21083290f952dcacee3b6b
8229ebc323cac6583044ec8b720d29492cf56e72298803cab75d3ac460ca3d32
857f8577ed23b025417f2d77c9ad4bf0cf086a2bdac9f4f20d2b1086156552e5
8880bdf8c7b2cb95101e9a0d7d5062cc086733337d27e68033e051be6716fcfc
98b448af990c81486df0af62193d4a222175729ac05c4f6ec9fd488dbe27c899
a07f0c670ad4bb7e6fa96cf499a442d4bcd3f5feec45339b2dc82812f73b654f
a5de42d96136ab304ebe6013ba8362ccd28c0a3f69ee86cb8423e4fc09b0c967
a814733f8bda3386956cac14e52123cee8d31fc0b3d09e64a9d282db85b64c77
af7ec330119f1271c2e923ab008cc8af2758bb1f887b98fb84ee97ce8702c8b7
b59ccb0c45020a14cac9db1ecf23c9955e25c3bc3d0e3a430ec60c4ee052acc2
b8cf430f531c7d4b461bfdc720ea22cf32597bd08acc57837d3ec8a8af533d47
bce7deeccbf707cd7c3faa53650b6ad7205996199815a6e82fbfce6e694c34ce
bfa87960ba4b5dd0c860cabfd082e816c1145d29525b266ba834e096b8649500
cdfad3923e63ec744a8ff847cfa7a61f5da721a5d0765e84c9e629abe570bb30
e1d70f1c582d0714d6aaea5a6363c7100568d15c31a6931922d51f8e4f99c0c0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f3234a2cd871c80760bc357f0db3a6a2b73a95c5d04b3bdf64919c606baf1152
f5ecdb283c61a7e89618b8a1494ea18bd0e582ef0dcb116c72ae28e2db333c70
faeaf2eef848fdd260b00cbec6b90dbeb82ed83955503cc626641f833046e357