urlscan.io logo urlscan.io
SecurityTrails logo

share.hicapitalize.com Open in urlscan Pro
54.157.33.40  Public Scan

Go To Rescan Add Verdict Report
URL: https://share.hicapitalize.com/
Submission: On August 22 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 2 domains to perform 19 HTTP transactions. The main IP is 54.157.33.40, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is share.hicapitalize.com.
TLS certificate: Issued by R3 on August 13th 2023. Valid for: 3 months.
This is the only time share.hicapitalize.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 54.157.33.40 14618 (AMAZON-AES)
7 18.154.63.44 16509 (AMAZON-02)
3 13.225.34.28 16509 (AMAZON-02)
2 108.138.199.23 16509 (AMAZON-02)
19 4
7    54.157.33.40 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-33-40.compute-1.amazonaws.com
share.hicapitalize.com
7    18.154.63.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-63-44.dus51.r.cloudfront.net
origin.xtlo.net
origin-3.xtlo.net
3    13.225.34.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-34-28.cdg3.r.cloudfront.net
origin-7.xtlo.net
origin-0.xtlo.net
2    108.138.199.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-199-23.mxp64.r.cloudfront.net
origin-2.xtlo.net
origin-4.xtlo.net
Apex Domain
Subdomains		 Transfer
12 xtlo.net
origin.xtlo.net — Cisco Umbrella Rank: 32366
origin-7.xtlo.net — Cisco Umbrella Rank: 229572
origin-0.xtlo.net — Cisco Umbrella Rank: 655862
origin-3.xtlo.net — Cisco Umbrella Rank: 962944
origin-2.xtlo.net — Cisco Umbrella Rank: 428358
origin-4.xtlo.net — Cisco Umbrella Rank: 66236
1 MB
7 hicapitalize.com
share.hicapitalize.com
78 KB
19 2
Domain Requested by
7 share.hicapitalize.com share.hicapitalize.com
6 origin.xtlo.net share.hicapitalize.com
origin.xtlo.net
2 origin-0.xtlo.net share.hicapitalize.com
1 origin-4.xtlo.net share.hicapitalize.com
1 origin-2.xtlo.net share.hicapitalize.com
1 origin-3.xtlo.net share.hicapitalize.com
1 origin-7.xtlo.net share.hicapitalize.com
19 7

This site contains links to these domains. Also see Links.

Domain
www.hicapitalize.com
www.extole.com
Subject Issuer Validity Valid
share.hicapitalize.com
R3		 2023-08-13 -
2023-11-11		 3 months crt.sh
media.extole.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-07-19		 a year crt.sh

This page contains 1 frames:

Primary Page: https://share.hicapitalize.com/
Frame ID: 02E4FB5EEC40902DF36427792BB40B86
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Capitalize Refer-a-friend Program

Page Statistics

19
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

7
Subdomains

4
IPs

1
Countries

1132 kB
Transfer

1546 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
share.hicapitalize.com/ 		19 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://share.hicapitalize.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.157.33.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-33-40.compute-1.amazonaws.com
Software
Extole /
Resource Hash
5a174c3baf0d0568abf16bd9fd4d65943ab90cf854708295eca468660e5bf952
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.extole.com frame-ancestors https://*.extole.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options ALLOW-FROM https://*.extole.com ALLOW-FROM https://*.extole.com

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authentication,Authorization,X-CSRF-TOKEN,X-NONCE
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
access-control-expose-headers
X-Extole-Token
content-encoding
gzip
content-length
4215
content-security-policy
frame-ancestors https://*.extole.com frame-ancestors https://*.extole.com
content-type
text/html;charset=UTF-8
date
Tue, 22 Aug 2023 20:52:20 GMT
p3p
CP="Please see our privacy policy"
server
Extole
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin Accept-Encoding
x-extole-token
FVK6TSQFQF358I2J5PKLTMNEV0
x-frame-options
ALLOW-FROM https://*.extole.com ALLOW-FROM https://*.extole.com
custom-fonts.css
origin.xtlo.net/type=core:clientId=546677526:coreAssetsVersion=106/media/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://origin.xtlo.net/type=core:clientId=546677526:coreAssetsVersion=106/media/custom-fonts.css
Requested by
Host: share.hicapitalize.com
URL: https://share.hicapitalize.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-44.dus51.r.cloudfront.net
Software
Extole /
Resource Hash
9bd594cec01ca5ccf21e72683b121a0d27704ac4d019027d4e185bda7d95ee18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.hicapitalize.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:06:54 GMT
content-encoding
gzip
via
1.1 d6aad4784aecf0aa7f937dad10d2faea.cloudfront.net (CloudFront)
last-modified
Mon, 07 Aug 2023 18:06:54 GMT
server
Extole
x-amz-cf-pop
DUS51-P4
age
1305926
access-control-max-age
2592000
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-cache
Hit from cloudfront
cache-control
no-transform, max-age=2592000
content-length
633
x-amz-cf-id
kcWG9B84I7xIb0ZIjdpfML5RKyFQqvGfFFI60e9zuFefeCmYEnCyGQ==
core.js
share.hicapitalize.com/ 		48 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://share.hicapitalize.com/core.js
Requested by
Host: share.hicapitalize.com
URL: https://share.hicapitalize.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.157.33.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-33-40.compute-1.amazonaws.com
Software
Extole /
Resource Hash
1becc1cc65d5edf5d7e7b553ece2aab79fe9c8db95470c2b9a999d0bd6797a07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.hicapitalize.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 20:52:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
Extole
access-control-max-age
3600
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/javascript
p3p
CP="Please see our privacy policy"
access-control-expose-headers
X-Extole-Token
cache-control
no-transform, max-age=3600
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authentication,Authorization,X-CSRF-TOKEN,X-NONCE
Capitalize_Wordmark_RGB_Purple_1660601689898.png
origin.xtlo.net/type=creativeArchive:clientId=546677526:creativeArchiveId=7201216705091411281:version=1:coreAssetsVersion=106/images/ 		28 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://origin.xtlo.net/type=creativeArchive:clientId=546677526:creativeArchiveId=7201216705091411281:version=1:coreAssetsVersion=106/images/Capitalize_Wordmark_RGB_Purple_1660601689898.png
Requested by
Host: share.hicapitalize.com
URL: https://share.hicapitalize.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-44.dus51.r.cloudfront.net
Software
Extole /
Resource Hash
f479e6dae85aead4424c2449c4393b7f4ed7042b7546eaad8f13083e43e6e917

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.hicapitalize.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 20:52:21 GMT
content-encoding
gzip
via
1.1 d6aad4784aecf0aa7f937dad10d2faea.cloudfront.net (CloudFront)
last-modified
Mon, 21 Aug 2023 18:06:14 GMT
server
Extole
x-amz-cf-pop
DUS51-P4
access-control-max-age
2592000
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
no-transform, max-age=2592000
x-amz-cf-id
BuOFhQ0z_9wRvhPbjmUFHFbYsuFn0bPvW5u5FNPu2Z8YfdWJ4AvHQA==
CAP_23_1_ReferralHeader_Desktop__2__1673641465101.png
origin.xtlo.net/type=creativeArchive:clientId=546677526:creativeArchiveId=7201216705091411281:version=1:coreAssetsVersion=106/images/ 		199 KB
170 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://origin.xtlo.net/type=creativeArchive:clientId=546677526:creativeArchiveId=7201216705091411281:version=1:coreAssetsVersion=106/images/CAP_23_1_ReferralHeader_Desktop__2__1673641465101.png
Requested by
Host: share.hicapitalize.com
URL: https://share.hicapitalize.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-44.dus51.r.cloudfront.net
Software
Extole /
Resource Hash
562af964912dcac0dec7cff59a6f34bb69a5bbde866cd5a6d6754e9edca94db9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.hicapitalize.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 20:52:21 GMT
content-encoding
gzip
via
1.1 d6aad4784aecf0aa7f937dad10d2faea.cloudfront.net (CloudFront)
last-modified
Mon, 21 Aug 2023 18:06:14 GMT
server
Extole
x-amz-cf-pop
DUS51-P4
access-control-max-age
2592000
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
no-transform, max-age=2592000
x-amz-cf-id
1E0aAfjYV8xYtMIQ7IrTE-RdouCaWHqoCwKI24Mtiq0jrAK6haecbw==
messinasans-regular.otf
origin.xtlo.net/type=core:clientId=546677526:coreAssetsVersion=106/media/ 		41 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://origin.xtlo.net/type=core:clientId=546677526:coreAssetsVersion=106/media/messinasans-regular.otf
Requested by
Host: origin.xtlo.net
URL: https://origin.xtlo.net/type=core:clientId=546677526:coreAssetsVersion=106/media/custom-fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-44.dus51.r.cloudfront.net
Software
Extole /
Resource Hash
21013be5aa2127bc0e06b8972f689a17f9eb077efdac1d61b492914d46dc3eb0

Request headers

Referer
https://origin.xtlo.net/type=core:clientId=546677526:coreAssetsVersion=106/media/custom-fonts.css
Origin
https://share.hicapitalize.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 19:13:59 GMT
content-encoding
gzip
via
1.1 c37b7e69b10b90188d923a2d02d4e71a.cloudfront.net (CloudFront)
last-modified
Mon, 21 Aug 2023 19:13:59 GMT
server
Extole
x-amz-cf-pop
DUS51-P4
age
92301
access-control-max-age
2592000
vary
Accept-Encoding
content-type
application/x-font-otf
access-control-allow-origin
*
x-cache
Hit from cloudfront
cache-control
no-transform, max-age=2592000
x-amz-cf-id
028n-IW8otbRqjbDlGE0wkeuIM68X4jgUv3Z0FQq_rX4igcOP3eYGA==
MainView.js
origin-7.xtlo.net/type=creativeArchive:clientId=546677526:creativeArchiveId=7201216705091411281:version=1:coreAssetsVersion=106/js/ 		1 KB
1014 B 		Script
General
Check archive.org
Download Go to
Full URL
https://origin-7.xtlo.net/type=creativeArchive:clientId=546677526:creativeArchiveId=7201216705091411281:version=1:coreAssetsVersion=106/js/MainView.js?site=share.hicapitalize.com
Requested by
Host: share.hicapitalize.com
URL: https://share.hicapitalize.com/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.34.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-34-28.cdg3.r.cloudfront.net
Software
Extole /
Resource Hash
73d37568a7f3ee18dcc27d300cfa2a7ce835a3d7b2599a2db79d88ae9b61ff5e

Request headers

Referer
https://share.hicapitalize.com/
Origin
https://share.hicapitalize.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 17:20:09 GMT
content-encoding
gzip
via
1.1 55429e7ef2adea879b483fc335a60902.cloudfront.net (CloudFront)
last-modified
Mon, 14 Aug 2023 17:46:01 GMT
server
Extole
x-amz-cf-pop
CDG3-C2
age
99132
access-control-max-age
2592000
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-cache
Hit from cloudfront
cache-control
no-transform, max-age=2592000
content-length
613
x-amz-cf-id
vXS5ABmG2WiSiEWDjTOKojiVTG5m88yHxf7nGbJEEJL8n42xFNpmpw==
user-service.js
origin-0.xtlo.net/type=core:clientId=546677526:coreAssetsVersion=106/common/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://origin-0.xtlo.net/type=core:clientId=546677526:coreAssetsVersion=106/common/user-service.js?site=share.hicapitalize.com
Requested by
Host: share.hicapitalize.com
URL: https://share.hicapitalize.com/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.34.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-34-28.cdg3.r.cloudfront.net
Software
Extole /
Resource Hash
21948b980a67b1737f956459d98af1d764551b47c774c7f106472a5c212939dd

Request headers

Referer
https://share.hicapitalize.com/
Origin
https://share.hicapitalize.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 17:20:10 GMT
content-encoding
gzip
via
1.1 55429e7ef2adea879b483fc335a60902.cloudfront.net (CloudFront)
last-modified
Mon, 21 Aug 2023 17:20:10 GMT
server
Extole
x-amz-cf-pop
CDG3-C2
age
99131
access-control-max-age
2592000
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-cache
Hit from cloudfront
cache-control
no-transform, max-age=2592000
content-length
1892
x-amz-cf-id
Bfrt4gMjRg4bd2lSzB7nANFuFzSoNuxAb0Hhi0p1iE_2UczDnVbEgg==
create-zone-builder.js
origin-3.xtlo.net/type=core:clientId=546677526:coreAssetsVersion=106/common/ 		1 KB
970 B 		Script
General
Check archive.org
Download Go to
Full URL
https://origin-3.xtlo.net/type=core:clientId=546677526:coreAssetsVersion=106/common/create-zone-builder.js?site=share.hicapitalize.com
Requested by
Host: share.hicapitalize.com
URL: https://share.hicapitalize.com/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-44.dus51.r.cloudfront.net
Software
Extole /
Resource Hash
ccc2ce9852d6e07176e7d57c3072ac0324fda0945fd7adbe70b7948053045368

Request headers

Referer
https://share.hicapitalize.com/
Origin
https://share.hicapitalize.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 20:52:21 GMT
content-encoding
gzip
via
1.1 c37b7e69b10b90188d923a2d02d4e71a.cloudfront.net (CloudFront)
last-modified
Tue, 22 Aug 2023 20:52:21 GMT
server
Extole
x-amz-cf-pop
DUS51-P4
access-control-max-age
2592000
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
no-transform, max-age=2592000
content-length
577
x-amz-cf-id
JrnLy6hZ3DSAHPP3eCB4A7-xrzMR9J-YblOPhggxi_S7GXI60tUCvg==
ElementControl.js
origin-0.xtlo.net/type=core:clientId=546677526:coreAssetsVersion=106/common/client/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://origin-0.xtlo.net/type=core:clientId=546677526:coreAssetsVersion=106/common/client/ElementControl.js?site=share.hicapitalize.com
Requested by
Host: share.hicapitalize.com
URL: https://share.hicapitalize.com/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.34.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-34-28.cdg3.r.cloudfront.net
Software
Extole /
Resource Hash
1da6f15efc490cd093f65c516b3aeeda0b2b0022c60faf86eb9859bc158543c1

Request headers

Referer
https://share.hicapitalize.com/
Origin
https://share.hicapitalize.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 17:20:10 GMT
content-encoding
gzip
via
1.1 55429e7ef2adea879b483fc335a60902.cloudfront.net (CloudFront)
last-modified
Mon, 21 Aug 2023 17:20:10 GMT
server
Extole
x-amz-cf-pop
CDG3-C2
age
99131
access-control-max-age
2592000
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-cache
Hit from cloudfront
cache-control
no-transform, max-age=2592000
content-length
1064
x-amz-cf-id
GzZsTfNPDrXpbC9Sv1hOFsUVESin_MZ_Ay7TYWCiXhPRFXRpSkEWIQ==
view-state.js
origin-2.xtlo.net/type=core:clientId=546677526:coreAssetsVersion=106/common/client/ 		1 KB
855 B 		Script
General
Check archive.org
Download Go to
Full URL
https://origin-2.xtlo.net/type=core:clientId=546677526:coreAssetsVersion=106/common/client/view-state.js?site=share.hicapitalize.com
Requested by
Host: share.hicapitalize.com
URL: https://share.hicapitalize.com/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.199.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-199-23.mxp64.r.cloudfront.net
Software
Extole /
Resource Hash
f9bdffcc23e4fb8f94ccf46d3db43d8c25d6a00cc385b9d363a89eb756963506

Request headers

Referer
https://share.hicapitalize.com/
Origin
https://share.hicapitalize.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 20:52:21 GMT
content-encoding
gzip
via
1.1 d5053fd5be76680afe1fe579c06f33e2.cloudfront.net (CloudFront)
last-modified
Tue, 22 Aug 2023 20:52:21 GMT
server
Extole
x-amz-cf-pop
MXP64-P2
access-control-max-age
2592000
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
no-transform, max-age=2592000
content-length
463
x-amz-cf-id
RJiL0bgcZ56uj4Jz0MLu7EQVWznYkvy5mmql7o0ed9HS8pef2DPwOg==
api.js
origin-4.xtlo.net/type=core:clientId=546677526:coreAssetsVersion=106/common/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://origin-4.xtlo.net/type=core:clientId=546677526:coreAssetsVersion=106/common/api.js?site=share.hicapitalize.com
Requested by
Host: share.hicapitalize.com
URL: https://share.hicapitalize.com/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.199.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-199-23.mxp64.r.cloudfront.net
Software
Extole /
Resource Hash
0ac207b090ec77ff621929ee3f6827a27577f8290f35208dd48a9e66a5ecb79f

Request headers

Referer
https://share.hicapitalize.com/
Origin
https://share.hicapitalize.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 22:12:14 GMT
content-encoding
gzip
via
1.1 d5053fd5be76680afe1fe579c06f33e2.cloudfront.net (CloudFront)
last-modified
Mon, 07 Aug 2023 22:12:14 GMT
server
Extole
x-amz-cf-pop
MXP64-P2
age
1291207
access-control-max-age
2592000
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-cache
Hit from cloudfront
cache-control
no-transform, max-age=2592000
content-length
1413
x-amz-cf-id
rFboiGEHEukxIPeFwO_sXyN5Zik8_kduwfQIXxHVMB73um076mE_-w==
me
share.hicapitalize.com/api/v4/ 		274 B
796 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://share.hicapitalize.com/api/v4/me
Requested by
Host: share.hicapitalize.com
URL: https://share.hicapitalize.com/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.157.33.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-33-40.compute-1.amazonaws.com
Software
Extole /
Resource Hash
42ea4a00af194802253dfbefe7944edca590329f80cefcd860252b4a1227eec3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://share.hicapitalize.com/
accept-language
de-DE,de;q=0.9
x-extole-app
javascript_sdk
authorization
FVK6TSQFQF358I2J5PKLTMNEV0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
content-type
application/json

Response headers

date
Tue, 22 Aug 2023 20:52:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
Extole
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json
p3p
CP="Please see our privacy policy"
access-control-expose-headers
X-Extole-Token
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authentication,Authorization,X-CSRF-TOKEN,X-NONCE
content-length
170
expires
Tue, 22 Aug 2023 20:52:20 GMT
share_experience
share.hicapitalize.com/zones/ 		279 KB
54 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://share.hicapitalize.com/zones/share_experience
Requested by
Host: share.hicapitalize.com
URL: https://share.hicapitalize.com/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.157.33.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-33-40.compute-1.amazonaws.com
Software
Extole /
Resource Hash
7dab8fe3ccc8007891d7a09d5461e50c8e4dd9a99749b234a73d0cb1df310fa8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://share.hicapitalize.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 22 Aug 2023 20:52:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="Please see our privacy policy"
server
Extole
x-extole-token
FVK6TSQFQF358I2J5PKLTMNEV0
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
text/javascript
access-control-allow-origin
https://share.hicapitalize.com
access-control-expose-headers
X-Extole-Token
cache-control
no-cache
access-control-allow-credentials
true
x-extole-cookie-consent
YEAR
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authentication,Authorization,X-CSRF-TOKEN,X-NONCE
expires
Tue, 22 Aug 2023 20:52:20 GMT
duplicateionic-regular.otf
origin.xtlo.net/type=core:clientId=546677526:coreAssetsVersion=106/media/ 		125 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://origin.xtlo.net/type=core:clientId=546677526:coreAssetsVersion=106/media/duplicateionic-regular.otf
Requested by
Host: origin.xtlo.net
URL: https://origin.xtlo.net/type=core:clientId=546677526:coreAssetsVersion=106/media/custom-fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-44.dus51.r.cloudfront.net
Software
Extole /
Resource Hash
2cc3b89b3b0748c53fbd8c3fe508c95178c4730be70eb4012b85f15d56fc9044

Request headers

Referer
https://origin.xtlo.net/type=core:clientId=546677526:coreAssetsVersion=106/media/custom-fonts.css
Origin
https://share.hicapitalize.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 19:13:59 GMT
content-encoding
gzip
via
1.1 c37b7e69b10b90188d923a2d02d4e71a.cloudfront.net (CloudFront)
last-modified
Mon, 21 Aug 2023 19:13:59 GMT
server
Extole
x-amz-cf-pop
DUS51-P4
age
92302
access-control-max-age
2592000
vary
Accept-Encoding
content-type
application/x-font-otf
access-control-allow-origin
*
x-cache
Hit from cloudfront
cache-control
no-transform, max-age=2592000
x-amz-cf-id
zGR3POyvI_i16q3UW-ngpyx5Oxf2G_COgSOMb1fAKQ7Mu5Mnd1oXYQ==
metrics
share.hicapitalize.com/api/v4/debug/ 		35 B
723 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://share.hicapitalize.com/api/v4/debug/metrics
Requested by
Host: share.hicapitalize.com
URL: https://share.hicapitalize.com/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.157.33.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-33-40.compute-1.amazonaws.com
Software
Extole /
Resource Hash
727d1813d1069c37ff633286c9aa09ab768e027af25218effe2f066fd654451d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://share.hicapitalize.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 22 Aug 2023 20:52:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
Extole
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://share.hicapitalize.com
access-control-expose-headers
X-Extole-Token
cache-control
no-cache
access-control-allow-credentials
true
p3p
CP="Please see our privacy policy"
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authentication,Authorization,X-CSRF-TOKEN,X-NONCE
content-length
55
expires
Tue, 22 Aug 2023 20:52:20 GMT
me
share.hicapitalize.com/api/v4/ 		274 B
796 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://share.hicapitalize.com/api/v4/me
Requested by
Host: share.hicapitalize.com
URL: https://share.hicapitalize.com/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.157.33.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-33-40.compute-1.amazonaws.com
Software
Extole /
Resource Hash
42ea4a00af194802253dfbefe7944edca590329f80cefcd860252b4a1227eec3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://share.hicapitalize.com/
accept-language
de-DE,de;q=0.9
x-extole-app
javascript_sdk
authorization
FVK6TSQFQF358I2J5PKLTMNEV0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
content-type
application/json

Response headers

date
Tue, 22 Aug 2023 20:52:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
Extole
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json
p3p
CP="Please see our privacy policy"
access-control-expose-headers
X-Extole-Token
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authentication,Authorization,X-CSRF-TOKEN,X-NONCE
content-length
170
expires
Tue, 22 Aug 2023 20:52:20 GMT
AdobeStock_103566992_tall_1660605383901.jpg
origin.xtlo.net/type=creativeArchive:clientId=546677526:creativeArchiveId=7201216704238239458:version=1:coreAssetsVersion=106/images/ 		782 KB
766 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://origin.xtlo.net/type=creativeArchive:clientId=546677526:creativeArchiveId=7201216704238239458:version=1:coreAssetsVersion=106/images/AdobeStock_103566992_tall_1660605383901.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-44.dus51.r.cloudfront.net
Software
Extole /
Resource Hash
fb99bbfb1e3b32252de24a6d2e6dddb560ed40d33401419c1fcad16338454f47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.hicapitalize.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 19:13:59 GMT
content-encoding
gzip
via
1.1 d6aad4784aecf0aa7f937dad10d2faea.cloudfront.net (CloudFront)
last-modified
Mon, 21 Aug 2023 18:06:17 GMT
server
Extole
x-amz-cf-pop
DUS51-P4
age
92302
access-control-max-age
2592000
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-cache
Hit from cloudfront
cache-control
no-transform, max-age=2592000
x-amz-cf-id
Z5QrIdCe80wp7IoOvmjx3GaY0E1E6gpu31wwlAttuXtcGQDNtjUWSQ==
metrics
share.hicapitalize.com/api/v4/debug/ 		35 B
723 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://share.hicapitalize.com/api/v4/debug/metrics
Requested by
Host: share.hicapitalize.com
URL: https://share.hicapitalize.com/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.157.33.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-33-40.compute-1.amazonaws.com
Software
Extole /
Resource Hash
bdabe2b4c7a773aad1bf7539233b9b7cb57870c17363babdc0a8d2e1f845664c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://share.hicapitalize.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 22 Aug 2023 20:52:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
Extole
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://share.hicapitalize.com
access-control-expose-headers
X-Extole-Token
cache-control
no-cache
access-control-allow-credentials
true
p3p
CP="Please see our privacy policy"
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authentication,Authorization,X-CSRF-TOKEN,X-NONCE
content-length
55
expires
Tue, 22 Aug 2023 20:52:20 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| extole

3 Cookies

Domain/Path Name / Value
.share.hicapitalize.com/ Name: access_token
Value: FVK6TSQFQF358I2J5PKLTMNEV0
.share.hicapitalize.com/ Name: xtl_bid
Value: 7270252377259341170
share.hicapitalize.com/ Name: extole_access_token
Value: FVK6TSQFQF358I2J5PKLTMNEV0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors https://*.extole.com frame-ancestors https://*.extole.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options ALLOW-FROM https://*.extole.com ALLOW-FROM https://*.extole.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

origin-0.xtlo.net
origin-2.xtlo.net
origin-3.xtlo.net
origin-4.xtlo.net
origin-7.xtlo.net
origin.xtlo.net
share.hicapitalize.com
108.138.199.23
13.225.34.28
18.154.63.44
54.157.33.40
0ac207b090ec77ff621929ee3f6827a27577f8290f35208dd48a9e66a5ecb79f
1becc1cc65d5edf5d7e7b553ece2aab79fe9c8db95470c2b9a999d0bd6797a07
1da6f15efc490cd093f65c516b3aeeda0b2b0022c60faf86eb9859bc158543c1
21013be5aa2127bc0e06b8972f689a17f9eb077efdac1d61b492914d46dc3eb0
21948b980a67b1737f956459d98af1d764551b47c774c7f106472a5c212939dd
2cc3b89b3b0748c53fbd8c3fe508c95178c4730be70eb4012b85f15d56fc9044
42ea4a00af194802253dfbefe7944edca590329f80cefcd860252b4a1227eec3
562af964912dcac0dec7cff59a6f34bb69a5bbde866cd5a6d6754e9edca94db9
5a174c3baf0d0568abf16bd9fd4d65943ab90cf854708295eca468660e5bf952
727d1813d1069c37ff633286c9aa09ab768e027af25218effe2f066fd654451d
73d37568a7f3ee18dcc27d300cfa2a7ce835a3d7b2599a2db79d88ae9b61ff5e
7dab8fe3ccc8007891d7a09d5461e50c8e4dd9a99749b234a73d0cb1df310fa8
9bd594cec01ca5ccf21e72683b121a0d27704ac4d019027d4e185bda7d95ee18
bdabe2b4c7a773aad1bf7539233b9b7cb57870c17363babdc0a8d2e1f845664c
ccc2ce9852d6e07176e7d57c3072ac0324fda0945fd7adbe70b7948053045368
f479e6dae85aead4424c2449c4393b7f4ed7042b7546eaad8f13083e43e6e917
f9bdffcc23e4fb8f94ccf46d3db43d8c25d6a00cc385b9d363a89eb756963506
fb99bbfb1e3b32252de24a6d2e6dddb560ed40d33401419c1fcad16338454f47