urlscan.io logo urlscan.io
SecurityTrails logo

op5.cxsend.com Open in urlscan Pro
44.211.18.137  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://url5237.mailix.mx/ls/click?upn=u001.5npmcoiQTgsleYiPfRq53GeyoPPsbQCHW1vcym8IFa4SVFUvUHvw80MGPwcZ-2Bmu4wBT5mFsBiYmy...
Effective URL: https://op5.cxsend.com/bye.php?093832cb018c24a6c890edf08352fad3ac2e64f87e0260d58f0825c7fc652d998ee1c9e003b28f1ab3b85025...
Submission: On April 23 via manual from MX — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 2 HTTP transactions. The main IP is 44.211.18.137, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is op5.cxsend.com. The Cisco Umbrella rank of the primary domain is 308922.
TLS certificate: Issued by Amazon RSA 2048 M01 on July 15th 2023. Valid for: a year.
This is the only time op5.cxsend.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.123.54 11377 (SENDGRID)
2 44.211.18.137 14618 (AMAZON-AES)
2 1
Apex Domain
Subdomains		 Transfer
2 cxsend.com
op5.cxsend.com — Cisco Umbrella Rank: 308922
1 KB
1 mailix.mx
url5237.mailix.mx — Cisco Umbrella Rank: 673139
331 B
2 2
Domain Requested by
2 op5.cxsend.com
1 url5237.mailix.mx 1 redirects
2 2

This site contains no links.

Subject Issuer Validity Valid
*.cxsend.com
Amazon RSA 2048 M01		 2023-07-15 -
2024-08-12		 a year crt.sh

This page contains 1 frames:

Primary Page: https://op5.cxsend.com/bye.php?093832cb018c24a6c890edf08352fad3ac2e64f87e0260d58f0825c7fc652d998ee1c9e003b28f1ab3b85025f201ee8c
Frame ID: 7C7B3AF8F763E16806ABA83F5FB4E844
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://url5237.mailix.mx/ls/click?upn=u001.5npmcoiQTgsleYiPfRq53GeyoPPsbQCHW1vcym8IFa4SVFUvUHvw80MGPw... HTTP 307
    https://url5237.mailix.mx/ls/click?upn=u001.5npmcoiQTgsleYiPfRq53GeyoPPsbQCHW1vcym8IFa4SVFUvUHvw80MGPw... HTTP 302
    https://op5.cxsend.com/bye.php?093832cb018c24a6c890edf08352fad3ac2e64f87e0260d58f0825c7fc652d998ee1... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

2
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

1 kB
Transfer

1 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://url5237.mailix.mx/ls/click?upn=u001.5npmcoiQTgsleYiPfRq53GeyoPPsbQCHW1vcym8IFa4SVFUvUHvw80MGPwcZ-2Bmu4wBT5mFsBiYmy-2FFmtLIBIxI1t5zkBRLgvbKwVJ-2BDb-2Fktrxqfs9ecSTfadhx9YRA0i1mvuv9GEh7CKv0PL8-2FsdI6IaS8eIsitJkQjwLurCMjMjT31xUm3qCCDO6PH0yuJrOA1h_W6ccQy1wi4U-2BoIt5pYYwrMm-2B1-2FEwt2-2FvmMrq8AgVLOwGAw5Nq6HyjrUektypyrRuMZyedf-2FYNLZ3Fmf9x4wcY1z98JK1IRnlOAac0L2q4Htmuz6GqWjxdZyfX88OPXcYwIgpKOuNg08BuvTWS-2B2PFjsHC-2FU47-2BwX61Vn1Kwmus3s2iN22gP8Hu4hZFjoLjrY3YRhHcw9KkVt93uAfAAWeMBvLVkSQ0Cbv9OqhBva-2BgwXATEgeh-2BJM9kEpvByFF8bLIV361RSQ9cVVNlD9Hg3OQ-3D-3D HTTP 307
    https://url5237.mailix.mx/ls/click?upn=u001.5npmcoiQTgsleYiPfRq53GeyoPPsbQCHW1vcym8IFa4SVFUvUHvw80MGPwcZ-2Bmu4wBT5mFsBiYmy-2FFmtLIBIxI1t5zkBRLgvbKwVJ-2BDb-2Fktrxqfs9ecSTfadhx9YRA0i1mvuv9GEh7CKv0PL8-2FsdI6IaS8eIsitJkQjwLurCMjMjT31xUm3qCCDO6PH0yuJrOA1h_W6ccQy1wi4U-2BoIt5pYYwrMm-2B1-2FEwt2-2FvmMrq8AgVLOwGAw5Nq6HyjrUektypyrRuMZyedf-2FYNLZ3Fmf9x4wcY1z98JK1IRnlOAac0L2q4Htmuz6GqWjxdZyfX88OPXcYwIgpKOuNg08BuvTWS-2B2PFjsHC-2FU47-2BwX61Vn1Kwmus3s2iN22gP8Hu4hZFjoLjrY3YRhHcw9KkVt93uAfAAWeMBvLVkSQ0Cbv9OqhBva-2BgwXATEgeh-2BJM9kEpvByFF8bLIV361RSQ9cVVNlD9Hg3OQ-3D-3D HTTP 302
    https://op5.cxsend.com/bye.php?093832cb018c24a6c890edf08352fad3ac2e64f87e0260d58f0825c7fc652d998ee1c9e003b28f1ab3b85025f201ee8c Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request bye.php
op5.cxsend.com/
Redirect Chain
  • http://url5237.mailix.mx/ls/click?upn=u001.5npmcoiQTgsleYiPfRq53GeyoPPsbQCHW1vcym8IFa4SVFUvUHvw80MGPwcZ-2Bmu4wBT5mFsBiYmy-2FFmtLIBIxI1t5zkBRLgvbKwVJ-2BDb-2Fktrxqfs9ecSTfadhx9YRA0i1mvuv9GEh7CKv0PL8-...
  • https://url5237.mailix.mx/ls/click?upn=u001.5npmcoiQTgsleYiPfRq53GeyoPPsbQCHW1vcym8IFa4SVFUvUHvw80MGPwcZ-2Bmu4wBT5mFsBiYmy-2FFmtLIBIxI1t5zkBRLgvbKwVJ-2BDb-2Fktrxqfs9ecSTfadhx9YRA0i1mvuv9GEh7CKv0PL8...
  • https://op5.cxsend.com/bye.php?093832cb018c24a6c890edf08352fad3ac2e64f87e0260d58f0825c7fc652d998ee1c9e003b28f1ab3b85025f201ee8c
46 B
161 B 		Document
General
Check archive.org
Download Go to
Full URL
https://op5.cxsend.com/bye.php?093832cb018c24a6c890edf08352fad3ac2e64f87e0260d58f0825c7fc652d998ee1c9e003b28f1ab3b85025f201ee8c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.211.18.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-211-18-137.compute-1.amazonaws.com
Software
Apache/2.2.25 (Win32) /
Resource Hash
8519808e6d72c815150da3a43723a3c3b132488185d8333c3978a22d9566f35e

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

content-length
46
content-type
text/html
date
Tue, 23 Apr 2024 22:23:42 GMT
server
Apache/2.2.25 (Win32)
x-robots-tag
noindex, nofollow

Redirect headers

Connection
keep-alive
Content-Length
150
Content-Type
text/html; charset=utf-8
Date
Tue, 23 Apr 2024 22:23:42 GMT
Location
https://op5.cxsend.com/bye.php?093832cb018c24a6c890edf08352fad3ac2e64f87e0260d58f0825c7fc652d998ee1c9e003b28f1ab3b85025f201ee8c
Server
nginx
X-Robots-Tag
noindex, nofollow
favicon.ico
op5.cxsend.com/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://op5.cxsend.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.211.18.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-211-18-137.compute-1.amazonaws.com
Software
Apache/2.2.25 (Win32) /
Resource Hash
34bc8422b236b989895efb34cd1580e04b55eae5bb9b50e6a5774935fbf765c7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://op5.cxsend.com/bye.php?093832cb018c24a6c890edf08352fad3ac2e64f87e0260d58f0825c7fc652d998ee1c9e003b28f1ab3b85025f201ee8c
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 22:23:42 GMT
last-modified
Tue, 26 Feb 2019 19:18:22 GMT
server
Apache/2.2.25 (Win32)
accept-ranges
bytes
etag
"e00000000a25b-47e-582d0ebac4673"
content-length
1150
content-type
image/x-icon

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

op5.cxsend.com
url5237.mailix.mx
167.89.123.54
44.211.18.137
34bc8422b236b989895efb34cd1580e04b55eae5bb9b50e6a5774935fbf765c7
8519808e6d72c815150da3a43723a3c3b132488185d8333c3978a22d9566f35e