securejoinsite.com Open in urlscan Pro
104.17.131.50 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://conxtdt.com/1-1eo91emqb
Effective URL:
https://securejoinsite.com/join.php?act=vip64145.46105-4058608.590.9060601x0zflq90aeipd9z1x590&apache=elx_clounge&tnum=5005...
Submission: On September 03 via manual (September 3rd 2019, 4:03:28 am UTC) from NZ

Summary HTTP 25 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 25 HTTP transactions. The main IP is 104.17.131.50, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is securejoinsite.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on July 9th 2019. Valid for: a year.

This is the only time securejoinsite.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	35.156.88.7 35.156.88.7	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	85.17.217.27 85.17.217.27	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	104.17.130.50 104.17.130.50	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 1	104.17.128.50 104.17.128.50	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
10	104.17.131.50 104.17.131.50	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
25	4

10 35.156.88.7 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-156-88-7.eu-central-1.compute.amazonaws.com

conxtdt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 85.17.217.27 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

gmyze.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.130.50 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

nlntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.128.50 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.securejoinsite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.17.131.50 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

securejoinsite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	securejoinsite.com 1 redirects www.securejoinsite.com securejoinsite.com	32 KB
10	conxtdt.com conxtdt.com	101 KB
3	gmyze.com gmyze.com	64 KB
2	google-analytics.com www.google-analytics.com	18 KB
1	nlntrk.com 1 redirects nlntrk.com	483 B
25	5

	Domain	Requested by
10	securejoinsite.com	conxtdt.com securejoinsite.com
10	conxtdt.com	conxtdt.com
3	gmyze.com	conxtdt.com gmyze.com
2	www.google-analytics.com	conxtdt.com
1	www.securejoinsite.com	1 redirects
1	nlntrk.com	1 redirects
25	6

This site contains no links.

Subject Issuer	Validity	Valid
	`1970-01-01` - `1970-01-01`	a few seconds	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-08-13` - `2019-11-11`	3 months	crt.sh
securejoinsite.com CloudFlare Inc ECC CA-2	`2019-07-09` - `2020-07-08`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://securejoinsite.com/join.php?act=vip64145.46105-4058608.590.9060601x0zflq90aeipd9z1x590&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&custom=y
Frame ID: FE164B80CE1142DE0EF1CEE7DBE9BABB
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://conxtdt.com/1-1eo91emqb Page URL
https://nlntrk.com/ep.php/camlnge1a:39578/64145:590.9060601x0zflq90aeipd9z1x590 HTTP 302
https://www.securejoinsite.com/loader.php?tl_act=vip64145.46105-4058608.590.9060601x0zflq90aeipd9z1x590&tl_... HTTP 302
https://securejoinsite.com/join.php?act=vip64145.46105-4058608.590.9060601x0zflq90aeipd9z1x590&apache=e... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

25
Requests

48 %
HTTPS

17 %
IPv6

5
Domains

6
Subdomains

4
IPs

3
Countries

214 kB
Transfer

278 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://conxtdt.com/1-1eo91emqb Page URL
https://nlntrk.com/ep.php/camlnge1a:39578/64145:590.9060601x0zflq90aeipd9z1x590 HTTP 302
https://www.securejoinsite.com/loader.php?tl_act=vip64145.46105-4058608.590.9060601x0zflq90aeipd9z1x590&tl_id=1&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&custom=y HTTP 302
https://securejoinsite.com/join.php?act=vip64145.46105-4058608.590.9060601x0zflq90aeipd9z1x590&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&custom=y Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 7

http://www.google-analytics.com/r/collect?v=1&_v=j79&a=2140964413&t=pageview&_s=1&dl=http%3A%2F%2Fconxtdt.com%2F1-1eo91emqb&ul=en-us&de=UTF-8&dt=Connection...&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=544493629&gjid=1604132352&cid=800185113.1567483393&tid=UA-40987805-1&_gid=1329352315.1567483393&_r=1&z=2127160562 HTTP 307
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=2140964413&t=pageview&_s=1&dl=http%3A%2F%2Fconxtdt.com%2F1-1eo91emqb&ul=en-us&de=UTF-8&dt=Connection...&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=544493629&gjid=1604132352&cid=800185113.1567483393&tid=UA-40987805-1&_gid=1329352315.1567483393&_r=1&z=2127160562

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK 1-1eo91emqb Show response
conxtdt.com/ 4 KB
2 KB 163ms
111ms Document
text/html 35.156.88.7
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://conxtdt.com/1-1eo91emqb
Protocol: HTTP/1.1
Server: 35.156.88.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-156-88-7.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ec865851344d7caa153a064c28744a451411e9cc77dd04efe78ba58fc476a7de

Request headers

Host: conxtdt.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Tue, 03 Sep 2019 04:03:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip

GET
H/1.1 200
OK jquery-1.11.1.min.js Show response
conxtdt.com/js/jquery/ 94 KB
94 KB 37ms
36ms Script
application/javascript 35.156.88.7
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://conxtdt.com/js/jquery/jquery-1.11.1.min.js
Requested by: Host: conxtdt.com
URL: http://conxtdt.com/1-1eo91emqb
Protocol: HTTP/1.1
Security: , ,
Server: 35.156.88.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-156-88-7.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Referer: http://conxtdt.com/1-1eo91emqb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 03 Sep 2019 04:03:12 GMT
Last-Modified: Mon, 05 Aug 2019 10:14:07 GMT
Server: nginx
ETag: "5d48016f-1762a"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 95786

GET
H/1.1 200
OK logger.php
conxtdt.com/ 43 B
183 B 107ms
83ms Image
image/gif 35.156.88.7
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://conxtdt.com/logger.php?click_id=15352254&log=pixel&time=0
Requested by: Host: conxtdt.com
URL: http://conxtdt.com/1-1eo91emqb
Protocol: HTTP/1.1
Security: , ,
Server: 35.156.88.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-156-88-7.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://conxtdt.com/1-1eo91emqb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 03 Sep 2019 04:03:12 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK load.gif
conxtdt.com/images/ 3 KB
3 KB 74ms
50ms Image
image/gif 35.156.88.7
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://conxtdt.com/images/load.gif
Requested by: Host: conxtdt.com
URL: http://conxtdt.com/1-1eo91emqb
Protocol: HTTP/1.1
Security: , ,
Server: 35.156.88.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-156-88-7.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d39d92cd948ab76439c5404d749d64b2c240e88d6c9abcf518b5410a1e0cdfc8

Request headers

Referer: http://conxtdt.com/1-1eo91emqb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 03 Sep 2019 04:03:12 GMT
Last-Modified: Mon, 05 Aug 2019 10:14:07 GMT
Server: nginx
ETag: "5d48016f-c7f"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3199

POST
H/1.1 200
OK logger.php Show response
conxtdt.com/ 0
218 B 69ms
69ms XHR
text/html 35.156.88.7
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://conxtdt.com/logger.php
Requested by: Host: conxtdt.com
URL: http://conxtdt.com/js/jquery/jquery-1.11.1.min.js
Protocol: HTTP/1.1
Security: , ,
Server: 35.156.88.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-156-88-7.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: http://conxtdt.com/1-1eo91emqb
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Tue, 03 Sep 2019 04:03:13 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ax_src.js Show response
gmyze.com/current/js/ 63 KB
63 KB 79ms
36ms Script
application/x-javascript 85.17.217.27
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://gmyze.com/current/js/ax_src.js
Requested by: Host: conxtdt.com
URL: http://conxtdt.com/1-1eo91emqb
Protocol: HTTP/1.1
Security: , ,
Server: 85.17.217.27 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.1.19 /
Resource Hash: 4db9ccb3fd31424d3da20bb96dc85ee232e1b81af9b1876251e027166a9bcb50

Request headers

Referer: http://conxtdt.com/1-1eo91emqb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 03 Sep 2019 04:03:13 GMT
Last-Modified: Tue, 29 Mar 2016 15:41:36 GMT
Server: nginx/1.1.19
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 64778
Content-Type: application/x-javascript

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

43 KB
17 KB

6ms
6ms

Script
text/javascript

2a00:1450:4001:80b::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: conxtdt.com
URL: http://conxtdt.com/1-1eo91emqb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://conxtdt.com/1-1eo91emqb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 2235
date: Tue, 03 Sep 2019 03:25:57 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17803
expires: Tue, 03 Sep 2019 05:25:57 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H2

200

collect
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/collect?v=1&_v=j79&a=2140964413&t=pageview&_s=1&dl=http%3A%2F%2Fconxtdt.com%2F1-1eo91emqb&ul=en-us&de=UTF-8&dt=Connection...&sd=24-bit&sr=1600x1200&vp=1585x1200&je...
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=2140964413&t=pageview&_s=1&dl=http%3A%2F%2Fconxtdt.com%2F1-1eo91emqb&ul=en-us&de=UTF-8&dt=Connection...&sd=24-bit&sr=1600x1200&vp=1585x1200&j...

35 B
101 B

13ms
13ms

Image
image/gif

2a00:1450:4001:80b::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=2140964413&t=pageview&_s=1&dl=http%3A%2F%2Fconxtdt.com%2F1-1eo91emqb&ul=en-us&de=UTF-8&dt=Connection...&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=544493629&gjid=1604132352&cid=800185113.1567483393&tid=UA-40987805-1&_gid=1329352315.1567483393&_r=1&z=2127160562

Requested by

Host: conxtdt.com
URL: http://conxtdt.com/1-1eo91emqb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://conxtdt.com/1-1eo91emqb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Sep 2019 04:03:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/collect?v=1&_v=j79&a=2140964413&t=pageview&_s=1&dl=http%3A%2F%2Fconxtdt.com%2F1-1eo91emqb&ul=en-us&de=UTF-8&dt=Connection...&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=544493629&gjid=1604132352&cid=800185113.1567483393&tid=UA-40987805-1&_gid=1329352315.1567483393&_r=1&z=2127160562
Non-Authoritative-Reason: HSTS

POST
H/1.1 200
OK logger.php Show response
conxtdt.com/ 0
218 B 73ms
72ms XHR
text/html 35.156.88.7
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://conxtdt.com/logger.php
Requested by: Host: conxtdt.com
URL: http://conxtdt.com/js/jquery/jquery-1.11.1.min.js
Protocol: HTTP/1.1
Security: , ,
Server: 35.156.88.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-156-88-7.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: http://conxtdt.com/1-1eo91emqb
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Tue, 03 Sep 2019 04:03:13 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK pl.php Show response
gmyze.com/1.1/resources/ 74 B
304 B 30ms
30ms Script
text/html 85.17.217.27
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://gmyze.com/1.1/resources/pl.php?name=__ax&56888
Requested by: Host: gmyze.com
URL: http://gmyze.com/current/js/ax_src.js
Protocol: HTTP/1.1
Security: , ,
Server: 85.17.217.27 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.1.19 /
Resource Hash: 849972012b68e43566a733c14af2c0734d1847cccc4e7dfbdf1a9e2bf8ac3d46

Request headers

Referer: http://conxtdt.com/1-1eo91emqb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 03 Sep 2019 04:03:13 GMT
Content-Encoding: gzip
Server: nginx/1.1.19
Vary: Accept-Encoding
P3P: CP="CAO PSA OUR"
Connection: keep-alive
Content-Type: text/html
Content-Length: 87

POST
H/1.1 200
OK logger.php Show response
conxtdt.com/ 0
218 B 70ms
69ms XHR
text/html 35.156.88.7
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://conxtdt.com/logger.php
Requested by: Host: conxtdt.com
URL: http://conxtdt.com/js/jquery/jquery-1.11.1.min.js
Protocol: HTTP/1.1
Security: , ,
Server: 35.156.88.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-156-88-7.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: http://conxtdt.com/1-1eo91emqb
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Tue, 03 Sep 2019 04:03:13 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

POST
H/1.1 200
OK track.php
conxtdt.com/ 13 B
178 B 149ms
149ms XHR
application/json 35.156.88.7
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://conxtdt.com/track.php
Requested by: Host: conxtdt.com
URL: http://conxtdt.com/js/jquery/jquery-1.11.1.min.js
Protocol: HTTP/1.1
Security: , ,
Server: 35.156.88.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-156-88-7.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://conxtdt.com/1-1eo91emqb
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Tue, 03 Sep 2019 04:03:13 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/json

GET
H/1.1 200
OK pl.php Show response
gmyze.com/1.1/resources/ 0
295 B 31ms
30ms Script
text/html 85.17.217.27
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://gmyze.com/1.1/resources/pl.php?name=__ax&value=O77zaR3uh9Vs4Ne6ciZie
Requested by: Host: gmyze.com
URL: http://gmyze.com/current/js/ax_src.js
Protocol: HTTP/1.1
Security: , ,
Server: 85.17.217.27 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.1.19 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://conxtdt.com/1-1eo91emqb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 03 Sep 2019 04:03:13 GMT
Server: nginx/1.1.19
Connection: keep-alive
Content-Type: text/html
Content-Length: 0
P3P: CP="CAO PSA OUR"

GET
H2

200

Primary Request join.php Show response
securejoinsite.com/
Redirect Chain

https://nlntrk.com/ep.php/camlnge1a:39578/64145:590.9060601x0zflq90aeipd9z1x590
https://www.securejoinsite.com/loader.php?tl_act=vip64145.46105-4058608.590.9060601x0zflq90aeipd9z1x590&tl_id=1&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&...
https://securejoinsite.com/join.php?act=vip64145.46105-4058608.590.9060601x0zflq90aeipd9z1x590&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&custom=y

44 KB
10 KB

305ms
228ms

Document
text/html

104.17.131.50
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://securejoinsite.com/join.php?act=vip64145.46105-4058608.590.9060601x0zflq90aeipd9z1x590&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&custom=y
Requested by: Host: conxtdt.com
URL: http://conxtdt.com/1-1eo91emqb
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.131.50 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dbb22756d7463132236f70d901d43182b3586ad9336aa131209b18811f73c85

Request headers

:method: GET
:authority: securejoinsite.com
:scheme: https
:path: /join.php?act=vip64145.46105-4058608.590.9060601x0zflq90aeipd9z1x590&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&custom=y
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://conxtdt.com/1-1eo91emqb
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: http://conxtdt.com/1-1eo91emqb

Response headers

status: 200
date: Tue, 03 Sep 2019 04:03:15 GMT
content-type: text/html; charset=UTF-8
content-length: 9628
set-cookie: __cfduid=da94b4e7480bf70178c8f5027862675c81567483394; expires=Wed, 02-Sep-20 04:03:14 GMT; path=/; domain=.securejoinsite.com; HttpOnly X-Mapping-ponelalg=A2494C87B274B78BB8BCB8BE1A8007C0; path=/
vary: Accept-Encoding
cache-control: no-cache
content-encoding: gzip
x-cache-info: not cacheable; response specified "Cache-Control: no-cache"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5104d531bcd86a4d-LHR

Redirect headers

status: 302
date: Tue, 03 Sep 2019 04:03:14 GMT
content-type: text/html; charset=UTF-8
content-length: 0
set-cookie: __cfduid=d20fdfdec92d9748bea4cfe15ae5abac01567483394; expires=Wed, 02-Sep-20 04:03:14 GMT; path=/; domain=.www.securejoinsite.com; HttpOnly X-Mapping-ponelalg=AFFD745ED6A0F1E8AD9F3DC0EB9F2653; path=/
cache-control: no-cache
location: https://securejoinsite.com/join.php?act=vip64145.46105-4058608.590.9060601x0zflq90aeipd9z1x590&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&custom=y
x-cache-info: not cacheable; response specified "Cache-Control: no-cache"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5104d5307debce6f-LHR

POST
H/1.1 200
OK logger.php
conxtdt.com/ 0
218 B 72ms
71ms XHR
text/html 35.156.88.7
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://conxtdt.com/logger.php
Requested by: Host: conxtdt.com
URL: http://conxtdt.com/js/jquery/jquery-1.11.1.min.js
Protocol: HTTP/1.1
Security: , ,
Server: 35.156.88.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-156-88-7.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Referer: http://conxtdt.com/1-1eo91emqb
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Tue, 03 Sep 2019 04:03:13 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

POST
H/1.1 200
OK logger.php
conxtdt.com/ 0
218 B 73ms
72ms XHR
text/html 35.156.88.7
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://conxtdt.com/logger.php
Requested by: Host: conxtdt.com
URL: http://conxtdt.com/js/jquery/jquery-1.11.1.min.js
Protocol: HTTP/1.1
Security: , ,
Server: 35.156.88.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-156-88-7.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Referer: http://conxtdt.com/1-1eo91emqb
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Tue, 03 Sep 2019 04:03:13 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 j1.js Show response
securejoinsite.com/js/ 5 KB
1 KB 29ms
28ms Script
application/javascript 104.17.131.50
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://securejoinsite.com/js/j1.js
Requested by: Host: securejoinsite.com
URL: https://securejoinsite.com/join.php?act=vip64145.46105-4058608.590.9060601x0zflq90aeipd9z1x590&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&custom=y
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.131.50 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4e3af47c2d2f90fb528baf167516006091f918e1e1896f13f09f2178f3a9656

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securejoinsite.com/join.php?act=vip64145.46105-4058608.590.9060601x0zflq90aeipd9z1x590&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&custom=y
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 03 Sep 2019 04:03:15 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 307
status: 200
x-cache-info: cached
content-length: 1289
last-modified: Tue, 19 Jun 2018 00:32:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 5104d5333e296a4d-LHR
expires: Tue, 03 Sep 2019 04:08:15 GMT

GET
H2 200 secureIcon.png
securejoinsite.com/graphics/j2/ccn_46/ 2 KB
2 KB 430ms
430ms Image
image/png 104.17.131.50
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securejoinsite.com/graphics/j2/ccn_46/secureIcon.png
Requested by: Host: securejoinsite.com
URL: https://securejoinsite.com/join.php?act=vip64145.46105-4058608.590.9060601x0zflq90aeipd9z1x590&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&custom=y
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.131.50 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3a24a6071d20a6dc54221cbb0d244a9e8f9120c0234e3c61a7ef4ceefd19756

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securejoinsite.com/join.php?act=vip64145.46105-4058608.590.9060601x0zflq90aeipd9z1x590&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&custom=y
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 03 Sep 2019 04:03:15 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 21 Mar 2014 19:56:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=600
x-cache-info: caching
accept-ranges: bytes
cf-ray: 5104d5333e2a6a4d-LHR
content-length: 1641
expires: Tue, 03 Sep 2019 04:13:15 GMT

GET
H2 200 badge-1.png
securejoinsite.com/graphics/j2/ccn_46/ 7 KB
7 KB 436ms
436ms Image
image/png 104.17.131.50
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securejoinsite.com/graphics/j2/ccn_46/badge-1.png
Requested by: Host: securejoinsite.com
URL: https://securejoinsite.com/join.php?act=vip64145.46105-4058608.590.9060601x0zflq90aeipd9z1x590&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&custom=y
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.131.50 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 634c3ee2b7477630a8f964c6b9fe5bdda66d66e495857afbb580afc64b73eefa

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securejoinsite.com/join.php?act=vip64145.46105-4058608.590.9060601x0zflq90aeipd9z1x590&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&custom=y
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 03 Sep 2019 04:03:15 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 21 Mar 2014 19:56:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=600
x-cache-info: caching
accept-ranges: bytes
cf-ray: 5104d5333e2b6a4d-LHR
content-length: 7532
expires: Tue, 03 Sep 2019 04:13:15 GMT

GET
H2 200 creditcards.gif
securejoinsite.com/graphics/j2/ccn_36/elx_tubez_1/ 2 KB
2 KB 461ms
461ms Image
image/gif 104.17.131.50
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securejoinsite.com/graphics/j2/ccn_36/elx_tubez_1/creditcards.gif
Requested by: Host: securejoinsite.com
URL: https://securejoinsite.com/join.php?act=vip64145.46105-4058608.590.9060601x0zflq90aeipd9z1x590&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&custom=y
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.131.50 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 094e5bedaa381df49079882ed3739358cdbcdb601d8ee8f189f99fd900124224

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securejoinsite.com/join.php?act=vip64145.46105-4058608.590.9060601x0zflq90aeipd9z1x590&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&custom=y
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 03 Sep 2019 04:03:15 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 27 Jun 2013 22:25:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: public, max-age=600
x-cache-info: caching
accept-ranges: bytes
cf-ray: 5104d5336e3c6a4d-LHR
content-length: 2404
expires: Tue, 03 Sep 2019 04:13:15 GMT

GET
H2 200 safe.png
securejoinsite.com/graphics/j2/ccn_46/ 1 KB
1 KB 463ms
462ms Image
image/png 104.17.131.50
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securejoinsite.com/graphics/j2/ccn_46/safe.png
Requested by: Host: securejoinsite.com
URL: https://securejoinsite.com/join.php?act=vip64145.46105-4058608.590.9060601x0zflq90aeipd9z1x590&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&custom=y
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.131.50 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26e03b47f9dea9ef5ce8569928e877a79354d1e105c6be615f57e7ab759593e0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securejoinsite.com/join.php?act=vip64145.46105-4058608.590.9060601x0zflq90aeipd9z1x590&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&custom=y
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 03 Sep 2019 04:03:15 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 21 Mar 2014 19:56:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=600
x-cache-info: caching
accept-ranges: bytes
cf-ray: 5104d5336e3d6a4d-LHR
content-length: 1237
expires: Tue, 03 Sep 2019 04:13:15 GMT

GET
H2 200 secure2.png
securejoinsite.com/graphics/j2/ccn_46/ 4 KB
4 KB 459ms
459ms Image
image/png 104.17.131.50
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securejoinsite.com/graphics/j2/ccn_46/secure2.png
Requested by: Host: securejoinsite.com
URL: https://securejoinsite.com/join.php?act=vip64145.46105-4058608.590.9060601x0zflq90aeipd9z1x590&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&custom=y
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.131.50 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ec59c72b863c57be207a81d8d625a414c743ae17dc950444be47d93e6655908

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securejoinsite.com/join.php?act=vip64145.46105-4058608.590.9060601x0zflq90aeipd9z1x590&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&custom=y
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 03 Sep 2019 04:03:15 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 21 Mar 2014 19:56:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=600
x-cache-info: caching
accept-ranges: bytes
cf-ray: 5104d5336e3e6a4d-LHR
content-length: 4524
expires: Tue, 03 Sep 2019 04:13:15 GMT

GET
H2 200 wizardfraud.js Show response
securejoinsite.com/js/ 2 KB
712 B 29ms
28ms Script
application/javascript 104.17.131.50
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://securejoinsite.com/js/wizardfraud.js
Requested by: Host: securejoinsite.com
URL: https://securejoinsite.com/join.php?act=vip64145.46105-4058608.590.9060601x0zflq90aeipd9z1x590&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&custom=y
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.131.50 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d736e15211336dd48f0764286d0e7f74c6d916e2662ddd85d2d76161c36359b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securejoinsite.com/join.php?act=vip64145.46105-4058608.590.9060601x0zflq90aeipd9z1x590&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&custom=y
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 03 Sep 2019 04:03:15 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4246
status: 200
x-cache-info: caching
content-length: 614
last-modified: Fri, 11 Dec 2015 01:37:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 5104d5336e3a6a4d-LHR
expires: Tue, 03 Sep 2019 04:08:15 GMT

GET
H2 200 whatsthis.gif
securejoinsite.com/graphics/j2/ccn_46/ 2 KB
2 KB 436ms
436ms Image
image/gif 104.17.131.50
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securejoinsite.com/graphics/j2/ccn_46/whatsthis.gif
Requested by: Host: securejoinsite.com
URL: https://securejoinsite.com/join.php?act=vip64145.46105-4058608.590.9060601x0zflq90aeipd9z1x590&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&custom=y
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.131.50 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29c14898d521bd35f432a7d1bbadf3f0bb788a2f47ef58bd68ca10d4fe9a01e6

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securejoinsite.com/join.php?act=vip64145.46105-4058608.590.9060601x0zflq90aeipd9z1x590&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&custom=y
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 03 Sep 2019 04:03:15 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 21 Mar 2014 19:56:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: public, max-age=600
x-cache-info: caching
accept-ranges: bytes
cf-ray: 5104d5339e4d6a4d-LHR
content-length: 1579
expires: Tue, 03 Sep 2019 04:13:15 GMT

GET
H2 200 grdnt2.png
securejoinsite.com/graphics/j2/ccn_46/ 999 B
1 KB 432ms
432ms Image
image/png 104.17.131.50
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securejoinsite.com/graphics/j2/ccn_46/grdnt2.png
Requested by: Host: securejoinsite.com
URL: https://securejoinsite.com/join.php?act=vip64145.46105-4058608.590.9060601x0zflq90aeipd9z1x590&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&custom=y
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.131.50 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc7f831761a606bdffc2f373346c11ad6f29ced993f1e9df6b4cdd4a66bf0831

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securejoinsite.com/join.php?act=vip64145.46105-4058608.590.9060601x0zflq90aeipd9z1x590&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&custom=y
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 03 Sep 2019 04:03:15 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 26 Jun 2013 16:22:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=600
x-cache-info: cached
accept-ranges: bytes
cf-ray: 5104d5339e506a4d-LHR
content-length: 999
expires: Tue, 03 Sep 2019 04:13:15 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			securejoinsite.com/	1969-12-31 23:59:59	Name: X-Mapping-ponelalg Value: A2494C87B274B78BB8BCB8BE1A8007C0
			.securejoinsite.com/	1970-01-19 12:10:19	Name: __cfduid Value: da94b4e7480bf70178c8f5027862675c81567483394

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://conxtdt.com/1-1eo91emqb(Line 39) Message: Redirecting...

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

conxtdt.com
gmyze.com
nlntrk.com
securejoinsite.com
www.google-analytics.com
www.securejoinsite.com
104.17.128.50
104.17.130.50
104.17.131.50
2a00:1450:4001:80b::200e
35.156.88.7
85.17.217.27
094e5bedaa381df49079882ed3739358cdbcdb601d8ee8f189f99fd900124224
0ec59c72b863c57be207a81d8d625a414c743ae17dc950444be47d93e6655908
26e03b47f9dea9ef5ce8569928e877a79354d1e105c6be615f57e7ab759593e0
29c14898d521bd35f432a7d1bbadf3f0bb788a2f47ef58bd68ca10d4fe9a01e6
4db9ccb3fd31424d3da20bb96dc85ee232e1b81af9b1876251e027166a9bcb50
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
634c3ee2b7477630a8f964c6b9fe5bdda66d66e495857afbb580afc64b73eefa
6dbb22756d7463132236f70d901d43182b3586ad9336aa131209b18811f73c85
7d736e15211336dd48f0764286d0e7f74c6d916e2662ddd85d2d76161c36359b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
849972012b68e43566a733c14af2c0734d1847cccc4e7dfbdf1a9e2bf8ac3d46
a3a24a6071d20a6dc54221cbb0d244a9e8f9120c0234e3c61a7ef4ceefd19756
a4e3af47c2d2f90fb528baf167516006091f918e1e1896f13f09f2178f3a9656
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
d39d92cd948ab76439c5404d749d64b2c240e88d6c9abcf518b5410a1e0cdfc8
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec865851344d7caa153a064c28744a451411e9cc77dd04efe78ba58fc476a7de
fc7f831761a606bdffc2f373346c11ad6f29ced993f1e9df6b4cdd4a66bf0831

securejoinsite.com Open in urlscan Pro 104.17.131.50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

25 Requests

48 %HTTPS

17 %IPv6

5 Domains

6 Subdomains

4 IPs

3 Countries

214 kBTransfer

278 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

2 Cookies

1 Console Messages

Indicators

securejoinsite.com Open in urlscan Pro
104.17.131.50 Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

48 %
HTTPS

17 %
IPv6

5
Domains

6
Subdomains

4
IPs

3
Countries

214 kB
Transfer

278 kB
Size

2
Cookies

25 HTTP transactions
0 data transactions