urlscan.io logo urlscan.io
SecurityTrails logo

genialskin.click Open in urlscan Pro
188.114.96.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://dfsfs.sonitix.exchange/4XEZxF1779EsHT177cxwjwnfxko13649SPTLWKGKNLNAGZT3280UJHI6521b13
Effective URL: https://genialskin.click/?s1=350109&s2=1093626692&s3=1782&s4=1710&ow=&s10=739
Submission: On November 25 via manual from GB — Scanned from GE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 5 HTTP transactions. The main IP is 188.114.96.3, located in and belongs to . The main domain is genialskin.click.
TLS certificate: Issued by GTS CA 1P5 on November 5th 2023. Valid for: 3 months.
This is the only time genialskin.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 185.246.85.66 21409 (IKOULA)
1 91.236.120.129 57271 (BITWEB-AS)
1 188.114.96.3 ()
5 4
Domain Requested by
2 dfsfs.sonitix.exchange dfsfs.sonitix.exchange
1 genialskin.click heloimsand.com
genialskin.click
1 heloimsand.com dfsfs.sonitix.exchange
5 3

This site contains no links.

Subject Issuer Validity Valid
heloimsand.com
R3		 2023-11-06 -
2024-02-04		 3 months crt.sh
genialskin.click
GTS CA 1P5		 2023-11-05 -
2024-02-03		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://genialskin.click/?s1=350109&s2=1093626692&s3=1782&s4=1710&ow=&s10=739
Frame ID: 29E0F525AA3491EE015678E53B9FA391
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://dfsfs.sonitix.exchange/4XEZxF1779EsHT177cxwjwnfxko13649SPTLWKGKNLNAGZT3280UJHI6521b13 Page URL
  2. http://dfsfs.sonitix.exchange/t/4XEZxF1779EsHT177cxwjwnfxko13649SPTLWKGKNLNAGZT3280UJHI6521b13 Page URL
  3. https://heloimsand.com/0/0/0/fd167c9c6a172f7f992f18ed3a6d5050/13/177-1779/13649-3280-6521 Page URL
  4. https://genialskin.click/?s1=350109&s2=1093626692&s3=1782&s4=1710&ow=&s10=739 Page URL

Page Statistics

5
Requests

40 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

3 kB
Transfer

3 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://dfsfs.sonitix.exchange/4XEZxF1779EsHT177cxwjwnfxko13649SPTLWKGKNLNAGZT3280UJHI6521b13 Page URL
  2. http://dfsfs.sonitix.exchange/t/4XEZxF1779EsHT177cxwjwnfxko13649SPTLWKGKNLNAGZT3280UJHI6521b13 Page URL
  3. https://heloimsand.com/0/0/0/fd167c9c6a172f7f992f18ed3a6d5050/13/177-1779/13649-3280-6521 Page URL
  4. https://genialskin.click/?s1=350109&s2=1093626692&s3=1782&s4=1710&ow=&s10=739 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
4XEZxF1779EsHT177cxwjwnfxko13649SPTLWKGKNLNAGZT3280UJHI6521b13
dfsfs.sonitix.exchange/ 		458 B
710 B 		Document
General
Check archive.org
Download Go to
Full URL
http://dfsfs.sonitix.exchange/4XEZxF1779EsHT177cxwjwnfxko13649SPTLWKGKNLNAGZT3280UJHI6521b13
Protocol
HTTP/1.1
Server
185.246.85.66 , France, ASN21409 (IKOULA, FR),
Reverse DNS
frhb83718ds.ikexpress.com
Software
/
Resource Hash
0f3a07f36d6bddee418f7d7548bc165b09817e10764a359d2773388cdec9ff8a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

Content-Length
458
Content-Type
text/html; charset=utf-8
Date
Sat, 25 Nov 2023 22:53:18 GMT
X-Address
gin_throttle_mw_360000000000_81.17.123.228
X-Ratelimit-Limit
10
X-Ratelimit-Remaining
9
X-Ratelimit-Reset
1700956398
4XEZxF1779EsHT177cxwjwnfxko13649SPTLWKGKNLNAGZT3280UJHI6521b13
dfsfs.sonitix.exchange/t/ 		304 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
http://dfsfs.sonitix.exchange/t/4XEZxF1779EsHT177cxwjwnfxko13649SPTLWKGKNLNAGZT3280UJHI6521b13
Requested by
Host: dfsfs.sonitix.exchange
URL: http://dfsfs.sonitix.exchange/4XEZxF1779EsHT177cxwjwnfxko13649SPTLWKGKNLNAGZT3280UJHI6521b13
Protocol
HTTP/1.1
Server
185.246.85.66 , France, ASN21409 (IKOULA, FR),
Reverse DNS
frhb83718ds.ikexpress.com
Software
/
Resource Hash
152119bf284f5510a4051ccf004c43745f25296e7a5dface0356100b151b8567

Request headers

Referer
http://dfsfs.sonitix.exchange/4XEZxF1779EsHT177cxwjwnfxko13649SPTLWKGKNLNAGZT3280UJHI6521b13
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

Content-Length
304
Content-Type
text/html; charset=utf-8
Date
Sat, 25 Nov 2023 22:53:19 GMT
X-Address
gin_throttle_mw_360000000000_81.17.123.228
X-Ratelimit-Limit
10
X-Ratelimit-Remaining
8
X-Ratelimit-Reset
1700956398
13649-3280-6521
heloimsand.com/0/0/0/fd167c9c6a172f7f992f18ed3a6d5050/13/177-1779/ 		140 B
434 B 		Document
General
Check archive.org
Download Go to
Full URL
https://heloimsand.com/0/0/0/fd167c9c6a172f7f992f18ed3a6d5050/13/177-1779/13649-3280-6521
Requested by
Host: dfsfs.sonitix.exchange
URL: http://dfsfs.sonitix.exchange/t/4XEZxF1779EsHT177cxwjwnfxko13649SPTLWKGKNLNAGZT3280UJHI6521b13
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.236.120.129 , Russian Federation, ASN57271 (BITWEB-AS, RU),
Reverse DNS
235019.bitweb.ru
Software
Apache /
Resource Hash

Request headers

Referer
http://dfsfs.sonitix.exchange/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

content-length
140
content-type
text/html; charset=UTF-8
date
Sat, 25 Nov 2023 22:53:16 GMT
server
Apache
Primary Request /
genialskin.click/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://genialskin.click/?s1=350109&s2=1093626692&s3=1782&s4=1710&ow=&s10=739
Requested by
Host: heloimsand.com
URL: https://heloimsand.com/0/0/0/fd167c9c6a172f7f992f18ed3a6d5050/13/177-1779/13649-3280-6521
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
aeb696e15ec62e8b0326fb7dc13d11ebfba2891cad03e93863da2f49d2ce38e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://heloimsand.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
82bd77844a072dcf-TBS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 25 Nov 2023 22:53:17 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xml2wrpVdY4fMi4ML%2BMl%2Bmb77xmD2UTbvhUcHA%2B%2BXid5aEZGL7Q5nVQATMbo22r4cbfk6v9Nox5BBO7rFZoHuWStQZEBTtn5TDRXMAnC05FPURGO6vtZP93zudG8r1iUiG28"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
446b24c1a07b7448161b6fccdfd3cbff
genialskin.click/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
genialskin.click
URL
https://genialskin.click/446b24c1a07b7448161b6fccdfd3cbff?_ax=w

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

1 Cookies

Domain/Path Name / Value
heloimsand.com/ Name: uid1782
Value: 1093626692-20231125175316-df27bfdbc74b17ddd0f6349a7c69c07d-0