share.axosbank.com Open in urlscan Pro
104.16.188.72 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://axosbank.extole.io/
Effective URL:
https://share.axosbank.com/
Submission: On October 16 via manual (October 16th 2024, 2:40:06 pm UTC) from HK — Scanned from DE

Summary HTTP 22 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 22 HTTP transactions. The main IP is 104.16.188.72, located in and belongs to CLOUDFLARENET, US. The main domain is share.axosbank.com.
TLS certificate: Issued by WE1 on October 11th 2024. Valid for: 3 months.

This is the only time share.axosbank.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.44.162.106 52.44.162.106	14618 (AMAZON-AES) (AMAZON-AES)
1 8	104.16.188.72 104.16.188.72	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
4	143.204.215.90 143.204.215.90	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
7	143.204.215.81 143.204.215.81	16509 (AMAZON-02) (AMAZON-02)
22	5

1 52.44.162.106 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-162-106.compute-1.amazonaws.com

axosbank.extole.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.16.188.72 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

share.axosbank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.215.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-90.fra53.r.cloudfront.net

origin.xtlo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 143.204.215.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-81.fra53.r.cloudfront.net

origin-7.xtlo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
origin-0.xtlo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
origin-3.xtlo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
origin-2.xtlo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
origin-4.xtlo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	xtlo.net origin.xtlo.net — Cisco Umbrella Rank: 43381 origin-7.xtlo.net — Cisco Umbrella Rank: 310106 origin-0.xtlo.net — Cisco Umbrella Rank: 639906 origin-3.xtlo.net origin-2.xtlo.net — Cisco Umbrella Rank: 847997 origin-4.xtlo.net — Cisco Umbrella Rank: 114811	681 KB
8	axosbank.com 1 redirects share.axosbank.com	84 KB
2	gstatic.com fonts.gstatic.com	41 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1 KB
1	extole.io 1 redirects axosbank.extole.io	712 B
22	5

	Domain	Requested by
8	share.axosbank.com	1 redirects share.axosbank.com
4	origin.xtlo.net	share.axosbank.com
2	origin-3.xtlo.net	share.axosbank.com
2	origin-0.xtlo.net	share.axosbank.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	share.axosbank.com
1	origin-4.xtlo.net	share.axosbank.com
1	origin-2.xtlo.net	share.axosbank.com
1	origin-7.xtlo.net	share.axosbank.com
1	axosbank.extole.io	1 redirects
22	10

This site contains links to these domains. Also see Links.

Domain
www.axosbank.com
edie.fdic.gov
www.extole.com

Subject Issuer	Validity	Valid
axosbank.com WE1	`2024-10-11` - `2025-01-09`	3 months	crt.sh
upload.video.google.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
media.extole.com Amazon RSA 2048 M03	`2024-07-15` - `2025-08-13`	a year	crt.sh
*.gstatic.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://share.axosbank.com/
Frame ID: 09CFABABB898AEC61EC83E638C55EE44
Requests: 20 HTTP requests in this frame

Frame: https://share.axosbank.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js
Frame ID: B90C43A369350D1E15E5B333E961D232
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Axos Bank Referral Program

Page URL History Show full URLs

http://axosbank.extole.io/ HTTP 307
https://axosbank.extole.io/ HTTP 302
https://share.axosbank.com/ Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

22
Requests

95 %
HTTPS

33 %
IPv6

5
Domains

10
Subdomains

5
IPs

3
Countries

808 kB
Transfer

1113 kB
Size

5
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.axosbank.com/
Title: Axos Bank

Search URL Search Domain Scan URL

URL: https://edie.fdic.gov/
Title: FDIC Certificate 35546

Search URL Search Domain Scan URL

URL: https://www.axosbank.com/Legal/FDIC-Notice
Title: read our FDIC notice

Search URL Search Domain Scan URL

URL: https://www.axosbank.com//Legal/Privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.extole.com/powered-by-extole/
Title: Powered by Extole

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://axosbank.extole.io/ HTTP 307
https://axosbank.extole.io/ HTTP 302
https://share.axosbank.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://share.axosbank.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://share.axosbank.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
share.axosbank.com/
Redirect Chain

http://axosbank.extole.io/
https://axosbank.extole.io/
https://share.axosbank.com/

23 KB
6 KB

610ms
532ms

Document
text/html

104.16.188.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://share.axosbank.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.188.72 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5eb89517bf8ec38ee53c9452e1260359a21a2309f1945b3180e1de91b11f02d0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.extole.com frame-ancestors https://.extole.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	ALLOW-FROM https://.extole.com ALLOW-FROM https://.extole.com

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authentication,Authorization,X-CSRF-TOKEN,X-NONCE
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
access-control-expose-headers: X-Extole-Token
cf-cache-status: DYNAMIC
cf-ray: 8d38cd32ed6136de-FRA
content-encoding: gzip
content-security-policy: frame-ancestors https://*.extole.com frame-ancestors https://*.extole.com
content-type: text/html;charset=UTF-8
date: Wed, 16 Oct 2024 14:40:00 GMT
p3p: CP="Please see our privacy policy"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin Accept-Encoding
x-content-type-options: nosniff nosniff
x-extole-token: B9FQ6RA2RBRC7TG2G38H3N2HV8
x-frame-options: ALLOW-FROM https://*.extole.com ALLOW-FROM https://*.extole.com

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authentication,Authorization,X-CSRF-TOKEN,X-NONCE
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
access-control-expose-headers: X-Extole-Token
content-length: 0
date: Wed, 16 Oct 2024 14:40:00 GMT
location: https://share.axosbank.com
p3p: CP="Please see our privacy policy"
server: Extole
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
x-extole-token: CG6U22T7ODH2STTTDQ16L0BO1G

GET
H2 200 css
fonts.googleapis.com/ 2 KB
692 B 87ms
32ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: share.axosbank.com
URL: https://share.axosbank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

adf768c23e06caa3676973294122e24048a1296ae400745ba47e08bd39276e06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://share.axosbank.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 16 Oct 2024 14:40:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 14:40:01 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 16 Oct 2024 14:31:20 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 782 B
843 B 83ms
28ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:700

Requested by

Host: share.axosbank.com
URL: https://share.axosbank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

110779b69986a48d2b15ca6edd95a6085231dbac687ebcb6c479a0408e334b51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://share.axosbank.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 16 Oct 2024 14:40:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 14:40:01 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 16 Oct 2024 13:16:10 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 core.js Show response
share.axosbank.com/ 45 KB
15 KB 235ms
234ms Script
application/javascript 104.16.188.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://share.axosbank.com/core.js

Requested by

Host: share.axosbank.com
URL: https://share.axosbank.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.188.72 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd3afe6fa20b259f0c040d769395a5a746a286a9faafae85755382275b57f111

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://share.axosbank.com/

Response headers

access-control-max-age: 3600
access-control-expose-headers: X-Extole-Token
content-encoding: gzip
cf-cache-status: DYNAMIC
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
p3p: CP="Please see our privacy policy"
date: Wed, 16 Oct 2024 14:40:01 GMT
content-type: application/javascript
vary: Origin, Accept-Encoding
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authentication,Authorization,X-CSRF-TOKEN,X-NONCE
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-transform, max-age=3600
access-control-allow-credentials: true
cf-ray: 8d38cd3669ec36de-FRA
content-length: 14966
server: cloudflare

GET
H2 200 axos-logo+1.png
origin.xtlo.net/type=asset:clientShortName=axosbank:originAssetId=seo3hu1qvef1gjzqnrem/ 3 KB
3 KB 368ms
314ms Image
image/png 143.204.215.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://origin.xtlo.net/type=asset:clientShortName=axosbank:originAssetId=seo3hu1qvef1gjzqnrem/axos-logo+1.png
Requested by: Host: share.axosbank.com
URL: https://share.axosbank.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-90.fra53.r.cloudfront.net
Software: Extole /
Resource Hash: 9c58f7b6479ec9b05a14b107c9c196f590669a8856f9e7b1dd23c764829804e4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://share.axosbank.com/

Response headers

access-control-max-age: 2592000
cache-control: no-transform, max-age=2592000
content-encoding: gzip
via: 1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 3023
x-amz-cf-id: OpZr97HmY6MeRXEm32k4Y-aPAYKyBHh00FjxkKDv9qiD691Pva3kVw==
date: Wed, 16 Oct 2024 14:40:01 GMT
content-type: image/png
last-modified: Thu, 06 Jun 2024 16:37:06 GMT
server: Extole
x-amz-cf-pop: FRA53-C1
vary: Accept-Encoding

GET
H2 200 axos-hero.jpeg
origin.xtlo.net/type=asset:clientShortName=axosbank:originAssetId=seo6az3mzd48jgh4mz8g/ 111 KB
110 KB 408ms
408ms Image
image/jpeg 143.204.215.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://origin.xtlo.net/type=asset:clientShortName=axosbank:originAssetId=seo6az3mzd48jgh4mz8g/axos-hero.jpeg
Requested by: Host: share.axosbank.com
URL: https://share.axosbank.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-90.fra53.r.cloudfront.net
Software: Extole /
Resource Hash: fe9560e1a9dfa734b15ec52f2b7889c2af3383ec4650f10dfe7401860bb16d1e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://share.axosbank.com/

Response headers

access-control-max-age: 2592000
cache-control: no-transform, max-age=2592000
content-encoding: gzip
via: 1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-id: lMzW9Mw_r2xEI4BkroKLRNiTZmTeDWLmgqCeyQGIcPHgRlAn1Fl-cw==
date: Wed, 16 Oct 2024 14:40:01 GMT
content-type: image/jpeg
last-modified: Thu, 06 Jun 2024 17:37:47 GMT
server: Extole
x-amz-cf-pop: FRA53-C1
vary: Accept-Encoding

GET
H3 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 58ms
28ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://share.axosbank.com
Referer: https://fonts.googleapis.com/

Response headers

age: 74545
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 15 Oct 2025 17:57:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 17:57:36 GMT
last-modified: Tue, 02 May 2023 15:07:25 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23040
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 53ms
23ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://share.axosbank.com
Referer: https://fonts.googleapis.com/

Response headers

age: 39888
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 03:35:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 03:35:13 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H2

200

main.js Show response
share.axosbank.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/ Frame B90C
Redirect Chain

https://share.axosbank.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://share.axosbank.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?

8 KB
4 KB

42ms
42ms

Script
application/javascript

104.16.188.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://share.axosbank.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?

Requested by

Host: share.axosbank.com
URL: https://share.axosbank.com/

Protocol

Server

104.16.188.72 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a21c6bcc8713de12db47e257755378b114722794993309da681aa9fcad2bf84

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cf-ray: 8d38cd384c8236de-FRA
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding: gzip
date: Wed, 16 Oct 2024 14:40:01 GMT
content-type: application/javascript; charset=UTF-8
server: cloudflare
x-content-type-options: nosniff

Redirect headers

cf-ray: 8d38cd380c3036de-FRA
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?
content-length: 0
access-control-allow-origin: *
date: Wed, 16 Oct 2024 14:40:01 GMT
server: cloudflare

GET
H2 200 MainView.js Show response
origin-7.xtlo.net/type=creativeArchive:clientId=1827346696:creativeArchiveId=7362220196203910191:version=5:coreAssetsVersion=26:buildVersion=17/js/ 2 KB
1 KB 378ms
318ms Script
application/javascript 143.204.215.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://origin-7.xtlo.net/type=creativeArchive:clientId=1827346696:creativeArchiveId=7362220196203910191:version=5:coreAssetsVersion=26:buildVersion=17/js/MainView.js?site=share.axosbank.com
Requested by: Host: share.axosbank.com
URL: https://share.axosbank.com/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-81.fra53.r.cloudfront.net
Software: Extole /
Resource Hash: f78e30c228ac3fa92822861ec76f201681a5925474d5f783fae15f7bd5c5afce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://share.axosbank.com
Referer: https://share.axosbank.com/

Response headers

access-control-max-age: 2592000
cache-control: no-transform, max-age=2592000
content-encoding: gzip
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 757
x-amz-cf-id: zHV7s0eY0V9W2ZS3h4p4c7VplAPItn0td5cKp8w6tlJKWIHq-FkG4g==
date: Wed, 16 Oct 2024 14:40:01 GMT
content-type: application/javascript
last-modified: Mon, 16 Sep 2024 18:21:36 GMT
server: Extole
x-amz-cf-pop: FRA53-C1
vary: Accept-Encoding

POST
H2 200 8d38cd32ed6136de Show response
share.axosbank.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame B90C 0
613 B 62ms
57ms XHR
text/plain 104.16.188.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://share.axosbank.com/cdn-cgi/challenge-platform/h/b/jsd/r/8d38cd32ed6136de
Requested by: Host: share.axosbank.com
URL: https://share.axosbank.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.188.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

cf-ray: 8d38cd38fd3f36de-FRA
content-length: 0
date: Wed, 16 Oct 2024 14:40:01 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare

GET
H2 200 user-service.js Show response
origin-0.xtlo.net/type=core:clientId=1827346696:coreAssetsVersion=26/common/ 6 KB
2 KB 346ms
319ms Script
application/javascript 143.204.215.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://origin-0.xtlo.net/type=core:clientId=1827346696:coreAssetsVersion=26/common/user-service.js?site=share.axosbank.com
Requested by: Host: share.axosbank.com
URL: https://share.axosbank.com/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-81.fra53.r.cloudfront.net
Software: Extole /
Resource Hash: 3a228575cdd0d6ba2b7fea0080f29caf2cb88b677b320105bf6f0b0f06b11ab8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://share.axosbank.com
Referer: https://share.axosbank.com/

Response headers

access-control-max-age: 2592000
cache-control: no-transform, max-age=2592000
content-encoding: gzip
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 1863
x-amz-cf-id: 7nZZ9UCPQqHkFBXibCBhuR65Ycfu0fLZDLJhowwzDoLnvyjlZeSuOQ==
date: Wed, 16 Oct 2024 14:40:01 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 14:40:01 GMT
server: Extole
x-amz-cf-pop: FRA53-C1
vary: Accept-Encoding

GET
H2 200 create-zone-builder.js Show response
origin-3.xtlo.net/type=core:clientId=1827346696:coreAssetsVersion=26/common/ 1 KB
970 B 320ms
307ms Script
application/javascript 143.204.215.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://origin-3.xtlo.net/type=core:clientId=1827346696:coreAssetsVersion=26/common/create-zone-builder.js?site=share.axosbank.com
Requested by: Host: share.axosbank.com
URL: https://share.axosbank.com/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-81.fra53.r.cloudfront.net
Software: Extole /
Resource Hash: 52d29682f589c7de8d53b798e1e45c41a2c9a008ad222e97b1ec10977ed57666

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://share.axosbank.com
Referer: https://share.axosbank.com/

Response headers

access-control-max-age: 2592000
cache-control: no-transform, max-age=2592000
content-encoding: gzip
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 577
x-amz-cf-id: MnbYaxW5Iocuf6U6dGltGL6fQ7I8VHyGjDJ7ZL83Gx2mNGMV2gvXGw==
date: Wed, 16 Oct 2024 14:40:01 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 14:40:01 GMT
server: Extole
x-amz-cf-pop: FRA53-C1
vary: Accept-Encoding

GET
H2 200 ElementControl.js Show response
origin-0.xtlo.net/type=core:clientId=1827346696:coreAssetsVersion=26/common/client/ 3 KB
1 KB 340ms
314ms Script
application/javascript 143.204.215.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://origin-0.xtlo.net/type=core:clientId=1827346696:coreAssetsVersion=26/common/client/ElementControl.js?site=share.axosbank.com
Requested by: Host: share.axosbank.com
URL: https://share.axosbank.com/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-81.fra53.r.cloudfront.net
Software: Extole /
Resource Hash: b92d89f9f3af2f4355c602d86610333ac09e5c414fa9b8f6ded19d498c3f1b2c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://share.axosbank.com
Referer: https://share.axosbank.com/

Response headers

access-control-max-age: 2592000
cache-control: no-transform, max-age=2592000
content-encoding: gzip
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 1076
x-amz-cf-id: FHA_3bIUcLQpWvi2FhgRI1Qm_-FgY_ZkCSZHUIV41Rlq9lZGHegYdQ==
date: Wed, 16 Oct 2024 14:40:01 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 14:40:01 GMT
server: Extole
x-amz-cf-pop: FRA53-C1
vary: Accept-Encoding

GET
H2 200 view-state.js Show response
origin-2.xtlo.net/type=core:clientId=1827346696:coreAssetsVersion=26/common/client/ 1 KB
859 B 427ms
416ms Script
application/javascript 143.204.215.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://origin-2.xtlo.net/type=core:clientId=1827346696:coreAssetsVersion=26/common/client/view-state.js?site=share.axosbank.com
Requested by: Host: share.axosbank.com
URL: https://share.axosbank.com/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-81.fra53.r.cloudfront.net
Software: Extole /
Resource Hash: 9b5d6faf197f56735f3fa0c16d5eaf465c9f8556b8c1014ddb25e17d04792f22

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://share.axosbank.com
Referer: https://share.axosbank.com/

Response headers

access-control-max-age: 2592000
cache-control: no-transform, max-age=2592000
content-encoding: gzip
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 467
x-amz-cf-id: M00ifbDnYzTqjGDULHKY2MKJ8nMp49Ua67Enx6ndDw81LhhBwweOYg==
date: Wed, 16 Oct 2024 14:40:02 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 14:40:02 GMT
server: Extole
x-amz-cf-pop: FRA53-C1
vary: Accept-Encoding

GET
H2 200 device-service.js Show response
origin-3.xtlo.net/type=core:clientId=1827346696:coreAssetsVersion=26/common/client/ 2 KB
1 KB 460ms
447ms Script
application/javascript 143.204.215.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://origin-3.xtlo.net/type=core:clientId=1827346696:coreAssetsVersion=26/common/client/device-service.js?site=share.axosbank.com
Requested by: Host: share.axosbank.com
URL: https://share.axosbank.com/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-81.fra53.r.cloudfront.net
Software: Extole /
Resource Hash: fcca5752bad213a81875430f1988982eaaa91b451536665ba5c31116dc598812

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://share.axosbank.com
Referer: https://share.axosbank.com/

Response headers

access-control-max-age: 2592000
cache-control: no-transform, max-age=2592000
content-encoding: gzip
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 844
x-amz-cf-id: 5k9Sq5lNloe-QgJS0kkRuOy0IW9jjylxQmHmZvl5W0KZ42zjHrYyQg==
date: Wed, 16 Oct 2024 14:40:02 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 14:40:02 GMT
server: Extole
x-amz-cf-pop: FRA53-C1
vary: Accept-Encoding

GET
H2 200 api.js Show response
origin-4.xtlo.net/type=core:clientId=1827346696:coreAssetsVersion=26/common/ 4 KB
2 KB 149ms
127ms Script
application/javascript 143.204.215.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://origin-4.xtlo.net/type=core:clientId=1827346696:coreAssetsVersion=26/common/api.js?site=share.axosbank.com
Requested by: Host: share.axosbank.com
URL: https://share.axosbank.com/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-81.fra53.r.cloudfront.net
Software: Extole /
Resource Hash: 5a8dfb9c78929a5de21d234d277ce716a1a3e653f3948ae86dfcef9767ba825d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://share.axosbank.com
Referer: https://share.axosbank.com/

Response headers

access-control-max-age: 2592000
cache-control: no-transform, max-age=2592000
content-encoding: gzip
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 1424
x-amz-cf-id: 9zzQ_4emvobuHqq4XEb0MVkILpAeqxsHqkIEEd5ITfJFMHuox6Ti6g==
date: Wed, 16 Oct 2024 14:40:02 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 14:40:02 GMT
server: Extole
x-amz-cf-pop: FRA53-C1
vary: Accept-Encoding

GET
H2 200 me Show response
share.axosbank.com/api/v4/ 274 B
419 B 148ms
147ms XHR
application/json 104.16.188.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://share.axosbank.com/api/v4/me

Requested by

Host: share.axosbank.com
URL: https://share.axosbank.com/core.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.188.72 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab4699c37bb215879b37b10d264dd17be8a6eacbf12404fd9f9551b726703b75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Authorization: B9FQ6RA2RBRC7TG2G38H3N2HV8
Referer: https://share.axosbank.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/json
x-extole-app: javascript_sdk

Response headers

access-control-expose-headers: X-Extole-Token
content-encoding: gzip
cf-cache-status: DYNAMIC
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
expires: Wed, 16 Oct 2024 14:40:01 GMT
p3p: CP="Please see our privacy policy"
date: Wed, 16 Oct 2024 14:40:02 GMT
content-type: application/json
vary: Origin, Accept-Encoding
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authentication,Authorization,X-CSRF-TOKEN,X-NONCE
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 8d38cd3d9af736de-FRA
content-length: 172
server: cloudflare

POST
H2 200 share_experience Show response
share.axosbank.com/zones/ 303 KB
59 KB 492ms
490ms XHR
text/javascript 104.16.188.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://share.axosbank.com/zones/share_experience

Requested by

Host: share.axosbank.com
URL: https://share.axosbank.com/core.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.188.72 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9462c59f5589e48db12033a45492ad608e38f4a670a956e6d6a4407e8d3ea495

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/x-www-form-urlencoded
Referer: https://share.axosbank.com/

Response headers

access-control-expose-headers: X-Extole-Token
content-encoding: gzip
cf-cache-status: DYNAMIC
x-extole-token: B9FQ6RA2RBRC7TG2G38H3N2HV8
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
expires: Wed, 16 Oct 2024 14:40:01 GMT
p3p: CP="Please see our privacy policy"
date: Wed, 16 Oct 2024 14:40:02 GMT
content-type: text/javascript
vary: Origin, Accept-Encoding
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authentication,Authorization,X-CSRF-TOKEN,X-NONCE
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache
access-control-allow-credentials: true
x-extole-cookie-consent: YEAR
cf-ray: 8d38cd3d9afb36de-FRA
access-control-allow-origin: https://share.axosbank.com
server: cloudflare

GET
H2 200 axos-icon-16x16.jpeg
origin.xtlo.net/type=asset:clientShortName=axosbank:originAssetId=seo3ld66vsdc9sbo5c97/ 2 KB
2 KB 129ms
128ms Other
image/jpeg 143.204.215.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://origin.xtlo.net/type=asset:clientShortName=axosbank:originAssetId=seo3ld66vsdc9sbo5c97/axos-icon-16x16.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-90.fra53.r.cloudfront.net
Software: Extole /
Resource Hash: 5886d288adae65e75ac13a1af3133c4fc036737b00224a721bd1321a74368ec6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://share.axosbank.com/

Response headers

access-control-max-age: 2592000
cache-control: no-transform, max-age=2592000
content-encoding: gzip
via: 1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 1152
x-amz-cf-id: p0A4IKqi7dNM9ps7-FdPF4KIaIh9-oNshbTVLjixTrMqKtvNRAZIxg==
date: Wed, 16 Oct 2024 14:40:02 GMT
content-type: image/jpeg
last-modified: Thu, 06 Jun 2024 16:39:13 GMT
server: Extole
x-amz-cf-pop: FRA53-C1
vary: Accept-Encoding

GET
H2 200 me Show response
share.axosbank.com/api/v4/ 274 B
235 B 158ms
158ms XHR
application/json 104.16.188.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://share.axosbank.com/api/v4/me

Requested by

Host: share.axosbank.com
URL: https://share.axosbank.com/core.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.188.72 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab4699c37bb215879b37b10d264dd17be8a6eacbf12404fd9f9551b726703b75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Authorization: B9FQ6RA2RBRC7TG2G38H3N2HV8
Referer: https://share.axosbank.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/json
x-extole-app: javascript_sdk

Response headers

access-control-expose-headers: X-Extole-Token
content-encoding: gzip
cf-cache-status: DYNAMIC
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
expires: Wed, 16 Oct 2024 14:40:01 GMT
p3p: CP="Please see our privacy policy"
date: Wed, 16 Oct 2024 14:40:02 GMT
content-type: application/json
vary: Origin, Accept-Encoding
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authentication,Authorization,X-CSRF-TOKEN,X-NONCE
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 8d38cd41782836de-FRA
content-length: 172
server: cloudflare

GET
H2 200 generic-share-experience-desktop_1701811187507.png
origin.xtlo.net/type=asset:clientShortName=axosbank:originAssetId=sck6ys4w6bcxl2cti8zp/ 555 KB
557 KB 497ms
497ms Image
image/png 143.204.215.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://origin.xtlo.net/type=asset:clientShortName=axosbank:originAssetId=sck6ys4w6bcxl2cti8zp/generic-share-experience-desktop_1701811187507.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-90.fra53.r.cloudfront.net
Software: Extole /
Resource Hash: 7173448d579d20042bc4f353d9c6a09f212d9b1c072a8fd1a7a92c190c877e99

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://share.axosbank.com/

Response headers

access-control-max-age: 2592000
cache-control: no-transform, max-age=2592000
content-encoding: gzip
via: 1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-id: LHQONpCIIsHfTz33q0svp4743AMZ_h_3zCFfWR2JSrN_77ZzCoB4pA==
date: Wed, 16 Oct 2024 14:40:03 GMT
content-type: image/png
last-modified: Fri, 26 Apr 2024 16:54:27 GMT
server: Extole
x-amz-cf-pop: FRA53-C1
vary: Accept-Encoding

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| extole

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.share.axosbank.com/	1970-01-21 09:03:45	Name: xtl_bid Value: 7426383288043745485
.share.axosbank.com/	1970-01-21 09:03:45	Name: extole_token Value: B9FQ6RA2RBRC7TG2G38H3N2HV8
.axosbank.com/	1970-01-21 00:18:11	Name: __cf_bm Value: buV29ZBA9IU233WDPw3_BwrtCi92OQrltpWP_2VYckw-1729089600-1.0.1.1-q_Nnss0zOTQmiqoUqSFle6yNAxOGMqjvrMJG0eVD1h2j.y3WqHMEUY_Xy8yKtv7Lg_ZaGuSvywIsWTzCrw5v3w
.axosbank.com/	1970-01-21 09:03:45	Name: cf_clearance Value: 5j66qIlYXEokQBFo02cw6sccOqYoniALigPws1yV1ow-1729089601-1.2.1.1-ItlW5XYDc5rPvAYrUUva6NUE0uYM7zTxOhcf20OXfv_a9uSFI5FiJCDxDpUe.Hbt9HU6QPbYQJVeSY_MX3IcvzVsb4AYFy7TIL47EEi3763UPiiwFMzMFprA1OJZuHFMZEPbbZQe72tjAOU._EgrB2.C03MVVaCXInwkqzDE3gRjSG5i4auaamYkdKMg.KIImmhrD8vawolbYfYphkGHTyvfIaZYTQlm4SFPYSdQjPylHpFfIivsGjhTz6iU5EwvOPfx.vy3DH0YS8GdykBZtQNS_1chDrAZyAsfmsQMC54qy2UoHA4SPsg_Q0msM_wYLc1FrRaJ3k576dfa7MB6d3vvH7zpiVS6Lx3KaAj_7DChc3LIWRdFh2JMaGhUAnGs
share.axosbank.com/	1970-01-21 09:03:45	Name: extole_access_token Value: B9FQ6RA2RBRC7TG2G38H3N2HV8

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors https://.extole.com frame-ancestors https://.extole.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	ALLOW-FROM https://.extole.com ALLOW-FROM https://.extole.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

axosbank.extole.io
fonts.googleapis.com
fonts.gstatic.com
origin-0.xtlo.net
origin-2.xtlo.net
origin-3.xtlo.net
origin-4.xtlo.net
origin-7.xtlo.net
origin.xtlo.net
share.axosbank.com
104.16.188.72
143.204.215.81
143.204.215.90
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::200a
52.44.162.106
110779b69986a48d2b15ca6edd95a6085231dbac687ebcb6c479a0408e334b51
3a228575cdd0d6ba2b7fea0080f29caf2cb88b677b320105bf6f0b0f06b11ab8
52d29682f589c7de8d53b798e1e45c41a2c9a008ad222e97b1ec10977ed57666
5886d288adae65e75ac13a1af3133c4fc036737b00224a721bd1321a74368ec6
5a21c6bcc8713de12db47e257755378b114722794993309da681aa9fcad2bf84
5a8dfb9c78929a5de21d234d277ce716a1a3e653f3948ae86dfcef9767ba825d
5eb89517bf8ec38ee53c9452e1260359a21a2309f1945b3180e1de91b11f02d0
7173448d579d20042bc4f353d9c6a09f212d9b1c072a8fd1a7a92c190c877e99
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
9462c59f5589e48db12033a45492ad608e38f4a670a956e6d6a4407e8d3ea495
9b5d6faf197f56735f3fa0c16d5eaf465c9f8556b8c1014ddb25e17d04792f22
9c58f7b6479ec9b05a14b107c9c196f590669a8856f9e7b1dd23c764829804e4
ab4699c37bb215879b37b10d264dd17be8a6eacbf12404fd9f9551b726703b75
adf768c23e06caa3676973294122e24048a1296ae400745ba47e08bd39276e06
b92d89f9f3af2f4355c602d86610333ac09e5c414fa9b8f6ded19d498c3f1b2c
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f78e30c228ac3fa92822861ec76f201681a5925474d5f783fae15f7bd5c5afce
fcca5752bad213a81875430f1988982eaaa91b451536665ba5c31116dc598812
fd3afe6fa20b259f0c040d769395a5a746a286a9faafae85755382275b57f111
fe9560e1a9dfa734b15ec52f2b7889c2af3383ec4650f10dfe7401860bb16d1e

share.axosbank.com Open in urlscan Pro 104.16.188.72 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

95 %HTTPS

33 %IPv6

5 Domains

10 Subdomains

5 IPs

3 Countries

808 kBTransfer

1113 kBSize

5 Cookies

5 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

5 Cookies

Security Headers

Indicators

share.axosbank.com Open in urlscan Pro
104.16.188.72 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

95 %
HTTPS

33 %
IPv6

5
Domains

10
Subdomains

5
IPs

3
Countries

808 kB
Transfer

1113 kB
Size

5
Cookies

22 HTTP transactions
0 data transactions