extfed.axaxl.com Open in urlscan Pro
199.26.159.118 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://extfed.axaxl.com/Home/Login?ReturnUrl=%2fService%2fEdsIdentityService.svc%2fIssue%2f%3fwa%3dwsignin1.0%26wtrealm%...
Submission: On January 27 via manual (January 27th 2023, 2:31:38 pm UTC) from US — Scanned from DE

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 199.26.159.118, located in United States and belongs to XL-CAPITAL, US. The main domain is extfed.axaxl.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on May 27th 2022. Valid for: a year.

This is the only time extfed.axaxl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
4 15	199.26.159.118 199.26.159.118		22848 (XL-CAPITAL) (XL-CAPITAL)
11	1

15 199.26.159.118 (United States) 4 redirects

ASN22848 (XL-CAPITAL, US)

extfed.axaxl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	axaxl.com 4 redirects extfed.axaxl.com	108 KB
11	1

	Domain	Requested by
15	extfed.axaxl.com	4 redirects extfed.axaxl.com
11	1

This site contains no links.

Subject Issuer	Validity	Valid
extfed.xlgroup.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-27` - `2023-05-30`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://extfed.axaxl.com/Home/Login?ReturnUrl=%2fService%2fEdsIdentityService.svc%2fIssue%2f%3fwa%3dwsignin1.0%26wtrealm%3dPortalXL%253aProd%253aAccessXL%26wctx%3drm%253d0%2526id%253dpassive%2526ru%253d%25252f%26wct%3d2023-01-27T14%253a29%253a41Z&wa=wsignin1.0&wtrealm=PortalXL%3aProd%3aAccessXL&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2023-01-27T14%3a29%3a41Z
Frame ID: AA7A76055184B7011C4800B07C079194
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Self Service

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Glyphicons (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:<link[^>]* href=[^>]+glyphicons(?:\.min)?\.css|<img[^>]* src=[^>]+glyphicons)

Page Statistics

11
Requests

64 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

108 kB
Transfer

264 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://extfed.axaxl.com/bundles/jQuery?v=7bvobSRgDOt-CLiOlir9J16F9ivdrBozB86mS8CoBls1 HTTP 302
https://extfed.axaxl.com/Home/Login?ReturnUrl=%2fbundles%2fjQuery%3fv%3d7bvobSRgDOt-CLiOlir9J16F9ivdrBozB86mS8CoBls1&v=7bvobSRgDOt-CLiOlir9J16F9ivdrBozB86mS8CoBls1

Request Chain 2

https://extfed.axaxl.com/bundles/bootstrap?v=8nDE-jgONQ5QrInjDz8k_z2kEwI_KVasPoOasLphiDA1 HTTP 302
https://extfed.axaxl.com/Home/Login?ReturnUrl=%2fbundles%2fbootstrap%3fv%3d8nDE-jgONQ5QrInjDz8k_z2kEwI_KVasPoOasLphiDA1&v=8nDE-jgONQ5QrInjDz8k_z2kEwI_KVasPoOasLphiDA1

Request Chain 4

https://extfed.axaxl.com/bundles/helpers?v=BRDKnAx3lHb7jht_FSY18Q54j3PTOcJlio3bc6_Enj01 HTTP 302
https://extfed.axaxl.com/Home/Login?ReturnUrl=%2fbundles%2fhelpers%3fv%3dBRDKnAx3lHb7jht_FSY18Q54j3PTOcJlio3bc6_Enj01&v=BRDKnAx3lHb7jht_FSY18Q54j3PTOcJlio3bc6_Enj01

Request Chain 7

https://extfed.axaxl.com/bundles/jqueryval?v=HdfVOPstnGacH_nfnIT4VYxYQkUgYn1CIzVv9tMAtmA1 HTTP 302
https://extfed.axaxl.com/Home/Login?ReturnUrl=%2fbundles%2fjqueryval%3fv%3dHdfVOPstnGacH_nfnIT4VYxYQkUgYn1CIzVv9tMAtmA1&v=HdfVOPstnGacH_nfnIT4VYxYQkUgYn1CIzVv9tMAtmA1

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request Login Show response
extfed.axaxl.com/Home/ 8 KB
4 KB 535ms
113ms Document
text/html 199.26.159.118
XL-CAPITAL

General

Check archive.org

Show headers Download Go to

Full URL

https://extfed.axaxl.com/Home/Login?ReturnUrl=%2fService%2fEdsIdentityService.svc%2fIssue%2f%3fwa%3dwsignin1.0%26wtrealm%3dPortalXL%253aProd%253aAccessXL%26wctx%3drm%253d0%2526id%253dpassive%2526ru%253d%25252f%26wct%3d2023-01-27T14%253a29%253a41Z&wa=wsignin1.0&wtrealm=PortalXL%3aProd%3aAccessXL&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2023-01-27T14%3a29%3a41Z

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.26.159.118 , United States, ASN22848 (XL-CAPITAL, US),

Reverse DNS

Software

AXA XL Remote Login Server /

Resource Hash

e96649b9eaacb31adfc3c2e8d59c24ae50d5ab6f94dc55b7729727ffb4ff9da3

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000 max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-encoding: gzip
content-length: 3408
content-type: text/html; charset=utf-8
date: Fri, 27 Jan 2023 14:31:12 GMT
server: AXA XL Remote Login Server
strict-transport-security: max-age=7776000 max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-aspnetmvc-version: 5.2
x-content-type-options: Nosniff
x-frame-options: SAMEORIGIN SAMEORIGIN
x-ua-compatible: IE=Edge
x-wfe: 1
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap
extfed.axaxl.com/Content/ 159 KB
36 KB 226ms
224ms Stylesheet
text/css 199.26.159.118
XL-CAPITAL

General

Check archive.org

Show headers Download Go to

Full URL

https://extfed.axaxl.com/Content/bootstrap?v=1C09nvuKuah7ajJFGURcdvYze9e57LIjJPAnmE5iUEE1

Requested by

Host: extfed.axaxl.com
URL: https://extfed.axaxl.com/Home/Login?ReturnUrl=%2fService%2fEdsIdentityService.svc%2fIssue%2f%3fwa%3dwsignin1.0%26wtrealm%3dPortalXL%253aProd%253aAccessXL%26wctx%3drm%253d0%2526id%253dpassive%2526ru%253d%25252f%26wct%3d2023-01-27T14%253a29%253a41Z&wa=wsignin1.0&wtrealm=PortalXL%3aProd%3aAccessXL&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2023-01-27T14%3a29%3a41Z

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.26.159.118 , United States, ASN22848 (XL-CAPITAL, US),

Reverse DNS

Software

AXA XL Remote Login Server /

Resource Hash

a67a39d43b39387b0d77aef8228857f6ee4b8d6adc0e59f0f4110d59d6576314

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://extfed.axaxl.com/Home/Login?ReturnUrl=%2fService%2fEdsIdentityService.svc%2fIssue%2f%3fwa%3dwsignin1.0%26wtrealm%3dPortalXL%253aProd%253aAccessXL%26wctx%3drm%253d0%2526id%253dpassive%2526ru%253d%25252f%26wct%3d2023-01-27T14%253a29%253a41Z&wa=wsignin1.0&wtrealm=PortalXL%3aProd%3aAccessXL&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2023-01-27T14%3a29%3a41Z
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Sat, 27 Jan 2024 14:31:13 GMT
x-wfe: 1
strict-transport-security: max-age=7776000, max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: Nosniff
date: Fri, 27 Jan 2023 14:31:12 GMT
last-modified: Fri, 27 Jan 2023 14:31:13 GMT
server: AXA XL Remote Login Server
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: public
content-length: 36779
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2

200

https://extfed.axaxl.com/bundles/jQuery?v=7bvobSRgDOt-CLiOlir9J16F9ivdrBozB86mS8CoBls1
https://extfed.axaxl.com/Home/Login?ReturnUrl=%2fbundles%2fjQuery%3fv%3d7bvobSRgDOt-CLiOlir9J16F9ivdrBozB86mS8CoBls1&v=7bvobSRgDOt-CLiOlir9J16F9ivdrBozB86mS8CoBls1

8 KB
3 KB

204ms
204ms

Script
text/html

199.26.159.118
XL-CAPITAL

General

Check archive.org

Show headers Download Go to

Full URL

https://extfed.axaxl.com/Home/Login?ReturnUrl=%2fbundles%2fjQuery%3fv%3d7bvobSRgDOt-CLiOlir9J16F9ivdrBozB86mS8CoBls1&v=7bvobSRgDOt-CLiOlir9J16F9ivdrBozB86mS8CoBls1

Requested by

Protocol

Server

199.26.159.118 , United States, ASN22848 (XL-CAPITAL, US),

Reverse DNS

Software

AXA XL Remote Login Server /

Resource Hash

37770c9ed1a234d951878c5e0c00494037c06c05717324a82225ab921b8d3951

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://extfed.axaxl.com/Home/Login?ReturnUrl=%2fService%2fEdsIdentityService.svc%2fIssue%2f%3fwa%3dwsignin1.0%26wtrealm%3dPortalXL%253aProd%253aAccessXL%26wctx%3drm%253d0%2526id%253dpassive%2526ru%253d%25252f%26wct%3d2023-01-27T14%253a29%253a41Z&wa=wsignin1.0&wtrealm=PortalXL%3aProd%3aAccessXL&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2023-01-27T14%3a29%3a41Z
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-wfe: 1
strict-transport-security: max-age=7776000, max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: Nosniff
x-aspnetmvc-version: 5.2
server: AXA XL Remote Login Server
date: Fri, 27 Jan 2023 14:31:12 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: private
content-length: 3283
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

Redirect headers

x-wfe: 1
strict-transport-security: max-age=7776000, max-age=31536000; includeSubDomains; preload
date: Fri, 27 Jan 2023 14:31:12 GMT
x-content-type-options: Nosniff
server: AXA XL Remote Login Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
location: /Home/Login?ReturnUrl=%2fbundles%2fjQuery%3fv%3d7bvobSRgDOt-CLiOlir9J16F9ivdrBozB86mS8CoBls1&v=7bvobSRgDOt-CLiOlir9J16F9ivdrBozB86mS8CoBls1
cache-control: private
content-length: 260
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2

200

https://extfed.axaxl.com/bundles/bootstrap?v=8nDE-jgONQ5QrInjDz8k_z2kEwI_KVasPoOasLphiDA1
https://extfed.axaxl.com/Home/Login?ReturnUrl=%2fbundles%2fbootstrap%3fv%3d8nDE-jgONQ5QrInjDz8k_z2kEwI_KVasPoOasLphiDA1&v=8nDE-jgONQ5QrInjDz8k_z2kEwI_KVasPoOasLphiDA1

8 KB
3 KB

1118ms
1118ms

Script
text/html

199.26.159.118
XL-CAPITAL

General

Check archive.org

Show headers Download Go to

Full URL

https://extfed.axaxl.com/Home/Login?ReturnUrl=%2fbundles%2fbootstrap%3fv%3d8nDE-jgONQ5QrInjDz8k_z2kEwI_KVasPoOasLphiDA1&v=8nDE-jgONQ5QrInjDz8k_z2kEwI_KVasPoOasLphiDA1

Requested by

Protocol

Server

199.26.159.118 , United States, ASN22848 (XL-CAPITAL, US),

Reverse DNS

Software

AXA XL Remote Login Server /

Resource Hash

76f35cc77b74558e2c0e3f5026af7a305bf45a9ad862ab45ad3f977f34964228

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://extfed.axaxl.com/Home/Login?ReturnUrl=%2fService%2fEdsIdentityService.svc%2fIssue%2f%3fwa%3dwsignin1.0%26wtrealm%3dPortalXL%253aProd%253aAccessXL%26wctx%3drm%253d0%2526id%253dpassive%2526ru%253d%25252f%26wct%3d2023-01-27T14%253a29%253a41Z&wa=wsignin1.0&wtrealm=PortalXL%3aProd%3aAccessXL&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2023-01-27T14%3a29%3a41Z
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-wfe: 1
strict-transport-security: max-age=7776000, max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: Nosniff
x-aspnetmvc-version: 5.2
server: AXA XL Remote Login Server
date: Fri, 27 Jan 2023 14:31:14 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: private
content-length: 3287
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

Redirect headers

x-wfe: 1
strict-transport-security: max-age=7776000, max-age=31536000; includeSubDomains; preload
date: Fri, 27 Jan 2023 14:31:12 GMT
x-content-type-options: Nosniff
server: AXA XL Remote Login Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
location: /Home/Login?ReturnUrl=%2fbundles%2fbootstrap%3fv%3d8nDE-jgONQ5QrInjDz8k_z2kEwI_KVasPoOasLphiDA1&v=8nDE-jgONQ5QrInjDz8k_z2kEwI_KVasPoOasLphiDA1
cache-control: private
content-length: 263
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 css
extfed.axaxl.com/Content/ 4 KB
2 KB 123ms
122ms Stylesheet
text/css 199.26.159.118
XL-CAPITAL

General

Check archive.org

Show headers Download Go to

Full URL

https://extfed.axaxl.com/Content/css?v=exsVHZjeaoB3HAbq8PsdzvNuvy8cZ8kDNDM0nudAuLg1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.26.159.118 , United States, ASN22848 (XL-CAPITAL, US),

Reverse DNS

Software

AXA XL Remote Login Server /

Resource Hash

7d40fbeedf2a28fb34a71f7838fadc230ad83d54885f705ed4a2dffefd495fd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://extfed.axaxl.com/Home/Login?ReturnUrl=%2fService%2fEdsIdentityService.svc%2fIssue%2f%3fwa%3dwsignin1.0%26wtrealm%3dPortalXL%253aProd%253aAccessXL%26wctx%3drm%253d0%2526id%253dpassive%2526ru%253d%25252f%26wct%3d2023-01-27T14%253a29%253a41Z&wa=wsignin1.0&wtrealm=PortalXL%3aProd%3aAccessXL&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2023-01-27T14%3a29%3a41Z
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Sat, 27 Jan 2024 14:31:13 GMT
x-wfe: 1
strict-transport-security: max-age=7776000, max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: Nosniff
date: Fri, 27 Jan 2023 14:31:12 GMT
last-modified: Fri, 27 Jan 2023 14:31:13 GMT
server: AXA XL Remote Login Server
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: public
content-length: 1426
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2

200

https://extfed.axaxl.com/bundles/helpers?v=BRDKnAx3lHb7jht_FSY18Q54j3PTOcJlio3bc6_Enj01
https://extfed.axaxl.com/Home/Login?ReturnUrl=%2fbundles%2fhelpers%3fv%3dBRDKnAx3lHb7jht_FSY18Q54j3PTOcJlio3bc6_Enj01&v=BRDKnAx3lHb7jht_FSY18Q54j3PTOcJlio3bc6_Enj01

8 KB
3 KB

614ms
613ms

Script
text/html

199.26.159.118
XL-CAPITAL

General

Check archive.org

Show headers Download Go to

Full URL

https://extfed.axaxl.com/Home/Login?ReturnUrl=%2fbundles%2fhelpers%3fv%3dBRDKnAx3lHb7jht_FSY18Q54j3PTOcJlio3bc6_Enj01&v=BRDKnAx3lHb7jht_FSY18Q54j3PTOcJlio3bc6_Enj01

Requested by

Protocol

Server

199.26.159.118 , United States, ASN22848 (XL-CAPITAL, US),

Reverse DNS

Software

AXA XL Remote Login Server /

Resource Hash

d11cff66b6eac3ceab68d80ef6c0d0a62f2be006a7c9a92274326995117557bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://extfed.axaxl.com/Home/Login?ReturnUrl=%2fService%2fEdsIdentityService.svc%2fIssue%2f%3fwa%3dwsignin1.0%26wtrealm%3dPortalXL%253aProd%253aAccessXL%26wctx%3drm%253d0%2526id%253dpassive%2526ru%253d%25252f%26wct%3d2023-01-27T14%253a29%253a41Z&wa=wsignin1.0&wtrealm=PortalXL%3aProd%3aAccessXL&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2023-01-27T14%3a29%3a41Z
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-wfe: 1
strict-transport-security: max-age=7776000, max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: Nosniff
x-aspnetmvc-version: 5.2
server: AXA XL Remote Login Server
date: Fri, 27 Jan 2023 14:31:12 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: private
content-length: 3283
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

Redirect headers

x-wfe: 1
strict-transport-security: max-age=7776000, max-age=31536000; includeSubDomains; preload
date: Fri, 27 Jan 2023 14:31:12 GMT
x-content-type-options: Nosniff
server: AXA XL Remote Login Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
location: /Home/Login?ReturnUrl=%2fbundles%2fhelpers%3fv%3dBRDKnAx3lHb7jht_FSY18Q54j3PTOcJlio3bc6_Enj01&v=BRDKnAx3lHb7jht_FSY18Q54j3PTOcJlio3bc6_Enj01
cache-control: private
content-length: 261
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 bootstrap-glyphicons.min.css
extfed.axaxl.com/Content/bootstrap4-glyphicons/css/ 12 KB
3 KB 227ms
226ms Stylesheet
text/css 199.26.159.118
XL-CAPITAL

General

Check archive.org

Show headers Download Go to

Full URL

https://extfed.axaxl.com/Content/bootstrap4-glyphicons/css/bootstrap-glyphicons.min.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.26.159.118 , United States, ASN22848 (XL-CAPITAL, US),

Reverse DNS

Software

AXA XL Remote Login Server /

Resource Hash

b445b71b7deb62cdd123bed12de79793df3ade8984107c0dbda06c95a50be293

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://extfed.axaxl.com/Home/Login?ReturnUrl=%2fService%2fEdsIdentityService.svc%2fIssue%2f%3fwa%3dwsignin1.0%26wtrealm%3dPortalXL%253aProd%253aAccessXL%26wctx%3drm%253d0%2526id%253dpassive%2526ru%253d%25252f%26wct%3d2023-01-27T14%253a29%253a41Z&wa=wsignin1.0&wtrealm=PortalXL%3aProd%3aAccessXL&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2023-01-27T14%3a29%3a41Z
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-wfe: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: Nosniff
date: Fri, 27 Jan 2023 14:31:12 GMT
last-modified: Thu, 06 Jan 2022 14:56:56 GMT
server: AXA XL Remote Login Server
etag: "4a32fa6d3d81:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
content-length: 3008
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 axaxl-inverted.png
extfed.axaxl.com/Content/xl/ 10 KB
10 KB 106ms
105ms Image
image/png 199.26.159.118
XL-CAPITAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://extfed.axaxl.com/Content/xl/axaxl-inverted.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.26.159.118 , United States, ASN22848 (XL-CAPITAL, US),

Reverse DNS

Software

AXA XL Remote Login Server /

Resource Hash

cc18bba38c16d5f6c01d5a419442c4f19b9cec1112c48fe79d9cecd942440ff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://extfed.axaxl.com/Home/Login?ReturnUrl=%2fService%2fEdsIdentityService.svc%2fIssue%2f%3fwa%3dwsignin1.0%26wtrealm%3dPortalXL%253aProd%253aAccessXL%26wctx%3drm%253d0%2526id%253dpassive%2526ru%253d%25252f%26wct%3d2023-01-27T14%253a29%253a41Z&wa=wsignin1.0&wtrealm=PortalXL%3aProd%3aAccessXL&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2023-01-27T14%3a29%3a41Z
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-wfe: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 27 Jan 2023 14:31:14 GMT
x-content-type-options: Nosniff
last-modified: Thu, 06 Jan 2022 14:57:32 GMT
server: AXA XL Remote Login Server
etag: "6f505ebbd3d81:0"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 10393
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2

200

https://extfed.axaxl.com/bundles/jqueryval?v=HdfVOPstnGacH_nfnIT4VYxYQkUgYn1CIzVv9tMAtmA1
https://extfed.axaxl.com/Home/Login?ReturnUrl=%2fbundles%2fjqueryval%3fv%3dHdfVOPstnGacH_nfnIT4VYxYQkUgYn1CIzVv9tMAtmA1&v=HdfVOPstnGacH_nfnIT4VYxYQkUgYn1CIzVv9tMAtmA1

8 KB
3 KB

107ms
107ms

Script
text/html

199.26.159.118
XL-CAPITAL

General

Check archive.org

Show headers Download Go to

Full URL

https://extfed.axaxl.com/Home/Login?ReturnUrl=%2fbundles%2fjqueryval%3fv%3dHdfVOPstnGacH_nfnIT4VYxYQkUgYn1CIzVv9tMAtmA1&v=HdfVOPstnGacH_nfnIT4VYxYQkUgYn1CIzVv9tMAtmA1

Requested by

Protocol

Server

199.26.159.118 , United States, ASN22848 (XL-CAPITAL, US),

Reverse DNS

Software

AXA XL Remote Login Server /

Resource Hash

ad6cf1816d1a01e75dd64e58278aec8a507bb8388ad24f25a175ed54a016bccd

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://extfed.axaxl.com/Home/Login?ReturnUrl=%2fService%2fEdsIdentityService.svc%2fIssue%2f%3fwa%3dwsignin1.0%26wtrealm%3dPortalXL%253aProd%253aAccessXL%26wctx%3drm%253d0%2526id%253dpassive%2526ru%253d%25252f%26wct%3d2023-01-27T14%253a29%253a41Z&wa=wsignin1.0&wtrealm=PortalXL%3aProd%3aAccessXL&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2023-01-27T14%3a29%3a41Z
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-wfe: 1
strict-transport-security: max-age=7776000, max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: Nosniff
x-aspnetmvc-version: 5.2
server: AXA XL Remote Login Server
date: Fri, 27 Jan 2023 14:31:12 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: private
content-length: 3285
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

Redirect headers

x-wfe: 1
strict-transport-security: max-age=7776000, max-age=31536000; includeSubDomains; preload
date: Fri, 27 Jan 2023 14:31:12 GMT
x-content-type-options: Nosniff
server: AXA XL Remote Login Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
location: /Home/Login?ReturnUrl=%2fbundles%2fjqueryval%3fv%3dHdfVOPstnGacH_nfnIT4VYxYQkUgYn1CIzVv9tMAtmA1&v=HdfVOPstnGacH_nfnIT4VYxYQkUgYn1CIzVv9tMAtmA1
cache-control: private
content-length: 263
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 effra_std_rg-webfont.woff
extfed.axaxl.com/fonts/ 22 KB
22 KB 106ms
105ms Font
font/x-woff 199.26.159.118
XL-CAPITAL

General

Check archive.org

Show headers Download Go to

Full URL

https://extfed.axaxl.com/fonts/effra_std_rg-webfont.woff

Requested by

Host: extfed.axaxl.com
URL: https://extfed.axaxl.com/Content/css?v=exsVHZjeaoB3HAbq8PsdzvNuvy8cZ8kDNDM0nudAuLg1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.26.159.118 , United States, ASN22848 (XL-CAPITAL, US),

Reverse DNS

Software

AXA XL Remote Login Server /

Resource Hash

d427eb1542744ce442c8f10f470f0b0310f1f79bc23ce5352bdd121dcb862584

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://extfed.axaxl.com/Content/css?v=exsVHZjeaoB3HAbq8PsdzvNuvy8cZ8kDNDM0nudAuLg1
Origin: https://extfed.axaxl.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-wfe: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 27 Jan 2023 14:31:14 GMT
x-content-type-options: Nosniff
last-modified: Thu, 06 Jan 2022 14:57:42 GMT
server: AXA XL Remote Login Server
etag: "84eaac1d3d81:0"
x-frame-options: SAMEORIGIN
content-type: font/x-woff
accept-ranges: bytes
content-length: 22656
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 glyphicons-halflings-regular.woff2
extfed.axaxl.com/Content/bootstrap4-glyphicons/fonts/glyphicons/ 18 KB
18 KB 106ms
106ms Font
application/font-woff2 199.26.159.118
XL-CAPITAL

General

Check archive.org

Show headers Download Go to

Full URL

https://extfed.axaxl.com/Content/bootstrap4-glyphicons/fonts/glyphicons/glyphicons-halflings-regular.woff2

Requested by

Host: extfed.axaxl.com
URL: https://extfed.axaxl.com/Content/bootstrap4-glyphicons/css/bootstrap-glyphicons.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.26.159.118 , United States, ASN22848 (XL-CAPITAL, US),

Reverse DNS

Software

AXA XL Remote Login Server /

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://extfed.axaxl.com/Content/bootstrap4-glyphicons/css/bootstrap-glyphicons.min.css
Origin: https://extfed.axaxl.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-wfe: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 27 Jan 2023 14:31:14 GMT
x-content-type-options: Nosniff
last-modified: Thu, 06 Jan 2022 14:57:08 GMT
server: AXA XL Remote Login Server
etag: "fc1e80add3d81:0"
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
accept-ranges: bytes
content-length: 18028
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| removeSpaces

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			extfed.axaxl.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: bxlj1hmnemqh0mphwx5cgutx
			extfed.axaxl.com/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: x1KEBE37qHjALBv5lFJkOYZcp8DjGiklWPuF5BR0UjrEr7bcdrCIAobYpFrEo6EujzApS7zSoSKAjkmJyYKGe6Epn9s1

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://extfed.axaxl.com/Home/Login?ReturnUrl=%2fService%2fEdsIdentityService.svc%2fIssue%2f%3fwa%3dwsignin1.0%26wtrealm%3dPortalXL%253aProd%253aAccessXL%26wctx%3drm%253d0%2526id%253dpassive%2526ru%253d%25252f%26wct%3d2023-01-27T14%253a29%253a41Z&wa=wsignin1.0&wtrealm=PortalXL%3aProd%3aAccessXL&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2023-01-27T14%3a29%3a41Z Message: Refused to execute script from 'https://extfed.axaxl.com/Home/Login?ReturnUrl=%2fbundles%2fjQuery%3fv%3d7bvobSRgDOt-CLiOlir9J16F9ivdrBozB86mS8CoBls1&v=7bvobSRgDOt-CLiOlir9J16F9ivdrBozB86mS8CoBls1' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://extfed.axaxl.com/Home/Login?ReturnUrl=%2fService%2fEdsIdentityService.svc%2fIssue%2f%3fwa%3dwsignin1.0%26wtrealm%3dPortalXL%253aProd%253aAccessXL%26wctx%3drm%253d0%2526id%253dpassive%2526ru%253d%25252f%26wct%3d2023-01-27T14%253a29%253a41Z&wa=wsignin1.0&wtrealm=PortalXL%3aProd%3aAccessXL&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2023-01-27T14%3a29%3a41Z Message: Refused to execute script from 'https://extfed.axaxl.com/Home/Login?ReturnUrl=%2fbundles%2fbootstrap%3fv%3d8nDE-jgONQ5QrInjDz8k_z2kEwI_KVasPoOasLphiDA1&v=8nDE-jgONQ5QrInjDz8k_z2kEwI_KVasPoOasLphiDA1' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://extfed.axaxl.com/Home/Login?ReturnUrl=%2fService%2fEdsIdentityService.svc%2fIssue%2f%3fwa%3dwsignin1.0%26wtrealm%3dPortalXL%253aProd%253aAccessXL%26wctx%3drm%253d0%2526id%253dpassive%2526ru%253d%25252f%26wct%3d2023-01-27T14%253a29%253a41Z&wa=wsignin1.0&wtrealm=PortalXL%3aProd%3aAccessXL&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2023-01-27T14%3a29%3a41Z Message: Refused to execute script from 'https://extfed.axaxl.com/Home/Login?ReturnUrl=%2fbundles%2fhelpers%3fv%3dBRDKnAx3lHb7jht_FSY18Q54j3PTOcJlio3bc6_Enj01&v=BRDKnAx3lHb7jht_FSY18Q54j3PTOcJlio3bc6_Enj01' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://extfed.axaxl.com/Home/Login?ReturnUrl=%2fService%2fEdsIdentityService.svc%2fIssue%2f%3fwa%3dwsignin1.0%26wtrealm%3dPortalXL%253aProd%253aAccessXL%26wctx%3drm%253d0%2526id%253dpassive%2526ru%253d%25252f%26wct%3d2023-01-27T14%253a29%253a41Z&wa=wsignin1.0&wtrealm=PortalXL%3aProd%3aAccessXL&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2023-01-27T14%3a29%3a41Z Message: Refused to execute script from 'https://extfed.axaxl.com/Home/Login?ReturnUrl=%2fbundles%2fjqueryval%3fv%3dHdfVOPstnGacH_nfnIT4VYxYQkUgYn1CIzVv9tMAtmA1&v=HdfVOPstnGacH_nfnIT4VYxYQkUgYn1CIzVv9tMAtmA1' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=7776000 max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

extfed.axaxl.com
199.26.159.118
37770c9ed1a234d951878c5e0c00494037c06c05717324a82225ab921b8d3951
76f35cc77b74558e2c0e3f5026af7a305bf45a9ad862ab45ad3f977f34964228
7d40fbeedf2a28fb34a71f7838fadc230ad83d54885f705ed4a2dffefd495fd7
a67a39d43b39387b0d77aef8228857f6ee4b8d6adc0e59f0f4110d59d6576314
ad6cf1816d1a01e75dd64e58278aec8a507bb8388ad24f25a175ed54a016bccd
b445b71b7deb62cdd123bed12de79793df3ade8984107c0dbda06c95a50be293
cc18bba38c16d5f6c01d5a419442c4f19b9cec1112c48fe79d9cecd942440ff4
d11cff66b6eac3ceab68d80ef6c0d0a62f2be006a7c9a92274326995117557bd
d427eb1542744ce442c8f10f470f0b0310f1f79bc23ce5352bdd121dcb862584
e96649b9eaacb31adfc3c2e8d59c24ae50d5ab6f94dc55b7729727ffb4ff9da3
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

extfed.axaxl.com Open in urlscan Pro 199.26.159.118 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

11 Requests

64 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

108 kBTransfer

264 kBSize

2 Cookies

0 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

2 Cookies

4 Console Messages

Security Headers

Indicators

extfed.axaxl.com Open in urlscan Pro
199.26.159.118 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

64 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

108 kB
Transfer

264 kB
Size

2
Cookies

11 HTTP transactions
0 data transactions