urlscan.io logo urlscan.io
SecurityTrails logo

capitaoneactprod.b2clogin.com Open in urlscan Pro
2603:1026:3000:150::5  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://exports.education.capitaone.cloud/
Effective URL: https://capitaoneactprod.b2clogin.com/capitaoneactprod.onmicrosoft.com/b2c_1a_mfa_phone_or_email/oauth2/v2.0/authorize?client_id=85cab...
Submission: On July 26 via api from US — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 21 HTTP transactions. The main IP is 2603:1026:3000:150::5, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is capitaoneactprod.b2clogin.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on May 21st 2024. Valid for: a year.
This is the only time capitaoneactprod.b2clogin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 51.132.166.228 8075 (MICROSOFT...)
1 2603:1027:1:1... 8075 (MICROSOFT...)
2 2603:1026:300... 8075 (MICROSOFT...)
1 152.199.19.160 15133 (EDGECAST)
2 2620:1ec:bdf::45 8075 (MICROSOFT...)
21 5
15    51.132.166.228 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
exports.education.capitaone.cloud
act.capitaone.cloud
1    2603:1027:1:158::a (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
capitaoneactprod.b2clogin.com
2    2603:1026:3000:150::5 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
capitaoneactprod.b2clogin.com
1    152.199.19.160 (United States)

ASN15133 (EDGECAST, US)
ajax.aspnetcdn.com
2    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
secure.aadcdn.microsoftonline-p.com
Apex Domain
Subdomains		 Transfer
15 capitaone.cloud
exports.education.capitaone.cloud
act.capitaone.cloud
3 MB
3 b2clogin.com
capitaoneactprod.b2clogin.com
213 KB
2 microsoftonline-p.com
secure.aadcdn.microsoftonline-p.com — Cisco Umbrella Rank: 22773
168 KB
1 aspnetcdn.com
ajax.aspnetcdn.com — Cisco Umbrella Rank: 5661
120 KB
21 4
Domain Requested by
8 exports.education.capitaone.cloud exports.education.capitaone.cloud
7 act.capitaone.cloud capitaoneactprod.b2clogin.com
act.capitaone.cloud
3 capitaoneactprod.b2clogin.com exports.education.capitaone.cloud
capitaoneactprod.b2clogin.com
2 secure.aadcdn.microsoftonline-p.com
1 ajax.aspnetcdn.com capitaoneactprod.b2clogin.com
21 5

This site contains no links.

Subject Issuer Validity Valid
act.capitaone.cloud
R3		 2024-05-30 -
2024-08-28		 3 months crt.sh
graph.windows.net
DigiCert SHA2 Secure Server CA		 2024-05-21 -
2025-05-21		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2024-06-06 -
2025-06-06		 a year crt.sh
secure.aadcdn.microsoftonline-p.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-05-22 -
2025-05-17		 a year crt.sh

This page contains 1 frames:

Primary Page: https://capitaoneactprod.b2clogin.com/capitaoneactprod.onmicrosoft.com/b2c_1a_mfa_phone_or_email/oauth2/v2.0/authorize?client_id=85cabeb2-266f-4a3f-8173-5fa9a883ab39&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fexports.education.capitaone.cloud%2F&client-request-id=1ce26de4-acb6-4a3b-bb38-36267e57ce18&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=3.2.0&client_info=1&code_challenge=1GTfzvU6qgP4gS7y1zQPYMd5pVnbrVKTAPja8TbL5aE&code_challenge_method=S256&nonce=e1ddb877-98dd-4f86-98df-5390b3a03969&state=eyJpZCI6IjRmNjA3YzIyLWFmMjQtNDBhNi1iZmM4LWU5NDgwODExNzQxMyIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
Frame ID: D86F1E88AF6080485839C5D841C892D5
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in

Page URL History Show full URLs

  1. http://exports.education.capitaone.cloud/ HTTP 307
    https://exports.education.capitaone.cloud/ Page URL
  2. https://capitaoneactprod.b2clogin.com/capitaoneactprod.onmicrosoft.com/b2c_1a_mfa_phone_or_email/oauth2/v2.0/autho... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

100 %
HTTPS

60 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

3720 kB
Transfer

3934 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://exports.education.capitaone.cloud/ HTTP 307
    https://exports.education.capitaone.cloud/ Page URL
  2. https://capitaoneactprod.b2clogin.com/capitaoneactprod.onmicrosoft.com/b2c_1a_mfa_phone_or_email/oauth2/v2.0/authorize?client_id=85cabeb2-266f-4a3f-8173-5fa9a883ab39&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fexports.education.capitaone.cloud%2F&client-request-id=1ce26de4-acb6-4a3b-bb38-36267e57ce18&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=3.2.0&client_info=1&code_challenge=1GTfzvU6qgP4gS7y1zQPYMd5pVnbrVKTAPja8TbL5aE&code_challenge_method=S256&nonce=e1ddb877-98dd-4f86-98df-5390b3a03969&state=eyJpZCI6IjRmNjA3YzIyLWFmMjQtNDBhNi1iZmM4LWU5NDgwODExNzQxMyIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://exports.education.capitaone.cloud/ HTTP 307
  • https://exports.education.capitaone.cloud/

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
exports.education.capitaone.cloud/
Redirect Chain
  • http://exports.education.capitaone.cloud/
  • https://exports.education.capitaone.cloud/
6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://exports.education.capitaone.cloud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.132.166.228 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7f4130f37317c2b8e767a586955fe9a6e1535c2a562c4d79d34e44bcaca8d966
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
no-cache
content-length
6615
content-md5
0mQgaOalKJYL2PpdDhMa3w==
content-security-policy
frame-ancestors 'self'
content-type
text/html
date
Fri, 26 Jul 2024 18:13:58 GMT
last-modified
Thu, 23 Nov 2023 11:03:00 GMT
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-ms-request-id
256e2881-101e-0064-1787-df1f5c000000
x-ms-version
2018-03-28
x-xss-protection
1; mode=block

Redirect headers

Location
https://exports.education.capitaone.cloud/
Non-Authoritative-Reason
HttpsUpgrades
runtime.f1f6ea55348c2c1b.js
exports.education.capitaone.cloud/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://exports.education.capitaone.cloud/runtime.f1f6ea55348c2c1b.js
Requested by
Host: exports.education.capitaone.cloud
URL: https://exports.education.capitaone.cloud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.132.166.228 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f1da7e651124f9563ce32e54cc85faf1fe792681f5b87463e970bbb5352b3255
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://exports.education.capitaone.cloud/
Origin
https://exports.education.capitaone.cloud
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 18:13:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
last-modified
Thu, 23 Nov 2023 11:02:54 GMT
referrer-policy
strict-origin-when-cross-origin
content-md5
r+qOy3WnlMEaaGFLk+kcIw==
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-ms-request-id
256e28b4-101e-0064-4587-df1f5c000000
x-ms-version
2018-03-28
accept-ranges
bytes
content-length
2847
x-xss-protection
1; mode=block
polyfills.e225f95f3b4c6202.js
exports.education.capitaone.cloud/ 		33 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://exports.education.capitaone.cloud/polyfills.e225f95f3b4c6202.js
Requested by
Host: exports.education.capitaone.cloud
URL: https://exports.education.capitaone.cloud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.132.166.228 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e437edc46c1a108bedffd12747ae1aa3a4503278a1818776a8c8c22e9573227
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://exports.education.capitaone.cloud/
Origin
https://exports.education.capitaone.cloud
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 18:13:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
last-modified
Thu, 23 Nov 2023 11:02:54 GMT
referrer-policy
strict-origin-when-cross-origin
content-md5
X9Xz0b4dzrjoyoqZ5mRMSQ==
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-ms-request-id
a694ef85-201e-00b4-2887-df220a000000
x-ms-version
2018-03-28
accept-ranges
bytes
content-length
33869
x-xss-protection
1; mode=block
main.c7b103984cca2e7b.js
exports.education.capitaone.cloud/ 		2 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://exports.education.capitaone.cloud/main.c7b103984cca2e7b.js
Requested by
Host: exports.education.capitaone.cloud
URL: https://exports.education.capitaone.cloud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.132.166.228 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
50e521e73c5bb5bb301c34c2e34bdf1454aeeceec21eb8cfe4ec0059174c5533
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://exports.education.capitaone.cloud/
Origin
https://exports.education.capitaone.cloud
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 18:13:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
last-modified
Thu, 23 Nov 2023 11:02:54 GMT
referrer-policy
strict-origin-when-cross-origin
content-md5
fc7tc3KBILIQ8XxRmzzphQ==
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-ms-request-id
e453a963-501e-0065-4c87-df4080000000
x-ms-version
2018-03-28
accept-ranges
bytes
content-length
1734952
x-xss-protection
1; mode=block
styles.bc2e822f26bfcadf.css
exports.education.capitaone.cloud/ 		595 KB
596 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://exports.education.capitaone.cloud/styles.bc2e822f26bfcadf.css
Requested by
Host: exports.education.capitaone.cloud
URL: https://exports.education.capitaone.cloud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.132.166.228 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5931067ec7d5eb0a7fcd38b7acaaaf76c73105b1d5a77b2a1412b40896e70752
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://exports.education.capitaone.cloud/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 18:13:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
last-modified
Thu, 23 Nov 2023 11:02:54 GMT
referrer-policy
strict-origin-when-cross-origin
content-md5
L23VXjxxcYyBYYuiLLPpHQ==
x-frame-options
SAMEORIGIN
content-type
text/css
x-ms-request-id
a694efa2-201e-00b4-4087-df220a000000
x-ms-version
2018-03-28
accept-ranges
bytes
content-length
609692
x-xss-protection
1; mode=block
config.json
exports.education.capitaone.cloud/assets/config/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://exports.education.capitaone.cloud/assets/config/config.json?ts=1722017640137
Requested by
Host: exports.education.capitaone.cloud
URL: https://exports.education.capitaone.cloud/polyfills.e225f95f3b4c6202.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.132.166.228 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
461f45e4e1c75e71260b9b6c4f0244f4dfeeed87acefaf8cb9fbbf5c4151a886
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://exports.education.capitaone.cloud/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 18:14:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
last-modified
Thu, 23 Nov 2023 11:02:54 GMT
referrer-policy
strict-origin-when-cross-origin
content-md5
jIs4L8MJw+45hqstaTBemA==
x-frame-options
SAMEORIGIN
content-type
application/json
x-ms-request-id
a694f30e-201e-00b4-3587-df220a000000
x-ms-version
2018-03-28
accept-ranges
bytes
content-length
1227
x-xss-protection
1; mode=block
favicon.ico
exports.education.capitaone.cloud/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://exports.education.capitaone.cloud/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.132.166.228 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fc6cb629a5d346b3feff586fe335df4a5fa85bbc9a979bf934458753a57f4361
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://exports.education.capitaone.cloud/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 18:14:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
last-modified
Thu, 23 Nov 2023 11:02:54 GMT
referrer-policy
strict-origin-when-cross-origin
content-md5
JFFvHl1Va2Dp78GZGYmVEw==
x-frame-options
SAMEORIGIN
content-type
image/x-icon
x-ms-request-id
a694f31a-201e-00b4-4187-df220a000000
x-ms-version
2018-03-28
accept-ranges
bytes
content-length
15406
x-xss-protection
1; mode=block
openid-configuration
capitaoneactprod.b2clogin.com/capitaoneactprod.onmicrosoft.com/b2c_1a_mfa_phone_or_email/v2.0/.well-known/ 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://capitaoneactprod.b2clogin.com/capitaoneactprod.onmicrosoft.com/b2c_1a_mfa_phone_or_email/v2.0/.well-known/openid-configuration
Requested by
Host: exports.education.capitaone.cloud
URL: https://exports.education.capitaone.cloud/polyfills.e225f95f3b4c6202.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1027:1:158::a Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f73268ac8b3f4d4ef825ba4f626de3bcd66b4b0cd06856058fd4d17e853e3324
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://exports.education.capitaone.cloud/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Fri, 26 Jul 2024 18:14:00 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://exports.education.capitaone.cloud
Public
OPTIONS,TRACE,GET,HEAD,POST
Cache-Control
no-store, must-revalidate, no-cache
Allow
OPTIONS, TRACE, GET, HEAD, POST
x-ms-gateway-requestid
cd6bccff-7bc9-43c2-8998-27c64e8e038b
Content-Length
1485
X-XSS-Protection
1; mode=block
favicon.ico
exports.education.capitaone.cloud/ 		15 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://exports.education.capitaone.cloud/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.132.166.228 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fc6cb629a5d346b3feff586fe335df4a5fa85bbc9a979bf934458753a57f4361
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://exports.education.capitaone.cloud/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 18:14:00 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 23 Nov 2023 11:02:54 GMT
content-md5
JFFvHl1Va2Dp78GZGYmVEw==
x-frame-options
SAMEORIGIN
content-type
image/x-icon
x-ms-request-id
a694f31a-201e-00b4-4187-df220a000000
x-ms-version
2018-03-28
accept-ranges
bytes
content-length
15406
x-xss-protection
1; mode=block
Primary Request authorize
capitaoneactprod.b2clogin.com/capitaoneactprod.onmicrosoft.com/b2c_1a_mfa_phone_or_email/oauth2/v2.0/ 		322 KB
111 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://capitaoneactprod.b2clogin.com/capitaoneactprod.onmicrosoft.com/b2c_1a_mfa_phone_or_email/oauth2/v2.0/authorize?client_id=85cabeb2-266f-4a3f-8173-5fa9a883ab39&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fexports.education.capitaone.cloud%2F&client-request-id=1ce26de4-acb6-4a3b-bb38-36267e57ce18&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=3.2.0&client_info=1&code_challenge=1GTfzvU6qgP4gS7y1zQPYMd5pVnbrVKTAPja8TbL5aE&code_challenge_method=S256&nonce=e1ddb877-98dd-4f86-98df-5390b3a03969&state=eyJpZCI6IjRmNjA3YzIyLWFmMjQtNDBhNi1iZmM4LWU5NDgwODExNzQxMyIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
Requested by
Host: exports.education.capitaone.cloud
URL: https://exports.education.capitaone.cloud/main.c7b103984cca2e7b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1026:3000:150::5 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a39d6eeec46d9238966ca17e7a05da74c407159afce731b9573fb9a122627752
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://exports.education.capitaone.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Allow
OPTIONS TRACE GET HEAD POST
Cache-Control
no-store, must-revalidate, no-cache
Content-Encoding
gzip
Content-Length
110743
Content-Security-Policy-Report-Only
script-src 'strict-dynamic' 'self' 'nonce-haMjucV6XhjWsI9/htIolw==' 'report-sample'; report-uri /capitaoneactprod.onmicrosoft.com/B2C_1A_MFA_phone_or_email/client/cspreport?p=B2C_1A_MFA_phone_or_email
Content-Type
text/html; charset=utf-8
Date
Fri, 26 Jul 2024 18:14:00 GMT
Expires
-1
Public
OPTIONS,TRACE,GET,HEAD,POST
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Build
1.1.208.0
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-Request-ID
f10703b1-ccf5-49ae-8bb9-039eff135efb
X-UA-Compatible
IE=edge
X-XSS-Protection
1; mode=block
x-ms-gateway-requestid
82ff874d-769e-4d92-b3b1-8984ec33fb5e
jquery-bundle-1.10.2.min.js
capitaoneactprod.b2clogin.com/static/bundles/ 		100 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://capitaoneactprod.b2clogin.com/static/bundles/jquery-bundle-1.10.2.min.js?slice=001-000&dc=AM3
Requested by
Host: capitaoneactprod.b2clogin.com
URL: https://capitaoneactprod.b2clogin.com/capitaoneactprod.onmicrosoft.com/b2c_1a_mfa_phone_or_email/oauth2/v2.0/authorize?client_id=85cabeb2-266f-4a3f-8173-5fa9a883ab39&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fexports.education.capitaone.cloud%2F&client-request-id=1ce26de4-acb6-4a3b-bb38-36267e57ce18&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=3.2.0&client_info=1&code_challenge=1GTfzvU6qgP4gS7y1zQPYMd5pVnbrVKTAPja8TbL5aE&code_challenge_method=S256&nonce=e1ddb877-98dd-4f86-98df-5390b3a03969&state=eyJpZCI6IjRmNjA3YzIyLWFmMjQtNDBhNi1iZmM4LWU5NDgwODExNzQxMyIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1026:3000:150::5 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a035f5bc873960a65bcb6493b4d18782247a5a5d8cad443d297c853b09ea7bb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://capitaoneactprod.b2clogin.com/capitaoneactprod.onmicrosoft.com/b2c_1a_mfa_phone_or_email/oauth2/v2.0/authorize?client_id=85cabeb2-266f-4a3f-8173-5fa9a883ab39&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fexports.education.capitaone.cloud%2F&client-request-id=1ce26de4-acb6-4a3b-bb38-36267e57ce18&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=3.2.0&client_info=1&code_challenge=1GTfzvU6qgP4gS7y1zQPYMd5pVnbrVKTAPja8TbL5aE&code_challenge_method=S256&nonce=e1ddb877-98dd-4f86-98df-5390b3a03969&state=eyJpZCI6IjRmNjA3YzIyLWFmMjQtNDBhNi1iZmM4LWU5NDgwODExNzQxMyIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Fri, 26 Jul 2024 18:14:00 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 10 Jul 2024 10:08:44 GMT
ETag
"01e7025b1d2da1:0"
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-Frame-Options
DENY
Accept-Ranges
bytes
Content-Length
101973
X-XSS-Protection
1; mode=block
unified.html
act.capitaone.cloud/signintemplate/template/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://act.capitaone.cloud/signintemplate/template/unified.html
Requested by
Host: capitaoneactprod.b2clogin.com
URL: https://capitaoneactprod.b2clogin.com/capitaoneactprod.onmicrosoft.com/b2c_1a_mfa_phone_or_email/oauth2/v2.0/authorize?client_id=85cabeb2-266f-4a3f-8173-5fa9a883ab39&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fexports.education.capitaone.cloud%2F&client-request-id=1ce26de4-acb6-4a3b-bb38-36267e57ce18&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=3.2.0&client_info=1&code_challenge=1GTfzvU6qgP4gS7y1zQPYMd5pVnbrVKTAPja8TbL5aE&code_challenge_method=S256&nonce=e1ddb877-98dd-4f86-98df-5390b3a03969&state=eyJpZCI6IjRmNjA3YzIyLWFmMjQtNDBhNi1iZmM4LWU5NDgwODExNzQxMyIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.132.166.228 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1be19659601ad05420b1d5023ac8bd8f4f2701ceff334ce3bf44a03a05cb505f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://capitaoneactprod.b2clogin.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 18:14:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
content-md5
vZUj21WuPZ8uY5TrfRx7lw==
content-length
1788
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 13 Jun 2024 06:35:29 GMT
vary
Origin
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
https://capitaoneactprod.b2clogin.com
x-ms-request-id
04e54d1f-301e-0001-0987-dfff4b000000
access-control-expose-headers
Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
access-control-allow-credentials
true
x-ms-version
2018-03-28
accept-ranges
bytes
bootstrap.min.css
ajax.aspnetcdn.com/ajax/bootstrap/3.3.5/css/ 		120 KB
120 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/bootstrap/3.3.5/css/bootstrap.min.css
Requested by
Host: capitaoneactprod.b2clogin.com
URL: https://capitaoneactprod.b2clogin.com/static/bundles/jquery-bundle-1.10.2.min.js?slice=001-000&dc=AM3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhc/7940) /
Resource Hash
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://capitaoneactprod.b2clogin.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 18:14:01 GMT
x-content-type-options
nosniff
last-modified
Mon, 31 Oct 2016 23:10:15 GMT
server
ECAcc (lhc/7940)
age
10757684
etag
"cab57ff0cb33d21:0"
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
122540
x-xss-protection
1; mode=block
assets.css
act.capitaone.cloud/signintemplate/template/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://act.capitaone.cloud/signintemplate/template/css/assets.css
Requested by
Host: capitaoneactprod.b2clogin.com
URL: https://capitaoneactprod.b2clogin.com/static/bundles/jquery-bundle-1.10.2.min.js?slice=001-000&dc=AM3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.132.166.228 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
79091c4a78cac0e5d7b8f401ff725276b3fedb356c908c69cfdabd7e403bda3c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://capitaoneactprod.b2clogin.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 18:14:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
last-modified
Thu, 13 Jun 2024 06:35:29 GMT
referrer-policy
strict-origin-when-cross-origin
content-md5
9YSZ4UXqoHu6NSr8/9pGTw==
vary
Origin
x-frame-options
SAMEORIGIN
content-type
text/css
x-ms-request-id
04e54d34-301e-0001-1987-dfff4b000000
x-ms-version
2018-03-28
accept-ranges
bytes
content-length
2637
x-xss-protection
1; mode=block
common.css
act.capitaone.cloud/signintemplate/template/css/ 		13 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://act.capitaone.cloud/signintemplate/template/css/common.css
Requested by
Host: capitaoneactprod.b2clogin.com
URL: https://capitaoneactprod.b2clogin.com/static/bundles/jquery-bundle-1.10.2.min.js?slice=001-000&dc=AM3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.132.166.228 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0c61ad565785cd3385c08f322f8742fec8ac0e0a152ad6e497c94a4b05de4db7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://capitaoneactprod.b2clogin.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 18:14:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
last-modified
Thu, 13 Jun 2024 06:35:29 GMT
referrer-policy
strict-origin-when-cross-origin
content-md5
jTc9hLAOP1akKT8ED6M1hQ==
vary
Origin
x-frame-options
SAMEORIGIN
content-type
text/css
x-ms-request-id
52a52da0-d01e-0000-6387-dffeb6000000
x-ms-version
2018-03-28
accept-ranges
bytes
content-length
13260
x-xss-protection
1; mode=block
unified.css
act.capitaone.cloud/signintemplate/template/css/ 		9 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://act.capitaone.cloud/signintemplate/template/css/unified.css
Requested by
Host: capitaoneactprod.b2clogin.com
URL: https://capitaoneactprod.b2clogin.com/static/bundles/jquery-bundle-1.10.2.min.js?slice=001-000&dc=AM3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.132.166.228 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9e004fd2fc2b601f784bc20327503371d1244373b7b655f33cd5f14ebaa18c1b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://capitaoneactprod.b2clogin.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 18:14:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
last-modified
Thu, 13 Jun 2024 06:35:29 GMT
referrer-policy
strict-origin-when-cross-origin
content-md5
qiGBFyeKNVsOqTFVjQ0saQ==
vary
Origin
x-frame-options
SAMEORIGIN
content-type
text/css
x-ms-request-id
c1e7350d-c01e-005b-3387-dff9ca000000
x-ms-version
2018-03-28
accept-ranges
bytes
content-length
9517
x-xss-protection
1; mode=block
illustration
secure.aadcdn.microsoftonline-p.com/c1c6b6c8-42h0aq3nim-wzt1wg4pt2o0excytep4wxmouktjur4s/logintenantbranding/0/ 		158 KB
159 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.aadcdn.microsoftonline-p.com/c1c6b6c8-42h0aq3nim-wzt1wg4pt2o0excytep4wxmouktjur4s/logintenantbranding/0/illustration?ts=637296257136128627
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2d85d286453fbc58b41d93a583ac23ad17fca9475976d4019495d27e155deb0a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://capitaoneactprod.b2clogin.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 26 Jul 2024 18:14:01 GMT
x-content-type-options
nosniff
x-cache
TCP_HIT
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
50755578
content-length
162061
x-ms-lease-status
unlocked
last-modified
Tue, 09 Feb 2021 14:32:06 GMT
etag
0x8D8CD0779887C95
x-azure-ref
20240726T181401Z-154b59dbc6drhjwtsft761mce8000000009g00000001mmyb
content-type
image/*
access-control-allow-origin
*
x-ms-request-id
c4aab9fe-a01e-0063-1b1a-dfc657000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
bannerlogo
secure.aadcdn.microsoftonline-p.com/c1c6b6c8-42h0aq3nim-wzt1wg4pt2o0excytep4wxmouktjur4s/logintenantbranding/0/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.aadcdn.microsoftonline-p.com/c1c6b6c8-42h0aq3nim-wzt1wg4pt2o0excytep4wxmouktjur4s/logintenantbranding/0/bannerlogo?ts=637292874063357363
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1f04e09fbb1483171c866a575de988b4aefe5c5150fb9219367d4e11c42cc837
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://capitaoneactprod.b2clogin.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 26 Jul 2024 18:14:01 GMT
x-content-type-options
nosniff
x-cache
TCP_HIT
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
50755578
content-length
8529
x-ms-lease-status
unlocked
last-modified
Thu, 02 Jul 2020 11:50:06 GMT
etag
0x8D81E7E108FF378
x-azure-ref
20240726T181401Z-154b59dbc6drhjwtsft761mce8000000009g00000001mmyc
content-type
image/*
access-control-allow-origin
*
x-ms-request-id
5f6e9fcf-701e-0070-5279-dfe25b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
4-2.png
act.capitaone.cloud/signintemplate/assets/backgrounds/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://act.capitaone.cloud/signintemplate/assets/backgrounds/4-2.png
Requested by
Host: act.capitaone.cloud
URL: https://act.capitaone.cloud/signintemplate/template/css/assets.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.132.166.228 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
de713f102b050c4c0df095d52848b002f2db03948e7969a47d2e0ac00f451502
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://act.capitaone.cloud/signintemplate/template/css/assets.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 18:14:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
last-modified
Thu, 13 Jun 2024 06:35:28 GMT
referrer-policy
strict-origin-when-cross-origin
content-md5
4o2DzsJUOxWv0CvLtWUA8w==
vary
Origin
x-frame-options
SAMEORIGIN
content-type
image/png
x-ms-request-id
c1e73515-c01e-005b-3a87-dff9ca000000
x-ms-version
2018-03-28
accept-ranges
bytes
content-length
48177
x-xss-protection
1; mode=block
segoeui.WOFF
act.capitaone.cloud/signintemplate/assets/fonts/ 		399 KB
400 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://act.capitaone.cloud/signintemplate/assets/fonts/segoeui.WOFF
Requested by
Host: act.capitaone.cloud
URL: https://act.capitaone.cloud/signintemplate/template/css/assets.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.132.166.228 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b6042231476473cd446768f85add8d8d63162d88cd5113a7d6c2398a0406320c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://act.capitaone.cloud/signintemplate/template/css/assets.css
Origin
https://capitaoneactprod.b2clogin.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 18:14:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
content-md5
HbyWgq+Vqq7HJ2QtBhNyRw==
content-length
408688
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 13 Jun 2024 06:35:29 GMT
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
access-control-allow-origin
https://capitaoneactprod.b2clogin.com
x-ms-request-id
c1e7351f-c01e-005b-4387-dff9ca000000
access-control-expose-headers
Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
access-control-allow-credentials
true
x-ms-version
2018-03-28
accept-ranges
bytes
segoeui_bold.WOFF
act.capitaone.cloud/signintemplate/assets/fonts/ 		389 KB
390 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://act.capitaone.cloud/signintemplate/assets/fonts/segoeui_bold.WOFF
Requested by
Host: act.capitaone.cloud
URL: https://act.capitaone.cloud/signintemplate/template/css/assets.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.132.166.228 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
01fd91e1d22f75cf9af8f478b0edb0f78d52c9069e9d7e6b566b4d44d76f86ba
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://act.capitaone.cloud/signintemplate/template/css/assets.css
Origin
https://capitaoneactprod.b2clogin.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 18:14:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
content-md5
SFbQV1P1F4OILTQuZN4mvw==
content-length
398176
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 13 Jun 2024 06:35:29 GMT
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
access-control-allow-origin
https://capitaoneactprod.b2clogin.com
x-ms-request-id
52a52da7-d01e-0000-6a87-dffeb6000000
access-control-expose-headers
Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
access-control-allow-credentials
true
x-ms-version
2018-03-28
accept-ranges
bytes

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| CP object| SA_FIELDS object| CONTENT object| SETTINGS string| staticHost string| targetSlice string| targetDc number| initializationTimeout boolean| diagsAlways number| maxTrace function| $trace object| $diags object| $santizer function| sanitizeHtml object| $cors boolean| pageReady object| $i2e object| $element object| Handlebars boolean| contentReady boolean| bodyReady

3 Cookies

Domain/Path Name / Value
.capitaoneactprod.b2clogin.com/ Name: x-ms-cpim-csrf
Value: YkNXV2lFOWVyTXdZRkY2VmZORVhpa2NKSWNrRGZmeWFwcTFPVTgvVnVDa3NFNXgvZEpjL3RFb3ltMzEweU5tNytwZkNUZjVVdmRUUWdqNWtmeGpFbUE9PTsyMDI0LTA3LTI2VDE4OjE0OjAxLjAyNDkzMzFaO2ROQVlWdGNsSzNnUWJmR0IrMGFRZGc9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjoxfQ==
.capitaoneactprod.b2clogin.com/ Name: x-ms-cpim-cache|sqmh8fxmrkmluqoe_xne-w_0
Value: m1.5A6KBA+d7Yswd+cN.KqiXhKO+Ad+uPrbnOc0l1w==.0.ZWgNE/A6Hqz9DvluwJfLSz+GzyTu8EiAKOyiEGIdkI+6kr6CssBIfXhpGoZr4UegW+bcoLIZSwYanMdb5Yq4k2SlmCAD2Mi7OPuNYm7L75W1etE881f3uibWagREhXd9NeuKG1KViizgl6HJjqiRqtjtlC5WstbfHK60iBE0hMF2P53N8mXudPz4nQfcKlYsaAvv/LuG/kz8/VCa96OIn1/1zJ9CpbLDROjm5JR6BRyxaRWvYJa7WEnXQuuA4RzIes9KoI1mgP+Msea46RfkOWrgOECd8KvLD1WU5O2xmu7o1dfNIqbn9NvB/zdFAcwZO5lRQpZpY5ly5WNDp87XMH5VQrBJr641Zs5TcNaR+sAjwrLUwuq9dfbyNbRq7UwaZqtwEFyMxsovfMG4JQ186vI3OI6Cm4o14VTCi9IpkcqJhQCutpWtXVeycAralpq+UgQG5OMzTxd1ir6iuPeVuXL377BdOMQkLLU1I4+e+Ocl3IDNqb7wy1StzwRVZulb9n4MNWaXkbtbagRKSjKR4In9a7Rw2CCwwOMbPDVL+kUD4bGEXNCqvPPWTtm59+gA/YcZdVVRIC/pKlC+NHlP+/M8VtfpDLMbU+jErNySlmjyKwv8ZUrZstHE+dJxEMZXXcC9RERM+m2T9e5PzGd4NTm/ihhc79jWLXNt3kD2XBR8KkLz4fYUWEuIzfMMglEeqm5bVxMLZFS8ZBw14v+/wpr73nUSoJXoE7Q6Qp2FpXn4ani206Eh0TwOKmM+AT2SBa6+f41FyHMzskoEzBxvJckpUuI5REOhgXnVgYwwfJy8UwZpGXHVl5CC9D36Q4wPerOKnUoxyg7kjkz6nzDMM52UVpUqucMcKlnbOV6aQpuUqa1QuUtBgtDy9ejFOicROVWqVv83hafcXOX69LRs0lYBvyZPIRIMlsGpbNPAbc1LJRfT2gDcok781bDNeuSNdGRf4fE+zq5NoQafh14SZxbPOhNTT1Vu9z3CPYKcgjWL5NZsRrJ+Sh9p9Cfjq81hVGeZZjzZIDsnFzUn5ZCAHPNv4HqSliIsyGTU
.capitaoneactprod.b2clogin.com/ Name: x-ms-cpim-trans
Value: eyJUX0RJQyI6W3siSSI6ImYxMDcwM2IxLWNjZjUtNDlhZS04YmI5LTAzOWVmZjEzNWVmYiIsIlQiOiJjYXBpdGFvbmVhY3Rwcm9kLm9ubWljcm9zb2Z0LmNvbSIsIlAiOiJiMmNfMWFfbWZhX3Bob25lX29yX2VtYWlsIiwiQyI6Ijg1Y2FiZWIyLTI2NmYtNGEzZi04MTczLTVmYTlhODgzYWIzOSIsIlMiOjEsIk0iOnt9LCJEIjowLCJFIjoiIn1dLCJDX0lEIjoiZjEwNzAzYjEtY2NmNS00OWFlLThiYjktMDM5ZWZmMTM1ZWZiIn0=

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://capitaoneactprod.b2clogin.com/capitaoneactprod.onmicrosoft.com/b2c_1a_mfa_phone_or_email/oauth2/v2.0/authorize?client_id=85cabeb2-266f-4a3f-8173-5fa9a883ab39&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fexports.education.capitaone.cloud%2F&client-request-id=1ce26de4-acb6-4a3b-bb38-36267e57ce18&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=3.2.0&client_info=1&code_challenge=1GTfzvU6qgP4gS7y1zQPYMd5pVnbrVKTAPja8TbL5aE&code_challenge_method=S256&nonce=e1ddb877-98dd-4f86-98df-5390b3a03969&state=eyJpZCI6IjRmNjA3YzIyLWFmMjQtNDBhNi1iZmM4LWU5NDgwODExNzQxMyIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

act.capitaone.cloud
ajax.aspnetcdn.com
capitaoneactprod.b2clogin.com
exports.education.capitaone.cloud
secure.aadcdn.microsoftonline-p.com
152.199.19.160
2603:1026:3000:150::5
2603:1027:1:158::a
2620:1ec:bdf::45
51.132.166.228
01fd91e1d22f75cf9af8f478b0edb0f78d52c9069e9d7e6b566b4d44d76f86ba
0c61ad565785cd3385c08f322f8742fec8ac0e0a152ad6e497c94a4b05de4db7
1be19659601ad05420b1d5023ac8bd8f4f2701ceff334ce3bf44a03a05cb505f
1f04e09fbb1483171c866a575de988b4aefe5c5150fb9219367d4e11c42cc837
2d85d286453fbc58b41d93a583ac23ad17fca9475976d4019495d27e155deb0a
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
461f45e4e1c75e71260b9b6c4f0244f4dfeeed87acefaf8cb9fbbf5c4151a886
50e521e73c5bb5bb301c34c2e34bdf1454aeeceec21eb8cfe4ec0059174c5533
5931067ec7d5eb0a7fcd38b7acaaaf76c73105b1d5a77b2a1412b40896e70752
5e437edc46c1a108bedffd12747ae1aa3a4503278a1818776a8c8c22e9573227
79091c4a78cac0e5d7b8f401ff725276b3fedb356c908c69cfdabd7e403bda3c
7f4130f37317c2b8e767a586955fe9a6e1535c2a562c4d79d34e44bcaca8d966
9e004fd2fc2b601f784bc20327503371d1244373b7b655f33cd5f14ebaa18c1b
a035f5bc873960a65bcb6493b4d18782247a5a5d8cad443d297c853b09ea7bb4
a39d6eeec46d9238966ca17e7a05da74c407159afce731b9573fb9a122627752
b6042231476473cd446768f85add8d8d63162d88cd5113a7d6c2398a0406320c
de713f102b050c4c0df095d52848b002f2db03948e7969a47d2e0ac00f451502
f1da7e651124f9563ce32e54cc85faf1fe792681f5b87463e970bbb5352b3255
f73268ac8b3f4d4ef825ba4f626de3bcd66b4b0cd06856058fd4d17e853e3324
fc6cb629a5d346b3feff586fe335df4a5fa85bbc9a979bf934458753a57f4361