romulobrasil.com Open in urlscan Pro
158.69.242.25 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/CapitaOne_EmailVerificatio...
Submission: On January 28 via automatic, source openphish (January 28th 2018, 12:16:49 pm UTC)

Summary HTTP 25 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 25 HTTP transactions. The main IP is 158.69.242.25, located in Montréal, Canada and belongs to OVH, FR. The main domain is romulobrasil.com.

This is the only time romulobrasil.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: CapitalOne (Financial)

Domain & IP information

	IP Address	AS Autonomous System
17	158.69.242.25 158.69.242.25	16276 (OVH) (OVH)
4	104.108.55.84 104.108.55.84	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
3	104.108.33.133 104.108.33.133	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
25	4

17 158.69.242.25 (Montréal, Canada)

ASN16276 (OVH, FR)
PTR: jaguar.br-rgt.net

romulobrasil.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.108.55.84 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-55-84.deploy.static.akamaitechnologies.com

verified.capitalone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.108.33.133 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-33-133.deploy.static.akamaitechnologies.com

ecm.capitalone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	romulobrasil.com romulobrasil.com	52 KB
7	capitalone.com verified.capitalone.com ecm.capitalone.com	235 KB
0	Failed function sub() { [native code] }. Failed
25	3

	Domain	Requested by
17	romulobrasil.com	romulobrasil.com
4	verified.capitalone.com	romulobrasil.com
3	ecm.capitalone.com	romulobrasil.com
0	fhhdlnnepfjhlhilgmeepgkhjmhhhjkh Failed	romulobrasil.com
25	4

This site contains links to these domains. Also see Links.

Domain
www.capitalone.com
www.capitalone.ca
fr.capitalone.ca
www.capitaloneinvesting.com
www.capitalone.co.uk
phx.corporate-ir.net
press.capitalone.com

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/CapitaOne_EmailVerification.html?415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb
Frame ID: (F78D154BA126A58B9D8243E9F708FF25)
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Twitter Bootstrap () Expand

Overall confidence: 100%
Detected patterns

script /(?:twitter\.github\.com\/bootstrap|bootstrap(?:\.js|\.min\.js))/i

Page Statistics

25
Requests

0 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

287 kB
Transfer

359 kB
Size

0
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://www.capitalone.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.capitalone.ca/?LANG=FRE
Title:

Search URL Search Domain Scan URL

URL: https://fr.capitalone.ca/?LANG=FRE
Title:

Search URL Search Domain Scan URL

URL: http://www.capitalone.com/credit-cards/
Title: Personal Credit Cards

Search URL Search Domain Scan URL

URL: http://www.capitalone.com/credit-cards/business/
Title: Business Credit Cards

Search URL Search Domain Scan URL

URL: http://www.capitalone.com/bank/
Title: Personal Banking

Search URL Search Domain Scan URL

URL: http://www.capitalone.com/small-business-bank/
Title: Small Business Banking

Search URL Search Domain Scan URL

URL: http://www.capitalone.com/commercial/
Title: Commercial Banking

Search URL Search Domain Scan URL

URL: http://www.capitalone.com/home-loans/
Title: Home Loans

Search URL Search Domain Scan URL

URL: http://www.capitalone.com/home-equity/
Title: Home Equity Lines

Search URL Search Domain Scan URL

URL: http://www.capitalone.com/auto-financing/
Title: Auto Loans

Search URL Search Domain Scan URL

URL: https://www.capitaloneinvesting.com/main/why-choose-us.aspx
Title: Investing

Search URL Search Domain Scan URL

URL: http://www.capitalone.ca/
Title: Canada

Search URL Search Domain Scan URL

URL: http://www.capitalone.co.uk/
Title: UK

Search URL Search Domain Scan URL

URL: http://www.capitalone.com/about/
Title: About Capital One

Search URL Search Domain Scan URL

URL: http://phx.corporate-ir.net/phoenix.zhtml?c=70667&p=irol-irhome
Title: Investors

Search URL Search Domain Scan URL

URL: http://press.capitalone.com/phoenix.zhtml?c=251626&p=irol-overview
Title: Press

Search URL Search Domain Scan URL

URL: http://www.capitalone.com/investingforgood/
Title: Investing for Good

Search URL Search Domain Scan URL

URL: http://www.capitalone.com/financial-education/
Title: Financial Education

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request CapitaOne_EmailVerification.html Show response
romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/ 28 KB
29 KB 192ms
98ms Document
text/html 158.69.242.25
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/CapitaOne_EmailVerification.html?415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb

Protocol

HTTP/1.1

Server

158.69.242.25 Montréal, Canada, ASN16276 (OVH, FR),

Reverse DNS

jaguar.br-rgt.net

Software

Apache /

Resource Hash

c8b814e68d82c8407bfa135c9c56cd383fe1bb97962cb48ebd2fcbd3769271fa

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Connection: keep-alive
Accept-Encoding: gzip, deflate
Host: romulobrasil.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Sun, 28 Jan 2018 12:16:35 GMT
Content-Encoding: gzip
Last-Modified: Mon, 22 Jan 2018 00:25:04 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: max-age=172800
Connection: keep-alive, close
Accept-Ranges: bytes
Content-Length: 5283
X-XSS-Protection: 1; mode=block
Expires: Tue, 30 Jan 2018 12:16:35 GMT

GET
H/1.1 404
Not Found e99d6525c01920133efeb77c8eafccb1.js
romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/js/ 0
0 805ms
712ms Script
text/html 158.69.242.25
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/js/e99d6525c01920133efeb77c8eafccb1.js?conditionId0=409901

Requested by

Host: romulobrasil.com
URL: http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/CapitaOne_EmailVerification.html?415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb

Protocol

HTTP/1.1

Server

158.69.242.25 Montréal, Canada, ASN16276 (OVH, FR),

Reverse DNS

jaguar.br-rgt.net

Software

Apache / PHP/5.6.27

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: romulobrasil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/CapitaOne_EmailVerification.html?415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb
Connection: keep-alive
Cache-Control: no-cache
Referer: http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/CapitaOne_EmailVerification.html?415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Sun, 28 Jan 2018 12:16:35 GMT
Server: Apache
X-Powered-By: PHP/5.6.27
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: keep-alive, close
Link: <https://romulobrasil.com/wp-json/>; rel="https://api.w.org/"
X-XSS-Protection: 1; mode=block
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 404
Not Found a06c0bdcab1ab33b5a41993d36294be2.js
romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/js/ 0
0 959ms
865ms Script
text/html 158.69.242.25
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/js/a06c0bdcab1ab33b5a41993d36294be2.js?conditionId0=467588

Requested by

Protocol

HTTP/1.1

Server

158.69.242.25 Montréal, Canada, ASN16276 (OVH, FR),

Reverse DNS

jaguar.br-rgt.net

Software

Apache / PHP/5.6.27

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: romulobrasil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/CapitaOne_EmailVerification.html?415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb
Connection: keep-alive
Cache-Control: no-cache
Referer: http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/CapitaOne_EmailVerification.html?415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Sun, 28 Jan 2018 12:16:35 GMT
Server: Apache
X-Powered-By: PHP/5.6.27
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: keep-alive, close
Link: <https://romulobrasil.com/wp-json/>; rel="https://api.w.org/"
X-XSS-Protection: 1; mode=block
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 404
Not Found bdca2625d2cb4784186707831ff7c3fe.js
romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/js/ 0
0 774ms
679ms Script
text/html 158.69.242.25
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/js/bdca2625d2cb4784186707831ff7c3fe.js?conditionId0=421879

Requested by

Protocol

HTTP/1.1

Server

158.69.242.25 Montréal, Canada, ASN16276 (OVH, FR),

Reverse DNS

jaguar.br-rgt.net

Software

Apache / PHP/5.6.27

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: romulobrasil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/CapitaOne_EmailVerification.html?415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb
Connection: keep-alive
Cache-Control: no-cache
Referer: http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/CapitaOne_EmailVerification.html?415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Sun, 28 Jan 2018 12:16:36 GMT
Server: Apache
X-Powered-By: PHP/5.6.27
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: keep-alive, close
Link: <https://romulobrasil.com/wp-json/>; rel="https://api.w.org/"
X-XSS-Protection: 1; mode=block
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 404
Not Found serverComponent.php
romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/ 0
0 843ms
748ms Script
text/html 158.69.242.25
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/serverComponent.php?r=24.686643308339583&ClientID=581&PageID=https%3A%2F%2Fverified.capitalone.com%2Fenroll%2F%23%2Fpii%3ForiginatorId%3DSIC

Requested by

Protocol

HTTP/1.1

Server

158.69.242.25 Montréal, Canada, ASN16276 (OVH, FR),

Reverse DNS

jaguar.br-rgt.net

Software

Apache / PHP/5.6.27

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: romulobrasil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/CapitaOne_EmailVerification.html?415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb
Connection: keep-alive
Cache-Control: no-cache
Referer: http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/CapitaOne_EmailVerification.html?415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Sun, 28 Jan 2018 12:16:35 GMT
Server: Apache
X-Powered-By: PHP/5.6.27
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: keep-alive, close
Link: <https://romulobrasil.com/wp-json/>; rel="https://api.w.org/"
X-XSS-Protection: 1; mode=block
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 404
Not Found 247px.js
romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/js/ 0
0 705ms
612ms Script
text/html 158.69.242.25
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/js/247px.js

Requested by

Protocol

HTTP/1.1

Server

158.69.242.25 Montréal, Canada, ASN16276 (OVH, FR),

Reverse DNS

jaguar.br-rgt.net

Software

Apache / PHP/5.6.27

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: romulobrasil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/CapitaOne_EmailVerification.html?415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb
Connection: keep-alive
Cache-Control: no-cache
Referer: http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/CapitaOne_EmailVerification.html?415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Sun, 28 Jan 2018 12:16:37 GMT
Server: Apache
X-Powered-By: PHP/5.6.27
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: keep-alive, close
Link: <https://romulobrasil.com/wp-json/>; rel="https://api.w.org/"
X-XSS-Protection: 1; mode=block
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK app.min.css
verified.capitalone.com/enroll/ 95 KB
18 KB 49ms
9ms Stylesheet
text/css 104.108.55.84
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://verified.capitalone.com/enroll/app.min.css

Requested by

Protocol

HTTP/1.1

Server

104.108.55.84 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-108-55-84.deploy.static.akamaitechnologies.com

Software

Resource Hash

58376c7ce96f342ec113397c0643c84c722882cb2ab388018827175c75905c96

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/CapitaOne_EmailVerification.html?415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Jan 2018 12:16:35 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Dec 2017 19:21:35 GMT
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: private, no-cache, no-store, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18471
Expires: Sun, 28 Jan 2018 12:16:35 GMT

GET
H/1.1 404
Not Found Bootstrap.js
romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/js/ 0
0 790ms
695ms Script
text/html 158.69.242.25
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/js/Bootstrap.js

Requested by

Protocol

HTTP/1.1

Server

158.69.242.25 Montréal, Canada, ASN16276 (OVH, FR),

Reverse DNS

jaguar.br-rgt.net

Software

Apache / PHP/5.6.27

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: romulobrasil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/CapitaOne_EmailVerification.html?415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb
Connection: keep-alive
Cache-Control: no-cache
Referer: http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/CapitaOne_EmailVerification.html?415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Sun, 28 Jan 2018 12:16:35 GMT
Server: Apache
X-Powered-By: PHP/5.6.27
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: keep-alive, close
Link: <https://romulobrasil.com/wp-json/>; rel="https://api.w.org/"
X-XSS-Protection: 1; mode=block
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 404
Not Found browserFingerPrintv1.min.js
romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/js/ 0
0 760ms
665ms Script
text/html 158.69.242.25
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/js/browserFingerPrintv1.min.js

Requested by

Protocol

HTTP/1.1

Server

158.69.242.25 Montréal, Canada, ASN16276 (OVH, FR),

Reverse DNS

jaguar.br-rgt.net

Software

Apache / PHP/5.6.27

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: romulobrasil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/CapitaOne_EmailVerification.html?415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb
Connection: keep-alive
Cache-Control: no-cache
Referer: http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/CapitaOne_EmailVerification.html?415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Sun, 28 Jan 2018 12:16:35 GMT
Server: Apache
X-Powered-By: PHP/5.6.27
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: keep-alive, close
Link: <https://romulobrasil.com/wp-json/>; rel="https://api.w.org/"
X-XSS-Protection: 1; mode=block
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET detector.js
fhhdlnnepfjhlhilgmeepgkhjmhhhjkh/js/ 0
0

GET
H/1.1 200
OK capitalone-logo.png
romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/images/ 7 KB
7 KB 195ms
99ms Image
image/png 158.69.242.25
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/images/capitalone-logo.png

Requested by

Protocol

HTTP/1.1

Server

158.69.242.25 Montréal, Canada, ASN16276 (OVH, FR),

Reverse DNS

jaguar.br-rgt.net

Software

Apache /

Resource Hash

da7c29ad433fe646e6d22a47b186fe112a7eb9b9200cd26ea917e0a6c05c1c4e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: romulobrasil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/CapitaOne_EmailVerification.html?415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb
Connection: keep-alive
Cache-Control: no-cache
Referer: http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/CapitaOne_EmailVerification.html?415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Sun, 28 Jan 2018 12:16:38 GMT
Last-Modified: Sun, 07 Jan 2018 21:36:04 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive, close
Accept-Ranges: bytes
Content-Length: 7132
X-XSS-Protection: 1; mode=block
Expires: Sun, 04 Feb 2018 12:16:38 GMT

GET
H/1.1 200
OK sign-in-icon.png
verified.capitalone.com/enroll/assets/images/ 2 KB
2 KB 9ms
8ms Image
image/png 104.108.55.84
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://verified.capitalone.com/enroll/assets/images/sign-in-icon.png

Requested by

Protocol

HTTP/1.1

Server

104.108.55.84 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-108-55-84.deploy.static.akamaitechnologies.com

Software

Resource Hash

75d6c8c79955589bfa57d8b938d69846a6511218c1a9ba22aff5c9c5827fae55

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/CapitaOne_EmailVerification.html?415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Jan 2018 12:16:38 GMT
Last-Modified: Wed, 06 Dec 2017 19:21:35 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: private, no-cache, no-store, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2076
Expires: Sun, 28 Jan 2018 12:16:38 GMT

GET
H/1.1 200
OK safe-secure-logo-fr.png
romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/images/ 3 KB
3 KB 203ms
98ms Image
image/png 158.69.242.25
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/images/safe-secure-logo-fr.png

Requested by

Protocol

HTTP/1.1

Server

158.69.242.25 Montréal, Canada, ASN16276 (OVH, FR),

Reverse DNS

jaguar.br-rgt.net

Software

Apache /

Resource Hash

76721a90fd3d31ce7d9283a17ee2511e390f3139aac954bc3fe7ed5a51a45f23

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: romulobrasil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/CapitaOne_EmailVerification.html?415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb
Connection: keep-alive
Cache-Control: no-cache
Referer: http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/CapitaOne_EmailVerification.html?415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Sun, 28 Jan 2018 12:16:38 GMT
Last-Modified: Sun, 07 Jan 2018 22:13:58 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive, close
Accept-Ranges: bytes
Content-Length: 3215
X-XSS-Protection: 1; mode=block
Expires: Sun, 04 Feb 2018 12:16:38 GMT

GET
H/1.1 200
OK norton.svg
romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/images/ 10 KB
10 KB 193ms
98ms Image
image/svg+xml 158.69.242.25
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/images/norton.svg

Requested by

Protocol

HTTP/1.1

Server

158.69.242.25 Montréal, Canada, ASN16276 (OVH, FR),

Reverse DNS

jaguar.br-rgt.net

Software

Apache /

Resource Hash

d3802a3bdd41144625cf4014427938c6a913755b11bc325f6b599c5cc5a9cc3c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: romulobrasil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/CapitaOne_EmailVerification.html?415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb
Connection: keep-alive
Cache-Control: no-cache
Referer: http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/CapitaOne_EmailVerification.html?415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Sun, 28 Jan 2018 12:16:38 GMT
Last-Modified: Sun, 07 Jan 2018 22:27:50 GMT
Server: Apache
Content-Type: image/svg+xml
Cache-Control: max-age=31536000
Connection: keep-alive, close
Accept-Ranges: bytes
Content-Length: 9971
X-XSS-Protection: 1; mode=block
Expires: Mon, 28 Jan 2019 12:16:38 GMT

GET
H/1.1 200
OK safe-secure-logo-en.png
romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/images/ 3 KB
3 KB 206ms
96ms Image
image/png 158.69.242.25
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/images/safe-secure-logo-en.png

Requested by

Protocol

HTTP/1.1

Server

158.69.242.25 Montréal, Canada, ASN16276 (OVH, FR),

Reverse DNS

jaguar.br-rgt.net

Software

Apache /

Resource Hash

b6a63ebea2273a55d2c41d04413b9ccbd8a4cf62fdc3b2b34da319d77645792a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: romulobrasil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/CapitaOne_EmailVerification.html?415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb
Connection: keep-alive
Cache-Control: no-cache
Referer: http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/CapitaOne_EmailVerification.html?415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Sun, 28 Jan 2018 12:16:38 GMT
Last-Modified: Sun, 07 Jan 2018 22:14:12 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive, close
Accept-Ranges: bytes
Content-Length: 2611
X-XSS-Protection: 1; mode=block
Expires: Sun, 04 Feb 2018 12:16:38 GMT

GET
H/1.1 404
Not Found all.min.js
romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/js/ 0
0 615ms
521ms Script
text/html 158.69.242.25
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/js/all.min.js

Requested by

Protocol

HTTP/1.1

Server

158.69.242.25 Montréal, Canada, ASN16276 (OVH, FR),

Reverse DNS

jaguar.br-rgt.net

Software

Apache / PHP/5.6.27

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: romulobrasil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/CapitaOne_EmailVerification.html?415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb
Connection: keep-alive
Cache-Control: no-cache
Referer: http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/CapitaOne_EmailVerification.html?415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Sun, 28 Jan 2018 12:16:36 GMT
Server: Apache
X-Powered-By: PHP/5.6.27
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: keep-alive, close
Link: <https://romulobrasil.com/wp-json/>; rel="https://api.w.org/"
X-XSS-Protection: 1; mode=block
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 404
Not Found serverComponent.php
romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/ 0
0 1050ms
955ms Script
text/html 158.69.242.25
OVH

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Server

158.69.242.25 Montréal, Canada, ASN16276 (OVH, FR),

Reverse DNS

jaguar.br-rgt.net

Software

Apache / PHP/5.6.27

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: romulobrasil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/CapitaOne_EmailVerification.html?415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb
Connection: keep-alive
Cache-Control: no-cache
Referer: http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/CapitaOne_EmailVerification.html?415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Sun, 28 Jan 2018 12:16:36 GMT
Server: Apache
X-Powered-By: PHP/5.6.27
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: keep-alive, close
Link: <https://romulobrasil.com/wp-json/>; rel="https://api.w.org/"
X-XSS-Protection: 1; mode=block
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 404
Not Found Bootstrap.js
romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/js/ 0
0 694ms
598ms Script
text/html 158.69.242.25
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/js/Bootstrap.js

Requested by

Protocol

HTTP/1.1

Server

158.69.242.25 Montréal, Canada, ASN16276 (OVH, FR),

Reverse DNS

jaguar.br-rgt.net

Software

Apache / PHP/5.6.27

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: romulobrasil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/CapitaOne_EmailVerification.html?415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb
Connection: keep-alive
Cache-Control: no-cache
Referer: http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/CapitaOne_EmailVerification.html?415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Sun, 28 Jan 2018 12:16:37 GMT
Server: Apache
X-Powered-By: PHP/5.6.27
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: keep-alive, close
Link: <https://romulobrasil.com/wp-json/>; rel="https://api.w.org/"
X-XSS-Protection: 1; mode=block
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 404
Not Found browserFingerPrintv1.min.js
romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/js/ 0
0 634ms
539ms Script
text/html 158.69.242.25
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/js/browserFingerPrintv1.min.js

Requested by

Protocol

HTTP/1.1

Server

158.69.242.25 Montréal, Canada, ASN16276 (OVH, FR),

Reverse DNS

jaguar.br-rgt.net

Software

Apache / PHP/5.6.27

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: romulobrasil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/CapitaOne_EmailVerification.html?415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb
Connection: keep-alive
Cache-Control: no-cache
Referer: http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/CapitaOne_EmailVerification.html?415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Sun, 28 Jan 2018 12:16:37 GMT
Server: Apache
X-Powered-By: PHP/5.6.27
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: keep-alive, close
Link: <https://romulobrasil.com/wp-json/>; rel="https://api.w.org/"
X-XSS-Protection: 1; mode=block
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK Optimist_W_Rg.ttf
ecm.capitalone.com/CI_Common/assets/fonts/ 68 KB
68 KB 555ms
417ms Font
application/x-www-form-urlencoded 104.108.33.133
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ecm.capitalone.com/CI_Common/assets/fonts/Optimist_W_Rg.ttf
Requested by: Host: romulobrasil.com
URL: http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/CapitaOne_EmailVerification.html?415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb
Protocol: HTTP/1.1
Server: 104.108.33.133 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-108-33-133.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2e850b88a328009725d365d5db5683fdc1acfa23ca91270d8ee147b8d2886d87

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer: https://verified.capitalone.com/enroll/app.min.css
Origin: http://romulobrasil.com

Response headers

x-amz-server-side-encryption: AES256
Date: Sun, 28 Jan 2018 12:16:39 GMT
Last-Modified: Thu, 21 Sep 2017 22:47:43 GMT
Server: AmazonS3
ETag: "7d9e8b4e7ec26a2b8c3e76f13f0b1828"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 69540
X-Amz-Cf-Id: S6O9bG_EqVqhxJ21LOgd5TK9uRnbEOnWkDrSzhfxRCJeYasSutzf6A==

GET
H/1.1 200
OK Optimist_W_SBd.ttf
ecm.capitalone.com/CI_Common/assets/fonts/ 68 KB
69 KB 560ms
422ms Font
application/x-www-form-urlencoded 104.108.33.133
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ecm.capitalone.com/CI_Common/assets/fonts/Optimist_W_SBd.ttf
Requested by: Host: romulobrasil.com
URL: http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/CapitaOne_EmailVerification.html?415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb
Protocol: HTTP/1.1
Server: 104.108.33.133 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-108-33-133.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 563c31f8f3575c4d9ed82416932f2ee5c1fadee57529d37850748e2dfc171c1e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer: https://verified.capitalone.com/enroll/app.min.css
Origin: http://romulobrasil.com

Response headers

x-amz-server-side-encryption: AES256
Date: Sun, 28 Jan 2018 12:16:39 GMT
Last-Modified: Thu, 21 Sep 2017 22:48:30 GMT
Server: AmazonS3
ETag: "60a00cc0e633eada896cbd2a1c3695a8"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 69564
X-Amz-Cf-Id: D5-sKEqznkFiKsZRdjV7pHT5hdF_K3vDTHiH9RL-fQWxJKXycvMFHg==

GET
H/1.1 200
OK Optimist_W_Lt.ttf
ecm.capitalone.com/CI_Common/assets/fonts/ 68 KB
68 KB 562ms
424ms Font
application/x-www-form-urlencoded 104.108.33.133
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ecm.capitalone.com/CI_Common/assets/fonts/Optimist_W_Lt.ttf
Requested by: Host: romulobrasil.com
URL: http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/CapitaOne_EmailVerification.html?415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb
Protocol: HTTP/1.1
Server: 104.108.33.133 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-108-33-133.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 0ecad1a8a4ae4d7a53af0cbc7d24636558f0638bc3ec3704763b0f7fd19fcee0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer: https://verified.capitalone.com/enroll/app.min.css
Origin: http://romulobrasil.com

Response headers

x-amz-server-side-encryption: AES256
Date: Sun, 28 Jan 2018 12:16:39 GMT
Last-Modified: Thu, 21 Sep 2017 22:47:19 GMT
Server: AmazonS3
ETag: "81bde04369003198e18573f345fd4d46"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 69156
X-Amz-Cf-Id: Guu-lmwvVfZMYsV_GFdldbUUXI7MKOnXfC5lhoK-rHr_c5r7jVCFPA==

GET
H/1.1 404
Not Found all.min.js
romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/js/ 0
0 630ms
553ms Script
text/html 158.69.242.25
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/js/all.min.js

Requested by

Protocol

HTTP/1.1

Server

158.69.242.25 Montréal, Canada, ASN16276 (OVH, FR),

Reverse DNS

jaguar.br-rgt.net

Software

Apache / PHP/5.6.27

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: romulobrasil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/CapitaOne_EmailVerification.html?415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb
Connection: keep-alive
Cache-Control: no-cache
Referer: http://romulobrasil.com/wp-includes/images/wlw/New/Cap-One2018/auth-logon/go-sigon/4-verify/1/CapitaOne_EmailVerification.html?415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb-415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb415724fa96222e804326e74a588a95cb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Sun, 28 Jan 2018 12:16:38 GMT
Server: Apache
X-Powered-By: PHP/5.6.27
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: keep-alive, close
Link: <https://romulobrasil.com/wp-json/>; rel="https://api.w.org/"
X-XSS-Protection: 1; mode=block
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK global-icons.png
verified.capitalone.com/enroll/assets/images/footer/images/icon/ 4 KB
5 KB 9ms
8ms Image
image/png 104.108.55.84
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://verified.capitalone.com/enroll/assets/images/footer/images/icon/global-icons.png

Requested by

Protocol

HTTP/1.1

Server

104.108.55.84 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-108-55-84.deploy.static.akamaitechnologies.com

Software

Resource Hash

3371dade2678e75739cdd73423ae65e841c21ea9c327518a67dc912bf929e1aa

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://verified.capitalone.com/enroll/app.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Jan 2018 12:16:38 GMT
Last-Modified: Wed, 06 Dec 2017 19:21:35 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: private, no-cache, no-store, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4544
Expires: Sun, 28 Jan 2018 12:16:38 GMT

GET
H/1.1 200
OK footer-logos.png
verified.capitalone.com/enroll/assets/images/footer/images/icon/ 4 KB
4 KB 18ms
9ms Image
image/png 104.108.55.84
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://verified.capitalone.com/enroll/assets/images/footer/images/icon/footer-logos.png?v=0.1

Requested by

Protocol

HTTP/1.1

Server

104.108.55.84 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-108-55-84.deploy.static.akamaitechnologies.com

Software

Resource Hash

cde2f2b2e2b9197500a3b40201d6aa373546582e64721cfefdb7cce315ec9421

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://verified.capitalone.com/enroll/app.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Jan 2018 12:16:38 GMT
Last-Modified: Wed, 06 Dec 2017 19:21:35 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: private, no-cache, no-store, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4052
Expires: Sun, 28 Jan 2018 12:16:38 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fhhdlnnepfjhlhilgmeepgkhjmhhhjkh
URL: chrome-extension://fhhdlnnepfjhlhilgmeepgkhjmhhhjkh/js/detector.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: CapitalOne (Financial)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| check

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ecm.capitalone.com
fhhdlnnepfjhlhilgmeepgkhjmhhhjkh
romulobrasil.com
verified.capitalone.com
fhhdlnnepfjhlhilgmeepgkhjmhhhjkh
104.108.33.133
104.108.55.84
158.69.242.25
0ecad1a8a4ae4d7a53af0cbc7d24636558f0638bc3ec3704763b0f7fd19fcee0
2e850b88a328009725d365d5db5683fdc1acfa23ca91270d8ee147b8d2886d87
3371dade2678e75739cdd73423ae65e841c21ea9c327518a67dc912bf929e1aa
563c31f8f3575c4d9ed82416932f2ee5c1fadee57529d37850748e2dfc171c1e
58376c7ce96f342ec113397c0643c84c722882cb2ab388018827175c75905c96
75d6c8c79955589bfa57d8b938d69846a6511218c1a9ba22aff5c9c5827fae55
76721a90fd3d31ce7d9283a17ee2511e390f3139aac954bc3fe7ed5a51a45f23
b6a63ebea2273a55d2c41d04413b9ccbd8a4cf62fdc3b2b34da319d77645792a
c8b814e68d82c8407bfa135c9c56cd383fe1bb97962cb48ebd2fcbd3769271fa
cde2f2b2e2b9197500a3b40201d6aa373546582e64721cfefdb7cce315ec9421
d3802a3bdd41144625cf4014427938c6a913755b11bc325f6b599c5cc5a9cc3c
da7c29ad433fe646e6d22a47b186fe112a7eb9b9200cd26ea917e0a6c05c1c4e

romulobrasil.com Open in urlscan Pro 158.69.242.25 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

25 Requests

0 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

4 IPs

2 Countries

287 kBTransfer

359 kBSize

0 Cookies

19 Outgoing links

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

romulobrasil.com Open in urlscan Pro
158.69.242.25 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

0 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

287 kB
Transfer

359 kB
Size

0
Cookies

25 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!