monitoring.exp.ptrx.net Open in urlscan Pro
54.71.253.229 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://monitoring.exp.ptrx.net/
Submission Tags: phishingrod
Submission: On July 15 via api (July 15th 2023, 2:32:29 am UTC) from DE — Scanned from DE

Summary HTTP 10 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 54.71.253.229, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is monitoring.exp.ptrx.net.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 9th 2023. Valid for: 7 months.

This is the only time monitoring.exp.ptrx.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
10	54.71.253.229 54.71.253.229		16509 (AMAZON-02) (AMAZON-02)
10	1

10 54.71.253.229 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-71-253-229.us-west-2.compute.amazonaws.com

monitoring.exp.ptrx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	ptrx.net monitoring.exp.ptrx.net	2 MB
10	1

	Domain	Requested by
10	monitoring.exp.ptrx.net	monitoring.exp.ptrx.net
10	1

This site contains links to these domains. Also see Links.

Domain
corelight.com

Subject Issuer	Validity	Valid
monitoring.exp.ptrx.net Amazon RSA 2048 M02	`2023-02-09` - `2023-09-12`	7 months	crt.sh

This page contains 1 frames:

Primary Page: https://monitoring.exp.ptrx.net/
Frame ID: 480E809504CC4A278B9B1B81015EB8B5
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Monitoring

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

2100 kB
Transfer

9717 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://corelight.com/support
Title: Contact Support

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response monitoring.exp.ptrx.net/	661 B 602 B	621ms 246ms	Document text/html	54.71.253.229 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://monitoring.exp.ptrx.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.71.253.229 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-71-253-229.us-west-2.compute.amazonaws.com Software / Resource Hash `807c5451ff07bf3719eb3482be7aede8377cd15e56ded987b1adca7eda3d3b5b` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-disposition inline content-encoding gzip content-length 363 content-type text/html date Sat, 15 Jul 2023 02:32:21 GMT x-amz-apigw-id IFXAZFJtvHcFUcw= x-amzn-requestid 0ce88065-9e85-4645-867d-857e37e73784 x-amzn-trace-id Root=1-64b20535-6aa09b0703a0b4f51893759a;Sampled=0;lineage=46f215a9:0
GET H2	200	env.js Show response monitoring.exp.ptrx.net/	208 B 352 B	196ms 195ms	Script application/javascript	54.71.253.229 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://monitoring.exp.ptrx.net/env.js Requested by Host: monitoring.exp.ptrx.net URL: https://monitoring.exp.ptrx.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.71.253.229 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-71-253-229.us-west-2.compute.amazonaws.com Software / Resource Hash `4ecc5a6daad54b945890cac0fdb74e2535d3f8402483401627e5961fb88e79cf` Request headers accept-language de-DE,de;q=0.9 Referer https://monitoring.exp.ptrx.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 15 Jul 2023 02:32:21 GMT x-amzn-requestid 1a8a434d-4271-40f4-87f0-4a6f10c46b09 content-length 208 x-amz-apigw-id IFXAbF9VvHcFWFw= content-type application/javascript
GET H2	200	version.js Show response monitoring.exp.ptrx.net/	38 B 299 B	1890ms 1889ms	Script application/javascript	54.71.253.229 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://monitoring.exp.ptrx.net/version.js Requested by Host: monitoring.exp.ptrx.net URL: https://monitoring.exp.ptrx.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.71.253.229 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-71-253-229.us-west-2.compute.amazonaws.com Software / Resource Hash `832be8e4e6acf8a801113822efd71ce9576830135cc9d64dbfcf333650209c6c` Request headers accept-language de-DE,de;q=0.9 Referer https://monitoring.exp.ptrx.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 15 Jul 2023 02:32:23 GMT content-encoding gzip x-amzn-trace-id Root=1-64b20535-2d7a8487064dcfd4061743e2;Sampled=0;lineage=46f215a9:0 x-amzn-requestid 8998d7bf-efcb-45b5-9294-1c7b06a1bfc6 content-type application/javascript content-disposition inline x-amz-apigw-id IFXAbGxtvHcFwFQ= content-length 54
GET H2	200	styles.ef46db3751d8e999.css monitoring.exp.ptrx.net/	0 254 B	1890ms 1888ms	Stylesheet text/css	54.71.253.229 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://monitoring.exp.ptrx.net/styles.ef46db3751d8e999.css Requested by Host: monitoring.exp.ptrx.net URL: https://monitoring.exp.ptrx.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.71.253.229 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-71-253-229.us-west-2.compute.amazonaws.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer https://monitoring.exp.ptrx.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 15 Jul 2023 02:32:23 GMT content-encoding gzip x-amzn-trace-id Root=1-64b20535-7db74cdd14f59d4c0ae8b166;Sampled=0;lineage=46f215a9:0 x-amzn-requestid 0e7cd12a-5d18-4725-a32a-407de8967207 content-type text/css content-disposition inline x-amz-apigw-id IFXAbFvOPHcF_eA= content-length 20
GET H2	200	runtime.8a4d7d58727e2d8b.esm.js Show response monitoring.exp.ptrx.net/	2 KB 1 KB	1890ms 1889ms	Script application/javascript	54.71.253.229 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://monitoring.exp.ptrx.net/runtime.8a4d7d58727e2d8b.esm.js Requested by Host: monitoring.exp.ptrx.net URL: https://monitoring.exp.ptrx.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.71.253.229 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-71-253-229.us-west-2.compute.amazonaws.com Software / Resource Hash `10149f13498c613f08b2d0c1165f37a7d74ba0c782e75b9c1057a149bbf046f8` Request headers Referer https://monitoring.exp.ptrx.net/ Origin https://monitoring.exp.ptrx.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 15 Jul 2023 02:32:23 GMT content-encoding gzip x-amzn-trace-id Root=1-64b20535-7cac183d43d1ed143a537636;Sampled=0;lineage=46f215a9:0 x-amzn-requestid 822820d0-4455-4f9a-b19b-0fb9e8072bcb content-type application/javascript content-disposition inline x-amz-apigw-id IFXAbG9DvHcFRHQ= content-length 1107
GET H2	200	polyfills.36ae99912e3e4d4f.esm.js Show response monitoring.exp.ptrx.net/	90 KB 32 KB	1890ms 1889ms	Script application/javascript	54.71.253.229 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://monitoring.exp.ptrx.net/polyfills.36ae99912e3e4d4f.esm.js Requested by Host: monitoring.exp.ptrx.net URL: https://monitoring.exp.ptrx.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.71.253.229 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-71-253-229.us-west-2.compute.amazonaws.com Software / Resource Hash `ec2cf55cef9625992160ef0f0ed0c6e2bd0ba3cba8ec714757fcc3cce0dfe3ce` Request headers Referer https://monitoring.exp.ptrx.net/ Origin https://monitoring.exp.ptrx.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 15 Jul 2023 02:32:23 GMT content-encoding gzip x-amzn-trace-id Root=1-64b20535-6d32000f13106d5b55ac951f;Sampled=0;lineage=46f215a9:0 x-amzn-requestid 4d01ec36-95b2-4b87-b629-041e8ca3f84f content-type application/javascript content-disposition inline x-amz-apigw-id IFXAbGlzvHcFgtQ= content-length 32949
GET H2	200	main.9ea656235f360062.esm.js Show response monitoring.exp.ptrx.net/	9 MB 2 MB	1357ms 1356ms	Script application/javascript	54.71.253.229 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://monitoring.exp.ptrx.net/main.9ea656235f360062.esm.js Requested by Host: monitoring.exp.ptrx.net URL: https://monitoring.exp.ptrx.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.71.253.229 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-71-253-229.us-west-2.compute.amazonaws.com Software / Resource Hash `0df15f254ec1657df1ec5250aa0cd1fd68ce98781f7e9aecd47831282eb56ee4` Request headers Referer https://monitoring.exp.ptrx.net/ Origin https://monitoring.exp.ptrx.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 15 Jul 2023 02:32:22 GMT content-encoding gzip x-amzn-trace-id Root=1-64b20535-6f1f33640b1ece402dfd5932;Sampled=0;lineage=46f215a9:0 x-amzn-requestid a1302387-2bc2-4730-a1a3-a3e0107d56e8 content-type application/javascript content-disposition inline x-amz-apigw-id IFXAbE4QPHcF-lQ= content-length 2000949
GET H2	200	DIN2014Web-Regular.woff2 monitoring.exp.ptrx.net/assets/fonts/din-2014/	34 KB 35 KB	291ms 291ms	Font application/octet-stream	54.71.253.229 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://monitoring.exp.ptrx.net/assets/fonts/din-2014/DIN2014Web-Regular.woff2 Requested by Host: monitoring.exp.ptrx.net URL: https://monitoring.exp.ptrx.net/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.71.253.229 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-71-253-229.us-west-2.compute.amazonaws.com Software / Resource Hash `d261cd66e92bf497d570254e3155ca870fc9b50a0d091e7dab679ab4d96c9087` Request headers Referer https://monitoring.exp.ptrx.net/login Origin https://monitoring.exp.ptrx.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 15 Jul 2023 02:32:25 GMT content-encoding gzip content-disposition inline x-amzn-trace-id Root=1-64b20539-0c5e636f76a751af34a46405;Sampled=0;lineage=46f215a9:0 x-amzn-requestid f5589600-98e3-46de-bfac-838d8cc98a00 content-length 35273 x-amz-apigw-id IFXA_HXfvHcFauw=
GET H2	200	DIN2014Web-Bold.woff2 monitoring.exp.ptrx.net/assets/fonts/din-2014/	37 KB 37 KB	267ms 266ms	Font application/octet-stream	54.71.253.229 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://monitoring.exp.ptrx.net/assets/fonts/din-2014/DIN2014Web-Bold.woff2 Requested by Host: monitoring.exp.ptrx.net URL: https://monitoring.exp.ptrx.net/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.71.253.229 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-71-253-229.us-west-2.compute.amazonaws.com Software / Resource Hash `466bedeffd7ad61da02d2f7f5cd72f1cb66f12af7959942b4332b545034536ef` Request headers Referer https://monitoring.exp.ptrx.net/login Origin https://monitoring.exp.ptrx.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 15 Jul 2023 02:32:25 GMT content-encoding gzip content-disposition inline x-amzn-trace-id Root=1-64b20539-74ce9b796570b38f7e47693a;Sampled=0;lineage=46f215a9:0 x-amzn-requestid 5559c920-55c9-4031-aed5-74c760b7cc8b content-length 37425 x-amz-apigw-id IFXA_FNqvHcFwGA=
GET H2	200	DIN2014Web-Demi.woff2 monitoring.exp.ptrx.net/assets/fonts/din-2014/	37 KB 37 KB	254ms 254ms	Font application/octet-stream	54.71.253.229 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://monitoring.exp.ptrx.net/assets/fonts/din-2014/DIN2014Web-Demi.woff2 Requested by Host: monitoring.exp.ptrx.net URL: https://monitoring.exp.ptrx.net/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.71.253.229 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-71-253-229.us-west-2.compute.amazonaws.com Software / Resource Hash `69cf8a37cae4bb9b8a141f9c5073b3ca8f6f6e45caca2d21ab824c40e7a30db6` Request headers Referer https://monitoring.exp.ptrx.net/login Origin https://monitoring.exp.ptrx.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 15 Jul 2023 02:32:25 GMT content-encoding gzip content-disposition inline x-amzn-trace-id Root=1-64b20539-6439c9b42bac618c5783a3d6;Sampled=0;lineage=46f215a9:0 x-amzn-requestid fbf745f7-663a-4a3a-b781-7e6ab6aa7964 content-length 37565 x-amz-apigw-id IFXA_FcqvHcFbxQ=

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

monitoring.exp.ptrx.net
54.71.253.229
0df15f254ec1657df1ec5250aa0cd1fd68ce98781f7e9aecd47831282eb56ee4
10149f13498c613f08b2d0c1165f37a7d74ba0c782e75b9c1057a149bbf046f8
466bedeffd7ad61da02d2f7f5cd72f1cb66f12af7959942b4332b545034536ef
4ecc5a6daad54b945890cac0fdb74e2535d3f8402483401627e5961fb88e79cf
69cf8a37cae4bb9b8a141f9c5073b3ca8f6f6e45caca2d21ab824c40e7a30db6
807c5451ff07bf3719eb3482be7aede8377cd15e56ded987b1adca7eda3d3b5b
832be8e4e6acf8a801113822efd71ce9576830135cc9d64dbfcf333650209c6c
d261cd66e92bf497d570254e3155ca870fc9b50a0d091e7dab679ab4d96c9087
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec2cf55cef9625992160ef0f0ed0c6e2bd0ba3cba8ec714757fcc3cce0dfe3ce

monitoring.exp.ptrx.net Open in urlscan Pro 54.71.253.229 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

10 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

2100 kBTransfer

9717 kBSize

0 Cookies

1 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

0 Cookies

Indicators

monitoring.exp.ptrx.net Open in urlscan Pro
54.71.253.229 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

2100 kB
Transfer

9717 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions