www.dexchangeinc.com Open in urlscan Pro
35.201.117.228 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://click.trackacross.net/aff_c?offer_id=68674830&affiliate_id=5075&gaid=0dba5274-64d3-437c-8276-c9b4097a4b16&device_id=%7...
Effective URL:
https://www.dexchangeinc.com/jump/next.php?r=1965419&sub1=1540576
Submission: On May 13 via manual (May 13th 2018, 12:52:20 pm UTC) from JP

Summary HTTP 37 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 4 countries across 33 domains to perform 37 HTTP transactions. The main IP is 35.201.117.228, located in Ann Arbor, United States and belongs to GOOGLE - Google LLC, US. The main domain is www.dexchangeinc.com.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on March 8th 2018. Valid for: 2 years.

This is the only time www.dexchangeinc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.10.158.221 52.10.158.221	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	104.250.135.34 104.250.135.34	53850 (GORILLASE...) (GORILLASERVERS - GorillaServers)
1 3	62.212.87.142 62.212.87.142	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	54.72.206.38 54.72.206.38	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	109.206.164.148 109.206.164.148	50245 (SERVEREL-AS) (SERVEREL-AS)
3	172.217.18.173 172.217.18.173	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	172.217.18.174 172.217.18.174	15169 (GOOGLE) (GOOGLE - Google LLC)
2	35.201.117.228 35.201.117.228	15169 (GOOGLE) (GOOGLE - Google LLC)
37	6

1 52.10.158.221 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-10-158-221.us-west-2.compute.amazonaws.com

click.trackacross.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.250.135.34 (Los Angeles, United States) 1 redirects

ASN53850 (GORILLASERVERS - GorillaServers, Inc., US)
PTR: 104-250-135-34.static.gorillaservers.com

smart.lce9v.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 62.212.87.142 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

overtraff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.206.38 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-72-206-38.eu-west-1.compute.amazonaws.com

traffic.tc-clicks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 109.206.164.148 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.164.148.serverel.net

xebadu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.173 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s29-in-f13.1e100.net

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.174 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s29-in-f14.1e100.net

plus.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.117.228 (Ann Arbor, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 228.117.201.35.bc.googleusercontent.com

www.dexchangeinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	google.com 1 redirects accounts.google.com plus.google.com	34 KB
3	overtraff.com 1 redirects overtraff.com	21 KB
2	dexchangeinc.com www.dexchangeinc.com	2 KB
2	xebadu.com xebadu.com	4 KB
1	tc-clicks.com traffic.tc-clicks.com	1 KB
1	lce9v.com 1 redirects smart.lce9v.com	255 B
1	trackacross.net 1 redirects click.trackacross.net	296 B
0	vk.com Failed vk.com Failed
0	indeed.com Failed secure.indeed.com Failed
0	bitbucket.org Failed bitbucket.org Failed
0	meetup.com Failed secure.meetup.com Failed
0	disqus.com Failed disqus.com Failed
0	airbnb.com Failed www.airbnb.com Failed
0	500px.com Failed 500px.com Failed
0	paypal.com Failed www.paypal.com Failed
0	khanacademy.org Failed www.khanacademy.org Failed
0	slack.com Failed slack.com Failed
0	edx.org Failed courses.edx.org Failed
0	carbonmade.com Failed carbonmade.com Failed
0	medium.com Failed medium.com Failed
0	github.com Failed github.com Failed
0	steampowered.com Failed store.steampowered.com Failed
0	battle.net Failed eu.battle.net Failed
0	foursquare.com Failed de.foursquare.com Failed
0	pinterest.com Failed www.pinterest.com Failed
0	dropbox.com Failed www.dropbox.com Failed
0	expedia.de Failed www.expedia.de Failed
0	tumblr.com Failed www.tumblr.com Failed
0	reddit.com Failed www.reddit.com Failed
0	live.com Failed login.live.com Failed
0	facebook.com Failed www.facebook.com Failed
0	twitter.com Failed twitter.com Failed
0	squareup.com Failed squareup.com Failed
37	33

	Domain	Requested by
3	accounts.google.com	xebadu.com
3	overtraff.com	1 redirects overtraff.com
2	www.dexchangeinc.com	xebadu.com www.dexchangeinc.com
2	xebadu.com	xebadu.com
1	plus.google.com	1 redirects
1	traffic.tc-clicks.com	overtraff.com
1	smart.lce9v.com	1 redirects
1	click.trackacross.net	1 redirects
0	vk.com Failed	xebadu.com
0	secure.indeed.com Failed	xebadu.com
0	bitbucket.org Failed	xebadu.com
0	secure.meetup.com Failed	xebadu.com
0	disqus.com Failed	xebadu.com
0	www.airbnb.com Failed	xebadu.com
0	500px.com Failed	xebadu.com
0	www.paypal.com Failed	xebadu.com
0	www.khanacademy.org Failed	xebadu.com
0	slack.com Failed	xebadu.com
0	courses.edx.org Failed	xebadu.com
0	carbonmade.com Failed	xebadu.com
0	medium.com Failed	xebadu.com
0	github.com Failed	xebadu.com
0	store.steampowered.com Failed	xebadu.com
0	eu.battle.net Failed	xebadu.com
0	de.foursquare.com Failed	xebadu.com
0	www.pinterest.com Failed	xebadu.com
0	www.dropbox.com Failed	xebadu.com
0	www.expedia.de Failed	xebadu.com
0	www.tumblr.com Failed	xebadu.com
0	www.reddit.com Failed	xebadu.com
0	login.live.com Failed	xebadu.com
0	www.facebook.com Failed	xebadu.com
0	twitter.com Failed	xebadu.com
0	squareup.com Failed	xebadu.com
37	34

This site contains no links.

Subject Issuer	Validity	Valid
xebadu.com Let's Encrypt Authority X3	`2018-03-29` - `2018-06-27`	3 months	crt.sh
dexchangeinc.com COMODO RSA Domain Validation Secure Server CA	`2018-03-08` - `2020-03-07`	2 years	crt.sh

This page contains 1 frames:

Frame: https://www.dexchangeinc.com/jump/next.php?stamat=m%7C%2CwoiM2Y3FqB1dAN0dEdHP3xP.b9c%2CG9N1UJs9nilzeaiSmMD09VlqrrfOsFdB1pioQ3Ft_1hJaBXh5bLVt1cxIpljrn3l2CVl5-EZ_vUDARJPm_7_Yrmh2Hv8JB82MmSfPVmOoFg%2C&cbrandom=0.6615858518931379&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=https%3A%2F%2Fxebadu.com%2Fafu.php%3Fzoneid%3D1433141%26var%3D1540576
Frame ID: ED24584F75B417B32E7964520F38AC04
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://click.trackacross.net/aff_c?offer_id=68674830&affiliate_id=5075&gaid=0dba5274-64d3-437c-8276-c9b40... HTTP 302
http://smart.lce9v.com/redirect?s=2636&at=4&rt=api&s1=9a45ca7f-4e00-440d-827a-73f0e80ae36f-15262159... HTTP 302
http://overtraff.com/d/46801059bf4cd8312d4?sub=f9ac200b-fa75-4066-99e5-7811f0e7c807&source=1167 Page URL
http://overtraff.com/d/46801059bf4cd8312d4?sub=f9ac200b-fa75-4066-99e5-7811f0e7c807&source=1167&c... HTTP 302
http://overtraff.com/gw?sub=f9ac200b-fa75-4066-99e5-7811f0e7c807&source=1167&url=http%3A%2F%2Ftra... Page URL
http://traffic.tc-clicks.com/?p=2827&media_type=mainstream&click_id=bmconv_20180513145209_4ae0f74d_d7f3_4... Page URL
https://xebadu.com/afu.php?zoneid=1540576&ymid=dd8xty0qoo0k4ccocsckkko00,12629615,5,2827&pid=12... Page URL
https://xebadu.com/?zoneid=1540576&r=%2Fmb%2Fhan%2Fdl&nojs=0&x=1600&y=1200&t=0&ix=0&fs=0&timeou... Page URL
https://www.dexchangeinc.com/jump/next.php?r=1965419&sub1=1540576 Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

37
Requests

11 %
HTTPS

0 %
IPv6

33
Domains

34
Subdomains

6
IPs

4
Countries

60 kB
Transfer

68 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://click.trackacross.net/aff_c?offer_id=68674830&affiliate_id=5075&gaid=0dba5274-64d3-437c-8276-c9b4097a4b16&device_id=%7Bandid%7D&aff_sub2=91267_8300_20180425092518_5_131_102523_20165903_124.35.82.126_sub%3D025717C23527E1524648318775593&aff_sub5=8300_5_131_102523_20165903&referer= HTTP 302
http://smart.lce9v.com/redirect?s=2636&at=4&rt=api&s1=9a45ca7f-4e00-440d-827a-73f0e80ae36f-1526215929056 HTTP 302
http://overtraff.com/d/46801059bf4cd8312d4?sub=f9ac200b-fa75-4066-99e5-7811f0e7c807&source=1167 Page URL
http://overtraff.com/d/46801059bf4cd8312d4?sub=f9ac200b-fa75-4066-99e5-7811f0e7c807&source=1167&code=42wXPrtcpUJPK2SvZQncoZW2WT96yb9he1nAG3NAKz9HGUbZWzgfdy26yDbAdRxUAcuRxCCmcUQGrnRUcvwCQxgWKz1KqjrGVM4npqgzfv7gnw9UyT7Li3Siq67gFVRKuWsXkLyqedeCphjx2aiWR5YArXnezR9YLxm2BHYyJktrnd1iEhUeaPeYBJ8fxFQst9w1xCYxxZki9mzDN9y76cNrLT2DUuXZAspDMiPRyhubv4dWCaaQrTcADtwpNLJU25oiSTnRpNG34etFHx6i7f3m1BKNn5SoJQ3mTgxVdeVuNPJYdaWGLnQtMN6KAxxR9C2mUL845xwpe53YdS4tTW4mRuBQGXLZwtqGtMH2wapxbmPMsJYgosfLwUU6zZCtLjPhPUFYm89sScK2ibnowY9vbpaMjqbfBvJzNTHn9Rybq5KufndD6BBwPEjgDj26Jmehpg71XyhLc6bLmkGdJjKthF2YBcJPSfe1F55S3sRASi2YwXs4krciHdr1SLYuzkarzsSYgq1z1HckmxC4w6kgqf6vqnLbaWYJ96V9yvnJ59N6YN1swVzfUPj5pmEdaSV6UdCVTnQGTEtSCUX9ZemkLUC9jFq2huDw8tm6kbum3SK9B2vKkM7FSuSUuNpJ2SVbVTeG9ThaJ68stzZKqgsMuBdGsuXNiVMztELTHt6brCCq6QY16dXmveBMMS3hyAKxJP15kDDLb8xBM5oEWQMeJjzBhQupnWYKH7teb9UC1TqHYo8rMnAHWn9BwHbcA6EqAiveuGhuV6GANjVZATizvXtg7Mn4rVAiJYrjR5h8yfWL7CDzBQhAah3BfP617re7YE16w6yRiD1CeikbSZBAjJ4BsoJwudg8UnKM962BnxkCpjbxEXhZA7C3M3G HTTP 302
http://overtraff.com/gw?sub=f9ac200b-fa75-4066-99e5-7811f0e7c807&source=1167&url=http%3A%2F%2Ftraffic.tc-clicks.com%2F%3Fp%3D2827%26media_type%3Dmainstream%26click_id%3Dbmconv_20180513145209_4ae0f74d_d7f3_49ef_abcb_11b67fb876ea%26sub_id%3D50835_1167&vId=bmconv_20180513145209_4ae0f74d_d7f3_49ef_abcb_11b67fb876ea&hash=46801059bf4cd8312d4&ete=true Page URL
http://traffic.tc-clicks.com/?p=2827&media_type=mainstream&click_id=bmconv_20180513145209_4ae0f74d_d7f3_49ef_abcb_11b67fb876ea&sub_id=50835_1167 Page URL
https://xebadu.com/afu.php?zoneid=1540576&ymid=dd8xty0qoo0k4ccocsckkko00,12629615,5,2827&pid=121&var=2827&ctrack=1526215929.871118292 Page URL
https://xebadu.com/?zoneid=1540576&r=%2Fmb%2Fhan%2Fdl&nojs=0&x=1600&y=1200&t=0&ix=0&fs=0&timeout=0&var=2827&ymid=dd8xty0qoo0k4ccocsckkko00%2C12629615%2C5%2C2827&pb=f7e8c1cab672297160d9ca8d1bc393661526223130&pid=121&sp= Page URL
https://www.dexchangeinc.com/jump/next.php?r=1965419&sub1=1540576 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://click.trackacross.net/aff_c?offer_id=68674830&affiliate_id=5075&gaid=0dba5274-64d3-437c-8276-c9b4097a4b16&device_id=%7Bandid%7D&aff_sub2=91267_8300_20180425092518_5_131_102523_20165903_124.35.82.126_sub%3D025717C23527E1524648318775593&aff_sub5=8300_5_131_102523_20165903&referer= HTTP 302
http://smart.lce9v.com/redirect?s=2636&at=4&rt=api&s1=9a45ca7f-4e00-440d-827a-73f0e80ae36f-1526215929056 HTTP 302
http://overtraff.com/d/46801059bf4cd8312d4?sub=f9ac200b-fa75-4066-99e5-7811f0e7c807&source=1167

Request Chain 1

http://overtraff.com/d/46801059bf4cd8312d4?sub=f9ac200b-fa75-4066-99e5-7811f0e7c807&source=1167&code=42wXPrtcpUJPK2SvZQncoZW2WT96yb9he1nAG3NAKz9HGUbZWzgfdy26yDbAdRxUAcuRxCCmcUQGrnRUcvwCQxgWKz1KqjrGVM4npqgzfv7gnw9UyT7Li3Siq67gFVRKuWsXkLyqedeCphjx2aiWR5YArXnezR9YLxm2BHYyJktrnd1iEhUeaPeYBJ8fxFQst9w1xCYxxZki9mzDN9y76cNrLT2DUuXZAspDMiPRyhubv4dWCaaQrTcADtwpNLJU25oiSTnRpNG34etFHx6i7f3m1BKNn5SoJQ3mTgxVdeVuNPJYdaWGLnQtMN6KAxxR9C2mUL845xwpe53YdS4tTW4mRuBQGXLZwtqGtMH2wapxbmPMsJYgosfLwUU6zZCtLjPhPUFYm89sScK2ibnowY9vbpaMjqbfBvJzNTHn9Rybq5KufndD6BBwPEjgDj26Jmehpg71XyhLc6bLmkGdJjKthF2YBcJPSfe1F55S3sRASi2YwXs4krciHdr1SLYuzkarzsSYgq1z1HckmxC4w6kgqf6vqnLbaWYJ96V9yvnJ59N6YN1swVzfUPj5pmEdaSV6UdCVTnQGTEtSCUX9ZemkLUC9jFq2huDw8tm6kbum3SK9B2vKkM7FSuSUuNpJ2SVbVTeG9ThaJ68stzZKqgsMuBdGsuXNiVMztELTHt6brCCq6QY16dXmveBMMS3hyAKxJP15kDDLb8xBM5oEWQMeJjzBhQupnWYKH7teb9UC1TqHYo8rMnAHWn9BwHbcA6EqAiveuGhuV6GANjVZATizvXtg7Mn4rVAiJYrjR5h8yfWL7CDzBQhAah3BfP617re7YE16w6yRiD1CeikbSZBAjJ4BsoJwudg8UnKM962BnxkCpjbxEXhZA7C3M3G HTTP 302
http://overtraff.com/gw?sub=f9ac200b-fa75-4066-99e5-7811f0e7c807&source=1167&url=http%3A%2F%2Ftraffic.tc-clicks.com%2F%3Fp%3D2827%26media_type%3Dmainstream%26click_id%3Dbmconv_20180513145209_4ae0f74d_d7f3_49ef_abcb_11b67fb876ea%26sub_id%3D50835_1167&vId=bmconv_20180513145209_4ae0f74d_d7f3_49ef_abcb_11b67fb876ea&hash=46801059bf4cd8312d4&ete=true

Request Chain 6

https://www.facebook.com/login.php?next=https://www.facebook.com/favicon.ico?_rdr=p HTTP 302
https://www.facebook.com/w/

Request Chain 9

https://plus.google.com/up/accounts/upgrade/?continue=https://plus.google.com/favicon.ico HTTP 302
https://accounts.google.com/ServiceLogin?passive=1209600&osid=1&continue=https://plus.google.com/up/accounts/upgrade/?continue%3Dhttps://plus.google.com/favicon.ico&followup=https://plus.google.com/up/accounts/upgrade/?continue%3Dhttps://plus.google.com/favicon.ico

Request Chain 10

https://login.skype.com/login?message=signin_continue&redirect_uri=https://secure.skype.com/favicon.ico HTTP 302
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1526215930&rver=7.0.6730.0&wp=MBI_SSL&wreply=https%3A%2F%2Flw.skype.com%2Flogin%2Foauth%2Fproxy%3Fredirect_uri%3Dhttps%253A%252F%252Fsecure.skype.com%252Ffavicon.ico%26site_name%3Dlw.skype.com&lc=1033&id=293290&mkt=en&psi=skype&lw=1&cobrandid=90010&client_flight=hsu%2CReservedFlight33%2CReservedFlight67

37 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

46801059bf4cd8312d4 Show response
overtraff.com/d/
Redirect Chain

http://click.trackacross.net/aff_c?offer_id=68674830&affiliate_id=5075&gaid=0dba5274-64d3-437c-8276-c9b4097a4b16&device_id=%7Bandid%7D&aff_sub2=91267_8300_20180425092518_5_131_102523_20165903_124.3...
http://smart.lce9v.com/redirect?s=2636&at=4&rt=api&s1=9a45ca7f-4e00-440d-827a-73f0e80ae36f-1526215929056
http://overtraff.com/d/46801059bf4cd8312d4?sub=f9ac200b-fa75-4066-99e5-7811f0e7c807&source=1167

50 KB
19 KB

243ms
16ms

Document
text/html

62.212.87.142
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://overtraff.com/d/46801059bf4cd8312d4?sub=f9ac200b-fa75-4066-99e5-7811f0e7c807&source=1167
Protocol: HTTP/1.1
Server: 62.212.87.142 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: acec64fc1a21273df97124257112c54fb557e35b198196e28a1f9ebcade6e5a8

Request headers

Host: overtraff.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: ED24584F75B417B32E7964520F38AC04

Response headers

Server: nginx
Date: Sun, 13 May 2018 12:52:09 GMT
Content-Type: text/html
Last-Modified: Wed, 09 May 2018 13:38:14 GMT
Transfer-Encoding: chunked
ETag: W/"5af2f9c6-c914"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

Redirect headers

Server: nginx/1.8.0
Date: Sun, 13 May 2018 12:52:09 GMT
Content-Length: 0
Connection: keep-alive
Cache-control: no-cache
location: http://overtraff.com/d/46801059bf4cd8312d4?sub=f9ac200b-fa75-4066-99e5-7811f0e7c807&source=1167

GET
H/1.1

200
OK

gw Show response
overtraff.com/
Redirect Chain

http://overtraff.com/d/46801059bf4cd8312d4?sub=f9ac200b-fa75-4066-99e5-7811f0e7c807&source=1167&code=42wXPrtcpUJPK2SvZQncoZW2WT96yb9he1nAG3NAKz9HGUbZWzgfdy26yDbAdRxUAcuRxCCmcUQGrnRUcvwCQxgWKz1KqjrG...
http://overtraff.com/gw?sub=f9ac200b-fa75-4066-99e5-7811f0e7c807&source=1167&url=http%3A%2F%2Ftraffic.tc-clicks.com%2F%3Fp%3D2827%26media_type%3Dmainstream%26click_id%3Dbmconv_20180513145209_4ae0f7...

2 KB
1 KB

13ms
13ms

Document
text/html

62.212.87.142
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://overtraff.com/gw?sub=f9ac200b-fa75-4066-99e5-7811f0e7c807&source=1167&url=http%3A%2F%2Ftraffic.tc-clicks.com%2F%3Fp%3D2827%26media_type%3Dmainstream%26click_id%3Dbmconv_20180513145209_4ae0f74d_d7f3_49ef_abcb_11b67fb876ea%26sub_id%3D50835_1167&vId=bmconv_20180513145209_4ae0f74d_d7f3_49ef_abcb_11b67fb876ea&hash=46801059bf4cd8312d4&ete=true
Requested by: Host: overtraff.com
URL: http://overtraff.com/d/46801059bf4cd8312d4?sub=f9ac200b-fa75-4066-99e5-7811f0e7c807&source=1167
Protocol: HTTP/1.1
Server: 62.212.87.142 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8a9acfd06df7aa4e0d9d29df29573d43ed7044c5d18bc000881e7a9308016052

Request headers

Host: overtraff.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://overtraff.com/d/46801059bf4cd8312d4?sub=f9ac200b-fa75-4066-99e5-7811f0e7c807&source=1167
Accept-Encoding: gzip, deflate
Cookie: BSESSID=trk0270ac09-eeef-46c2-84ee-a76f06ce0330
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: ED24584F75B417B32E7964520F38AC04
Referer: http://overtraff.com/d/46801059bf4cd8312d4?sub=f9ac200b-fa75-4066-99e5-7811f0e7c807&source=1167

Response headers

Server: nginx
Date: Sun, 13 May 2018 12:52:09 GMT
Content-Type: text/html
Last-Modified: Mon, 15 Jan 2018 18:02:04 GMT
Transfer-Encoding: chunked
ETag: W/"5a5cec9c-606"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

Redirect headers

Server: nginx
Date: Sun, 13 May 2018 12:52:09 GMT
Transfer-Encoding: chunked
Location: http://overtraff.com/gw?sub=f9ac200b-fa75-4066-99e5-7811f0e7c807&source=1167&url=http%3A%2F%2Ftraffic.tc-clicks.com%2F%3Fp%3D2827%26media_type%3Dmainstream%26click_id%3Dbmconv_20180513145209_4ae0f74d_d7f3_49ef_abcb_11b67fb876ea%26sub_id%3D50835_1167&vId=bmconv_20180513145209_4ae0f74d_d7f3_49ef_abcb_11b67fb876ea&hash=46801059bf4cd8312d4&ete=true
Cache-Control: private, max-age=0, no-cache, no-store, must-revalidate
Pragma: no-cache
Set-Cookie: BSESSID=trk0270ac09-eeef-46c2-84ee-a76f06ce0330; Max-Age=63072000; Expires=Tue, 12 May 2020 12:52:09 GMT; Path=/

GET
H/1.1 200
OK Cookie set / Show response
traffic.tc-clicks.com/ 950 B
1 KB 70ms
42ms Document
text/html 54.72.206.38
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://traffic.tc-clicks.com/?p=2827&media_type=mainstream&click_id=bmconv_20180513145209_4ae0f74d_d7f3_49ef_abcb_11b67fb876ea&sub_id=50835_1167
Requested by: Host: overtraff.com
URL: http://overtraff.com/l/46801059bf4cd8312d4?sub=f9ac200b-fa75-4066-99e5-7811f0e7c807&source=1167&url=http%3A%2F%2Ftraffic.tc-clicks.com%2F%3Fp%3D2827%26media_type%3Dmainstream%26click_id%3Dbmconv_20180513145209_4ae0f74d_d7f3_49ef_abcb_11b67fb876ea%26sub_id%3D50835_1167&vId=bmconv_20180513145209_4ae0f74d_d7f3_49ef_abcb_11b67fb876ea&hash=46801059bf4cd8312d4&ete=true
Protocol: HTTP/1.1
Server: 54.72.206.38 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-72-206-38.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cc907e072925983ae1796a45b0f47d846f48a2f22ea0a981a43d0322ccd406fc

Request headers

Host: traffic.tc-clicks.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://overtraff.com/l/46801059bf4cd8312d4?sub=f9ac200b-fa75-4066-99e5-7811f0e7c807&source=1167&url=http%3A%2F%2Ftraffic.tc-clicks.com%2F%3Fp%3D2827%26media_type%3Dmainstream%26click_id%3Dbmconv_20180513145209_4ae0f74d_d7f3_49ef_abcb_11b67fb876ea%26sub_id%3D50835_1167&vId=bmconv_20180513145209_4ae0f74d_d7f3_49ef_abcb_11b67fb876ea&hash=46801059bf4cd8312d4&ete=true
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: ED24584F75B417B32E7964520F38AC04
Referer: http://overtraff.com/l/46801059bf4cd8312d4?sub=f9ac200b-fa75-4066-99e5-7811f0e7c807&source=1167&url=http%3A%2F%2Ftraffic.tc-clicks.com%2F%3Fp%3D2827%26media_type%3Dmainstream%26click_id%3Dbmconv_20180513145209_4ae0f74d_d7f3_49ef_abcb_11b67fb876ea%26sub_id%3D50835_1167&vId=bmconv_20180513145209_4ae0f74d_d7f3_49ef_abcb_11b67fb876ea&hash=46801059bf4cd8312d4&ete=true

Response headers

Cache-Control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 13 May 2018 12:52:09 GMT
Expires: Sun, 13 May 2018 12:52:09 GMT
Last-Modified: Sun, 13 May 2018 12:52:09 GMT
Pragma: no-cache
Server: nginx
Set-Cookie: traffic-back=ok; expires=Sun, 13-May-2018 12:52:39 GMT; Max-Age=30; path=/; domain=traffic.tc-clicks.com traffic-visited-offers=28069%7C1526215929%7C28069%7Cunspecified; expires=Mon, 14-May-2018 12:52:09 GMT; Max-Age=86400; path=/; domain=traffic.tc-clicks.com rts-trck=1; expires=Sun, 13-May-2018 13:02:09 GMT; Max-Age=600; path=/; domain=traffic.tc-clicks.com
Vary: Accept-Encoding
X-Robots-Tag: noindex, nofollow
Content-Length: 490
Connection: keep-alive

GET
H/1.1 200
OK afu.php Show response
xebadu.com/ 9 KB
3 KB 70ms
14ms Document
text/html 109.206.164.148
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://xebadu.com/afu.php?zoneid=1540576&ymid=dd8xty0qoo0k4ccocsckkko00,12629615,5,2827&pid=121&var=2827&ctrack=1526215929.871118292

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

109.206.164.148 , Netherlands, ASN50245 (SERVEREL-AS, NL),

Reverse DNS

109.206.164.148.serverel.net

Software

nginx /

Resource Hash

b2074f0cc266fa72ae2b565c6fd9021038f07c416a5296ab8709b5ada4404fcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Host: xebadu.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://traffic.tc-clicks.com/?p=2827&media_type=mainstream&click_id=bmconv_20180513145209_4ae0f74d_d7f3_49ef_abcb_11b67fb876ea&sub_id=50835_1167
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: ED24584F75B417B32E7964520F38AC04
Referer: http://traffic.tc-clicks.com/?p=2827&media_type=mainstream&click_id=bmconv_20180513145209_4ae0f74d_d7f3_49ef_abcb_11b67fb876ea&sub_id=50835_1167

Response headers

Server: nginx
Date: Sun, 13 May 2018 12:52:10 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

GET login
squareup.com/ 0
0

GET login
twitter.com/ 0
0

GET

/
www.facebook.com/w/
Redirect Chain

https://www.facebook.com/login.php?next=https://www.facebook.com/favicon.ico?_rdr=p
https://www.facebook.com/w/

0
0

GET
S 200 ServiceLogin
accounts.google.com/ 0
5 KB 52ms
49ms Image
text/html 172.217.18.173
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.google.com/favicon.ico&uilel=3&hl=en&service=mail
Requested by: Host: xebadu.com
URL: https://xebadu.com/afu.php?zoneid=1433141&var=1540576
Protocol: SPDY
Server: 172.217.18.173 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: fra15s29-in-f13.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://xebadu.com/afu.php?zoneid=1433141&var=1540576
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/html; charset=UTF-8

GET
S 200 ServiceLogin
accounts.google.com/ 0
6 KB 41ms
38ms Image
text/html 172.217.18.173
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.youtube.com/favicon.ico&uilel=3&hl=en&service=youtube
Requested by: Host: xebadu.com
URL: https://xebadu.com/afu.php?zoneid=1433141&var=1540576
Protocol: SPDY
Server: 172.217.18.173 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: fra15s29-in-f13.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://xebadu.com/afu.php?zoneid=1433141&var=1540576
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/html; charset=UTF-8

GET
S

200

ServiceLogin
accounts.google.com/
Redirect Chain

https://plus.google.com/up/accounts/upgrade/?continue=https://plus.google.com/favicon.ico
https://accounts.google.com/ServiceLogin?passive=1209600&osid=1&continue=https://plus.google.com/up/accounts/upgrade/?continue%3Dhttps://plus.google.com/favicon.ico&followup=https://plus.google.com...

0
21 KB

48ms
48ms

Image
text/html

172.217.18.173
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/ServiceLogin?passive=1209600&osid=1&continue=https://plus.google.com/up/accounts/upgrade/?continue%3Dhttps://plus.google.com/favicon.ico&followup=https://plus.google.com/up/accounts/upgrade/?continue%3Dhttps://plus.google.com/favicon.ico
Requested by: Host: xebadu.com
URL: https://xebadu.com/afu.php?zoneid=1433141&var=1540576
Protocol: SPDY
Server: 172.217.18.173 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: fra15s29-in-f13.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://xebadu.com/afu.php?zoneid=1433141&var=1540576
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/html; charset=UTF-8

Redirect headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: ESF
status: 302
date: Sun, 13 May 2018 12:52:10 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
location: https://accounts.google.com/ServiceLogin?passive=1209600&osid=1&continue=https://plus.google.com/up/accounts/upgrade/?continue%3Dhttps://plus.google.com/favicon.ico&followup=https://plus.google.com/up/accounts/upgrade/?continue%3Dhttps://plus.google.com/favicon.ico
content-security-policy: script-src 'report-sample' 'nonce-S+RLZuMB2oEVRoBuKsJYnAQ548w' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri /_/PlusAppUi/cspreport, script-src 'nonce-S+RLZuMB2oEVRoBuKsJYnAQ548w' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.googleapis.com/appsmarket/v2/installedApps/ https://s.ytimg.com https://www.googleapis.com https://support.google.com https://youtube.com https://youtube.googleapis.com;report-uri /_/PlusAppUi/cspreport
content-type: application/binary
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 0
x-xss-protection: 1; mode=block

GET

https://login.skype.com/login?message=signin_continue&redirect_uri=https://secure.skype.com/favicon.ico
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1526215930&rver=7.0.6730.0&wp=MBI_SSL&wreply=https%3A%2F%2Flw.skype.com%2Flogin%2Foauth%2Fproxy%3Fredirect_uri%3Dhttps%253A%252F%252Fsecur...

0
0

GET login
www.reddit.com/ 0
0

GET login
www.tumblr.com/ 0
0

GET login
www.expedia.de/user/ 0
0

GET login
www.dropbox.com/ 0
0

GET /
www.pinterest.com/login/ 0
0

GET login
de.foursquare.com/ 0
0

GET index
eu.battle.net/login/de/ 0
0

GET /
store.steampowered.com/login/ 0
0

GET ServiceLogin
accounts.google.com/ 0
0

GET login
github.com/ 0
0

GET signin
medium.com/m/ 0
0

GET signin
carbonmade.com/ 0
0

GET login
courses.edx.org/ 0
0

GET checkcookie
slack.com/ 0
0

GET login
www.khanacademy.org/ 0
0

GET signin
www.paypal.com/ 0
0

GET login
500px.com/ 0
0

GET login
www.airbnb.com/ 0
0

GET /
disqus.com/profile/login/ 0
0

GET /
secure.meetup.com/login/ 0
0

GET /
bitbucket.org/account/signin/ 0
0

GET login
secure.indeed.com/account/ 0
0

GET login
vk.com/ 0
0

GET
H/1.1 200
OK Cookie set / Show response
xebadu.com/ 709 B
1 KB 13ms
13ms Document
text/html 109.206.164.148
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://xebadu.com/?zoneid=1540576&r=%2Fmb%2Fhan%2Fdl&nojs=0&x=1600&y=1200&t=0&ix=0&fs=0&timeout=0&var=2827&ymid=dd8xty0qoo0k4ccocsckkko00%2C12629615%2C5%2C2827&pb=f7e8c1cab672297160d9ca8d1bc393661526223130&pid=121&sp=

Requested by

Host: xebadu.com
URL: https://xebadu.com/afu.php?zoneid=1433141&var=1540576

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

109.206.164.148 , Netherlands, ASN50245 (SERVEREL-AS, NL),

Reverse DNS

109.206.164.148.serverel.net

Software

nginx /

Resource Hash

454d07ad2bb070963b47fddd1f718821d909921f1f718554d14e714bf3f9456c

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Host: xebadu.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://xebadu.com/afu.php?zoneid=1433141&var=1540576
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: ED24584F75B417B32E7964520F38AC04
Referer: https://xebadu.com/afu.php?zoneid=1433141&var=1540576

Response headers

Server: nginx
Date: Sun, 13 May 2018 12:52:10 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: OACCAP=ABDGMAAAAAAAAAAB; Path=/; Expires=Tue, 12 Jun 2018 12:52:10 GMT OACBLOCK=ABDGMAAAAABa%2BDT6; Path=/; Expires=Tue, 12 Jun 2018 12:52:10 GMT OXCCLK=ABDGMAAAAAAAAAAB; Path=/; Expires=Mon, 14 May 2018 12:52:10 GMT OXPCLK=AAD4BgAAAAAAAAAB; Path=/; Expires=Mon, 14 May 2018 12:52:10 GMT ppucnt=0; Path=/; Expires=Mon, 14 May 2018 12:52:10 GMT ppucnt=1; Path=/; Expires=Mon, 14 May 2018 12:52:10 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

GET
H2 200 Primary Request next.php Show response
www.dexchangeinc.com/jump/ 5 KB
2 KB 145ms
130ms Document
text/html 35.201.117.228
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dexchangeinc.com/jump/next.php?r=1965419&sub1=1540576
Requested by: Host: xebadu.com
URL: https://xebadu.com/afu.php?zoneid=1433141&var=1540576
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.201.117.228 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 228.117.201.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 0ef5cc2e1cb66a78ac9d2d098696f3d9294fe1714003c44484725c49d1da1192

Request headers

:method: GET
:authority: www.dexchangeinc.com
:scheme: https
:path: /jump/next.php?r=1965419&sub1=1540576
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://xebadu.com/afu.php?zoneid=1433141&var=1540576
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: ED24584F75B417B32E7964520F38AC04
Referer: https://xebadu.com/afu.php?zoneid=1433141&var=1540576

Response headers

status: 200
server: openresty
date: Sun, 13 May 2018 12:52:10 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
referrer-policy: no-referrer
link: <//www.dexchangeinc.com>; rel=dns-prefetch,<//www.dexchangeinc.com>; rel=preconnect
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 204 next.php
www.dexchangeinc.com/jump/ 0
0 129ms
129ms Document
text/plain 35.201.117.228
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dexchangeinc.com/jump/next.php?stamat=m%7C%2CwoiM2Y3FqB1dAN0dEdHP3xP.b9c%2CG9N1UJs9nilzeaiSmMD09VlqrrfOsFdB1pioQ3Ft_1hJaBXh5bLVt1cxIpljrn3l2CVl5-EZ_vUDARJPm_7_Yrmh2Hv8JB82MmSfPVmOoFg%2C&cbrandom=0.6615858518931379&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=https%3A%2F%2Fxebadu.com%2Fafu.php%3Fzoneid%3D1433141%26var%3D1540576
Requested by: Host: www.dexchangeinc.com
URL: https://www.dexchangeinc.com/jump/next.php?r=1965419&sub1=1540576
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.201.117.228 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 228.117.201.35.bc.googleusercontent.com
Software: openresty /
Resource Hash

Request headers

:method: GET
:authority: www.dexchangeinc.com
:scheme: https
:path: /jump/next.php?stamat=m%7C%2CwoiM2Y3FqB1dAN0dEdHP3xP.b9c%2CG9N1UJs9nilzeaiSmMD09VlqrrfOsFdB1pioQ3Ft_1hJaBXh5bLVt1cxIpljrn3l2CVl5-EZ_vUDARJPm_7_Yrmh2Hv8JB82MmSfPVmOoFg%2C&cbrandom=0.6615858518931379&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=https%3A%2F%2Fxebadu.com%2Fafu.php%3Fzoneid%3D1433141%26var%3D1540576
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: ED24584F75B417B32E7964520F38AC04

Response headers

status: 204
server: openresty
date: Sun, 13 May 2018 12:52:10 GMT
referrer-policy: no-referrer
vary: Accept-Encoding
via: 1.1 google
alt-svc: clear

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: squareup.com
URL: https://squareup.com/login?return_to=/favicon.ico

Domain: twitter.com
URL: https://twitter.com/login?redirect_after_login=/favicon.ico

Domain: www.facebook.com
URL: https://www.facebook.com/w/

Domain: login.live.com
URL: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1526215930&rver=7.0.6730.0&wp=MBI_SSL&wreply=https%3A%2F%2Flw.skype.com%2Flogin%2Foauth%2Fproxy%3Fredirect_uri%3Dhttps%253A%252F%252Fsecure.skype.com%252Ffavicon.ico%26site_name%3Dlw.skype.com&lc=1033&id=293290&mkt=en&psi=skype&lw=1&cobrandid=90010&client_flight=hsu%2CReservedFlight33%2CReservedFlight67

Domain: www.reddit.com
URL: https://www.reddit.com/login?dest=https://www.reddit.com/favicon.ico

Domain: www.tumblr.com
URL: https://www.tumblr.com/login?redirect_to=/favicon.ico

Domain: www.expedia.de
URL: https://www.expedia.de/user/login?ckoflag=0&selc=0&uurl=qscr=reds&rurl=%2Ffavicon.ico

Domain: www.dropbox.com
URL: https://www.dropbox.com/login?cont=https://www.dropbox.com/static/images/favicon.ico

Domain: www.pinterest.com
URL: https://www.pinterest.com/login/?next=https://www.pinterest.com/favicon.ico

Domain: de.foursquare.com
URL: https://de.foursquare.com/login?continue=/favicon.ico

Domain: eu.battle.net
URL: https://eu.battle.net/login/de/index?ref=https://eu.battle.net/favicon.ico

Domain: store.steampowered.com
URL: https://store.steampowered.com/login/?redir=favicon.ico

Domain: accounts.google.com
URL: https://accounts.google.com/ServiceLogin?service=blogger&hl=de&passive=1209600&continue=https://www.blogger.com/favicon.ico

Domain: github.com
URL: https://github.com/login?return_to=https://github.com/favicon.ico?id=1

Domain: medium.com
URL: https://medium.com/m/signin?redirect=https://medium.com/favicon.ico&loginType=default

Domain: carbonmade.com
URL: https://carbonmade.com/signin?returnTo=favicon.ico

Domain: courses.edx.org
URL: https://courses.edx.org/login?next=/favicon.ico

Domain: slack.com
URL: https://slack.com/checkcookie?redir=https://slack.com/favicon.ico

Domain: www.khanacademy.org
URL: https://www.khanacademy.org/login?continue=https://www.khanacademy.org/favicon.ico

Domain: www.paypal.com
URL: https://www.paypal.com/signin?returnUri=https://t.paypal.com/ts?v=1.0.0

Domain: 500px.com
URL: https://500px.com/login?r=/favicon.ico

Domain: www.airbnb.com
URL: https://www.airbnb.com/login?redirect_params[action]=favicon.ico&redirect_params[controller]=home

Domain: disqus.com
URL: https://disqus.com/profile/login/?next=https://disqus.com/favicon.ico

Domain: secure.meetup.com
URL: https://secure.meetup.com/login/?returnUri=https://www.meetup.com/img/ajax_loader_trans.gif

Domain: bitbucket.org
URL: https://bitbucket.org/account/signin/?next=/favicon.ico

Domain: secure.indeed.com
URL: https://secure.indeed.com/account/login?continue=/favicon.ico

Domain: vk.com
URL: https://vk.com/login?u=2&to=ZmF2aWNvbi5pY28-

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.traffic.tc-clicks.com/	1970-01-18 15:56:56	Name: rts-trck Value: 1
.traffic.tc-clicks.com/	1970-01-18 15:58:22	Name: traffic-visited-offers Value: 28069%7C1526215929%7C28069%7Cunspecified
.traffic.tc-clicks.com/	1970-01-18 15:56:55	Name: traffic-back Value: ok

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

500px.com
accounts.google.com
bitbucket.org
carbonmade.com
click.trackacross.net
courses.edx.org
de.foursquare.com
disqus.com
eu.battle.net
github.com
login.live.com
medium.com
overtraff.com
plus.google.com
secure.indeed.com
secure.meetup.com
slack.com
smart.lce9v.com
squareup.com
store.steampowered.com
traffic.tc-clicks.com
twitter.com
vk.com
www.airbnb.com
www.dexchangeinc.com
www.dropbox.com
www.expedia.de
www.facebook.com
www.khanacademy.org
www.paypal.com
www.pinterest.com
www.reddit.com
www.tumblr.com
xebadu.com
500px.com
accounts.google.com
bitbucket.org
carbonmade.com
courses.edx.org
de.foursquare.com
disqus.com
eu.battle.net
github.com
login.live.com
medium.com
secure.indeed.com
secure.meetup.com
slack.com
squareup.com
store.steampowered.com
twitter.com
vk.com
www.airbnb.com
www.dropbox.com
www.expedia.de
www.facebook.com
www.khanacademy.org
www.paypal.com
www.pinterest.com
www.reddit.com
www.tumblr.com
104.250.135.34
109.206.164.148
172.217.18.173
172.217.18.174
35.201.117.228
52.10.158.221
54.72.206.38
62.212.87.142
0ef5cc2e1cb66a78ac9d2d098696f3d9294fe1714003c44484725c49d1da1192
454d07ad2bb070963b47fddd1f718821d909921f1f718554d14e714bf3f9456c
8a9acfd06df7aa4e0d9d29df29573d43ed7044c5d18bc000881e7a9308016052
acec64fc1a21273df97124257112c54fb557e35b198196e28a1f9ebcade6e5a8
b2074f0cc266fa72ae2b565c6fd9021038f07c416a5296ab8709b5ada4404fcb
cc907e072925983ae1796a45b0f47d846f48a2f22ea0a981a43d0322ccd406fc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

www.dexchangeinc.com Open in urlscan Pro 35.201.117.228 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

37 Requests

11 %HTTPS

0 %IPv6

33 Domains

34 Subdomains

6 IPs

4 Countries

60 kBTransfer

68 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

3 Cookies

Indicators

www.dexchangeinc.com Open in urlscan Pro
35.201.117.228 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

11 %
HTTPS

0 %
IPv6

33
Domains

34
Subdomains

6
IPs

4
Countries

60 kB
Transfer

68 kB
Size

3
Cookies

37 HTTP transactions
0 data transactions