dexchangegenius.com - urlscan.io

Summary

This website contacted 3 IPs in 4 countries across 6 domains to perform 4 HTTP transactions. The main IP is 35.201.124.100, located in Ascension Island and belongs to GOOGLE, US. The main domain is dexchangegenius.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 1st 2020. Valid for: 9 months.

This is the only time dexchangegenius.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	47.242.139.4 47.242.139.4	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co.)
1 1	216.189.51.65 216.189.51.65	6921 (ARACHNITEC) (ARACHNITEC)
1 1	3.125.239.17 3.125.239.17	16509 (AMAZON-02) (AMAZON-02)
1 2	2a05:d018:483... 2a05:d018:483:6110:43ae:ab90:e438:7931	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d018:483... 2a05:d018:483:6130:657f:d70e:997b:df8c	16509 (AMAZON-02) (AMAZON-02)
1 3	35.201.124.100 35.201.124.100	15169 (GOOGLE) (GOOGLE)
4	3

1 47.242.139.4 (San Mateo, United States) 1 redirects

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)

sz3v.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.189.51.65 (United States) 1 redirects

ASN6921 (ARACHNITEC, US)
PTR: 216-189-51-65.for-global-telecom.com

go.evatricea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.125.239.17 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-239-17.eu-central-1.compute.amazonaws.com

safesecuritytrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:483:6110:43ae:ab90:e438:7931 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

cdsecureme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:483:6130:657f:d70e:997b:df8c (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

gdmconvtrck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.124.100 (Ascension Island) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 100.124.201.35.bc.googleusercontent.com

dexchangegenius.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	dexchangegenius.com 1 redirects dexchangegenius.com	3 KB
2	cdsecureme.com 1 redirects cdsecureme.com	4 KB
1	gdmconvtrck.com gdmconvtrck.com	1 KB
1	safesecuritytrk.com 1 redirects safesecuritytrk.com	2 KB
1	evatricea.com 1 redirects go.evatricea.com	259 B
1	sz3v.info 1 redirects sz3v.info	185 B
4	6

	Domain	Requested by
3	dexchangegenius.com	1 redirects gdmconvtrck.com dexchangegenius.com
2	cdsecureme.com	1 redirects
1	gdmconvtrck.com	cdsecureme.com
1	safesecuritytrk.com	1 redirects
1	go.evatricea.com	1 redirects
1	sz3v.info	1 redirects
4	6

This site contains no links.

Subject Issuer	Validity	Valid
cdatassl.com Amazon	`2020-06-18` - `2021-07-18`	a year	crt.sh
gdmconvtrck.com Amazon	`2020-03-21` - `2021-04-21`	a year	crt.sh
dexchangegenius.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-03-07`	9 months	crt.sh

This page contains 1 frames:

Frame: https://dexchangegenius.com/script/i.php?stamat=m%7C%2C%2CwiN6tiJqoGU3Bp-GH0dEdHP3xP.1c0%2Cf7T2qZXM3ToZLtHp6wKshQl80TNj8QWMJCu1iHYxC8JTkyeb7vHKNjAe5mhtti-QQlPgz9FDji-_O8eDWZVi2rl88WxbolskgErkcc7HeFiFwPXlS0zzQPQKZHFjgUxs_NaO0OToNbhqrfsCq7r3kv5_bDkArKkRxKAJkT6Tia0BNsKqEW4M3SkFHVujxn6vimD2Eet-JPGk2C1tWpdmL1a809XFrJfWqEkvzUb6reMa-j0mSxuV_mM05bfx90vaokMbA88bBRrapgIsl28dqzhtt_lqwJ9C-L64e2zXPg9nTQ53PIHBDfEkH7yCNnQhHo394RvenV1VFrw9my8055v0dy8iMQu1VtdnpDv_HzfOEVJ2QmHJCIUycqcZ_wV69ua3sjbofyjm3tk0ezLpKHBDU2fPiEb0fimzUVV5Y25Z11z5Jm4UPWrJOIbnDufNgojvmNc7adgynC1gM7TZIZ8_67dr6_CRFwZOu4QOVc002Cxj7r2iQmYvvB4qDBeiGnLWhWRRIXVjId98OQZ4Ug%2C%2C
Frame ID: 16A5BCD2AD4B0468346EB982E46D28CD
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://sz3v.info/BtHdRRBFA6 HTTP 302
http://go.evatricea.com/ts5603-sms-del-us HTTP 302
https://safesecuritytrk.com/click?trvid=10037&clickid=1601393098.94-180145839-50191-&siteid=180145839_ts... HTTP 302
https://cdsecureme.com/?a=95360&c=230096&s2=281tmip6bfje&s1=10037 Page URL
https://cdsecureme.com/?a=95360&c=187840&oc=79431&sr=t&so=87710&sc=10912976&rc=5_10912976&s1=10037&... HTTP 302
https://dexchangegenius.com/jump/next.php?r=2296799&pub_clickid=4de4650ac8ad483cb125ba329b500838f979&sub... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

4
Requests

100 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

3
IPs

4
Countries

5 kB
Transfer

10 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sz3v.info/BtHdRRBFA6 HTTP 302
http://go.evatricea.com/ts5603-sms-del-us HTTP 302
https://safesecuritytrk.com/click?trvid=10037&clickid=1601393098.94-180145839-50191-&siteid=180145839_ts5603-sms-del-us HTTP 302
https://cdsecureme.com/?a=95360&c=230096&s2=281tmip6bfje&s1=10037 Page URL
https://cdsecureme.com/?a=95360&c=187840&oc=79431&sr=t&so=87710&sc=10912976&rc=5_10912976&s1=10037&s2=281tmip6bfje&vt=1601393099704&h=3c7ac8d9d7b949c7049ff8bcaddee66364caaa60&req=https%3A%2F%2Fcdsecureme.com%2F%3Fa%3D95360%26c%3D230096%26s2%3D281tmip6bfje%26s1%3D10037&us=de526e63395d4f85bb121a8de77fac13 HTTP 302
https://dexchangegenius.com/jump/next.php?r=2296799&pub_clickid=4de4650ac8ad483cb125ba329b500838f979&sub1=95360 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://sz3v.info/BtHdRRBFA6 HTTP 302
http://go.evatricea.com/ts5603-sms-del-us HTTP 302
https://safesecuritytrk.com/click?trvid=10037&clickid=1601393098.94-180145839-50191-&siteid=180145839_ts5603-sms-del-us HTTP 302
https://cdsecureme.com/?a=95360&c=230096&s2=281tmip6bfje&s1=10037

Request Chain 2

https://dexchangegenius.com/jump/next.php?stamat=m%7CEqd2Lq9jaQdHkAH0dEdHP3xP.039%2C7H0PozvLiGV-YkDx825CHsk49R2-WK6lTYc8jyFMYYmTHI5Yp5n9EQ91Ns3jmKiNSsf5u2llKdRXxyZHxmvKZpduDgYUkMd61kQkJgdIp4I0idBs0VcuK0rsXHIEChM9IjQLTHFxjfCwjKDa_vTDbA%2C%2C&cbrandom=0.48133540591244506&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=https%3A%2F%2Fcdsecureme.com%2F%3Fa%3D95360%26c%3D230096%26s2%3D281tmip6bfje%26s1%3D10037 HTTP 302
https://dexchangegenius.com/script/i.php?stamat=m%7C%2C%2CwiN6tiJqoGU3Bp-GH0dEdHP3xP.1c0%2Cf7T2qZXM3ToZLtHp6wKshQl80TNj8QWMJCu1iHYxC8JTkyeb7vHKNjAe5mhtti-QQlPgz9FDji-_O8eDWZVi2rl88WxbolskgErkcc7HeFiFwPXlS0zzQPQKZHFjgUxs_NaO0OToNbhqrfsCq7r3kv5_bDkArKkRxKAJkT6Tia0BNsKqEW4M3SkFHVujxn6vimD2Eet-JPGk2C1tWpdmL1a809XFrJfWqEkvzUb6reMa-j0mSxuV_mM05bfx90vaokMbA88bBRrapgIsl28dqzhtt_lqwJ9C-L64e2zXPg9nTQ53PIHBDfEkH7yCNnQhHo394RvenV1VFrw9my8055v0dy8iMQu1VtdnpDv_HzfOEVJ2QmHJCIUycqcZ_wV69ua3sjbofyjm3tk0ezLpKHBDU2fPiEb0fimzUVV5Y25Z11z5Jm4UPWrJOIbnDufNgojvmNc7adgynC1gM7TZIZ8_67dr6_CRFwZOu4QOVc002Cxj7r2iQmYvvB4qDBeiGnLWhWRRIXVjId98OQZ4Ug%2C%2C

4 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response cdsecureme.com/ Redirect Chain http://sz3v.info/BtHdRRBFA6 http://go.evatricea.com/ts5603-sms-del-us https://safesecuritytrk.com/click?trvid=10037&clickid=1601393098.94-180145839-50191-&siteid=180145839_ts5603-sms-del-us https://cdsecureme.com/?a=95360&c=230096&s2=281tmip6bfje&s1=10037	2 KB 1 KB	109ms 31ms	Document text/html	2a05:d018:483:6110:43ae:ab90:e438:7931 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdsecureme.com/?a=95360&c=230096&s2=281tmip6bfje&s1=10037 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a05:d018:483:6110:43ae:ab90:e438:7931 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash `c448625d91a36cc36bb980454d75f623ccdb0f1f5b5551bbaa79cc1b7f8326ba` Request headers :method GET :authority cdsecureme.com :scheme https :path /?a=95360&c=230096&s2=281tmip6bfje&s1=10037 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Tue, 29 Sep 2020 15:24:59 GMT content-type text/html;charset=utf-8 server nginx vary Accept-Encoding cache-control no-cache, must-revalidate pragma no-cache expires Sat, 1 May 2020 12:00:00 GMT access-control-allow-origin * access-control-allow-credentials true access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob content-encoding gzip Redirect headers status 302 server nginx date Tue, 29 Sep 2020 15:24:59 GMT content-type text/html; charset=utf-8 content-length 100 cache-control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 expires Thu, 01 Jan 1970 00:00:00 UTC location https://cdsecureme.com/?a=95360&c=230096&s2=281tmip6bfje&s1=10037 pragma no-cache set-cookie ClickDataNG=H4sIAAAAAAAA_3xT0W_6NhD-V6J7-v0kE-yEBJIJVYxKW0VZp9FufZhUGecAD8eObIeNtf3fJyeB8dS3u-_O_r47f36HE1onjYYSWExjCgT8uUEoKQHXbp8vsTD6hNZjBeWOK4cEhJLi-FBBCcmM-Vo2-Xb3FwKBinuEkuWUpUVKi4KA4HXD5V6HbkZpOiUg3fLXxfUuazz30nQNoWpbhSGmBCxW0qLwa_QHU0GZEHCmtaKrTwgoriup90P3kL1YBSUAAbPboe1ok2Q6pH3x4H3jyvFYVA5Fa7HGWJh6fMfnRZbm9M-W0iQX8ySltMj7zCXz21EHkM27kSDsyPlB8wl12y-u4WfTeigTOtAvW2tRizOU8LK5BwKtlTd6HN9hp0j6s7fHTlS36jtvT7LqyQZ1AQ7QZdWzuJiM2IyySTZLi1FGWcFGg0zpMbReim_eZTlNR652owrVqHVAQDaLqrLoHJQwS2JGkzihcZJmt7W832zr0C72qD2UsDb_SqX4OItp9G3NhdTeuMMP0YP2qKI1F9HTJnqNGH1jk7fse7RoGoV_4HYl_ThLp3GaR99WPz-vH0mk5BGjn1AczfdoebCmxvEsjWk8YTSNcxZt-I5bOZyCsOodWrS9pgpPUuDVsybMsebiafMarOB-_9_qNGaTOIy1teZv153v2a63_Gi5DubutF7RtalQ3ZL9wmvsc9HzhlC6JjAnk2n06KvOGa32Njz5_aoTve913K8-Ppa8kZ6r6LceJCCkP19qpkF94HsMeMMtar8Mjz6Y28q91I_NDeQt146L_i85KHWrFAHROm9qKN8B__FoNVfdv_3aN0DgxELXF5b5_PwvAAD___tbM7NBBAAA; Expires=Thu, 29 Oct 2020 15:24:59 GMT; SameSite=None; Secure ClickDataNgFall=H4sIAAAAAAAA_3xT0W_6NhD-V6J7-v0kE-yEBJIJVYxKW0VZp9FufZhUGecAD8eObIeNtf3fJyeB8dS3u-_O_r47f36HE1onjYYSWExjCgT8uUEoKQHXbp8vsTD6hNZjBeWOK4cEhJLi-FBBCcmM-Vo2-Xb3FwKBinuEkuWUpUVKi4KA4HXD5V6HbkZpOiUg3fLXxfUuazz30nQNoWpbhSGmBCxW0qLwa_QHU0GZEHCmtaKrTwgoriup90P3kL1YBSUAAbPboe1ok2Q6pH3x4H3jyvFYVA5Fa7HGWJh6fMfnRZbm9M-W0iQX8ySltMj7zCXz21EHkM27kSDsyPlB8wl12y-u4WfTeigTOtAvW2tRizOU8LK5BwKtlTd6HN9hp0j6s7fHTlS36jtvT7LqyQZ1AQ7QZdWzuJiM2IyySTZLi1FGWcFGg0zpMbReim_eZTlNR652owrVqHVAQDaLqrLoHJQwS2JGkzihcZJmt7W832zr0C72qD2UsDb_SqX4OItp9G3NhdTeuMMP0YP2qKI1F9HTJnqNGH1jk7fse7RoGoV_4HYl_ThLp3GaR99WPz-vH0mk5BGjn1AczfdoebCmxvEsjWk8YTSNcxZt-I5bOZyCsOodWrS9pgpPUuDVsybMsebiafMarOB-_9_qNGaTOIy1teZv153v2a63_Gi5DubutF7RtalQ3ZL9wmvsc9HzhlC6JjAnk2n06KvOGa32Njz5_aoTve913K8-Ppa8kZ6r6LceJCCkP19qpkF94HsMeMMtar8Mjz6Y28q91I_NDeQt146L_i85KHWrFAHROm9qKN8B__FoNVfdv_3aN0DgxELXF5b5_PwvAAD___tbM7NBBAAA; Expires=Thu, 29 Oct 2020 15:24:59 GMT
GET H2	200	user Show response gdmconvtrck.com/	1 KB 1 KB	93ms 30ms	Script text/javascript	2a05:d018:483:6130:657f:d70e:997b:df8c AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://gdmconvtrck.com/user?a=95360&c=187840 Requested by Host: cdsecureme.com URL: https://cdsecureme.com/?a=95360&c=230096&s2=281tmip6bfje&s1=10037 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a05:d018:483:6130:657f:d70e:997b:df8c Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash `4f17d92ff8e338dd39bb343e31ff72412994bb4178ccb5d9b7e5ae1276826d46` Request headers Referer https://cdsecureme.com/?a=95360&c=230096&s2=281tmip6bfje&s1=10037 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Tue, 29 Sep 2020 15:24:59 GMT content-encoding gzip server nginx status 200 vary Accept-Encoding access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type text/javascript;charset=utf-8 access-control-allow-origin , cache-control no-cache, must-revalidate access-control-allow-credentials true access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob expires Sat, 1 May 2020 12:00:00 GMT
GET H2	200	Primary Request next.php Show response dexchangegenius.com/jump/ Redirect Chain https://cdsecureme.com/?a=95360&c=187840&oc=79431&sr=t&so=87710&sc=10912976&rc=5_10912976&s1=10037&s2=281tmip6bfje&vt=1601393099704&h=3c7ac8d9d7b949c7049ff8bcaddee66364caaa60&req=https%3A%2F%2Fcdse... https://dexchangegenius.com/jump/next.php?r=2296799&pub_clickid=4de4650ac8ad483cb125ba329b500838f979&sub1=95360	7 KB 3 KB	283ms 183ms	Document text/html	35.201.124.100 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://dexchangegenius.com/jump/next.php?r=2296799&pub_clickid=4de4650ac8ad483cb125ba329b500838f979&sub1=95360 Requested by Host: gdmconvtrck.com URL: https://gdmconvtrck.com/user?a=95360&c=187840 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.201.124.100 , Ascension Island, ASN15169 (GOOGLE, US), Reverse DNS 100.124.201.35.bc.googleusercontent.com Software openresty / Resource Hash `39c8a74d710d6da6131d3226264f3d68720ec7d3fa37135df4480da6844198c5` Request headers :method GET :authority dexchangegenius.com :scheme https :path /jump/next.php?r=2296799&pub_clickid=4de4650ac8ad483cb125ba329b500838f979&sub1=95360 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest document referer https://cdsecureme.com/?a=95360&c=230096&s2=281tmip6bfje&s1=10037 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://cdsecureme.com/?a=95360&c=230096&s2=281tmip6bfje&s1=10037 Response headers status 200 server openresty date Tue, 29 Sep 2020 15:25:00 GMT content-type text/html; charset=utf-8 access-control-allow-origin * content-encoding gzip via 1.1 google alt-svc clear Redirect headers status 302 date Tue, 29 Sep 2020 15:24:59 GMT content-type text/html;charset=ISO-8859-1 location https://dexchangegenius.com/jump/next.php?r=2296799&pub_clickid=4de4650ac8ad483cb125ba329b500838f979&sub1=95360 server nginx set-cookie gdm_sid_v2_3_001=Kl+Omc38QMGxfaNPkG7gFCepJsBHGZh0fAXZWiQm6Ze3bOhKA0nkMdUt486twhbnJhhMe7H2DE1s8DhNXCn2CQ6YZUZ7rnLu5biNZKjarvVsB5Pa86Mee0ivGrA5UXQbL3SH2ueZDmkxmWDwyQxwNIabw4S1sP2sH+GiTnlDctdV9iSJnPG1lpr2EctCGHVVrBxUFTDejVTULlch0eKD9FD96ctnR6ACD4XsJ14hP1Yl/3ilcjimzSeL25j+Pa0TBtoiHcC9YgkYGlvNlHeZYvlIBxJKHs/vQEm/yZkhfIEnHV5oIgmlW9STGmbucRSEQyaAiqxsv5heqx1dneBXltFLzjNlyb8VUZwfEyHqxruEDSVQ4l+vTUqsbnO5jvx4b39deob7uV3S+Ly0mACGdn7tgRZTZuKnGjKtRQtJnZK+BHtHll8j5Gn7Ve5iHkubd77+r4WpxXNhCWvq7pDSGNCdy3s5VOGPROxp/Niw+dvJTN4tP9tQ+hQuRVOlnwQ1Do53YJwELasVLe7C9rtszshKs879lhtA5pVV9g1M+EXcyrfAqfqZIVOP9sBGEnrjEJxr6CajoDm6QJ+M4ToUIMrFcb3e0EWA58gioSt5CCHW9BM5B6iIOAzgW+C6fD21vnlYgEr3sJqc4qVKOIsDwLNJFuJQHtiwGATvffjHtQKAgyKXuOR4BZerjo9pSPFDgswTPqKbFDRoUiOsy92tMiv+BzgKt7W1cLJj/7MdFzv0ceO7t8+GAySLIMktjmy6NUJ8o49H8PO50Qm5JVveHa/XMrGbqt+flcBGfvh1GKxHVtY9lOL7UbqPPY7HhFQDL7dr7aj6aUG1KZ3RJkuVitJtJL537qH1Sry+8sfen+IbQxvpWZw8V0VHEl9Q6i4P/7YZkqE/9aMcmY3hOqFsLKpfF/73m9oB2z1MGVq2mcvQF/V71EdpSR2pUB10OEs378Aoz4+yedH3vE13kz31mcfAudDffyW2q+ZhhsFZQVDhmGnZKMEwxi+auzFaCZYxRdUHaoEEGTlgwuczhlrbr3dd1U6P7R2X5GuA2QT49FQp73Gah21+2FkJJJmxLwl/ACwPJ9h6i2O18KR4sNGw1/M/R4GtQle0KzjpukbBgz5XJu2Aa3BEYinjT9eFiqFbqPD6cuRHSlzleFm5KLeCnPhLuR1cSxUiLBs9Bs6NG4k=; Expires=Mon, 28-Dec-2020 15:24:59 GMT; Path=/; Secure; SameSite=None gdm_suid_v2_1_001=52wH9cu7HJISmj9PdE1/ErfHNYAQLltEvhzG9+CQ/3bIL+bcnVJ8tRMF2TJudHCJ; Expires=Mon, 28-Dec-2020 15:24:59 GMT; Path=/; Secure; SameSite=None gdm_uid_v2_1_001=52wH9cu7HJISmj9PdE1/ErfHNYAQLltEvhzG9+CQ/3bIL+bcnVJ8tRMF2TJudHCJ; Expires=Mon, 28-Dec-2020 15:24:59 GMT; Path=/; Secure; SameSite=None gdm_click_adv_freq_v2_1_001=WGP2hL1mCj4amHrx09xyl5w5teeuOXUYgrb4EMQxNa7g9pqJnUc4ksKZWUkHfUtG; Expires=Mon, 28-Dec-2020 15:24:59 GMT; Path=/; Secure; SameSite=None gdm_suid_v1_1_001=52wH9cu7HJISmj9PdE1/ErfHNYAQLltEvhzG9+CQ/3bIL+bcnVJ8tRMF2TJudHCJ; Expires=Mon, 28-Dec-2020 15:24:59 GMT; Path=/ gdm_click_freq_v2_1_001=Qb994F057zYKPZOD6wXUdOArvXpofVKObLKdFiJ17y1pQi7GdkgxhTM0YdgmpHUf; Expires=Mon, 28-Dec-2020 15:24:59 GMT; Path=/; Secure; SameSite=None gdm_click_freq_v1_1_001=Qb994F057zYKPZOD6wXUdOArvXpofVKObLKdFiJ17y1pQi7GdkgxhTM0YdgmpHUf; Expires=Mon, 28-Dec-2020 15:24:59 GMT; Path=/ gdm_click_adv_freq_v1_1_001=WGP2hL1mCj4amHrx09xyl5w5teeuOXUYgrb4EMQxNa7g9pqJnUc4ksKZWUkHfUtG; Expires=Mon, 28-Dec-2020 15:24:59 GMT; Path=/ gdm_uid_v1_1_001=52wH9cu7HJISmj9PdE1/ErfHNYAQLltEvhzG9+CQ/3bIL+bcnVJ8tRMF2TJudHCJ; Expires=Mon, 28-Dec-2020 15:24:59 GMT; Path=/ gdm_sid_v1_3_001=Kl+Omc38QMGxfaNPkG7gFCepJsBHGZh0fAXZWiQm6Ze3bOhKA0nkMdUt486twhbnJhhMe7H2DE1s8DhNXCn2CQ6YZUZ7rnLu5biNZKjarvVsB5Pa86Mee0ivGrA5UXQbL3SH2ueZDmkxmWDwyQxwNIabw4S1sP2sH+GiTnlDctdV9iSJnPG1lpr2EctCGHVVrBxUFTDejVTULlch0eKD9FD96ctnR6ACD4XsJ14hP1Yl/3ilcjimzSeL25j+Pa0TBtoiHcC9YgkYGlvNlHeZYvlIBxJKHs/vQEm/yZkhfIEnHV5oIgmlW9STGmbucRSEQyaAiqxsv5heqx1dneBXltFLzjNlyb8VUZwfEyHqxruEDSVQ4l+vTUqsbnO5jvx4b39deob7uV3S+Ly0mACGdn7tgRZTZuKnGjKtRQtJnZK+BHtHll8j5Gn7Ve5iHkubd77+r4WpxXNhCWvq7pDSGNCdy3s5VOGPROxp/Niw+dvJTN4tP9tQ+hQuRVOlnwQ1Do53YJwELasVLe7C9rtszshKs879lhtA5pVV9g1M+EXcyrfAqfqZIVOP9sBGEnrjEJxr6CajoDm6QJ+M4ToUIMrFcb3e0EWA58gioSt5CCHW9BM5B6iIOAzgW+C6fD21vnlYgEr3sJqc4qVKOIsDwLNJFuJQHtiwGATvffjHtQKAgyKXuOR4BZerjo9pSPFDgswTPqKbFDRoUiOsy92tMiv+BzgKt7W1cLJj/7MdFzv0ceO7t8+GAySLIMktjmy6NUJ8o49H8PO50Qm5JVveHa/XMrGbqt+flcBGfvh1GKxHVtY9lOL7UbqPPY7HhFQDL7dr7aj6aUG1KZ3RJkuVitJtJL537qH1Sry+8sfen+IbQxvpWZw8V0VHEl9Q6i4P/7YZkqE/9aMcmY3hOqFsLKpfF/73m9oB2z1MGVq2mcvQF/V71EdpSR2pUB10OEs378Aoz4+yedH3vE13kz31mcfAudDffyW2q+ZhhsFZQVDhmGnZKMEwxi+auzFaCZYxRdUHaoEEGTlgwuczhlrbr3dd1U6P7R2X5GuA2QT49FQp73Gah21+2FkJJJmxLwl/ACwPJ9h6i2O18KR4sNGw1/M/R4GtQle0KzjpukbBgz5XJu2Aa3BEYinjT9eFiqFbqPD6cuRHSlzleFm5KLeCnPhLuR1cSxUiLBs9Bs6NG4k=; Expires=Mon, 28-Dec-2020 15:24:59 GMT; Path=/ content-language en-US access-control-allow-origin * access-control-allow-credentials true access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
GET H2	204	i.php dexchangegenius.com/script/ Redirect Chain https://dexchangegenius.com/jump/next.php?stamat=m%7CEqd2Lq9jaQdHkAH0dEdHP3xP.039%2C7H0PozvLiGV-YkDx825CHsk49R2-WK6lTYc8jyFMYYmTHI5Yp5n9EQ91Ns3jmKiNSsf5u2llKdRXxyZHxmvKZpduDgYUkMd61kQkJgdIp4I0idBs0... https://dexchangegenius.com/script/i.php?stamat=m%7C%2C%2CwiN6tiJqoGU3Bp-GH0dEdHP3xP.1c0%2Cf7T2qZXM3ToZLtHp6wKshQl80TNj8QWMJCu1iHYxC8JTkyeb7vHKNjAe5mhtti-QQlPgz9FDji-_O8eDWZVi2rl88WxbolskgErkcc7HeF...	0 0	195ms 195ms	Document text/plain	35.201.124.100 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://dexchangegenius.com/script/i.php?stamat=m%7C%2C%2CwiN6tiJqoGU3Bp-GH0dEdHP3xP.1c0%2Cf7T2qZXM3ToZLtHp6wKshQl80TNj8QWMJCu1iHYxC8JTkyeb7vHKNjAe5mhtti-QQlPgz9FDji-_O8eDWZVi2rl88WxbolskgErkcc7HeFiFwPXlS0zzQPQKZHFjgUxs_NaO0OToNbhqrfsCq7r3kv5_bDkArKkRxKAJkT6Tia0BNsKqEW4M3SkFHVujxn6vimD2Eet-JPGk2C1tWpdmL1a809XFrJfWqEkvzUb6reMa-j0mSxuV_mM05bfx90vaokMbA88bBRrapgIsl28dqzhtt_lqwJ9C-L64e2zXPg9nTQ53PIHBDfEkH7yCNnQhHo394RvenV1VFrw9my8055v0dy8iMQu1VtdnpDv_HzfOEVJ2QmHJCIUycqcZ_wV69ua3sjbofyjm3tk0ezLpKHBDU2fPiEb0fimzUVV5Y25Z11z5Jm4UPWrJOIbnDufNgojvmNc7adgynC1gM7TZIZ8_67dr6_CRFwZOu4QOVc002Cxj7r2iQmYvvB4qDBeiGnLWhWRRIXVjId98OQZ4Ug%2C%2C Requested by Host: dexchangegenius.com URL: https://dexchangegenius.com/jump/next.php?r=2296799&pub_clickid=4de4650ac8ad483cb125ba329b500838f979&sub1=95360 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.201.124.100 , Ascension Island, ASN15169 (GOOGLE, US), Reverse DNS 100.124.201.35.bc.googleusercontent.com Software openresty / Resource Hash Request headers :method GET :authority dexchangegenius.com :scheme https :path /script/i.php?stamat=m%7C%2C%2CwiN6tiJqoGU3Bp-GH0dEdHP3xP.1c0%2Cf7T2qZXM3ToZLtHp6wKshQl80TNj8QWMJCu1iHYxC8JTkyeb7vHKNjAe5mhtti-QQlPgz9FDji-_O8eDWZVi2rl88WxbolskgErkcc7HeFiFwPXlS0zzQPQKZHFjgUxs_NaO0OToNbhqrfsCq7r3kv5_bDkArKkRxKAJkT6Tia0BNsKqEW4M3SkFHVujxn6vimD2Eet-JPGk2C1tWpdmL1a809XFrJfWqEkvzUb6reMa-j0mSxuV_mM05bfx90vaokMbA88bBRrapgIsl28dqzhtt_lqwJ9C-L64e2zXPg9nTQ53PIHBDfEkH7yCNnQhHo394RvenV1VFrw9my8055v0dy8iMQu1VtdnpDv_HzfOEVJ2QmHJCIUycqcZ_wV69ua3sjbofyjm3tk0ezLpKHBDU2fPiEb0fimzUVV5Y25Z11z5Jm4UPWrJOIbnDufNgojvmNc7adgynC1gM7TZIZ8_67dr6_CRFwZOu4QOVc002Cxj7r2iQmYvvB4qDBeiGnLWhWRRIXVjId98OQZ4Ug%2C%2C pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://dexchangegenius.com/jump/next.php?r=2296799&pub_clickid=4de4650ac8ad483cb125ba329b500838f979&sub1=95360 Response headers status 204 server openresty date Tue, 29 Sep 2020 15:25:00 GMT access-control-allow-origin * referrer-policy no-referrer via 1.1 google alt-svc clear Redirect headers status 302 server openresty date Tue, 29 Sep 2020 15:25:00 GMT content-type text/html; charset=utf-8 access-control-allow-origin * location https://dexchangegenius.com/script/i.php?stamat=m%7C%2C%2CwiN6tiJqoGU3Bp-GH0dEdHP3xP.1c0%2Cf7T2qZXM3ToZLtHp6wKshQl80TNj8QWMJCu1iHYxC8JTkyeb7vHKNjAe5mhtti-QQlPgz9FDji-_O8eDWZVi2rl88WxbolskgErkcc7HeFiFwPXlS0zzQPQKZHFjgUxs_NaO0OToNbhqrfsCq7r3kv5_bDkArKkRxKAJkT6Tia0BNsKqEW4M3SkFHVujxn6vimD2Eet-JPGk2C1tWpdmL1a809XFrJfWqEkvzUb6reMa-j0mSxuV_mM05bfx90vaokMbA88bBRrapgIsl28dqzhtt_lqwJ9C-L64e2zXPg9nTQ53PIHBDfEkH7yCNnQhHo394RvenV1VFrw9my8055v0dy8iMQu1VtdnpDv_HzfOEVJ2QmHJCIUycqcZ_wV69ua3sjbofyjm3tk0ezLpKHBDU2fPiEb0fimzUVV5Y25Z11z5Jm4UPWrJOIbnDufNgojvmNc7adgynC1gM7TZIZ8_67dr6_CRFwZOu4QOVc002Cxj7r2iQmYvvB4qDBeiGnLWhWRRIXVjId98OQZ4Ug%2C%2C via 1.1 google alt-svc clear

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdsecureme.com
dexchangegenius.com
gdmconvtrck.com
go.evatricea.com
safesecuritytrk.com
sz3v.info
216.189.51.65
2a05:d018:483:6110:43ae:ab90:e438:7931
2a05:d018:483:6130:657f:d70e:997b:df8c
3.125.239.17
35.201.124.100
47.242.139.4
39c8a74d710d6da6131d3226264f3d68720ec7d3fa37135df4480da6844198c5
4f17d92ff8e338dd39bb343e31ff72412994bb4178ccb5d9b7e5ae1276826d46
c448625d91a36cc36bb980454d75f623ccdb0f1f5b5551bbaa79cc1b7f8326ba

dexchangegenius.com Open in urlscan Pro 35.201.124.100 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

4 Requests

100 %HTTPS

33 %IPv6

6 Domains

6 Subdomains

3 IPs

4 Countries

5 kBTransfer

10 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

0 Cookies

Indicators

dexchangegenius.com Open in urlscan Pro
35.201.124.100 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

100 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

3
IPs

4
Countries

5 kB
Transfer

10 kB
Size

0
Cookies

4 HTTP transactions
0 data transactions