urlscan.io logo urlscan.io
SecurityTrails logo

dexchangegenius.com Open in urlscan Pro
35.201.124.100  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://a1mp.info/nbvW96ayI5
Effective URL: https://dexchangegenius.com/jump/next.php?r=2296799&pub_clickid=d1113968da4045b7b8ca3a739729fc07f979&sub1=95360
Submission: On October 01 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 5 countries across 7 domains to perform 5 HTTP transactions. The main IP is 35.201.124.100, located in Ascension Island and belongs to GOOGLE, US. The main domain is dexchangegenius.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 1st 2020. Valid for: 9 months.
This is the only time dexchangegenius.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 47.242.137.67 45102 (CNNIC-ALI...)
1 212.7.204.100 60781 (LEASEWEB-...)
1 1 216.189.51.65 6921 (ARACHNITEC)
1 1 3.126.48.135 16509 (AMAZON-02)
1 2 2a05:d018:483... 16509 (AMAZON-02)
1 2a05:d018:483... 16509 (AMAZON-02)
1 3 35.201.124.100 15169 (GOOGLE)
5 4
1    47.242.137.67 (San Mateo, United States)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)
a1mp.info
1    212.7.204.100 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
jtuzd.rdtk.io
1    216.189.51.65 (United States)

ASN6921 (ARACHNITEC, US)
PTR: 216-189-51-65.for-global-telecom.com
go.neartersco.com
1    3.126.48.135 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-48-135.eu-central-1.compute.amazonaws.com
safesecuritytrk.com
2    2a05:d018:483:6130:2c57:8f27:9a2b:a26 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
cdsecureme.com
1    2a05:d018:483:6120:813f:12dd:7e10:98e6 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
gdmconvtrck.com
3    35.201.124.100 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 100.124.201.35.bc.googleusercontent.com
dexchangegenius.com
Apex Domain
Subdomains		 Transfer
3 dexchangegenius.com
dexchangegenius.com
3 KB
2 cdsecureme.com
cdsecureme.com
4 KB
1 gdmconvtrck.com
gdmconvtrck.com
1 KB
1 safesecuritytrk.com
safesecuritytrk.com
2 KB
1 neartersco.com
go.neartersco.com
259 B
1 rdtk.io
jtuzd.rdtk.io
818 B
1 a1mp.info
a1mp.info
200 B
5 7
Domain Requested by
3 dexchangegenius.com 1 redirects gdmconvtrck.com
dexchangegenius.com
2 cdsecureme.com 1 redirects
1 gdmconvtrck.com cdsecureme.com
1 safesecuritytrk.com 1 redirects
1 go.neartersco.com 1 redirects
1 jtuzd.rdtk.io
1 a1mp.info 1 redirects
5 7

This site contains no links.

Subject Issuer Validity Valid
*.rdtk.io
GoGetSSL RSA DV CA		 2020-05-19 -
2021-08-17		 a year crt.sh
cdatassl.com
Amazon		 2020-06-18 -
2021-07-18		 a year crt.sh
gdmconvtrck.com
Amazon		 2020-03-21 -
2021-04-21		 a year crt.sh
dexchangegenius.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-01 -
2021-03-07		 9 months crt.sh

This page contains 1 frames:

Frame: https://dexchangegenius.com/script/i.php?stamat=m%7C%2C%2Cg3NmNjM6oGU3Bk-GH0dEdHP3xP.c5a%2CKBY20QkGCpvmnBgzOTonzf2ZHiVEJEySSt-BQcYIkpElzgWRKjVtBmBLLAIgAfSwdy2JIJ67IjgpOMJe4yFnPTUf2h8vaOH0O-rQK341qeP2wvVDTU_mmrJQenYKw1-CuHaV3VBKt_kinJ4Y8Z6MNMaCokWT4MhhAq8CC-I6mbkaOt6peBK3FB_rjohNKJGu78L1_3bAL37qBGbZ-DADtSpl4BAJMRTNK_p82AMa38bsxb7Ozosx8lbzyL4IrWmaJIBg-jYO8dcrzFBcHc4f6yBbhCInopF6iNeLzec7c3COMOYlwKCyv68eQArzDMAXp9GJNBhK5lpXvvKR3q8kJETK0okYUI4fEH8haPvs38PbEW8wGxxOu1Mna_ulERX_LFyhs3zFbunRS7NRvSIigkGYeVYDe4LFDI-X_K3XmlJYU_Pn1VVeXit8DMBUoJ1848pfTixs5aNwqvJPz80WxgFg4w93LN1AVA3ch-FvOdpzuNpOc5SFsFT1QReuZhdXbYgbSvPAX3TBKIW12FRe9khSgZRjwOAmcjrpPFymppM%2C
Frame ID: DFE5AFBF0DF121043C8FB770A0524EA0
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://a1mp.info/nbvW96ayI5 HTTP 302
    https://jtuzd.rdtk.io/5f749e498a55cf00019b8628?thru=thru Page URL
  2. http://go.neartersco.com/ts5603-sms-del-us?clickid=5f7607deb7f0400001119de7 HTTP 302
    https://safesecuritytrk.com/click?trvid=10037&clickid=1601570783.41-180145839-50191-&siteid=180145839_ts... HTTP 302
    https://cdsecureme.com/?a=95360&c=230096&s2=9g56olufbg4w&s1=10037 Page URL
  3. https://cdsecureme.com/?a=95360&c=187840&oc=79431&sr=t&so=87710&sc=10912976&rc=5_10912976&s1=10037&... HTTP 302
    https://dexchangegenius.com/jump/next.php?r=2296799&pub_clickid=d1113968da4045b7b8ca3a739729fc07f979&sub... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

5
Requests

100 %
HTTPS

29 %
IPv6

7
Domains

7
Subdomains

4
IPs

5
Countries

6 kB
Transfer

10 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://a1mp.info/nbvW96ayI5 HTTP 302
    https://jtuzd.rdtk.io/5f749e498a55cf00019b8628?thru=thru Page URL
  2. http://go.neartersco.com/ts5603-sms-del-us?clickid=5f7607deb7f0400001119de7 HTTP 302
    https://safesecuritytrk.com/click?trvid=10037&clickid=1601570783.41-180145839-50191-&siteid=180145839_ts5603-sms-del-us HTTP 302
    https://cdsecureme.com/?a=95360&c=230096&s2=9g56olufbg4w&s1=10037 Page URL
  3. https://cdsecureme.com/?a=95360&c=187840&oc=79431&sr=t&so=87710&sc=10912976&rc=5_10912976&s1=10037&s2=9g56olufbg4w&vt=1601570783688&h=19ddea709ee97f536e473ae19e220aa8d765cd86&req=https%3A%2F%2Fcdsecureme.com%2F%3Fa%3D95360%26c%3D230096%26s2%3D9g56olufbg4w%26s1%3D10037&us=701409ee2f66414cb19f4677b275a219 HTTP 302
    https://dexchangegenius.com/jump/next.php?r=2296799&pub_clickid=d1113968da4045b7b8ca3a739729fc07f979&sub1=95360 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://a1mp.info/nbvW96ayI5 HTTP 302
  • https://jtuzd.rdtk.io/5f749e498a55cf00019b8628?thru=thru
Request Chain 1
  • http://go.neartersco.com/ts5603-sms-del-us?clickid=5f7607deb7f0400001119de7 HTTP 302
  • https://safesecuritytrk.com/click?trvid=10037&clickid=1601570783.41-180145839-50191-&siteid=180145839_ts5603-sms-del-us HTTP 302
  • https://cdsecureme.com/?a=95360&c=230096&s2=9g56olufbg4w&s1=10037
Request Chain 3
  • https://dexchangegenius.com/jump/next.php?stamat=m%7CIuYjZ_43aQdHkAH0dEdHP3xP.761%2C7H0PozvLiGV-YkDx825CHsk49R2-WK6lTYc8jyFMYYmTHI5Yp5n9EQ91Ns3jmKiNyHZNkr7JUF3B5IM6lBdPv8dH6_03FYzPucxZiWenXooYGfBK2MMH9HqwrpP9tNfZ4eUmK4RtVcFSV_TT9-YuaQ%2C%2C&cbrandom=0.347865355160101&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=https%3A%2F%2Fcdsecureme.com%2F%3Fa%3D95360%26c%3D230096%26s2%3D9g56olufbg4w%26s1%3D10037 HTTP 302
  • https://dexchangegenius.com/script/i.php?stamat=m%7C%2C%2Cg3NmNjM6oGU3Bk-GH0dEdHP3xP.c5a%2CKBY20QkGCpvmnBgzOTonzf2ZHiVEJEySSt-BQcYIkpElzgWRKjVtBmBLLAIgAfSwdy2JIJ67IjgpOMJe4yFnPTUf2h8vaOH0O-rQK341qeP2wvVDTU_mmrJQenYKw1-CuHaV3VBKt_kinJ4Y8Z6MNMaCokWT4MhhAq8CC-I6mbkaOt6peBK3FB_rjohNKJGu78L1_3bAL37qBGbZ-DADtSpl4BAJMRTNK_p82AMa38bsxb7Ozosx8lbzyL4IrWmaJIBg-jYO8dcrzFBcHc4f6yBbhCInopF6iNeLzec7c3COMOYlwKCyv68eQArzDMAXp9GJNBhK5lpXvvKR3q8kJETK0okYUI4fEH8haPvs38PbEW8wGxxOu1Mna_ulERX_LFyhs3zFbunRS7NRvSIigkGYeVYDe4LFDI-X_K3XmlJYU_Pn1VVeXit8DMBUoJ1848pfTixs5aNwqvJPz80WxgFg4w93LN1AVA3ch-FvOdpzuNpOc5SFsFT1QReuZhdXbYgbSvPAX3TBKIW12FRe9khSgZRjwOAmcjrpPFymppM%2C

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set 5f749e498a55cf00019b8628
jtuzd.rdtk.io/
Redirect Chain
  • http://a1mp.info/nbvW96ayI5
  • https://jtuzd.rdtk.io/5f749e498a55cf00019b8628?thru=thru
220 B
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://jtuzd.rdtk.io/5f749e498a55cf00019b8628?thru=thru
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
212.7.204.100 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
a899060aa66d3c30fd6df0fd72c189acbd3e13d33bae5c4af8f8b14655a2ab3e

Request headers

Host
jtuzd.rdtk.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx
Date
Thu, 01 Oct 2020 16:46:22 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
redhash=NWY3NjA3ZGViN2YwNDAwMDAxMTE5ZGU3fDB8NWY3NDllNDk4YTU1Y2YwMDAxOWI4NjI4fHw0MWExZWViZS1mNzZmLTQ1NDktOTY2Ni00M2M0ZmZhZmFkN2V8MTYwMTU3MDc4Mg==; Path=/; Domain=jtuzd.rdtk.io; Expires=Fri, 01 Oct 2021 16:46:22 GMT; SameSite=None; Secure
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Encoding
gzip

Redirect headers

Server
nginx/1.6.2
Date
Thu, 01 Oct 2020 16:46:22 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Location
https://jtuzd.rdtk.io/5f749e498a55cf00019b8628?thru=thru
/
cdsecureme.com/
Redirect Chain
  • http://go.neartersco.com/ts5603-sms-del-us?clickid=5f7607deb7f0400001119de7
  • https://safesecuritytrk.com/click?trvid=10037&clickid=1601570783.41-180145839-50191-&siteid=180145839_ts5603-sms-del-us
  • https://cdsecureme.com/?a=95360&c=230096&s2=9g56olufbg4w&s1=10037
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdsecureme.com/?a=95360&c=230096&s2=9g56olufbg4w&s1=10037
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:483:6130:2c57:8f27:9a2b:a26 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
552b73ee76cf8c66dec2727a1fca9aeda81a62d1e34493e167b85ca65cdacbb9

Request headers

:method
GET
:authority
cdsecureme.com
:scheme
https
:path
/?a=95360&c=230096&s2=9g56olufbg4w&s1=10037
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://jtuzd.rdtk.io/5f749e498a55cf00019b8628?thru=thru

Response headers

status
200
date
Thu, 01 Oct 2020 16:46:23 GMT
content-type
text/html;charset=utf-8
server
nginx
vary
Accept-Encoding
cache-control
no-cache, must-revalidate
pragma
no-cache
expires
Sat, 1 May 2020 12:00:00 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
content-encoding
gzip

Redirect headers

status
302
server
nginx
date
Thu, 01 Oct 2020 16:46:23 GMT
content-type
text/html; charset=utf-8
content-length
100
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
expires
Thu, 01 Jan 1970 00:00:00 UTC
location
https://cdsecureme.com/?a=95360&c=230096&s2=9g56olufbg4w&s1=10037
pragma
no-cache
set-cookie
ClickDataNG=H4sIAAAAAAAA_3xT7WojNxR9leH-2gV5LM2nPcUsrgvNsnG34E0bSiHImmtbWJYGfTh1k7x70czENYXuP91zr3SOjo5e4IzWSaOhAZbSlAIBf-kQGkrAhe2397Uw-ozWYwvNjiuHBISS4vi5hQbm-7IyKuy2--IZCLTcIzSsoqysaT3LCQh-6rjc6zjNKM1rAtKtfl1ez7LGcy9NPxC7NiiMa0rAYistCr9GfzAtNBkBZ4IVfb8goLhupd6P02P1YBU0AATMboe2p82yeiyH5sH7zjXTqWgdimDxhKkwp-knvpiXeUX_DJRmlVhkOaXzaqhctri96giyRX8liB45P2o-ow6DcR2_mOChyehIvwrWohYXaOBh8xMQCFbe6HF8h70i6S_eHntRvdWfvD3LdiAb1UU4Qler04JN2Iyyopzl80lJ2ZxNRpnSYxx9bz55V1Y0n7iTm7SoJsEBAdkt29aiczENszJlZZWyukwZrW-71eBtcGiXe9QeGlibv6VSfFqmNPmw5kJqb9zhh-Sz9qiSNRfJ103ymDD6xIqn8mOy7DqFv-P2i_TTMq_TvEo-fLn7tr4niZJHTH5GcTQfk9XBmhNOZ3lK04LRPK1YsuE7buW4C6LZO7RoB00tnqXAa2pNvMmai6-bxxgG99u_YacpK9ISCGyteXb9_oHtesqPlusY717rFV2bFtUt2S_8hEMtBt64lK6LzFlRJ_e-7bMRtLfx0Vd3vej9oGN19_r6R7BSHOKQ9Jf_Yh23qP0qPvUYaSv3Ut93N5C3XDsuhh_koNFBKQIiOG9O0LwA_uXRaq763_r9tACBM-uf__-D8vb2TwAAAP__m1tu8jcEAAA=; Expires=Sat, 31 Oct 2020 16:46:23 GMT; SameSite=None; Secure ClickDataNgFall=H4sIAAAAAAAA_3xT7WojNxR9leH-2gV5LM2nPcUsrgvNsnG34E0bSiHImmtbWJYGfTh1k7x70czENYXuP91zr3SOjo5e4IzWSaOhAZbSlAIBf-kQGkrAhe2397Uw-ozWYwvNjiuHBISS4vi5hQbm-7IyKuy2--IZCLTcIzSsoqysaT3LCQh-6rjc6zjNKM1rAtKtfl1ez7LGcy9NPxC7NiiMa0rAYistCr9GfzAtNBkBZ4IVfb8goLhupd6P02P1YBU0AATMboe2p82yeiyH5sH7zjXTqWgdimDxhKkwp-knvpiXeUX_DJRmlVhkOaXzaqhctri96giyRX8liB45P2o-ow6DcR2_mOChyehIvwrWohYXaOBh8xMQCFbe6HF8h70i6S_eHntRvdWfvD3LdiAb1UU4Qler04JN2Iyyopzl80lJ2ZxNRpnSYxx9bz55V1Y0n7iTm7SoJsEBAdkt29aiczENszJlZZWyukwZrW-71eBtcGiXe9QeGlibv6VSfFqmNPmw5kJqb9zhh-Sz9qiSNRfJ103ymDD6xIqn8mOy7DqFv-P2i_TTMq_TvEo-fLn7tr4niZJHTH5GcTQfk9XBmhNOZ3lK04LRPK1YsuE7buW4C6LZO7RoB00tnqXAa2pNvMmai6-bxxgG99u_YacpK9ISCGyteXb9_oHtesqPlusY717rFV2bFtUt2S_8hEMtBt64lK6LzFlRJ_e-7bMRtLfx0Vd3vej9oGN19_r6R7BSHOKQ9Jf_Yh23qP0qPvUYaSv3Ut93N5C3XDsuhh_koNFBKQIiOG9O0LwA_uXRaq763_r9tACBM-uf__-D8vb2TwAAAP__m1tu8jcEAAA=; Expires=Sat, 31 Oct 2020 16:46:23 GMT
user
gdmconvtrck.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdmconvtrck.com/user?a=95360&c=187840
Requested by
Host: cdsecureme.com
URL: https://cdsecureme.com/?a=95360&c=230096&s2=9g56olufbg4w&s1=10037
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:483:6120:813f:12dd:7e10:98e6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3e929fd5abf3408405c1535e70b490dfcf8b7a689d1b5c30509e1382193fd310

Request headers

Referer
https://cdsecureme.com/?a=95360&c=230096&s2=9g56olufbg4w&s1=10037
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Oct 2020 16:46:23 GMT
content-encoding
gzip
server
nginx
status
200
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*, *
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
expires
Sat, 1 May 2020 12:00:00 GMT
Primary Request next.php
dexchangegenius.com/jump/
Redirect Chain
  • https://cdsecureme.com/?a=95360&c=187840&oc=79431&sr=t&so=87710&sc=10912976&rc=5_10912976&s1=10037&s2=9g56olufbg4w&vt=1601570783688&h=19ddea709ee97f536e473ae19e220aa8d765cd86&req=https%3A%2F%2Fcdse...
  • https://dexchangegenius.com/jump/next.php?r=2296799&pub_clickid=d1113968da4045b7b8ca3a739729fc07f979&sub1=95360
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dexchangegenius.com/jump/next.php?r=2296799&pub_clickid=d1113968da4045b7b8ca3a739729fc07f979&sub1=95360
Requested by
Host: gdmconvtrck.com
URL: https://gdmconvtrck.com/user?a=95360&c=187840
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.124.100 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
100.124.201.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
7eb6d5cab3ae4f6ebeb00a097ab63ab9f84877a3ac75f79b918b81ebc95ffe4c

Request headers

:method
GET
:authority
dexchangegenius.com
:scheme
https
:path
/jump/next.php?r=2296799&pub_clickid=d1113968da4045b7b8ca3a739729fc07f979&sub1=95360
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://cdsecureme.com/?a=95360&c=230096&s2=9g56olufbg4w&s1=10037
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://cdsecureme.com/?a=95360&c=230096&s2=9g56olufbg4w&s1=10037

Response headers

status
200
server
openresty
date
Thu, 01 Oct 2020 16:46:23 GMT
content-type
text/html; charset=utf-8
access-control-allow-origin
*
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

status
302
date
Thu, 01 Oct 2020 16:46:23 GMT
content-type
text/html;charset=ISO-8859-1
location
https://dexchangegenius.com/jump/next.php?r=2296799&pub_clickid=d1113968da4045b7b8ca3a739729fc07f979&sub1=95360
server
nginx
set-cookie
gdm_uid_v2_1_001=et3PqYupXLfZM+kpHvrzfbOHHHA2e0I5cHJgCnEOfLhi2gLYNF/T65CYNhVue+IJ; Expires=Wed, 30-Dec-2020 16:46:23 GMT; Path=/; Secure; SameSite=None gdm_click_adv_freq_v2_1_001=WGP2hL1mCj4amHrx09xylyq5OK8bkoSQOwf+Z+r+9XSdc6aeOReBX1bmjwmOFmr6; Expires=Wed, 30-Dec-2020 16:46:23 GMT; Path=/; Secure; SameSite=None gdm_suid_v1_1_001=et3PqYupXLfZM+kpHvrzfbOHHHA2e0I5cHJgCnEOfLhi2gLYNF/T65CYNhVue+IJ; Expires=Wed, 30-Dec-2020 16:46:23 GMT; Path=/ gdm_sid_v2_3_001=RMkNt1uWBoS5MkEoKZp+vGUND+LuLqQabM7CPwOEypOXtSu8cifa9nCl0gJ0mw477thvtAoFu6S/kuddoOKU4rBg5O17nS0ZxEzDiovkhvXPKYX/qHql+UZmfI7VKyttuXBYGW1aBWc9b1QdEeWCirg3IOWmlOtBmrXaqd4q7wEtz0T4uhUYdoVJy6ZR3qMwlTj8oE8/Bl22W6CbUuJ0TiiNLmb6EArrGh4sbIuXCbdGK3Z/nQcTGpX1HNQcWVN7dTg96FNE8lbmj+IdP8ennt/KLXIKVMsh6qTGBkrvZBZ7VnwrIajMyRdM2Qed5bNQyxv/rHx1uzkQWRQaS3p/lJ9uZguBDkOWm0v0+/Iq00nyM9dgkQosgCO8AGvwlAdgiBvD1j/IINpB/eT2g7MyubFauFRVuU/ESaPD+Fi8kfdk1ZRFfXU6Im9vlUrZvl4z7WtJey5ppfVAU2vEiJ7XEkg6X0VMCeWJSbO3PFO7HodFsMFGAgJ0qtxdtdR2KnWnidAzk0VaNtZjL5YPV5cmI5nFDfyrG5GN3N/BjyIoQxSJDQF3XUzrthL/Knue0oXYKG7R9pXqy7DmiCZRAYHrj3TC/lEhUCN1uNjgYOkdh9N6TMaslJwzActYUHMaDst/BQ90eh9Y11pnbAjEBUuX8RkbgVqcjTq6yUNDiop/0BJJ9LHaUPb5B2clUjOi9z+1m1LdVnLKxBuo8BGCp0j4TAKerqnh/ghkc4Un/VeOuzLgQVtPeUAKEaFqTzDwZfDLXNX+QsQ7IsXcgPpbfpZ2Wm98ZFv0yj9yETa2uHlNImxjkPz4cmRhWx3po1KEZkWHrP9K4QpfAtK820bjFH6bo+zD8wyVYIfifAiuJai0+c4/Y6HdqZKkFKSzSG+ucMBJ/GXh3P8eRseMnKAryv+A9QbHQPdU0FDCDwGbvqQXgUGiGcpxBXVctoxb65sOtpwR7KGKeyaj3CCVXGAs0dE8lzYS3/YR2nFOnGp3nToTDb5v9ehW9ikzgCMGcOzIzQBgrDoRIH59Tcx7UGZnppkDENEapL4xQgiOn57RzNOrAeWFGLkI7XfV3hNtMhq7UoM4/VPsi2tg+YrvbUKAWuZgCAq0QKZRuLO7OPCCBXKOm/2TvMtLL3tOWVB+LUbAWLbqIY/6WS3imob2/mnkSWqlPqLHz5/swq+OIM15bu4cAzg=; Expires=Wed, 30-Dec-2020 16:46:23 GMT; Path=/; Secure; SameSite=None gdm_uid_v1_1_001=et3PqYupXLfZM+kpHvrzfbOHHHA2e0I5cHJgCnEOfLhi2gLYNF/T65CYNhVue+IJ; Expires=Wed, 30-Dec-2020 16:46:23 GMT; Path=/ gdm_click_adv_freq_v1_1_001=WGP2hL1mCj4amHrx09xylyq5OK8bkoSQOwf+Z+r+9XSdc6aeOReBX1bmjwmOFmr6; Expires=Wed, 30-Dec-2020 16:46:23 GMT; Path=/ gdm_sid_v1_3_001=RMkNt1uWBoS5MkEoKZp+vGUND+LuLqQabM7CPwOEypOXtSu8cifa9nCl0gJ0mw477thvtAoFu6S/kuddoOKU4rBg5O17nS0ZxEzDiovkhvXPKYX/qHql+UZmfI7VKyttuXBYGW1aBWc9b1QdEeWCirg3IOWmlOtBmrXaqd4q7wEtz0T4uhUYdoVJy6ZR3qMwlTj8oE8/Bl22W6CbUuJ0TiiNLmb6EArrGh4sbIuXCbdGK3Z/nQcTGpX1HNQcWVN7dTg96FNE8lbmj+IdP8ennt/KLXIKVMsh6qTGBkrvZBZ7VnwrIajMyRdM2Qed5bNQyxv/rHx1uzkQWRQaS3p/lJ9uZguBDkOWm0v0+/Iq00nyM9dgkQosgCO8AGvwlAdgiBvD1j/IINpB/eT2g7MyubFauFRVuU/ESaPD+Fi8kfdk1ZRFfXU6Im9vlUrZvl4z7WtJey5ppfVAU2vEiJ7XEkg6X0VMCeWJSbO3PFO7HodFsMFGAgJ0qtxdtdR2KnWnidAzk0VaNtZjL5YPV5cmI5nFDfyrG5GN3N/BjyIoQxSJDQF3XUzrthL/Knue0oXYKG7R9pXqy7DmiCZRAYHrj3TC/lEhUCN1uNjgYOkdh9N6TMaslJwzActYUHMaDst/BQ90eh9Y11pnbAjEBUuX8RkbgVqcjTq6yUNDiop/0BJJ9LHaUPb5B2clUjOi9z+1m1LdVnLKxBuo8BGCp0j4TAKerqnh/ghkc4Un/VeOuzLgQVtPeUAKEaFqTzDwZfDLXNX+QsQ7IsXcgPpbfpZ2Wm98ZFv0yj9yETa2uHlNImxjkPz4cmRhWx3po1KEZkWHrP9K4QpfAtK820bjFH6bo+zD8wyVYIfifAiuJai0+c4/Y6HdqZKkFKSzSG+ucMBJ/GXh3P8eRseMnKAryv+A9QbHQPdU0FDCDwGbvqQXgUGiGcpxBXVctoxb65sOtpwR7KGKeyaj3CCVXGAs0dE8lzYS3/YR2nFOnGp3nToTDb5v9ehW9ikzgCMGcOzIzQBgrDoRIH59Tcx7UGZnppkDENEapL4xQgiOn57RzNOrAeWFGLkI7XfV3hNtMhq7UoM4/VPsi2tg+YrvbUKAWuZgCAq0QKZRuLO7OPCCBXKOm/2TvMtLL3tOWVB+LUbAWLbqIY/6WS3imob2/mnkSWqlPqLHz5/swq+OIM15bu4cAzg=; Expires=Wed, 30-Dec-2020 16:46:23 GMT; Path=/ gdm_suid_v2_1_001=et3PqYupXLfZM+kpHvrzfbOHHHA2e0I5cHJgCnEOfLhi2gLYNF/T65CYNhVue+IJ; Expires=Wed, 30-Dec-2020 16:46:23 GMT; Path=/; Secure; SameSite=None gdm_click_freq_v2_1_001=Qb994F057zYKPZOD6wXUdNEn5R7aTZnY8g4yZSKen2nwI7q1LAFuWqyBqZorOdBN; Expires=Wed, 30-Dec-2020 16:46:23 GMT; Path=/; Secure; SameSite=None gdm_click_freq_v1_1_001=Qb994F057zYKPZOD6wXUdNEn5R7aTZnY8g4yZSKen2nwI7q1LAFuWqyBqZorOdBN; Expires=Wed, 30-Dec-2020 16:46:23 GMT; Path=/
content-language
en-US
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
i.php
dexchangegenius.com/script/
Redirect Chain
  • https://dexchangegenius.com/jump/next.php?stamat=m%7CIuYjZ_43aQdHkAH0dEdHP3xP.761%2C7H0PozvLiGV-YkDx825CHsk49R2-WK6lTYc8jyFMYYmTHI5Yp5n9EQ91Ns3jmKiNyHZNkr7JUF3B5IM6lBdPv8dH6_03FYzPucxZiWenXooYGfBK2...
  • https://dexchangegenius.com/script/i.php?stamat=m%7C%2C%2Cg3NmNjM6oGU3Bk-GH0dEdHP3xP.c5a%2CKBY20QkGCpvmnBgzOTonzf2ZHiVEJEySSt-BQcYIkpElzgWRKjVtBmBLLAIgAfSwdy2JIJ67IjgpOMJe4yFnPTUf2h8vaOH0O-rQK341qe...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://dexchangegenius.com/script/i.php?stamat=m%7C%2C%2Cg3NmNjM6oGU3Bk-GH0dEdHP3xP.c5a%2CKBY20QkGCpvmnBgzOTonzf2ZHiVEJEySSt-BQcYIkpElzgWRKjVtBmBLLAIgAfSwdy2JIJ67IjgpOMJe4yFnPTUf2h8vaOH0O-rQK341qeP2wvVDTU_mmrJQenYKw1-CuHaV3VBKt_kinJ4Y8Z6MNMaCokWT4MhhAq8CC-I6mbkaOt6peBK3FB_rjohNKJGu78L1_3bAL37qBGbZ-DADtSpl4BAJMRTNK_p82AMa38bsxb7Ozosx8lbzyL4IrWmaJIBg-jYO8dcrzFBcHc4f6yBbhCInopF6iNeLzec7c3COMOYlwKCyv68eQArzDMAXp9GJNBhK5lpXvvKR3q8kJETK0okYUI4fEH8haPvs38PbEW8wGxxOu1Mna_ulERX_LFyhs3zFbunRS7NRvSIigkGYeVYDe4LFDI-X_K3XmlJYU_Pn1VVeXit8DMBUoJ1848pfTixs5aNwqvJPz80WxgFg4w93LN1AVA3ch-FvOdpzuNpOc5SFsFT1QReuZhdXbYgbSvPAX3TBKIW12FRe9khSgZRjwOAmcjrpPFymppM%2C
Requested by
Host: dexchangegenius.com
URL: https://dexchangegenius.com/jump/next.php?r=2296799&pub_clickid=d1113968da4045b7b8ca3a739729fc07f979&sub1=95360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.124.100 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
100.124.201.35.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

:method
GET
:authority
dexchangegenius.com
:scheme
https
:path
/script/i.php?stamat=m%7C%2C%2Cg3NmNjM6oGU3Bk-GH0dEdHP3xP.c5a%2CKBY20QkGCpvmnBgzOTonzf2ZHiVEJEySSt-BQcYIkpElzgWRKjVtBmBLLAIgAfSwdy2JIJ67IjgpOMJe4yFnPTUf2h8vaOH0O-rQK341qeP2wvVDTU_mmrJQenYKw1-CuHaV3VBKt_kinJ4Y8Z6MNMaCokWT4MhhAq8CC-I6mbkaOt6peBK3FB_rjohNKJGu78L1_3bAL37qBGbZ-DADtSpl4BAJMRTNK_p82AMa38bsxb7Ozosx8lbzyL4IrWmaJIBg-jYO8dcrzFBcHc4f6yBbhCInopF6iNeLzec7c3COMOYlwKCyv68eQArzDMAXp9GJNBhK5lpXvvKR3q8kJETK0okYUI4fEH8haPvs38PbEW8wGxxOu1Mna_ulERX_LFyhs3zFbunRS7NRvSIigkGYeVYDe4LFDI-X_K3XmlJYU_Pn1VVeXit8DMBUoJ1848pfTixs5aNwqvJPz80WxgFg4w93LN1AVA3ch-FvOdpzuNpOc5SFsFT1QReuZhdXbYgbSvPAX3TBKIW12FRe9khSgZRjwOAmcjrpPFymppM%2C
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://dexchangegenius.com/jump/next.php?r=2296799&pub_clickid=d1113968da4045b7b8ca3a739729fc07f979&sub1=95360

Response headers

status
204
server
openresty
date
Thu, 01 Oct 2020 16:46:24 GMT
access-control-allow-origin
*
referrer-policy
no-referrer
via
1.1 google
alt-svc
clear

Redirect headers

status
302
server
openresty
date
Thu, 01 Oct 2020 16:46:24 GMT
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://dexchangegenius.com/script/i.php?stamat=m%7C%2C%2Cg3NmNjM6oGU3Bk-GH0dEdHP3xP.c5a%2CKBY20QkGCpvmnBgzOTonzf2ZHiVEJEySSt-BQcYIkpElzgWRKjVtBmBLLAIgAfSwdy2JIJ67IjgpOMJe4yFnPTUf2h8vaOH0O-rQK341qeP2wvVDTU_mmrJQenYKw1-CuHaV3VBKt_kinJ4Y8Z6MNMaCokWT4MhhAq8CC-I6mbkaOt6peBK3FB_rjohNKJGu78L1_3bAL37qBGbZ-DADtSpl4BAJMRTNK_p82AMa38bsxb7Ozosx8lbzyL4IrWmaJIBg-jYO8dcrzFBcHc4f6yBbhCInopF6iNeLzec7c3COMOYlwKCyv68eQArzDMAXp9GJNBhK5lpXvvKR3q8kJETK0okYUI4fEH8haPvs38PbEW8wGxxOu1Mna_ulERX_LFyhs3zFbunRS7NRvSIigkGYeVYDe4LFDI-X_K3XmlJYU_Pn1VVeXit8DMBUoJ1848pfTixs5aNwqvJPz80WxgFg4w93LN1AVA3ch-FvOdpzuNpOc5SFsFT1QReuZhdXbYgbSvPAX3TBKIW12FRe9khSgZRjwOAmcjrpPFymppM%2C
via
1.1 google
alt-svc
clear

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| inIframe function| checkDocumentBody function| documentAsyncWriteElementFromHtml function| ReopenUrlBuilder object| browser function| preppopedRedirect

1 Cookies

Domain/Path Name / Value
.jtuzd.rdtk.io/ Name: redhash
Value: NWY3NjA3ZGViN2YwNDAwMDAxMTE5ZGU3fDB8NWY3NDllNDk4YTU1Y2YwMDAxOWI4NjI4fHw0MWExZWViZS1mNzZmLTQ1NDktOTY2Ni00M2M0ZmZhZmFkN2V8MTYwMTU3MDc4Mg==