![](/screenshots/3677bbf9-a661-4018-9b28-395814426074.png)
directdexchange.com
Open in
urlscan Pro
35.201.70.46
Public Scan
Effective URL: https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-6b9db39e7-617-5f0f018d2bdea5690c593f07
Submission: On July 20 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 25th 2023. Valid for: a year.
This is the only time directdexchange.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 2a02:4780:1:5... 2a02:4780:1:549:0:f1c:1c85:d | 47583 (AS-HOSTINGER) (AS-HOSTINGER) | |
3 | 2606:4700::68... 2606:4700::6812:bcf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2606:4700:10:... 2606:4700:10::6814:51d | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 54.39.156.32 54.39.156.32 | 16276 (OVH) (OVH) | |
1 1 | 2606:4700:10:... 2606:4700:10::ac43:162d | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 2606:4700:303... 2606:4700:3035::6815:1e0b | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 2606:4700:303... 2606:4700:3030::6815:4620 | () () | |
1 | 35.201.70.46 35.201.70.46 | () () | |
9 | 5 |
ASN47583 (AS-HOSTINGER, CY)
mildsag.online |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
histats.com
s10.histats.com — Cisco Umbrella Rank: 13679 s4.histats.com — Cisco Umbrella Rank: 13632 |
11 KB |
3 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 920 |
34 KB |
2 |
mildsag.online
mildsag.online |
31 KB |
1 |
directdexchange.com
directdexchange.com |
|
1 |
u1pmt.com
1 redirects
t.u1pmt.com |
507 B |
1 |
44tdfa.com
1 redirects
44tdfa.com — Cisco Umbrella Rank: 783508 |
727 B |
1 |
affforce.com
1 redirects
www.affforce.com |
640 B |
9 | 7 |
Domain | Requested by | |
---|---|---|
3 | maxcdn.bootstrapcdn.com |
mildsag.online
|
2 | s10.histats.com |
mildsag.online
s10.histats.com |
2 | mildsag.online |
mildsag.online
|
1 | directdexchange.com | |
1 | t.u1pmt.com | 1 redirects |
1 | 44tdfa.com | 1 redirects |
1 | www.affforce.com | 1 redirects |
1 | s4.histats.com |
s10.histats.com
|
9 | 8 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
histats.com R3 |
2023-06-06 - 2023-09-04 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-13 - 2024-05-11 |
a year | crt.sh |
directdexchange.com Sectigo RSA Domain Validation Secure Server CA |
2023-01-25 - 2024-01-25 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-6b9db39e7-617-5f0f018d2bdea5690c593f07
Frame ID: 4FDC29F2FC7BC5D80EF4127E5E80AFF4
Requests: 9 HTTP requests in this frame
Screenshot
![](/screenshots/3677bbf9-a661-4018-9b28-395814426074.png)
Page URL History Show full URLs
- http://mildsag.online/register.php?sub=RL9 Page URL
-
https://www.affforce.com/scripts/un981c6l?a_aid=b9db39e7&a_bid=a6ae2671&chan=RL9
HTTP 301
https://44tdfa.com/g?visitorid=70f937c989b8886a63c968eYvi9FD2Rn&refid=b9db39e7&bannerid=a6ae267... HTTP 302
https://t.u1pmt.com/click?pid=6&offer_id=617&ref_id=70f937c989b8886a63c968eYvi9FD2Rn_b9db39e7_a6... HTTP 302
https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-6b9db39e7-617-5f0f018d2bdea5690c593f07 Page URL
Detected technologies
Detected patterns
- \.php(?:$|\?)
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
![](/vendor/wappa/icons/Font Awesome.png)
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://mildsag.online/register.php?sub=RL9 Page URL
-
https://www.affforce.com/scripts/un981c6l?a_aid=b9db39e7&a_bid=a6ae2671&chan=RL9
HTTP 301
https://44tdfa.com/g?visitorid=70f937c989b8886a63c968eYvi9FD2Rn&refid=b9db39e7&bannerid=a6ae2671&extra_data1=&extra_data2= HTTP 302
https://t.u1pmt.com/click?pid=6&offer_id=617&ref_id=70f937c989b8886a63c968eYvi9FD2Rn_b9db39e7_a6ae2671&sub1=b9db39e7&sub8= HTTP 302
https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-6b9db39e7-617-5f0f018d2bdea5690c593f07 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
register.php
mildsag.online/ |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ |
23 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/ |
115 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap-theme.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/ |
19 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
load.gif
mildsag.online/include/images/ |
29 KB 30 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js15_as.js
s10.histats.com/ |
11 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0.php
s4.histats.com/stats/ |
47 B 181 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cc_511.js
s10.histats.com/counters/ |
15 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
next.php
directdexchange.com/jump/ Redirect Chain
|
7 KB 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
10 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
mildsag.online/ | Name: HstCfa4661513 Value: 1689866160757 |
|
mildsag.online/ | Name: HstCla4661513 Value: 1689866160757 |
|
mildsag.online/ | Name: HstCmu4661513 Value: 1689866160757 |
|
mildsag.online/ | Name: HstPn4661513 Value: 1 |
|
mildsag.online/ | Name: HstPt4661513 Value: 1 |
|
mildsag.online/ | Name: HstCnv4661513 Value: 1 |
|
mildsag.online/ | Name: HstCns4661513 Value: 1 |
|
www.affforce.com/ | Name: PAPAffiliateId Value: b9db39e7 |
|
www.affforce.com/ | Name: PAPVisitorId Value: 70f937c989b8886a63c968eYvi9FD2Rn |
|
.affforce.com/ | Name: __cf_bm Value: wfyz9yVHAInx3kkcS189c9DYeNXYwFg1BMN.ILpqERo-1689866161-0-AUTNZMU4NWg3Qmtctfd8+NE2DUVQrGn+T63yRhSNzk3D3GILHKI/jaPperJSmzImyNrd7LHHF/9Xgj3bJIS4t9w= |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
44tdfa.com
directdexchange.com
maxcdn.bootstrapcdn.com
mildsag.online
s10.histats.com
s4.histats.com
t.u1pmt.com
www.affforce.com
2606:4700:10::6814:51d
2606:4700:10::ac43:162d
2606:4700:3030::6815:4620
2606:4700:3035::6815:1e0b
2606:4700::6812:bcf
2a02:4780:1:549:0:f1c:1c85:d
35.201.70.46
54.39.156.32
056c49d5e33c04e80cc64e849f28b2d64398c56a86650788fe73207fa4c6823c
1bb51eadbab4459383cbbd6a7721ca3d31151d3fc8d6f53aed4c596122cafbf2
2453e31f9c5e0dbee528d11f97a85edf897ed93406954ce8e475f0244abf249a
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
9eb442caf593ea96298bcb44a7fb79f24c414ceeece61aea0357e44008889602
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5