urlscan.io logo urlscan.io
SecurityTrails logo

directdexchange.com Open in urlscan Pro
35.201.70.46  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://mildsag.online/register.php?sub=RL9
Effective URL: https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-6b9db39e7-617-5f0f018d2bdea5690c593f07
Submission: On July 20 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 7 domains to perform 9 HTTP transactions. The main IP is 35.201.70.46, located in and belongs to . The main domain is directdexchange.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 25th 2023. Valid for: a year.
This is the only time directdexchange.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2a02:4780:1:5... 47583 (AS-HOSTINGER)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 54.39.156.32 16276 (OVH)
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... ()
1 35.201.70.46 ()
9 5
2    2a02:4780:1:549:0:f1c:1c85:d (Asheville, United States)

ASN47583 (AS-HOSTINGER, CY)
mildsag.online
3    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    2606:4700:10::6814:51d (United States)

ASN13335 (CLOUDFLARENET, US)
s10.histats.com
1    54.39.156.32 (Québec, Canada)

ASN16276 (OVH, FR)
PTR: ns562579.ip-54-39-156.net
s4.histats.com
1    2606:4700:10::ac43:162d (United States)

ASN13335 (CLOUDFLARENET, US)
www.affforce.com
1    2606:4700:3035::6815:1e0b (United States)

ASN13335 (CLOUDFLARENET, US)
44tdfa.com
1    2606:4700:3030::6815:4620 (None, )

ASN- ()
t.u1pmt.com
1    35.201.70.46 (None, )

ASN- ()
directdexchange.com
Apex Domain
Subdomains		 Transfer
3 histats.com
s10.histats.com — Cisco Umbrella Rank: 13679
s4.histats.com — Cisco Umbrella Rank: 13632
11 KB
3 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 920
34 KB
2 mildsag.online
mildsag.online
31 KB
1 directdexchange.com
directdexchange.com
1 u1pmt.com
t.u1pmt.com
507 B
1 44tdfa.com
44tdfa.com — Cisco Umbrella Rank: 783508
727 B
1 affforce.com
www.affforce.com
640 B
9 7
Domain Requested by
3 maxcdn.bootstrapcdn.com mildsag.online
2 s10.histats.com mildsag.online
s10.histats.com
2 mildsag.online mildsag.online
1 directdexchange.com
1 t.u1pmt.com 1 redirects
1 44tdfa.com 1 redirects
1 www.affforce.com 1 redirects
1 s4.histats.com s10.histats.com
9 8

This site contains no links.

Subject Issuer Validity Valid
histats.com
R3		 2023-06-06 -
2023-09-04		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-13 -
2024-05-11		 a year crt.sh
directdexchange.com
Sectigo RSA Domain Validation Secure Server CA		 2023-01-25 -
2024-01-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-6b9db39e7-617-5f0f018d2bdea5690c593f07
Frame ID: 4FDC29F2FC7BC5D80EF4127E5E80AFF4
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://mildsag.online/register.php?sub=RL9 Page URL
  2. https://www.affforce.com/scripts/un981c6l?a_aid=b9db39e7&a_bid=a6ae2671&chan=RL9 HTTP 301
    https://44tdfa.com/g?visitorid=70f937c989b8886a63c968eYvi9FD2Rn&refid=b9db39e7&bannerid=a6ae267... HTTP 302
    https://t.u1pmt.com/click?pid=6&offer_id=617&ref_id=70f937c989b8886a63c968eYvi9FD2Rn_b9db39e7_a6... HTTP 302
    https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-6b9db39e7-617-5f0f018d2bdea5690c593f07 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

9
Requests

33 %
HTTPS

75 %
IPv6

7
Domains

8
Subdomains

5
IPs

2
Countries

76 kB
Transfer

221 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mildsag.online/register.php?sub=RL9 Page URL
  2. https://www.affforce.com/scripts/un981c6l?a_aid=b9db39e7&a_bid=a6ae2671&chan=RL9 HTTP 301
    https://44tdfa.com/g?visitorid=70f937c989b8886a63c968eYvi9FD2Rn&refid=b9db39e7&bannerid=a6ae2671&extra_data1=&extra_data2= HTTP 302
    https://t.u1pmt.com/click?pid=6&offer_id=617&ref_id=70f937c989b8886a63c968eYvi9FD2Rn_b9db39e7_a6ae2671&sub1=b9db39e7&sub8= HTTP 302
    https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-6b9db39e7-617-5f0f018d2bdea5690c593f07 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
register.php
mildsag.online/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://mildsag.online/register.php?sub=RL9
Protocol
HTTP/1.1
Server
2a02:4780:1:549:0:f1c:1c85:d Asheville, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/7.4.33
Resource Hash
1bb51eadbab4459383cbbd6a7721ca3d31151d3fc8d6f53aed4c596122cafbf2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-encoding
gzip
content-length
848
content-type
text/html; charset=UTF-8
date
Thu, 20 Jul 2023 15:16:00 GMT
platform
hostinger
refresh
0; url=https://www.affforce.com/scripts/un981c6l?a_aid=b9db39e7&a_bid=a6ae2671&chan=RL9
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 		23 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Requested by
Host: mildsag.online
URL: http://mildsag.online/register.php?sub=RL9
Protocol
HTTP/1.1
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://mildsag.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date
Thu, 20 Jul 2023 15:16:00 GMT
Content-Encoding
gzip
x-content-type-options
nosniff
CF-Cache-Status
HIT
CDN-EdgeStorageId
632, 617, 617
Age
7376125
Transfer-Encoding
chunked
CDN-CachedAt
2021-06-08 21:08:57
CDN-PullZone
252412
cross-origin-resource-policy
cross-origin
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Last-Modified
Mon, 25 Jan 2021 22:04:54 GMT
Server
cloudflare
CDN-RequestPullCode
200
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
access-control-allow-origin
*
CDN-Cache
HIT
CDN-Uid
b1941f61-b576-4f40-80de-5677acb38f74
Cache-Control
public, max-age=31919000
CDN-RequestId
e6a55b08fe5091f45c9e99ce9e9f98c2
timing-allow-origin
*
CDN-RequestCountryCode
DE
CDN-Status
200
CF-RAY
7e9c29b05e73367f-FRA
CDN-RequestPullSuccess
True
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/ 		115 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css
Requested by
Host: mildsag.online
URL: http://mildsag.online/register.php?sub=RL9
Protocol
HTTP/1.1
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://mildsag.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date
Thu, 20 Jul 2023 15:16:00 GMT
Content-Encoding
gzip
x-content-type-options
nosniff
CF-Cache-Status
HIT
CDN-EdgeStorageId
632, 617, 617
Age
14645105
Transfer-Encoding
chunked
CDN-CachedAt
2021-06-08 17:56:49
CDN-PullZone
252412
cross-origin-resource-policy
cross-origin
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Last-Modified
Mon, 25 Jan 2021 22:03:58 GMT
Server
cloudflare
CDN-RequestPullCode
200
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
access-control-allow-origin
*
CDN-Cache
HIT
CDN-Uid
b1941f61-b576-4f40-80de-5677acb38f74
Cache-Control
public, max-age=31919000
CDN-RequestId
4bd704688cb08bed1c10c8f26826e421
timing-allow-origin
*
CDN-RequestCountryCode
DE
CDN-Status
200
CF-RAY
7e9c29b05e7e381b-FRA
CDN-RequestPullSuccess
True
bootstrap-theme.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/ 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap-theme.min.css
Requested by
Host: mildsag.online
URL: http://mildsag.online/register.php?sub=RL9
Protocol
HTTP/1.1
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2453e31f9c5e0dbee528d11f97a85edf897ed93406954ce8e475f0244abf249a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://mildsag.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date
Thu, 20 Jul 2023 15:16:00 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
CF-Cache-Status
HIT
CDN-EdgeStorageId
864
Age
12287481
Transfer-Encoding
chunked
CDN-CachedAt
02/23/2022 12:20:58
CDN-PullZone
252412
cross-origin-resource-policy
cross-origin
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Last-Modified
Mon, 25 Jan 2021 22:03:58 GMT
CDN-ProxyVer
1.02
CDN-RequestPullCode
200
Server
cloudflare
ETag
W/"89b29714ad4aaaa3953ef3b51cf9c43a"
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
CDN-Cache
HIT
CDN-Uid
b1941f61-b576-4f40-80de-5677acb38f74
Cache-Control
public, max-age=31919000
CDN-RequestId
d44e0f6cd983f05ee58da1527472a462
timing-allow-origin
*
CDN-RequestCountryCode
DE
CDN-Status
200
CF-RAY
7e9c29b05f91693f-FRA
CDN-RequestPullSuccess
True
load.gif
mildsag.online/include/images/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mildsag.online/include/images/load.gif
Requested by
Host: mildsag.online
URL: http://mildsag.online/register.php?sub=RL9
Protocol
HTTP/1.1
Server
2a02:4780:1:549:0:f1c:1c85:d Asheville, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
9eb442caf593ea96298bcb44a7fb79f24c414ceeece61aea0357e44008889602

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://mildsag.online/register.php?sub=RL9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 15:16:00 GMT
last-modified
Thu, 15 Dec 2022 21:09:53 GMT
server
LiteSpeed
etag
"7507-639b8d21-c684e715ad6b8016;;;"
content-type
image/gif
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
platform
hostinger
Keep-Alive
timeout=5, max=100
content-length
29959
expires
Thu, 27 Jul 2023 15:16:00 GMT
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s10.histats.com/js15_as.js
Requested by
Host: mildsag.online
URL: http://mildsag.online/register.php?sub=RL9
Protocol
HTTP/1.1
Server
2606:4700:10::6814:51d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://mildsag.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date
Thu, 20 Jul 2023 15:16:00 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Thu, 16 Apr 2020 10:44:16 GMT
Server
cloudflare
Age
85405
ETag
"-375139978"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=28800
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
7e9c29b098253a7a-FRA
Content-Length
4547
0.php
s4.histats.com/stats/ 		47 B
181 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4661513&@f16&@g1&@h1&@i1&@j1689866160757&@k0&@l1&@mRE-WIN-LED&@n0&@o1000&@q0&@r0&@s511&@ten-US&@u1600&@b1:-8693531&@b3:1689866161&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fmildsag.online%2Fregister.php%3Fsub%3DRL9&@w
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.156.32 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns562579.ip-54-39-156.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://mildsag.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date
Thu, 20 Jul 2023 15:16:01 GMT
Connection
close
Content-Length
47
Content-Type
text/html;charset=UTF-8
cc_511.js
s10.histats.com/counters/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/counters/cc_511.js
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:51d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
056c49d5e33c04e80cc64e849f28b2d64398c56a86650788fe73207fa4c6823c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://mildsag.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 15:16:00 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:45:32 GMT
server
cloudflare
age
83796
etag
"1364484781"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
7e9c29b0e9ffbbf2-FRA
content-length
6278
Primary Request next.php
directdexchange.com/jump/
Redirect Chain
  • https://www.affforce.com/scripts/un981c6l?a_aid=b9db39e7&a_bid=a6ae2671&chan=RL9
  • https://44tdfa.com/g?visitorid=70f937c989b8886a63c968eYvi9FD2Rn&refid=b9db39e7&bannerid=a6ae2671&extra_data1=&extra_data2=
  • https://t.u1pmt.com/click?pid=6&offer_id=617&ref_id=70f937c989b8886a63c968eYvi9FD2Rn_b9db39e7_a6ae2671&sub1=b9db39e7&sub8=
  • https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-6b9db39e7-617-5f0f018d2bdea5690c593f07
7 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-6b9db39e7-617-5f0f018d2bdea5690c593f07
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.70.46 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

Referer
http://mildsag.online/register.php?sub=RL9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 20 Jul 2023 15:16:05 GMT
server
openresty
via
1.1 google

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7e9c29cadaa037dd-FRA
content-length
0
date
Thu, 20 Jul 2023 15:16:05 GMT
location
https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-6b9db39e7-617-5f0f018d2bdea5690c593f07
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VEkK0En2Gvs68TKfHct2EkJjGopM%2FoCIaaYnTKzfKMlT2qiwhUnNyTllagWrhPoIZHDjkafAaTjnpu5OcDVGU1m2uZKA%2B3ceJPAIpFEHZyel1gQH5zdgmjOWAiJthbsQIxvomJVkcBOEjg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-adjust-use-original-forwarded-for
1

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Domain/Path Name / Value
mildsag.online/ Name: HstCfa4661513
Value: 1689866160757
mildsag.online/ Name: HstCla4661513
Value: 1689866160757
mildsag.online/ Name: HstCmu4661513
Value: 1689866160757
mildsag.online/ Name: HstPn4661513
Value: 1
mildsag.online/ Name: HstPt4661513
Value: 1
mildsag.online/ Name: HstCnv4661513
Value: 1
mildsag.online/ Name: HstCns4661513
Value: 1
www.affforce.com/ Name: PAPAffiliateId
Value: b9db39e7
www.affforce.com/ Name: PAPVisitorId
Value: 70f937c989b8886a63c968eYvi9FD2Rn
.affforce.com/ Name: __cf_bm
Value: wfyz9yVHAInx3kkcS189c9DYeNXYwFg1BMN.ILpqERo-1689866161-0-AUTNZMU4NWg3Qmtctfd8+NE2DUVQrGn+T63yRhSNzk3D3GILHKI/jaPperJSmzImyNrd7LHHF/9Xgj3bJIS4t9w=