urlscan.io logo urlscan.io
SecurityTrails logo

rexas.com Open in urlscan Pro
173.201.255.229  Public Scan

Go To Rescan Add Verdict Report
URL: https://rexas.com/how-to-buy/
Submission Tags: falconsandbox
Submission: On November 28 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 9 domains to perform 23 HTTP transactions. The main IP is 173.201.255.229, located in United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is rexas.com. The Cisco Umbrella rank of the primary domain is 787492.
TLS certificate: Issued by R11 on October 21st 2024. Valid for: 3 months.
This is the only time rexas.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 173.201.255.229 26496 (AS-26496-...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2400:52e0:1e0... 60068 (CDN77 Dat...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 104.17.24.14 13335 (CLOUDFLAR...)
1 2 23.53.42.211 20940 (AKAMAI-AS...)
3 2600:9000:26e... 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
1 2a05:d018:cc3... 16509 (AMAZON-02)
2 2a02:26f0:350... 20940 (AKAMAI-AS...)
4 2a02:26f0:350... 20940 (AKAMAI-AS...)
23 12
4    173.201.255.229 (United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-173-201-255-229.ip.secureserver.net
rexas.com
2    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2400:52e0:1e00::1082:1 (Germany)

ASN60068 (CDN77 Datacamp Limited, GB)
plausible.io
2    2606:4700:20::ac43:44cc (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.gtranslate.net
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    23.53.42.211 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-53-42-211.deploy.static.akamaitechnologies.com
img1.wsimg.com
3    2600:9000:26e8:ca00:6:9280:1080:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.adroll.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a05:d018:cc3:fe05:6a2c:6133:165d:73e6 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
2    2a02:26f0:3500:18::1724:a29c (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
events.api.secureserver.net
4    2a02:26f0:3500:899::228b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
csp.secureserver.net
Apex Domain
Subdomains		 Transfer
6 secureserver.net
events.api.secureserver.net — Cisco Umbrella Rank: 13900
csp.secureserver.net — Cisco Umbrella Rank: 13675
554 B
4 adroll.com
s.adroll.com — Cisco Umbrella Rank: 3645
d.adroll.com — Cisco Umbrella Rank: 1673
120 KB
4 rexas.com
rexas.com — Cisco Umbrella Rank: 787492
728 KB
2 wsimg.com
img1.wsimg.com — Cisco Umbrella Rank: 10742
21 KB
2 gtranslate.net
cdn.gtranslate.net — Cisco Umbrella Rank: 18899
8 KB
2 plausible.io
plausible.io — Cisco Umbrella Rank: 9011
3 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
177 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3353
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
435 KB
23 9
Domain Requested by
4 csp.secureserver.net img1.wsimg.com
4 rexas.com rexas.com
3 s.adroll.com rexas.com
s.adroll.com
2 events.api.secureserver.net img1.wsimg.com
2 img1.wsimg.com 1 redirects rexas.com
2 cdn.gtranslate.net rexas.com
2 plausible.io rexas.com
plausible.io
2 www.googletagmanager.com rexas.com
1 d.adroll.com s.adroll.com
1 region1.google-analytics.com www.googletagmanager.com
1 cdnjs.cloudflare.com rexas.com
23 11

This site contains links to these domains. Also see Links.

Domain
ramp.network
global.transak.com
www.moonpay.com
linktr.ee
x.com
t.me
medium.com
Subject Issuer Validity Valid
cpanel.rexas.com
R11		 2024-10-21 -
2025-01-19		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
plausible.io
R11		 2024-10-16 -
2025-01-14		 3 months crt.sh
gtranslate.net
WE1		 2024-11-12 -
2025-02-10		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-11-26 -
2025-02-24		 3 months crt.sh
s.adroll.com
Amazon RSA 2048 M02		 2024-05-03 -
2025-06-01		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M02		 2024-09-09 -
2025-10-09		 a year crt.sh
*.api.secureserver.net
Starfield Secure Certificate Authority - G2		 2024-07-15 -
2025-08-16		 a year crt.sh
*.secureserver.net
Starfield Secure Certificate Authority - G2		 2024-10-17 -
2025-11-18		 a year crt.sh

This page contains 1 frames:

Primary Page: https://rexas.com/how-to-buy/
Frame ID: 8AE210E6F7C611649BCA6BF4DA68F1E8
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

How To Buy - Rexas Finance

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:a|s)\.adroll\.com
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

23
Requests

96 %
HTTPS

73 %
IPv6

9
Domains

11
Subdomains

12
IPs

4
Countries

1493 kB
Transfer

3321 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 301
  • https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
rexas.com/how-to-buy/ 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rexas.com/how-to-buy/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.201.255.229 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-173-201-255-229.ip.secureserver.net
Software
Apache /
Resource Hash
1a0164fe85fe75af3f755188e7bfa2bddcabbc5c1486a713a16caf2a247f1869

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
br
content-length
4024
content-type
text/html
date
Thu, 28 Nov 2024 18:20:19 GMT
etag
"32c0275-2d06-621a1a9e4a38b-br"
last-modified
Sun, 08 Sep 2024 20:41:24 GMT
server
Apache
vary
Accept-Encoding
js
www.googletagmanager.com/gtag/ 		323 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KSYLWCPC5D
Requested by
Host: rexas.com
URL: https://rexas.com/how-to-buy/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e7b27c5a1ba3b5da282ee23b36c163fc3085791d77b8ebb314e71b8a00744e84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rexas.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 28 Nov 2024 18:20:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 18:20:19 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109826
x-xss-protection
0
server
Google Tag Manager
script.file-downloads.hash.outbound-links.pageview-props.revenue.tagged-events.js
plausible.io/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plausible.io/js/script.file-downloads.hash.outbound-links.pageview-props.revenue.tagged-events.js
Requested by
Host: rexas.com
URL: https://rexas.com/how-to-buy/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
d8b70f75c57fbec60933c46ef7cc2c8043589ae8ea47f8fb0ec75288916003d0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rexas.com/

Response headers

cdn-status
200
content-encoding
br
x-content-type-options
nosniff
date
Thu, 28 Nov 2024 18:20:19 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cachedat
11/27/2024 18:50:32
cdn-cache
HIT
cdn-requestpullcode
200
cache-control
public, must-revalidate, max-age=86400
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
153cb5b1-399a-48ef-b5bf-098c03770254
cdn-requestid
627589c40a267f4932f61c38fb6e8254
cross-origin-resource-policy
cross-origin
cdn-pullzone
682664
cdn-proxyver
1.06
application
127.0.0.1
permissions-policy
interest-cohort=()
access-control-allow-origin
*
cdn-edgestorageid
1080
server
BunnyCDN-DE1-1082
cdn-requestcountrycode
DE
logo.png
rexas.com/assets/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rexas.com/assets/logo.png
Requested by
Host: rexas.com
URL: https://rexas.com/how-to-buy/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.201.255.229 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-173-201-255-229.ip.secureserver.net
Software
Apache /
Resource Hash
dbb32fb97c114d1cf3a084220c91fb7030554270ec9e8cf213bcbb6e10569971

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rexas.com/how-to-buy/

Response headers

accept-ranges
bytes
content-length
17764
etag
"31c19a4-4564-6219cbd07e2be"
date
Thu, 28 Nov 2024 18:20:19 GMT
last-modified
Sun, 08 Sep 2024 14:48:50 GMT
content-type
image/png
server
Apache
dwf.js
cdn.gtranslate.net/widgets/latest/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.gtranslate.net/widgets/latest/dwf.js
Requested by
Host: rexas.com
URL: https://rexas.com/how-to-buy/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:44cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da3833364ef3f0d8b33c970dd9cc37243c1312f37193a0b92e99a62931bd78e7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rexas.com/

Response headers

cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"644ef5be-5128"
age
1939703
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ue1y%2FNGGUrEfvRzux2Dz1qGwRfToJrDZoBAkmIoz4u93Qc2hA9ZNpqS7f%2BudX2fqrfCRQiHI%2FItkkhw4%2FBo8ZxoaGSjtR1MCMqw7IdK2QOzLwSc4m7KrUM9yEpv2UQNRDG7%2FugrZgFdA0iRB%2FCKZ8w%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e9c5f0f3f1a03f8-FRA
expires
Thu, 06 Nov 2025 07:31:56 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=37232&min_rtt=37062&rtt_var=8076&sent=6&recv=10&lost=0&retrans=0&sent_bytes=3998&recv_bytes=2175&delivery_rate=103506&cwnd=252&unsent_bytes=0&cid=0b4b4d01318383ee&ts=68&x=0"
date
Thu, 28 Nov 2024 18:20:19 GMT
content-type
application/javascript
last-modified
Sun, 30 Apr 2023 23:11:58 GMT
vary
Accept-Encoding
server
cloudflare
all.min.js
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/js/ 		1 MB
435 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/js/all.min.js
Requested by
Host: rexas.com
URL: https://rexas.com/how-to-buy/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3447f426d02995727d4524c27a250cb188fc3afe414e2caed4fe199b469ccab0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rexas.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"619c057b-6c69d"
age
686269
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O7Q2%2FHzuYC7G%2B4Y7uCGuHDO9ugSPpc6KMW1zOakT29rdL3pxHDKrZUPeOh%2B6YUCbABSAQaibStxe7O5V6Mu%2B39fPHDt91FkZY%2FcE8xjDHS%2FjKxdPos8GgTp6bmPhx%2F6fYvAyodnR"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Tue, 18 Nov 2025 18:20:19 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 28 Nov 2024 18:20:19 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 22 Nov 2021 21:02:51 GMT
vary
Accept-Encoding
priority
u=2,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e9c5f0e5ef3dc76-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
444061
server
cloudflare
scc-c2.min.js
img1.wsimg.com/signals/js/clients/scc-c2/
Redirect Chain
  • https://img1.wsimg.com/traffic-assets/js/tccl.min.js
  • https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
105 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
Requested by
Host: rexas.com
URL: https://rexas.com/how-to-buy/
Protocol
H2
Server
23.53.42.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-53-42-211.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1b4dacb0dafda81d48ee0890ea113b3b8275bf2d16d5325f971f16eb75f7218a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rexas.com/

Response headers

content-encoding
gzip
x-amz-meta-version
0.4.7
etag
"6a7950cc31489069917bf817b62b2bfe"
x-amz-version-id
4pexUB2ckSZgPfbjokD3loiC8DEV2lsi
expires
Thu, 28 Nov 2024 18:50:20 GMT
date
Thu, 28 Nov 2024 18:20:20 GMT
last-modified
Tue, 24 Sep 2024 20:55:06 GMT
content-type
text/javascript
vary
Accept-Encoding
x-amz-id-2
QzDvbQPoC/yd79cRYoiDycnbcXh2pSFm1kZVkCYVTGf1LaJCMTtIuUb9W5RhaUG/ykPbw3BtR3s=
cache-control
max-age=1800
timing-allow-origin
*
x-amz-request-id
VGKSC2ZC5C6TW48G
accept-ranges
bytes
access-control-allow-origin
*
content-length
20968
x-amz-server-side-encryption
AES256

Redirect headers

expires
Fri, 28 Nov 2025 18:20:19 GMT
cache-control
max-age=31536000
location
https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
content-length
0
access-control-allow-origin
*
date
Thu, 28 Nov 2024 18:20:19 GMT
timing-allow-origin
*
gtm.js
www.googletagmanager.com/ 		193 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MS4W49TJ
Requested by
Host: rexas.com
URL: https://rexas.com/how-to-buy/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b06c14de2c1b5fb3b680c598c74ea4948fec3c94f947f722ff95528469351398
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rexas.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Thu, 28 Nov 2024 18:20:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 18:20:19 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Thu, 28 Nov 2024 18:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
70860
x-xss-protection
0
server
Google Tag Manager
roundtrip.js
s.adroll.com/j/YYESXDI2VJGJLOH5XYGFKL/ 		106 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/YYESXDI2VJGJLOH5XYGFKL/roundtrip.js
Requested by
Host: rexas.com
URL: https://rexas.com/how-to-buy/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:ca00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
358cda99c154a9c40b3aa42f11aa83ca7ea5eb0f1fb32baa152b91dbd5ee4ea8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rexas.com/

Response headers

Access-Control-Max-Age
600
Content-Encoding
gzip
X-Amz-Version-Id
0wizESQdEI7ZNa570hMa8hTluvinhUIv
Etag
W/"3e72912930770f5057d40fc043193fe8"
Age
366
Access-Control-Allow-Methods
GET
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
7mc-ixEQSJLWDJO0TL7rTC8s4o9wpxjJTWrP_MmS7CrqNBvKzGLOpw==
Date
Thu, 28 Nov 2024 18:14:42 GMT
Content-Type
text/javascript; charset=utf-8
Vary
accept-encoding
Last-Modified
Sat, 23 Nov 2024 12:27:34 GMT
Access-Control-Allow-Headers
*
Transfer-Encoding
chunked
Cache-Control
max-age=3600, must-revalidate
Connection
keep-alive
Access-Control-Allow-Credentials
false
Via
1.1 004e894746bfb0d8f9e19ef0400dda24.cloudfront.net (CloudFront)
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
FRA56-P10
Server
AmazonS3
X-Amz-Server-Side-Encryption
AES256
bg.png
rexas.com/assets/ 		698 KB
699 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rexas.com/assets/bg.png
Requested by
Host: rexas.com
URL: https://rexas.com/how-to-buy/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.201.255.229 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-173-201-255-229.ip.secureserver.net
Software
Apache /
Resource Hash
09f4a7cc7ac2de391a75e3949dae3e043468791260d5e5e0482d61d843b2108a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rexas.com/how-to-buy/

Response headers

accept-ranges
bytes
content-length
715186
etag
"31c02af-ae9b2-622e11705a9e2"
date
Thu, 28 Nov 2024 18:20:19 GMT
last-modified
Tue, 24 Sep 2024 17:46:49 GMT
content-type
image/png
server
Apache
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-KSYLWCPC5D&gtm=45je4bk0v9194829117za200&_p=1732818019586&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tcfd=10001&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=982680865.1732818020&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732818020&sct=1&seg=0&dl=https%3A%2F%2Frexas.com%2Fhow-to-buy%2F&dt=How%20To%20Buy%20-%20Rexas%20Finance&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1191
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KSYLWCPC5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rexas.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://rexas.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 18:20:20 GMT
content-type
text/plain
server
Golfe2
YYESXDI2VJGJLOH5XYGFKL
d.adroll.com/consent/check/ 		564 B
657 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/YYESXDI2VJGJLOH5XYGFKL?flg=1&pv=56728484486.312515&arrfrr=https%3A%2F%2Frexas.com%2Fhow-to-buy%2F&_s=12964ca8149d50ab83e87c747ac0f65e&_b=2
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/YYESXDI2VJGJLOH5XYGFKL/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe05:6a2c:6133:165d:73e6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
a962ec2f9fb9d0a656dad016c2f4de26076988c005919e6633645f3fa6cab9bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rexas.com/

Response headers

content-length
564
date
Thu, 28 Nov 2024 18:20:20 GMT
content-type
application/javascript
server
nginx/1.22.1
event
plausible.io/api/ 		2 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://plausible.io/api/event
Requested by
Host: plausible.io
URL: https://plausible.io/js/script.file-downloads.hash.outbound-links.pageview-props.revenue.tagged-events.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://rexas.com/

Response headers

x-request-id
GAw0zv6wLWu2vUINd6EH
date
Thu, 28 Nov 2024 18:20:20 GMT
content-type
text/plain; charset=utf-8
cdn-cachedat
11/28/2024 18:20:20
cdn-requestpullcode
202
cache-control
must-revalidate, max-age=0, private
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
153cb5b1-399a-48ef-b5bf-098c03770254
cdn-requestid
63c494e9727b8ca28e3232f8e3451461
access-control-allow-credentials
true
cdn-pullzone
682664
cdn-proxyver
1.06
application
127.0.0.1
permissions-policy
interest-cohort=()
access-control-allow-origin
*
content-length
2
cdn-edgestorageid
1082
server
BunnyCDN-DE1-1082
cdn-requestcountrycode
DE
en-us.png
cdn.gtranslate.net/flags/24/ 		550 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.gtranslate.net/flags/24/en-us.png
Requested by
Host: rexas.com
URL: https://rexas.com/how-to-buy/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:44cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f6e94cecd1a40df47417c30488a05108f8151a64eee2f89763d00b3198550c1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rexas.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"63692750-290"
age
214963
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nfPR6UaDiDtdcjj1%2FJtWHkKWwCsJPyDkS1pne1nA%2Fy%2BbuqxW0sww%2BIdF3p2AJW1cAKFjPbIMeJdYyX2YLoYKKYuhYnIKwPgx%2FX%2F%2FE7kt3R12PskQ3Z6sl4L2mAm%2BJCQFGS1HIBl%2FfklF4TnDMCrdBA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 26 Nov 2025 06:37:37 GMT
cf-polished
origSize=656
server-timing
cfL4;desc="?proto=TCP&rtt=38133&min_rtt=36935&rtt_var=805&sent=18&recv=24&lost=0&retrans=0&sent_bytes=11109&recv_bytes=2335&delivery_rate=272894&cwnd=257&unsent_bytes=0&cid=0b4b4d01318383ee&ts=520&x=0"
date
Thu, 28 Nov 2024 18:20:20 GMT
content-type
image/png
last-modified
Mon, 07 Nov 2022 15:42:08 GMT
vary
Accept-Encoding
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e9c5f120a2403f8-FRA
accept-ranges
bytes
content-length
550
server
cloudflare
truncated
/ 		273 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a94faa0a847e8891b7e7e1da63f3c01c2de270e7c31f5fb37c0b112ccb8c38e5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
consent_tcfv2.js
s.adroll.com/j/ 		419 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/consent_tcfv2.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/YYESXDI2VJGJLOH5XYGFKL/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:ca00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3d2b803a87bda2c6064214f81f0878c08642ab57aa744977cd45b93af7b70c2c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rexas.com/

Response headers

Access-Control-Max-Age
600
Content-Encoding
gzip
X-Amz-Version-Id
NkD8Kb6QJUQgyS_cbh5uEjNw4KOmW4t2
Etag
W/"d33c95496b44f5f21b0c399374728d4c"
Age
41
Access-Control-Allow-Methods
GET
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
CU8bnDKn6q86u0XcWis94EXJCHWNT534GFwine7p_ltw_5GLu-mJpw==
Date
Thu, 28 Nov 2024 18:20:08 GMT
Content-Type
text/javascript
Vary
accept-encoding
Last-Modified
Mon, 18 Nov 2024 23:38:38 GMT
Access-Control-Allow-Headers
*
Transfer-Encoding
chunked
Cache-Control
max-age=300, must-revalidate
Connection
keep-alive
Access-Control-Allow-Credentials
false
Via
1.1 004e894746bfb0d8f9e19ef0400dda24.cloudfront.net (CloudFront)
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
FRA56-P10
Server
AmazonS3
X-Amz-Server-Side-Encryption
AES256
nextroll-32x32.png
s.adroll.com/i/favicon/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.adroll.com/i/favicon/nextroll-32x32.png
Requested by
Host: rexas.com
URL: https://rexas.com/how-to-buy/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:ca00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rexas.com/

Response headers

Access-Control-Max-Age
600
X-Amz-Version-Id
eTpwxbAIDHDUN.4tfrROIgU_pzKN9Xh0
Etag
"403a0a7dcf2d617e7ea852bfb9d11945"
Age
48002
Access-Control-Allow-Methods
GET
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
Agrdw5hoXuAClOYii9tZUrhBvASEuAE5_7JucM50_nAor9y9Lh2DKA==
Date
Thu, 28 Nov 2024 05:00:19 GMT
Content-Type
image/png
Vary
accept-encoding
Last-Modified
Mon, 28 Jun 2021 18:19:21 GMT
Access-Control-Allow-Headers
*
Connection
keep-alive
Access-Control-Allow-Credentials
false
Via
1.1 004e894746bfb0d8f9e19ef0400dda24.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
1615
X-Amz-Cf-Pop
FRA56-P10
Server
AmazonS3
X-Amz-Server-Side-Encryption
AES256
event
events.api.secureserver.net/t/1/tl/ 		43 B
277 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.api.secureserver.net/t/1/tl/event?dh=rexas.com&dr=&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36&client_name=scc-c2&cv=0.4.7&vg=1b9d122b-4c14-4b74-893d-e28589cff28b&vtg=1b9d122b-4c14-4b74-893d-e28589cff28b&dp=%2Fhow-to-buy&trace_id=20e02b35a10a41218712d09722f8c842&cts=2024-11-28T18%3A20%3A20.129Z&hit_id=ee5c9c1f-3e6a-493e-a03a-a8b0799bf196&ht=pageview&trfd=%7B%22ap%22%3A%22cpbh-mt%22%2C%22server%22%3A%22p3plmcpnl492539%22%2C%22dcenter%22%3A%22p3%22%2C%22cp_id%22%3A%2210027904%22%2C%22cp_cl%22%3A%228%22%7D&ap=cpbh-mt&vci=837434013&z=1281682573
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:18::1724:a29c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rexas.com/

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
x-robots-tag
noindex, nofollow
cache-control
private
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
https://rexas.com
content-length
43
x-xss-protection
1; mode=block
date
Thu, 28 Nov 2024 18:20:20 GMT
content-type
image/gif
x-frame-options
DENY
event
events.api.secureserver.net/t/1/tl/ 		43 B
277 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.api.secureserver.net/t/1/tl/event?dh=rexas.com&dr=&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36&client_name=scc-c2&cv=0.4.7&vg=1b9d122b-4c14-4b74-893d-e28589cff28b&vtg=1b9d122b-4c14-4b74-893d-e28589cff28b&dp=%2Fhow-to-buy&trace_id=20e02b35a10a41218712d09722f8c842&cts=2024-11-28T18%3A20%3A20.612Z&hit_id=0027e1d8-a9f4-4174-b69f-2196bbb47754&ea=pageperf&ht=perf&eid=traffic.tcc.instrumentation.navigation.timing&trfd=%7B%22ap%22%3A%22cpbh-mt%22%2C%22server%22%3A%22p3plmcpnl492539%22%2C%22dcenter%22%3A%22p3%22%2C%22cp_id%22%3A%2210027904%22%2C%22cp_cl%22%3A%228%22%7D&ap=cpbh-mt&vci=837434013&z=604627122&tce=1732818019275&tcs=1732818018914&tdc=1732818020603&tdclee=1732818020149&tdcles=1732818020138&tdi=1732818020133&tdl=1732818019489&tdle=1732818018913&tdls=1732818018888&tfs=1732818018887&tns=1732818018886&trqs=1732818019276&tre=1732818019461&trps=1732818019457&tles=1732818020603&tlee=0&nt=navigate&LCP=805&nav_type=hard
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:18::1724:a29c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rexas.com/

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
x-robots-tag
noindex, nofollow
cache-control
private
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
https://rexas.com
content-length
43
x-xss-protection
1; mode=block
date
Thu, 28 Nov 2024 18:20:20 GMT
content-type
image/gif
x-frame-options
DENY
favicon.ico
rexas.com/ 		15 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://rexas.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.201.255.229 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-173-201-255-229.ip.secureserver.net
Software
Apache /
Resource Hash
772de875774a2c0ce20d0f4a74a2e77496aed60b95117c4bbf26aa22ceccb948

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rexas.com/how-to-buy/

Response headers

content-encoding
br
etag
"31c10ec-3c2e-6205156257880-br"
accept-ranges
bytes
content-length
8033
date
Thu, 28 Nov 2024 18:20:20 GMT
last-modified
Fri, 23 Aug 2024 03:26:10 GMT
vary
Accept-Encoding
server
Apache
content-type
image/x-icon
eventbus
csp.secureserver.net/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://csp.secureserver.net/eventbus
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:899::228b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains ; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://rexas.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type,authorization
Access-Control-Allow-Methods
OPTIONS,POST
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Content-Type
application/json
Date
Thu, 28 Nov 2024 18:20:21 GMT
Expires
Thu, 28 Nov 2024 18:20:21 GMT
Pragma
no-cache
Strict-Transport-Security
max-age=86400 ; includeSubDomains ; preload
x-amz-apigw-id
B-Ef2Fx-IAMEHeA=
x-amzn-requestid
3ee8734e-f3f1-4859-91d3-9f2e1c15b3c9
x-amzn-trace-id
Root=1-6748b465-40847ba16357281635fe18c8
x-envoy-upstream-service-time
7
eventbus
csp.secureserver.net/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://csp.secureserver.net/eventbus
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:899::228b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains ; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://rexas.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type,authorization
Access-Control-Allow-Methods
OPTIONS,POST
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Content-Type
application/json
Date
Thu, 28 Nov 2024 18:20:21 GMT
Expires
Thu, 28 Nov 2024 18:20:21 GMT
Pragma
no-cache
Strict-Transport-Security
max-age=86400 ; includeSubDomains ; preload
x-amz-apigw-id
B-Ef2EkxoAMEqQA=
x-amzn-requestid
29de3959-2046-449c-8a8a-977fc8aadd11
x-amzn-trace-id
Root=1-6748b465-01f397c001576ff9239d8469
x-envoy-upstream-service-time
5
eventbus
csp.secureserver.net/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://csp.secureserver.net/eventbus
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:899::228b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains ; preload

Request headers

Authorization
api-key b18ef4f046435b64a469b32c3c1c20a3
Referer
https://rexas.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

Strict-Transport-Security
max-age=86400 ; includeSubDomains ; preload
Cache-Control
max-age=0, no-cache, no-store
x-amz-apigw-id
B-Ef4FM7IAMEOFg=
x-envoy-upstream-service-time
101
Pragma
no-cache
x-amzn-trace-id
Root=1-6748b465-619f1b241ee35c8713eef0ba
Connection
keep-alive
x-amzn-requestid
5e6e7523-bd4c-4070-96a6-486ff29332dd
Expires
Thu, 28 Nov 2024 18:20:21 GMT
Access-Control-Allow-Origin
*
Content-Length
0
Date
Thu, 28 Nov 2024 18:20:21 GMT
Content-Type
application/json
eventbus
csp.secureserver.net/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://csp.secureserver.net/eventbus
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:899::228b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains ; preload

Request headers

Authorization
api-key 8da2217409854bee82e12dc4ca0b39fb
Referer
https://rexas.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

Strict-Transport-Security
max-age=86400 ; includeSubDomains ; preload
Cache-Control
max-age=0, no-cache, no-store
x-amz-apigw-id
B-Ef4EVXIAMEnKQ=
x-envoy-upstream-service-time
92
Pragma
no-cache
x-amzn-trace-id
Root=1-6748b465-4fd33ce43d8612115c087527
Connection
keep-alive
x-amzn-requestid
76cd1e11-6494-4877-847b-ad9ff22c5d86
Expires
Thu, 28 Nov 2024 18:20:21 GMT
Access-Control-Allow-Origin
*
Content-Length
0
Date
Thu, 28 Nov 2024 18:20:21 GMT
Content-Type
application/json

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dataLayer function| gtag function| plausible string| adroll_adv_id string| adroll_pix_id string| adroll_version boolean| __adroll_loaded object| adroll object| gtranslateSettings function| __adroll__ string| adroll_sid object| __adroll_consent_data object| __adroll function| __cmp function| __tcfapi function| __gpp object| adroll_form_fields object| adroll_third_party_forms object| adroll_third_party_detected object| adroll_snippet_errors function| adroll_tpc_callback object| google_tag_manager object| google_tag_data object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome function| onYouTubeIframeAPIReady object| gaGlobal object| _trfd object| _tcclInternal object| _expDataLayer object| _signalsDataLayer object| scc-c2 function| doGTranslate function| googleTranslateElementInit2 object| adroll_exp_list string| __adroll_url_category boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country object| $jscomp string| BANNER_VERSION string| TCF_VERSION string| IABWRITE_NO_COOKIE object| __adroll_consent_banner object| _trfq

5 Cookies

Domain/Path Name / Value
.rexas.com/ Name: _ga_KSYLWCPC5D
Value: GS1.1.1732818020.1.0.1732818020.0.0.0
.rexas.com/ Name: _ga
Value: GA1.1.982680865.1732818020
.rexas.com/ Name: _tccl_visitor
Value: 1b9d122b-4c14-4b74-893d-e28589cff28b
.rexas.com/ Name: _tccl_visit
Value: 1b9d122b-4c14-4b74-893d-e28589cff28b
.rexas.com/ Name: _scc_session
Value: pc=1&C_TOUCH=2024-11-28T18:20:20.128Z

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.gtranslate.net
cdnjs.cloudflare.com
csp.secureserver.net
d.adroll.com
events.api.secureserver.net
img1.wsimg.com
plausible.io
region1.google-analytics.com
rexas.com
s.adroll.com
www.googletagmanager.com
104.17.24.14
173.201.255.229
2001:4860:4802:32::36
23.53.42.211
2400:52e0:1e00::1082:1
2600:9000:26e8:ca00:6:9280:1080:93a1
2606:4700:20::ac43:44cc
2a00:1450:4001:831::2008
2a02:26f0:3500:18::1724:a29c
2a02:26f0:3500:899::228b
2a05:d018:cc3:fe05:6a2c:6133:165d:73e6
09f4a7cc7ac2de391a75e3949dae3e043468791260d5e5e0482d61d843b2108a
1a0164fe85fe75af3f755188e7bfa2bddcabbc5c1486a713a16caf2a247f1869
1b4dacb0dafda81d48ee0890ea113b3b8275bf2d16d5325f971f16eb75f7218a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
3447f426d02995727d4524c27a250cb188fc3afe414e2caed4fe199b469ccab0
358cda99c154a9c40b3aa42f11aa83ca7ea5eb0f1fb32baa152b91dbd5ee4ea8
3d2b803a87bda2c6064214f81f0878c08642ab57aa744977cd45b93af7b70c2c
5f6e94cecd1a40df47417c30488a05108f8151a64eee2f89763d00b3198550c1
772de875774a2c0ce20d0f4a74a2e77496aed60b95117c4bbf26aa22ceccb948
a94faa0a847e8891b7e7e1da63f3c01c2de270e7c31f5fb37c0b112ccb8c38e5
a962ec2f9fb9d0a656dad016c2f4de26076988c005919e6633645f3fa6cab9bd
b06c14de2c1b5fb3b680c598c74ea4948fec3c94f947f722ff95528469351398
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
d8b70f75c57fbec60933c46ef7cc2c8043589ae8ea47f8fb0ec75288916003d0
da3833364ef3f0d8b33c970dd9cc37243c1312f37193a0b92e99a62931bd78e7
dbb32fb97c114d1cf3a084220c91fb7030554270ec9e8cf213bcbb6e10569971
e7b27c5a1ba3b5da282ee23b36c163fc3085791d77b8ebb314e71b8a00744e84