go.rexlp1.com
Open in
urlscan Pro
52.41.218.136
Public Scan
Effective URL: https://go.rexlp1.com/?c=832&lp=74&source=OddBytes%20%28Propel%20Media%29&s1=40738&s2=&s3=&s4=&email=&fname=&lname=&ci...
Submission: On October 15 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 22nd 2023. Valid for: a year.
This is the only time go.rexlp1.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 2600:9000:249... 2600:9000:2490:ae00:5:5920:9540:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 52.41.218.136 52.41.218.136 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 1 |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-41-218-136.us-west-2.compute.amazonaws.com
go.rexlp1.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
rexlp1.com
go.rexlp1.com |
563 B |
2 |
rdtrax.com
2 redirects
track.rdtrax.com |
1 KB |
2 | 2 |
Domain | Requested by | |
---|---|---|
2 | go.rexlp1.com | |
2 | track.rdtrax.com | 2 redirects |
2 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
go.rexlp1.com Sectigo RSA Domain Validation Secure Server CA |
2023-11-22 - 2024-11-21 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://go.rexlp1.com/?c=832&lp=74&source=OddBytes%20%28Propel%20Media%29&s1=40738&s2=&s3=&s4=&email=&fname=&lname=&city=&state=&zip=&s5=wu3uv67o2dudr5t4jgr5vbm0
Frame ID: 2CFD537BB61FF530E1CBD3FDEE66C5D2
Requests: 2 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://track.rdtrax.com/a5abde58-b6a9-4111-8919-8ea6349e4b6a?s1=40738
HTTP 307
https://track.rdtrax.com/a5abde58-b6a9-4111-8919-8ea6349e4b6a/2?s1=40738 HTTP 302
https://go.rexlp1.com/?c=832&lp=74&source=OddBytes%20%28Propel%20Media%29&s1=40738&s2=&s3=&s4=&ema... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://track.rdtrax.com/a5abde58-b6a9-4111-8919-8ea6349e4b6a?s1=40738
HTTP 307
https://track.rdtrax.com/a5abde58-b6a9-4111-8919-8ea6349e4b6a/2?s1=40738 HTTP 302
https://go.rexlp1.com/?c=832&lp=74&source=OddBytes%20%28Propel%20Media%29&s1=40738&s2=&s3=&s4=&email=&fname=&lname=&city=&state=&zip=&s5=wu3uv67o2dudr5t4jgr5vbm0 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
2 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
go.rexlp1.com/ Redirect Chain
|
5 B 253 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
go.rexlp1.com/ |
196 B 310 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.track.rdtrax.com/ | Name: a5abde58-b6a9-4111-8919-8ea6349e4b6a-v4 Value: qYDENLQdoxLmkmcu70ri86mprbSULe3F8gbW0BFGjEA |
|
.track.rdtrax.com/ | Name: cc-v4 Value: glOd6MK4wB5tkao7CtZBaUS9R8kK585tStLpSyFpkWIn5Fi68TyigYfBJAd2k41QepdOCnq1no2qCaV7cOUOds43NL%2FBEiLRalbkiBeKCWyfM9n7MANAKkF6u3a%2BKeFJZsqkJx8I1fidPt%2BZt0Z74w%3D%3D |
|
go.rexlp1.com/ | Name: PHPSESSID Value: r6a4ikqa1nlllvmed2ljkc15a6 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
go.rexlp1.com
track.rdtrax.com
2600:9000:2490:ae00:5:5920:9540:93a1
52.41.218.136
086b3d6daeb676850558a6f978a9b4313de72495b698193c3358dc334686432d
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880