go.rexlp1.com Open in urlscan Pro
52.41.218.136 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://track.rdtrax.com/a5abde58-b6a9-4111-8919-8ea6349e4b6a?s1=40738
Effective URL:
https://go.rexlp1.com/?c=832&lp=74&source=OddBytes%20%28Propel%20Media%29&s1=40738&s2=&s3=&s4=&email=&fname=&lname=&ci...
Submission: On October 15 via manual (October 15th 2024, 1:25:03 pm UTC) from US — Scanned from DE

Summary HTTP 2 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 2 HTTP transactions. The main IP is 52.41.218.136, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is go.rexlp1.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 22nd 2023. Valid for: a year.

This is the only time go.rexlp1.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	2600:9000:249... 2600:9000:2490:ae00:5:5920:9540:93a1	16509 (AMAZON-02) (AMAZON-02)
2	52.41.218.136 52.41.218.136	16509 (AMAZON-02) (AMAZON-02)
2	1

2 2600:9000:2490:ae00:5:5920:9540:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

track.rdtrax.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.41.218.136 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-41-218-136.us-west-2.compute.amazonaws.com

go.rexlp1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	rexlp1.com go.rexlp1.com	563 B
2	rdtrax.com 2 redirects track.rdtrax.com	1 KB
2	2

	Domain	Requested by
2	go.rexlp1.com
2	track.rdtrax.com	2 redirects
2	2

This site contains no links.

Subject Issuer	Validity	Valid
go.rexlp1.com Sectigo RSA Domain Validation Secure Server CA	`2023-11-22` - `2024-11-21`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://go.rexlp1.com/?c=832&lp=74&source=OddBytes%20%28Propel%20Media%29&s1=40738&s2=&s3=&s4=&email=&fname=&lname=&city=&state=&zip=&s5=wu3uv67o2dudr5t4jgr5vbm0
Frame ID: 2CFD537BB61FF530E1CBD3FDEE66C5D2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://track.rdtrax.com/a5abde58-b6a9-4111-8919-8ea6349e4b6a?s1=40738 HTTP 307
https://track.rdtrax.com/a5abde58-b6a9-4111-8919-8ea6349e4b6a/2?s1=40738 HTTP 302
https://go.rexlp1.com/?c=832&lp=74&source=OddBytes%20%28Propel%20Media%29&s1=40738&s2=&s3=&s4=&ema... Page URL

Page Statistics

2
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

1 kB
Transfer

0 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://track.rdtrax.com/a5abde58-b6a9-4111-8919-8ea6349e4b6a?s1=40738 HTTP 307
https://track.rdtrax.com/a5abde58-b6a9-4111-8919-8ea6349e4b6a/2?s1=40738 HTTP 302
https://go.rexlp1.com/?c=832&lp=74&source=OddBytes%20%28Propel%20Media%29&s1=40738&s2=&s3=&s4=&email=&fname=&lname=&city=&state=&zip=&s5=wu3uv67o2dudr5t4jgr5vbm0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response go.rexlp1.com/ Redirect Chain https://track.rdtrax.com/a5abde58-b6a9-4111-8919-8ea6349e4b6a?s1=40738 https://track.rdtrax.com/a5abde58-b6a9-4111-8919-8ea6349e4b6a/2?s1=40738 https://go.rexlp1.com/?c=832&lp=74&source=OddBytes%20%28Propel%20Media%29&s1=40738&s2=&s3=&s4=&email=&fname=&lname=&city=&state=&zip=&s5=wu3uv67o2dudr5t4jgr5vbm0	5 B 253 B	1045ms 635ms	Document text/html	52.41.218.136 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://go.rexlp1.com/?c=832&lp=74&source=OddBytes%20%28Propel%20Media%29&s1=40738&s2=&s3=&s4=&email=&fname=&lname=&city=&state=&zip=&s5=wu3uv67o2dudr5t4jgr5vbm0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.41.218.136 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-41-218-136.us-west-2.compute.amazonaws.com Software Apache/2.4.56 (Amazon) PHP/5.6.40 / PHP/5.6.40 Resource Hash `086b3d6daeb676850558a6f978a9b4313de72495b698193c3358dc334686432d` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers cache-control no-cache, must-revalidate content-length 5 content-type text/html; charset=UTF-8 date Tue, 15 Oct 2024 13:24:58 GMT expires Sat, 26 Jul 1997 05:00:00 GMT pragma no-cache server Apache/2.4.56 (Amazon) PHP/5.6.40 x-powered-by PHP/5.6.40 Redirect headers cache-control no-store, no-cache, pre-check=0, post-check=0 content-length 0 date Tue, 15 Oct 2024 13:24:57 GMT expires Thu, 01 Jan 1970 00:00:00 GMT location https://go.rexlp1.com/?c=832&lp=74&source=OddBytes%20%28Propel%20Media%29&s1=40738&s2=&s3=&s4=&email=&fname=&lname=&city=&state=&zip=&s5=wu3uv67o2dudr5t4jgr5vbm0 pragma no-cache server nginx via 1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront) x-amz-cf-id fPzT4tQfwheBkcbyaRAJjimqm-gMjTXAycnZZgS3o4AU1aLKzcO6Tw== x-amz-cf-pop FRA56-P6 x-cache Miss from cloudfront
GET H2	404	favicon.ico go.rexlp1.com/	196 B 310 B	180ms 179ms	Other text/html	52.41.218.136 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://go.rexlp1.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.41.218.136 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-41-218-136.us-west-2.compute.amazonaws.com Software Apache/2.4.56 (Amazon) PHP/5.6.40 / Resource Hash `80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://go.rexlp1.com/?c=832&lp=74&source=OddBytes%20%28Propel%20Media%29&s1=40738&s2=&s3=&s4=&email=&fname=&lname=&city=&state=&zip=&s5=wu3uv67o2dudr5t4jgr5vbm0 Response headers content-length 196 date Tue, 15 Oct 2024 13:24:58 GMT content-type text/html; charset=iso-8859-1 server Apache/2.4.56 (Amazon) PHP/5.6.40

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.track.rdtrax.com/	1970-01-21 00:18:05	Name: a5abde58-b6a9-4111-8919-8ea6349e4b6a-v4 Value: qYDENLQdoxLmkmcu70ri86mprbSULe3F8gbW0BFGjEA
.track.rdtrax.com/	1970-01-21 09:02:14	Name: cc-v4 Value: glOd6MK4wB5tkao7CtZBaUS9R8kK585tStLpSyFpkWIn5Fi68TyigYfBJAd2k41QepdOCnq1no2qCaV7cOUOds43NL%2FBEiLRalbkiBeKCWyfM9n7MANAKkF6u3a%2BKeFJZsqkJx8I1fidPt%2BZt0Z74w%3D%3D
go.rexlp1.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: r6a4ikqa1nlllvmed2ljkc15a6

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://go.rexlp1.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

go.rexlp1.com
track.rdtrax.com
2600:9000:2490:ae00:5:5920:9540:93a1
52.41.218.136
086b3d6daeb676850558a6f978a9b4313de72495b698193c3358dc334686432d
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

go.rexlp1.com Open in urlscan Pro 52.41.218.136 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

2 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

1 IPs

1 Countries

1 kBTransfer

0 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

2 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

3 Cookies

1 Console Messages

Indicators

go.rexlp1.com Open in urlscan Pro
52.41.218.136 Public Scan

Screenshot
Live screenshot

Full Image

2
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

1 kB
Transfer

0 kB
Size

3
Cookies

2 HTTP transactions
0 data transactions