dexchangegenius.com - urlscan.io

Summary

This website contacted 3 IPs in 4 countries across 6 domains to perform 4 HTTP transactions. The main IP is 35.201.124.100, located in Ascension Island and belongs to GOOGLE, US. The main domain is dexchangegenius.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 1st 2020. Valid for: 9 months.

This is the only time dexchangegenius.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	47.242.139.4 47.242.139.4	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co.)
1 1	216.189.51.65 216.189.51.65	6921 (ARACHNITEC) (ARACHNITEC)
1 1	3.125.239.17 3.125.239.17	16509 (AMAZON-02) (AMAZON-02)
1 2	2a05:d018:483... 2a05:d018:483:6110:43ae:ab90:e438:7931	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d018:483... 2a05:d018:483:6130:657f:d70e:997b:df8c	16509 (AMAZON-02) (AMAZON-02)
1 3	35.201.124.100 35.201.124.100	15169 (GOOGLE) (GOOGLE)
4	3

1 47.242.139.4 (San Mateo, United States) 1 redirects

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)

sz3v.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.189.51.65 (United States) 1 redirects

ASN6921 (ARACHNITEC, US)
PTR: 216-189-51-65.for-global-telecom.com

go.evatricea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.125.239.17 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-239-17.eu-central-1.compute.amazonaws.com

safesecuritytrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:483:6110:43ae:ab90:e438:7931 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

cdsecureme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:483:6130:657f:d70e:997b:df8c (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

gdmconvtrck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.124.100 (Ascension Island) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 100.124.201.35.bc.googleusercontent.com

dexchangegenius.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	dexchangegenius.com 1 redirects dexchangegenius.com	3 KB
2	cdsecureme.com 1 redirects cdsecureme.com	4 KB
1	gdmconvtrck.com gdmconvtrck.com	1 KB
1	safesecuritytrk.com 1 redirects safesecuritytrk.com	2 KB
1	evatricea.com 1 redirects go.evatricea.com	259 B
1	sz3v.info 1 redirects sz3v.info	185 B
4	6

	Domain	Requested by
3	dexchangegenius.com	1 redirects gdmconvtrck.com dexchangegenius.com
2	cdsecureme.com	1 redirects
1	gdmconvtrck.com	cdsecureme.com
1	safesecuritytrk.com	1 redirects
1	go.evatricea.com	1 redirects
1	sz3v.info	1 redirects
4	6

This site contains no links.

Subject Issuer	Validity	Valid
cdatassl.com Amazon	`2020-06-18` - `2021-07-18`	a year	crt.sh
gdmconvtrck.com Amazon	`2020-03-21` - `2021-04-21`	a year	crt.sh
dexchangegenius.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-03-07`	9 months	crt.sh

This page contains 1 frames:

Frame: https://dexchangegenius.com/script/i.php?stamat=m%7C%2C%2CQiEid3f3tGU3Bk-GH0dEdHP3xP.937%2C9c8NusJmZm2vjZjCiUV4buqDdYNk0IMpWd6pNbIyptTxVEsU8FYS5GNsoSRmCFtDNiCNf-CMg-UyW9I0b9gDVJCMVNgKtzl4cVjYgdH8bW_i_VhUh7t4REUukw-ze83g1xq-legOTf3G-lVpGRnh6W7LNk6ZJpiu5Tk63OrcJgCYAl_KykEAtaodypxcb2h_vRFSEmBCwmwKX4NsyAgOO8Rw0vTcjn8QGeEYQ14Ar6avotDMKW9_FUfc7D-LYu2TlQFLXvLaPizMgynJwAklEzTAgzd1zFjBy0wCJuEXg3q4hvnDlUTXTkCzW9tFUXv0mpSgntf2kCAjhM-en82uMLmADSys59txKGeppEk77uThypkMKnIG8s9rtnklyjN5EMrwj9_6QYSWEwaNbcT9qsS7FglIKBlBuYjvy6jqJR7cESm3QrDC2RZvttOLk8f2vAV93v837Z_-0WLbgYu8d4T0VNIJbB0e_hE5SJD_izHUR-m5yabH24jUss9fzlp2GOpYgB75zxFhTtjOflOjNQd1cpdMEUx-DmD2K7q6iyY%2C
Frame ID: CA3A20C4706543864987D067E0C24FAD
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://sz3v.info/BtHdRRxNVf HTTP 302
http://go.evatricea.com/ts5603-sms-del-us HTTP 302
https://safesecuritytrk.com/click?trvid=10037&clickid=1601407901.81-180145839-50191-&siteid=180145839_ts... HTTP 302
https://cdsecureme.com/?a=95360&c=230096&s2=wwf051epctuw&s1=10037 Page URL
https://cdsecureme.com/?a=95360&c=187840&oc=79431&sr=t&so=87710&sc=10912976&rc=5_10912976&s1=10037&... HTTP 302
https://dexchangegenius.com/jump/next.php?r=2296799&pub_clickid=7bddd1bc30be42eca49b9c559cde374cf979&sub... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

4
Requests

100 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

3
IPs

4
Countries

5 kB
Transfer

10 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sz3v.info/BtHdRRxNVf HTTP 302
http://go.evatricea.com/ts5603-sms-del-us HTTP 302
https://safesecuritytrk.com/click?trvid=10037&clickid=1601407901.81-180145839-50191-&siteid=180145839_ts5603-sms-del-us HTTP 302
https://cdsecureme.com/?a=95360&c=230096&s2=wwf051epctuw&s1=10037 Page URL
https://cdsecureme.com/?a=95360&c=187840&oc=79431&sr=t&so=87710&sc=10912976&rc=5_10912976&s1=10037&s2=wwf051epctuw&vt=1601407902084&h=9b7f0f3b05d115e3b3ddbd3823da60ebe5dcae56&req=https%3A%2F%2Fcdsecureme.com%2F%3Fa%3D95360%26c%3D230096%26s2%3Dwwf051epctuw%26s1%3D10037&us=cb75a666159f48f990b8b1c69516b0eb HTTP 302
https://dexchangegenius.com/jump/next.php?r=2296799&pub_clickid=7bddd1bc30be42eca49b9c559cde374cf979&sub1=95360 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://sz3v.info/BtHdRRxNVf HTTP 302
http://go.evatricea.com/ts5603-sms-del-us HTTP 302
https://safesecuritytrk.com/click?trvid=10037&clickid=1601407901.81-180145839-50191-&siteid=180145839_ts5603-sms-del-us HTTP 302
https://cdsecureme.com/?a=95360&c=230096&s2=wwf051epctuw&s1=10037

Request Chain 2

https://dexchangegenius.com/jump/next.php?stamat=m%7CK2Y2d7N2aQdHkAH0dEdHP3xP.7e0%2C7H0PozvLiGV-YkDx825CHsk49R2-WK6lTYc8jyFMYYmTHI5Yp5n9EQ91Ns3jmKiNSsf5u2llKdRXxyZHxmvKZizdxWB5E__O7stPfjs-dr8ylkIyRSlJS3vKngOxUYRrim6kyucdUv3m-Nn9NOumjw%2C%2C&cbrandom=0.8335657205406075&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=https%3A%2F%2Fcdsecureme.com%2F%3Fa%3D95360%26c%3D230096%26s2%3Dwwf051epctuw%26s1%3D10037 HTTP 302
https://dexchangegenius.com/script/i.php?stamat=m%7C%2C%2CQiEid3f3tGU3Bk-GH0dEdHP3xP.937%2C9c8NusJmZm2vjZjCiUV4buqDdYNk0IMpWd6pNbIyptTxVEsU8FYS5GNsoSRmCFtDNiCNf-CMg-UyW9I0b9gDVJCMVNgKtzl4cVjYgdH8bW_i_VhUh7t4REUukw-ze83g1xq-legOTf3G-lVpGRnh6W7LNk6ZJpiu5Tk63OrcJgCYAl_KykEAtaodypxcb2h_vRFSEmBCwmwKX4NsyAgOO8Rw0vTcjn8QGeEYQ14Ar6avotDMKW9_FUfc7D-LYu2TlQFLXvLaPizMgynJwAklEzTAgzd1zFjBy0wCJuEXg3q4hvnDlUTXTkCzW9tFUXv0mpSgntf2kCAjhM-en82uMLmADSys59txKGeppEk77uThypkMKnIG8s9rtnklyjN5EMrwj9_6QYSWEwaNbcT9qsS7FglIKBlBuYjvy6jqJR7cESm3QrDC2RZvttOLk8f2vAV93v837Z_-0WLbgYu8d4T0VNIJbB0e_hE5SJD_izHUR-m5yabH24jUss9fzlp2GOpYgB75zxFhTtjOflOjNQd1cpdMEUx-DmD2K7q6iyY%2C

4 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response cdsecureme.com/ Redirect Chain http://sz3v.info/BtHdRRxNVf http://go.evatricea.com/ts5603-sms-del-us https://safesecuritytrk.com/click?trvid=10037&clickid=1601407901.81-180145839-50191-&siteid=180145839_ts5603-sms-del-us https://cdsecureme.com/?a=95360&c=230096&s2=wwf051epctuw&s1=10037	2 KB 1 KB	113ms 34ms	Document text/html	2a05:d018:483:6110:43ae:ab90:e438:7931 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdsecureme.com/?a=95360&c=230096&s2=wwf051epctuw&s1=10037 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a05:d018:483:6110:43ae:ab90:e438:7931 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash `e37b534967720a27f110fa1de1bc8c56b8be4ac7ab0517dbd3feca0113b03f47` Request headers :method GET :authority cdsecureme.com :scheme https :path /?a=95360&c=230096&s2=wwf051epctuw&s1=10037 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Tue, 29 Sep 2020 19:31:42 GMT content-type text/html;charset=utf-8 server nginx vary Accept-Encoding cache-control no-cache, must-revalidate pragma no-cache expires Sat, 1 May 2020 12:00:00 GMT access-control-allow-origin * access-control-allow-credentials true access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob content-encoding gzip Redirect headers status 302 server nginx date Tue, 29 Sep 2020 19:31:41 GMT content-type text/html; charset=utf-8 content-length 100 cache-control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 expires Thu, 01 Jan 1970 00:00:00 UTC location https://cdsecureme.com/?a=95360&c=230096&s2=wwf051epctuw&s1=10037 pragma no-cache set-cookie ClickDataNG=H4sIAAAAAAAA_3yTX2_yNhTGv0p0rlrJBDshATKhijFprQp0Eu3Wi0mV6xzAwrEj24Gxtt99cpIybt73zueP_Tw-_vkDjmidNBoKYDGNKRDw5xqhoARc8_78vRZGH9F6LKHYcuWQgFBSHB5KKOB02tKMYS18cwICJfcIBcspG9HxlDICglc1lzsduhml6ZiAdIs_5pezrPHcS9M2hKptFIY1JWCxlBaFX6HfmxKKhIAzjRVtfURAcV1Kveu7--jFKigACJjtFm0rmyTjPuyKe-9rVwyHonQoGosVxsJUwzs-m2ZpTv9uKE1yMUtSSqd5F7lkdn3VPslm7ZUgzMj53vMRddMNruZn03goEtrLLxprUYszFPCy-Q0INFZe-XF8i60j6c_eHlpT7ajvvD3KshPr3YV0SF1GHU_YgE0oG2WTdDrIKJuyQW9Tegyt38U377KcpgNXuUGJatA4ICDreVladC7QMMnihCUxG7M4H18X8260jUM736H2UMDK_CuV4sMsptHNigupvXH7X6IH7VFFKy6ip030GjH6xkZv2W00r2uFf-H7o_TDLB3HaR7dPN4_r5YkUvKA0e8oDuY2WuytqXA4SWMajxhN45xFG77lVva7IMx6ixZt56nEoxR4gdaEi6y4eNq8Bhbcn_-zTmM2ijMg8G7NybX7O7XLKb9argPdrddLdmVKVNdia15hF4tONyylq4NyMhpHS1-2aDTa2_Dm62Vretf5WC8_P9fG-n10b1SAN_RKf-5L88p5tCWvIIBkUftFePOebSt3Ui_rq5S3XDsuuq_koNCNUgRE47ypoPgA_Mej1Vy13_bn2ACBI2s5-DExX1__BQAA__-jcSIAQAQAAA==; Expires=Thu, 29 Oct 2020 19:31:41 GMT; SameSite=None; Secure ClickDataNgFall=H4sIAAAAAAAA_3yTX2_yNhTGv0p0rlrJBDshATKhijFprQp0Eu3Wi0mV6xzAwrEj24Gxtt99cpIybt73zueP_Tw-_vkDjmidNBoKYDGNKRDw5xqhoARc8_78vRZGH9F6LKHYcuWQgFBSHB5KKOB02tKMYS18cwICJfcIBcspG9HxlDICglc1lzsduhml6ZiAdIs_5pezrPHcS9M2hKptFIY1JWCxlBaFX6HfmxKKhIAzjRVtfURAcV1Kveu7--jFKigACJjtFm0rmyTjPuyKe-9rVwyHonQoGosVxsJUwzs-m2ZpTv9uKE1yMUtSSqd5F7lkdn3VPslm7ZUgzMj53vMRddMNruZn03goEtrLLxprUYszFPCy-Q0INFZe-XF8i60j6c_eHlpT7ajvvD3KshPr3YV0SF1GHU_YgE0oG2WTdDrIKJuyQW9Tegyt38U377KcpgNXuUGJatA4ICDreVladC7QMMnihCUxG7M4H18X8260jUM736H2UMDK_CuV4sMsptHNigupvXH7X6IH7VFFKy6ip030GjH6xkZv2W00r2uFf-H7o_TDLB3HaR7dPN4_r5YkUvKA0e8oDuY2WuytqXA4SWMajxhN45xFG77lVva7IMx6ixZt56nEoxR4gdaEi6y4eNq8Bhbcn_-zTmM2ijMg8G7NybX7O7XLKb9argPdrddLdmVKVNdia15hF4tONyylq4NyMhpHS1-2aDTa2_Dm62Vretf5WC8_P9fG-n10b1SAN_RKf-5L88p5tCWvIIBkUftFePOebSt3Ui_rq5S3XDsuuq_koNCNUgRE47ypoPgA_Mej1Vy13_bn2ACBI2s5-DExX1__BQAA__-jcSIAQAQAAA==; Expires=Thu, 29 Oct 2020 19:31:41 GMT
GET H2	200	user Show response gdmconvtrck.com/	1 KB 1 KB	94ms 31ms	Script text/javascript	2a05:d018:483:6130:657f:d70e:997b:df8c AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://gdmconvtrck.com/user?a=95360&c=187840 Requested by Host: cdsecureme.com URL: https://cdsecureme.com/?a=95360&c=230096&s2=wwf051epctuw&s1=10037 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a05:d018:483:6130:657f:d70e:997b:df8c Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash `a42d11686c9c5da2afa956c4c7438e8fb2a5ea524f9a65b7776191d0cac263cd` Request headers Referer https://cdsecureme.com/?a=95360&c=230096&s2=wwf051epctuw&s1=10037 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Tue, 29 Sep 2020 19:31:42 GMT content-encoding gzip server nginx status 200 vary Accept-Encoding access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type text/javascript;charset=utf-8 access-control-allow-origin , cache-control no-cache, must-revalidate access-control-allow-credentials true access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob expires Sat, 1 May 2020 12:00:00 GMT
GET H2	200	Primary Request next.php Show response dexchangegenius.com/jump/ Redirect Chain https://cdsecureme.com/?a=95360&c=187840&oc=79431&sr=t&so=87710&sc=10912976&rc=5_10912976&s1=10037&s2=wwf051epctuw&vt=1601407902084&h=9b7f0f3b05d115e3b3ddbd3823da60ebe5dcae56&req=https%3A%2F%2Fcdse... https://dexchangegenius.com/jump/next.php?r=2296799&pub_clickid=7bddd1bc30be42eca49b9c559cde374cf979&sub1=95360	7 KB 3 KB	224ms 147ms	Document text/html	35.201.124.100 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://dexchangegenius.com/jump/next.php?r=2296799&pub_clickid=7bddd1bc30be42eca49b9c559cde374cf979&sub1=95360 Requested by Host: gdmconvtrck.com URL: https://gdmconvtrck.com/user?a=95360&c=187840 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.201.124.100 , Ascension Island, ASN15169 (GOOGLE, US), Reverse DNS 100.124.201.35.bc.googleusercontent.com Software openresty / Resource Hash `1298425ee5b1026e30d1ed6a8874b09351916b9d48a40eb2b00053506261038b` Request headers :method GET :authority dexchangegenius.com :scheme https :path /jump/next.php?r=2296799&pub_clickid=7bddd1bc30be42eca49b9c559cde374cf979&sub1=95360 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest document referer https://cdsecureme.com/?a=95360&c=230096&s2=wwf051epctuw&s1=10037 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://cdsecureme.com/?a=95360&c=230096&s2=wwf051epctuw&s1=10037 Response headers status 200 server openresty date Tue, 29 Sep 2020 19:31:42 GMT content-type text/html; charset=utf-8 access-control-allow-origin * content-encoding gzip via 1.1 google alt-svc clear Redirect headers status 302 date Tue, 29 Sep 2020 19:31:42 GMT content-type text/html;charset=ISO-8859-1 location https://dexchangegenius.com/jump/next.php?r=2296799&pub_clickid=7bddd1bc30be42eca49b9c559cde374cf979&sub1=95360 server nginx set-cookie gdm_click_freq_v2_1_001=Qb994F057zYKPZOD6wXUdL4zqtfCnR4ZQG15xyQZ7gw6dqJ0b6RFneBrBKKL0/u1; Expires=Mon, 28-Dec-2020 19:31:42 GMT; Path=/; Secure; SameSite=None gdm_sid_v2_3_001=eSQOkUUPFBZGlDqbuRsb/8Ukuo+sDUIrGHOIZIkWTpGAff1nveL4i8aSXvOkDAoPyYdlEU/ohHVYNRJRSurNsPRk8hisDvlnp7Cqy6JN3hVXj0CiYOSF1Ia/Dhhyc8B4DbrklOvkrfcDFrxnM2I8NpoHqgjUkbLKmAjCzKA5OxMLsgWmc6sFyUhxXX4fikfLpv60WhsOU/TzZOKXxFaboUxkm65qjWa1afO+x9vXRkftFBAQG7hf3IYDXJKY7Czi5L/UKjjGj0kmIgG+BietFzXyid/6jHsday4w4BAVeR0q3J6UIcHULbcrRqQQZtUZlbOrtOfJv0MlDEKWGKCTbdfk0hCv4nwQpY9iK0Y/RQwAJuxhWmdB3c7PWRAcbUNkbCQBUlsLvOBC9RC+TnXlRnJneDo70+Nu5aH0tyPkhQaxlRKz0i6eafnL97l0VktiUyylMvTHr+tZTVpPC019oYYOx0++4veitUq0w6FvOnZwkUCISshNBXEhkFVLX1q2T1DDexQxLc6vAa8Y0WGwnYZ19cxccNGmBrIs9KZQ7HzjkeUg/cXu3P55Ob03Ik2LoALv2AjOA9xwShNBTucZKOh1uYNE1hKiM0wXeFx1U1ibw8T62xfYlSYeVNQFPnZk3M5eZ9jVpQZWY4lcW9tCmOgoKwN7TRk29t5e6JvAiSwuY7AFRSTxWiUYIYfhBHI1XWY0r2x746UZocacYaPGZIhYQ7ZBC8c7jGsiieqg6l8zyo1W42iGBSt4e4P6dR0mgqRC0w8kFcf17y8nPEEvwL+I3Ej+2RLpJEXDARDCk4T8rmt2K3HzF66lM8sQTqg+okkDrNpTGZsMqSINbkUUlSDNs/u44At7iRo73QowKWmHNscmM1nh6hSDgLuzkrS/WQ5wmgbO2dI3ejmJR2yoWUdEt2ytrvV0QW/p/v/mPJUL1qm5+Schs15zq/ElJhhltL20jKPWUAOkGT5AHRQmpG7VRLZlODasLhiah6a0lGVwPvxr23Q+g1icK5XQIMzSblDChyvE5SYO6b9O0e3doasRlrfgVKdgRbiXeWuKJxoezmnOprqnMIP+emTv/VJQa4pSpIlC7Pmuz6ih2h6D6p6hji0prYYwCtq6oV3tXkcdabVHyRolS949ZOXW4+gQqgHbrnE76N3kiQEDgyKYNWkziFNchj1cf7ozN/GrHec=; Expires=Mon, 28-Dec-2020 19:31:42 GMT; Path=/; Secure; SameSite=None gdm_suid_v1_1_001=3WFr3Q+3ImWvFvoL5DuHVJxjrEBjVJGWtQ6fTpxNJQ/g4BRby1PyGkjLoANz8F9L; Expires=Mon, 28-Dec-2020 19:31:42 GMT; Path=/ gdm_uid_v1_1_001=3WFr3Q+3ImWvFvoL5DuHVJxjrEBjVJGWtQ6fTpxNJQ/g4BRby1PyGkjLoANz8F9L; Expires=Mon, 28-Dec-2020 19:31:42 GMT; Path=/ gdm_click_adv_freq_v2_1_001=WGP2hL1mCj4amHrx09xyl6pTxPKE8/ZBMpYHL37+gRwfUWzksAEFZPKItLxjEexv; Expires=Mon, 28-Dec-2020 19:31:42 GMT; Path=/; Secure; SameSite=None gdm_uid_v2_1_001=3WFr3Q+3ImWvFvoL5DuHVJxjrEBjVJGWtQ6fTpxNJQ/g4BRby1PyGkjLoANz8F9L; Expires=Mon, 28-Dec-2020 19:31:42 GMT; Path=/; Secure; SameSite=None gdm_suid_v2_1_001=3WFr3Q+3ImWvFvoL5DuHVJxjrEBjVJGWtQ6fTpxNJQ/g4BRby1PyGkjLoANz8F9L; Expires=Mon, 28-Dec-2020 19:31:42 GMT; Path=/; Secure; SameSite=None gdm_sid_v1_3_001=eSQOkUUPFBZGlDqbuRsb/8Ukuo+sDUIrGHOIZIkWTpGAff1nveL4i8aSXvOkDAoPyYdlEU/ohHVYNRJRSurNsPRk8hisDvlnp7Cqy6JN3hVXj0CiYOSF1Ia/Dhhyc8B4DbrklOvkrfcDFrxnM2I8NpoHqgjUkbLKmAjCzKA5OxMLsgWmc6sFyUhxXX4fikfLpv60WhsOU/TzZOKXxFaboUxkm65qjWa1afO+x9vXRkftFBAQG7hf3IYDXJKY7Czi5L/UKjjGj0kmIgG+BietFzXyid/6jHsday4w4BAVeR0q3J6UIcHULbcrRqQQZtUZlbOrtOfJv0MlDEKWGKCTbdfk0hCv4nwQpY9iK0Y/RQwAJuxhWmdB3c7PWRAcbUNkbCQBUlsLvOBC9RC+TnXlRnJneDo70+Nu5aH0tyPkhQaxlRKz0i6eafnL97l0VktiUyylMvTHr+tZTVpPC019oYYOx0++4veitUq0w6FvOnZwkUCISshNBXEhkFVLX1q2T1DDexQxLc6vAa8Y0WGwnYZ19cxccNGmBrIs9KZQ7HzjkeUg/cXu3P55Ob03Ik2LoALv2AjOA9xwShNBTucZKOh1uYNE1hKiM0wXeFx1U1ibw8T62xfYlSYeVNQFPnZk3M5eZ9jVpQZWY4lcW9tCmOgoKwN7TRk29t5e6JvAiSwuY7AFRSTxWiUYIYfhBHI1XWY0r2x746UZocacYaPGZIhYQ7ZBC8c7jGsiieqg6l8zyo1W42iGBSt4e4P6dR0mgqRC0w8kFcf17y8nPEEvwL+I3Ej+2RLpJEXDARDCk4T8rmt2K3HzF66lM8sQTqg+okkDrNpTGZsMqSINbkUUlSDNs/u44At7iRo73QowKWmHNscmM1nh6hSDgLuzkrS/WQ5wmgbO2dI3ejmJR2yoWUdEt2ytrvV0QW/p/v/mPJUL1qm5+Schs15zq/ElJhhltL20jKPWUAOkGT5AHRQmpG7VRLZlODasLhiah6a0lGVwPvxr23Q+g1icK5XQIMzSblDChyvE5SYO6b9O0e3doasRlrfgVKdgRbiXeWuKJxoezmnOprqnMIP+emTv/VJQa4pSpIlC7Pmuz6ih2h6D6p6hji0prYYwCtq6oV3tXkcdabVHyRolS949ZOXW4+gQqgHbrnE76N3kiQEDgyKYNWkziFNchj1cf7ozN/GrHec=; Expires=Mon, 28-Dec-2020 19:31:42 GMT; Path=/ gdm_click_freq_v1_1_001=Qb994F057zYKPZOD6wXUdL4zqtfCnR4ZQG15xyQZ7gw6dqJ0b6RFneBrBKKL0/u1; Expires=Mon, 28-Dec-2020 19:31:42 GMT; Path=/ gdm_click_adv_freq_v1_1_001=WGP2hL1mCj4amHrx09xyl6pTxPKE8/ZBMpYHL37+gRwfUWzksAEFZPKItLxjEexv; Expires=Mon, 28-Dec-2020 19:31:42 GMT; Path=/ content-language en-US access-control-allow-origin * access-control-allow-credentials true access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
GET H2	204	i.php dexchangegenius.com/script/ Redirect Chain https://dexchangegenius.com/jump/next.php?stamat=m%7CK2Y2d7N2aQdHkAH0dEdHP3xP.7e0%2C7H0PozvLiGV-YkDx825CHsk49R2-WK6lTYc8jyFMYYmTHI5Yp5n9EQ91Ns3jmKiNSsf5u2llKdRXxyZHxmvKZizdxWB5E__O7stPfjs-dr8ylkIyR... https://dexchangegenius.com/script/i.php?stamat=m%7C%2C%2CQiEid3f3tGU3Bk-GH0dEdHP3xP.937%2C9c8NusJmZm2vjZjCiUV4buqDdYNk0IMpWd6pNbIyptTxVEsU8FYS5GNsoSRmCFtDNiCNf-CMg-UyW9I0b9gDVJCMVNgKtzl4cVjYgdH8bW...	0 0	156ms 156ms	Document text/plain	35.201.124.100 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://dexchangegenius.com/script/i.php?stamat=m%7C%2C%2CQiEid3f3tGU3Bk-GH0dEdHP3xP.937%2C9c8NusJmZm2vjZjCiUV4buqDdYNk0IMpWd6pNbIyptTxVEsU8FYS5GNsoSRmCFtDNiCNf-CMg-UyW9I0b9gDVJCMVNgKtzl4cVjYgdH8bW_i_VhUh7t4REUukw-ze83g1xq-legOTf3G-lVpGRnh6W7LNk6ZJpiu5Tk63OrcJgCYAl_KykEAtaodypxcb2h_vRFSEmBCwmwKX4NsyAgOO8Rw0vTcjn8QGeEYQ14Ar6avotDMKW9_FUfc7D-LYu2TlQFLXvLaPizMgynJwAklEzTAgzd1zFjBy0wCJuEXg3q4hvnDlUTXTkCzW9tFUXv0mpSgntf2kCAjhM-en82uMLmADSys59txKGeppEk77uThypkMKnIG8s9rtnklyjN5EMrwj9_6QYSWEwaNbcT9qsS7FglIKBlBuYjvy6jqJR7cESm3QrDC2RZvttOLk8f2vAV93v837Z_-0WLbgYu8d4T0VNIJbB0e_hE5SJD_izHUR-m5yabH24jUss9fzlp2GOpYgB75zxFhTtjOflOjNQd1cpdMEUx-DmD2K7q6iyY%2C Requested by Host: dexchangegenius.com URL: https://dexchangegenius.com/jump/next.php?r=2296799&pub_clickid=7bddd1bc30be42eca49b9c559cde374cf979&sub1=95360 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.201.124.100 , Ascension Island, ASN15169 (GOOGLE, US), Reverse DNS 100.124.201.35.bc.googleusercontent.com Software openresty / Resource Hash Request headers :method GET :authority dexchangegenius.com :scheme https :path /script/i.php?stamat=m%7C%2C%2CQiEid3f3tGU3Bk-GH0dEdHP3xP.937%2C9c8NusJmZm2vjZjCiUV4buqDdYNk0IMpWd6pNbIyptTxVEsU8FYS5GNsoSRmCFtDNiCNf-CMg-UyW9I0b9gDVJCMVNgKtzl4cVjYgdH8bW_i_VhUh7t4REUukw-ze83g1xq-legOTf3G-lVpGRnh6W7LNk6ZJpiu5Tk63OrcJgCYAl_KykEAtaodypxcb2h_vRFSEmBCwmwKX4NsyAgOO8Rw0vTcjn8QGeEYQ14Ar6avotDMKW9_FUfc7D-LYu2TlQFLXvLaPizMgynJwAklEzTAgzd1zFjBy0wCJuEXg3q4hvnDlUTXTkCzW9tFUXv0mpSgntf2kCAjhM-en82uMLmADSys59txKGeppEk77uThypkMKnIG8s9rtnklyjN5EMrwj9_6QYSWEwaNbcT9qsS7FglIKBlBuYjvy6jqJR7cESm3QrDC2RZvttOLk8f2vAV93v837Z_-0WLbgYu8d4T0VNIJbB0e_hE5SJD_izHUR-m5yabH24jUss9fzlp2GOpYgB75zxFhTtjOflOjNQd1cpdMEUx-DmD2K7q6iyY%2C pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://dexchangegenius.com/jump/next.php?r=2296799&pub_clickid=7bddd1bc30be42eca49b9c559cde374cf979&sub1=95360 Response headers status 204 server openresty date Tue, 29 Sep 2020 19:31:42 GMT access-control-allow-origin * referrer-policy no-referrer via 1.1 google alt-svc clear Redirect headers status 302 server openresty date Tue, 29 Sep 2020 19:31:42 GMT content-type text/html; charset=utf-8 access-control-allow-origin * location https://dexchangegenius.com/script/i.php?stamat=m%7C%2C%2CQiEid3f3tGU3Bk-GH0dEdHP3xP.937%2C9c8NusJmZm2vjZjCiUV4buqDdYNk0IMpWd6pNbIyptTxVEsU8FYS5GNsoSRmCFtDNiCNf-CMg-UyW9I0b9gDVJCMVNgKtzl4cVjYgdH8bW_i_VhUh7t4REUukw-ze83g1xq-legOTf3G-lVpGRnh6W7LNk6ZJpiu5Tk63OrcJgCYAl_KykEAtaodypxcb2h_vRFSEmBCwmwKX4NsyAgOO8Rw0vTcjn8QGeEYQ14Ar6avotDMKW9_FUfc7D-LYu2TlQFLXvLaPizMgynJwAklEzTAgzd1zFjBy0wCJuEXg3q4hvnDlUTXTkCzW9tFUXv0mpSgntf2kCAjhM-en82uMLmADSys59txKGeppEk77uThypkMKnIG8s9rtnklyjN5EMrwj9_6QYSWEwaNbcT9qsS7FglIKBlBuYjvy6jqJR7cESm3QrDC2RZvttOLk8f2vAV93v837Z_-0WLbgYu8d4T0VNIJbB0e_hE5SJD_izHUR-m5yabH24jUss9fzlp2GOpYgB75zxFhTtjOflOjNQd1cpdMEUx-DmD2K7q6iyY%2C via 1.1 google alt-svc clear

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdsecureme.com
dexchangegenius.com
gdmconvtrck.com
go.evatricea.com
safesecuritytrk.com
sz3v.info
216.189.51.65
2a05:d018:483:6110:43ae:ab90:e438:7931
2a05:d018:483:6130:657f:d70e:997b:df8c
3.125.239.17
35.201.124.100
47.242.139.4
1298425ee5b1026e30d1ed6a8874b09351916b9d48a40eb2b00053506261038b
a42d11686c9c5da2afa956c4c7438e8fb2a5ea524f9a65b7776191d0cac263cd
e37b534967720a27f110fa1de1bc8c56b8be4ac7ab0517dbd3feca0113b03f47

dexchangegenius.com Open in urlscan Pro 35.201.124.100 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

4 Requests

100 %HTTPS

33 %IPv6

6 Domains

6 Subdomains

3 IPs

4 Countries

5 kBTransfer

10 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

0 Cookies

Indicators

dexchangegenius.com Open in urlscan Pro
35.201.124.100 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

100 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

3
IPs

4
Countries

5 kB
Transfer

10 kB
Size

0
Cookies

4 HTTP transactions
0 data transactions