urlscan.io logo urlscan.io
SecurityTrails logo

securejoinsite.com Open in urlscan Pro
104.17.127.50  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://tinyurl.com/vtgdl7y
Effective URL: https://securejoinsite.com/join.php?act=vip59127.46186-1345637.3.9056607x0zflq4d1bpfjgz1x3&apache=elx_clounge&tnum=5005&ci_...
Submission: On November 19 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 7 domains to perform 22 HTTP transactions. The main IP is 104.17.127.50, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is securejoinsite.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on July 9th 2019. Valid for: a year.
This is the only time securejoinsite.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
9 35.156.88.7 16509 (AMAZON-02)
1 178.63.199.193 24940 (HETZNER-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 11 104.17.127.50 13335 (CLOUDFLAR...)
1 1 104.17.130.50 13335 (CLOUDFLAR...)
22 4
1    2606:4700:10::6814:da2a (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
tinyurl.com
9    35.156.88.7 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-156-88-7.eu-central-1.compute.amazonaws.com
conxtdt.com
1    178.63.199.193 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.178-63-199-193.clients.your-server.de
ssl.gmyze.com
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
11    104.17.127.50 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
nlntrk.com
securejoinsite.com
1    104.17.130.50 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.securejoinaccess.com
Domain Requested by
10 securejoinsite.com conxtdt.com
securejoinsite.com
9 conxtdt.com conxtdt.com
2 www.google-analytics.com conxtdt.com
1 www.securejoinaccess.com 1 redirects
1 nlntrk.com 1 redirects
1 ssl.gmyze.com conxtdt.com
1 tinyurl.com 1 redirects
22 7

This site contains no links.

Subject Issuer Validity Valid
conxtdt.com
Let's Encrypt Authority X3		 2019-09-27 -
2019-12-26		 3 months crt.sh
ssl.gmyze.com
Let's Encrypt Authority X3		 2019-11-01 -
2020-01-30		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
securejoinsite.com
CloudFlare Inc ECC CA-2		 2019-07-09 -
2020-07-08		 a year crt.sh

This page contains 1 frames:

Primary Page: https://securejoinsite.com/join.php?act=vip59127.46186-1345637.3.9056607x0zflq4d1bpfjgz1x3&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&custom=y
Frame ID: DCDC143DEC543E476AD48133DDBFC738
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://tinyurl.com/vtgdl7y HTTP 301
    https://conxtdt.com/1-1em7612qb Page URL
  2. https://nlntrk.com/ep.php/camlnge1a:39578/59127:3.9056607x0zflq4d1bpfjgz1x3 HTTP 302
    https://www.securejoinaccess.com/loader.php?tl_act=vip59127.46186-1345637.3.9056607x0zflq4d1bpfjgz1x3&tl_id=1... HTTP 302
    https://securejoinsite.com/join.php?act=vip59127.46186-1345637.3.9056607x0zflq4d1bpfjgz1x3&apache=elx_c... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

22
Requests

100 %
HTTPS

33 %
IPv6

7
Domains

7
Subdomains

4
IPs

2
Countries

150 kB
Transfer

214 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://tinyurl.com/vtgdl7y HTTP 301
    https://conxtdt.com/1-1em7612qb Page URL
  2. https://nlntrk.com/ep.php/camlnge1a:39578/59127:3.9056607x0zflq4d1bpfjgz1x3 HTTP 302
    https://www.securejoinaccess.com/loader.php?tl_act=vip59127.46186-1345637.3.9056607x0zflq4d1bpfjgz1x3&tl_id=1&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&custom=y HTTP 302
    https://securejoinsite.com/join.php?act=vip59127.46186-1345637.3.9056607x0zflq4d1bpfjgz1x3&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&custom=y Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://tinyurl.com/vtgdl7y HTTP 301
  • https://conxtdt.com/1-1em7612qb

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
1-1em7612qb
conxtdt.com/
Redirect Chain
  • https://tinyurl.com/vtgdl7y
  • https://conxtdt.com/1-1em7612qb
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://conxtdt.com/1-1em7612qb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.156.88.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-156-88-7.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
55adc97e9dede05a9fc6bcbea60cc146c52aaf26c50637db246bf058c17beafa

Request headers

Host
conxtdt.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Sec-Fetch-User
?1
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Sec-Fetch-User
?1

Response headers

Server
nginx
Date
Tue, 19 Nov 2019 18:12:23 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Content-Encoding
gzip

Redirect headers

status
301
date
Tue, 19 Nov 2019 18:12:22 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d1fb98a9f22ba60348a7a788f03aaf41e1574187142; expires=Wed, 18-Nov-20 18:12:22 GMT; path=/; domain=.tinyurl.com; HttpOnly tinyUUID=dd4308bd6c1b000000000000; expires=Sun, 17-Nov-2024 18:12:22 GMT; Max-Age=157680000; path=/; domain=.tinyurl.com TCSR-424478e14777a8248d995a015ce7b6c4=eyJpdiI6IktIOHFTb1daOEZXUVRuRTdTK25ZckE9PSIsInZhbHVlIjoiQm9sWHdGQ0RDSmdiaWMrWE5icVl6dz09IiwibWFjIjoiODg5ZmYxNWQ0MDdlMTQyZWY3MDAwYTNlZjE1YTVlZGNlNzk4Y2E5MTI0ZWU2MDk5Y2JmYmUzOTAxOTAxODljOSJ9; expires=Tue, 19-Nov-2019 18:17:22 GMT; Max-Age=300; path=/; domain=.tinyurl.com
x-powered-by
PHP/7.3.11
location
https://conxtdt.com/1-1em7612qb
cache-control
max-age=0, no-cache, private
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
538426e88ec8cba0-VIE
jquery-1.11.1.min.js
conxtdt.com/js/jquery/ 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://conxtdt.com/js/jquery/jquery-1.11.1.min.js
Requested by
Host: conxtdt.com
URL: https://conxtdt.com/1-1em7612qb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.156.88.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-156-88-7.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Referer
https://conxtdt.com/1-1em7612qb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Tue, 19 Nov 2019 18:12:23 GMT
Last-Modified
Fri, 15 Nov 2019 13:57:28 GMT
Server
nginx
ETag
"5dceaec8-1762a"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
95786
logger.php
conxtdt.com/ 		43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://conxtdt.com/logger.php?click_id=15964779&log=pixel&time=0
Requested by
Host: conxtdt.com
URL: https://conxtdt.com/1-1em7612qb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.156.88.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-156-88-7.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://conxtdt.com/1-1em7612qb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Tue, 19 Nov 2019 18:12:23 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
load.gif
conxtdt.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://conxtdt.com/images/load.gif
Requested by
Host: conxtdt.com
URL: https://conxtdt.com/1-1em7612qb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.156.88.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-156-88-7.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d39d92cd948ab76439c5404d749d64b2c240e88d6c9abcf518b5410a1e0cdfc8

Request headers

Referer
https://conxtdt.com/1-1em7612qb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Tue, 19 Nov 2019 18:12:23 GMT
Last-Modified
Fri, 15 Nov 2019 13:57:28 GMT
Server
nginx
ETag
"5dceaec8-c7f"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3199
logger.php
conxtdt.com/ 		0
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://conxtdt.com/logger.php
Requested by
Host: conxtdt.com
URL: https://conxtdt.com/js/jquery/jquery-1.11.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.156.88.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-156-88-7.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://conxtdt.com/1-1em7612qb
Origin
https://conxtdt.com
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Tue, 19 Nov 2019 18:12:23 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
ax_src.js
ssl.gmyze.com/current/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.gmyze.com/current/js/ax_src.js
Requested by
Host: conxtdt.com
URL: https://conxtdt.com/1-1em7612qb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.63.199.193 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.178-63-199-193.clients.your-server.de
Software
/
Resource Hash

Request headers

Referer
https://conxtdt.com/1-1em7612qb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: conxtdt.com
URL: https://conxtdt.com/1-1em7612qb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://conxtdt.com/1-1em7612qb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
5926
date
Tue, 19 Nov 2019 16:33:37 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Tue, 19 Nov 2019 18:33:37 GMT
collect
www.google-analytics.com/r/ 		35 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=2139544332&t=pageview&_s=1&dl=https%3A%2F%2Fconxtdt.com%2F1-1em7612qb&ul=en-us&de=UTF-8&dt=Connection...&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1462178110&gjid=1520656611&cid=1081391417.1574187143&tid=UA-40987805-1&_gid=967650607.1574187143&_r=1&z=373780909
Requested by
Host: conxtdt.com
URL: https://conxtdt.com/1-1em7612qb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://conxtdt.com/1-1em7612qb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Nov 2019 18:12:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
logger.php
conxtdt.com/ 		0
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://conxtdt.com/logger.php
Requested by
Host: conxtdt.com
URL: https://conxtdt.com/js/jquery/jquery-1.11.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.156.88.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-156-88-7.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://conxtdt.com/1-1em7612qb
Origin
https://conxtdt.com
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Tue, 19 Nov 2019 18:12:23 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
logger.php
conxtdt.com/ 		0
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://conxtdt.com/logger.php
Requested by
Host: conxtdt.com
URL: https://conxtdt.com/js/jquery/jquery-1.11.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.156.88.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-156-88-7.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Referer
https://conxtdt.com/1-1em7612qb
Origin
https://conxtdt.com
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Tue, 19 Nov 2019 18:12:33 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Primary Request join.php
securejoinsite.com/
Redirect Chain
  • https://nlntrk.com/ep.php/camlnge1a:39578/59127:3.9056607x0zflq4d1bpfjgz1x3
  • https://www.securejoinaccess.com/loader.php?tl_act=vip59127.46186-1345637.3.9056607x0zflq4d1bpfjgz1x3&tl_id=1&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&cu...
  • https://securejoinsite.com/join.php?act=vip59127.46186-1345637.3.9056607x0zflq4d1bpfjgz1x3&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&custom=y
44 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://securejoinsite.com/join.php?act=vip59127.46186-1345637.3.9056607x0zflq4d1bpfjgz1x3&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&custom=y
Requested by
Host: conxtdt.com
URL: https://conxtdt.com/1-1em7612qb
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.127.50 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
97822d7b35c97f14cd545f32e77db480386d0832bc177dd3481f88504a6c28b6

Request headers

:method
GET
:authority
securejoinsite.com
:scheme
https
:path
/join.php?act=vip59127.46186-1345637.3.9056607x0zflq4d1bpfjgz1x3&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&custom=y
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://conxtdt.com/1-1em7612qb
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://conxtdt.com/1-1em7612qb

Response headers

status
200
date
Tue, 19 Nov 2019 18:12:35 GMT
content-type
text/html; charset=UTF-8
content-length
9644
set-cookie
__cfduid=d01d9b97383855d0d8fd67e07881067061574187154; expires=Wed, 18-Nov-20 18:12:34 GMT; path=/; domain=.securejoinsite.com; HttpOnly X-Mapping-ponelalg=1216A7E58D6E17178DE1188FBE2994CB; path=/
vary
Accept-Encoding
cache-control
no-cache
content-encoding
gzip
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
53842734d94c9778-FRA

Redirect headers

status
302
date
Tue, 19 Nov 2019 18:12:34 GMT
content-type
text/html; charset=UTF-8
content-length
0
set-cookie
__cfduid=db6fe70b8271214d6c2400231c491fe611574187154; expires=Wed, 18-Nov-20 18:12:34 GMT; path=/; domain=.www.securejoinaccess.com; HttpOnly X-Mapping-ponelalg=DA0C85E9CDA8ADE6E82FF27C63A4BE4C; path=/
cache-control
no-cache
location
https://securejoinsite.com/join.php?act=vip59127.46186-1345637.3.9056607x0zflq4d1bpfjgz1x3&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&custom=y
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
53842731bbe4d6b1-FRA
logger.php
conxtdt.com/ 		0
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://conxtdt.com/logger.php
Requested by
Host: conxtdt.com
URL: https://conxtdt.com/js/jquery/jquery-1.11.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.156.88.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-156-88-7.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Referer
https://conxtdt.com/1-1em7612qb
Origin
https://conxtdt.com
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Tue, 19 Nov 2019 18:12:33 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
logger.php
conxtdt.com/ 		0
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://conxtdt.com/logger.php
Requested by
Host: conxtdt.com
URL: https://conxtdt.com/js/jquery/jquery-1.11.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.156.88.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-156-88-7.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Referer
https://conxtdt.com/1-1em7612qb
Origin
https://conxtdt.com
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Tue, 19 Nov 2019 18:12:33 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
j1.js
securejoinsite.com/js/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securejoinsite.com/js/j1.js
Requested by
Host: securejoinsite.com
URL: https://securejoinsite.com/join.php?act=vip59127.46186-1345637.3.9056607x0zflq4d1bpfjgz1x3&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&custom=y
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.127.50 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4e3af47c2d2f90fb528baf167516006091f918e1e1896f13f09f2178f3a9656

Request headers

Referer
https://securejoinsite.com/join.php?act=vip59127.46186-1345637.3.9056607x0zflq4d1bpfjgz1x3&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&custom=y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Tue, 19 Nov 2019 18:12:35 GMT
content-encoding
gzip
cf-cache-status
HIT
age
5275
status
200
x-cache-info
caching
content-length
1289
last-modified
Tue, 19 Jun 2018 00:32:57 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300
accept-ranges
bytes
cf-ray
538427382cea9778-FRA
expires
Tue, 19 Nov 2019 18:17:35 GMT
secureIcon.png
securejoinsite.com/graphics/j2/ccn_46/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securejoinsite.com/graphics/j2/ccn_46/secureIcon.png
Requested by
Host: securejoinsite.com
URL: https://securejoinsite.com/join.php?act=vip59127.46186-1345637.3.9056607x0zflq4d1bpfjgz1x3&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&custom=y
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.127.50 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3a24a6071d20a6dc54221cbb0d244a9e8f9120c0234e3c61a7ef4ceefd19756

Request headers

Referer
https://securejoinsite.com/join.php?act=vip59127.46186-1345637.3.9056607x0zflq4d1bpfjgz1x3&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&custom=y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Tue, 19 Nov 2019 18:12:35 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 21 Mar 2014 19:56:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=600
x-cache-info
caching
accept-ranges
bytes
cf-ray
538427382ced9778-FRA
content-length
1641
expires
Tue, 19 Nov 2019 18:22:35 GMT
badge-1.png
securejoinsite.com/graphics/j2/ccn_46/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securejoinsite.com/graphics/j2/ccn_46/badge-1.png
Requested by
Host: securejoinsite.com
URL: https://securejoinsite.com/join.php?act=vip59127.46186-1345637.3.9056607x0zflq4d1bpfjgz1x3&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&custom=y
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.127.50 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
634c3ee2b7477630a8f964c6b9fe5bdda66d66e495857afbb580afc64b73eefa

Request headers

Referer
https://securejoinsite.com/join.php?act=vip59127.46186-1345637.3.9056607x0zflq4d1bpfjgz1x3&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&custom=y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Tue, 19 Nov 2019 18:12:35 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 21 Mar 2014 19:56:34 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=600
x-cache-info
caching
accept-ranges
bytes
cf-ray
538427382cee9778-FRA
content-length
7532
expires
Tue, 19 Nov 2019 18:22:35 GMT
creditcards.gif
securejoinsite.com/graphics/j2/ccn_36/elx_tubez_1/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securejoinsite.com/graphics/j2/ccn_36/elx_tubez_1/creditcards.gif
Requested by
Host: securejoinsite.com
URL: https://securejoinsite.com/join.php?act=vip59127.46186-1345637.3.9056607x0zflq4d1bpfjgz1x3&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&custom=y
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.127.50 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
094e5bedaa381df49079882ed3739358cdbcdb601d8ee8f189f99fd900124224

Request headers

Referer
https://securejoinsite.com/join.php?act=vip59127.46186-1345637.3.9056607x0zflq4d1bpfjgz1x3&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&custom=y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Tue, 19 Nov 2019 18:12:35 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 27 Jun 2013 22:25:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
public, max-age=600
x-cache-info
cached
accept-ranges
bytes
cf-ray
538427383d0f9778-FRA
content-length
2404
expires
Tue, 19 Nov 2019 18:22:35 GMT
safe.png
securejoinsite.com/graphics/j2/ccn_46/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securejoinsite.com/graphics/j2/ccn_46/safe.png
Requested by
Host: securejoinsite.com
URL: https://securejoinsite.com/join.php?act=vip59127.46186-1345637.3.9056607x0zflq4d1bpfjgz1x3&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&custom=y
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.127.50 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
26e03b47f9dea9ef5ce8569928e877a79354d1e105c6be615f57e7ab759593e0

Request headers

Referer
https://securejoinsite.com/join.php?act=vip59127.46186-1345637.3.9056607x0zflq4d1bpfjgz1x3&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&custom=y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Tue, 19 Nov 2019 18:12:35 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 21 Mar 2014 19:56:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=600
x-cache-info
caching
accept-ranges
bytes
cf-ray
538427383d119778-FRA
content-length
1237
expires
Tue, 19 Nov 2019 18:22:35 GMT
secure2.png
securejoinsite.com/graphics/j2/ccn_46/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securejoinsite.com/graphics/j2/ccn_46/secure2.png
Requested by
Host: securejoinsite.com
URL: https://securejoinsite.com/join.php?act=vip59127.46186-1345637.3.9056607x0zflq4d1bpfjgz1x3&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&custom=y
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.127.50 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ec59c72b863c57be207a81d8d625a414c743ae17dc950444be47d93e6655908

Request headers

Referer
https://securejoinsite.com/join.php?act=vip59127.46186-1345637.3.9056607x0zflq4d1bpfjgz1x3&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&custom=y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Tue, 19 Nov 2019 18:12:35 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 21 Mar 2014 19:56:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=600
x-cache-info
caching
accept-ranges
bytes
cf-ray
538427383d129778-FRA
content-length
4524
expires
Tue, 19 Nov 2019 18:22:35 GMT
wizardfraud.js
securejoinsite.com/js/ 		2 KB
705 B 		Script
General
Check archive.org
Download Go to
Full URL
https://securejoinsite.com/js/wizardfraud.js
Requested by
Host: securejoinsite.com
URL: https://securejoinsite.com/join.php?act=vip59127.46186-1345637.3.9056607x0zflq4d1bpfjgz1x3&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&custom=y
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.127.50 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d736e15211336dd48f0764286d0e7f74c6d916e2662ddd85d2d76161c36359b

Request headers

Referer
https://securejoinsite.com/join.php?act=vip59127.46186-1345637.3.9056607x0zflq4d1bpfjgz1x3&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&custom=y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Tue, 19 Nov 2019 18:12:35 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2538
status
200
x-cache-info
caching
content-length
614
last-modified
Fri, 11 Dec 2015 01:37:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300
accept-ranges
bytes
cf-ray
538427383d0c9778-FRA
expires
Tue, 19 Nov 2019 18:17:35 GMT
whatsthis.gif
securejoinsite.com/graphics/j2/ccn_46/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securejoinsite.com/graphics/j2/ccn_46/whatsthis.gif
Requested by
Host: securejoinsite.com
URL: https://securejoinsite.com/join.php?act=vip59127.46186-1345637.3.9056607x0zflq4d1bpfjgz1x3&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&custom=y
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.127.50 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
29c14898d521bd35f432a7d1bbadf3f0bb788a2f47ef58bd68ca10d4fe9a01e6

Request headers

Referer
https://securejoinsite.com/join.php?act=vip59127.46186-1345637.3.9056607x0zflq4d1bpfjgz1x3&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&custom=y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Tue, 19 Nov 2019 18:12:35 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 21 Mar 2014 19:56:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
public, max-age=600
x-cache-info
caching
accept-ranges
bytes
cf-ray
538427385d3b9778-FRA
content-length
1579
expires
Tue, 19 Nov 2019 18:22:35 GMT
grdnt2.png
securejoinsite.com/graphics/j2/ccn_46/ 		999 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securejoinsite.com/graphics/j2/ccn_46/grdnt2.png
Requested by
Host: securejoinsite.com
URL: https://securejoinsite.com/join.php?act=vip59127.46186-1345637.3.9056607x0zflq4d1bpfjgz1x3&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&custom=y
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.127.50 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc7f831761a606bdffc2f373346c11ad6f29ced993f1e9df6b4cdd4a66bf0831

Request headers

Referer
https://securejoinsite.com/join.php?act=vip59127.46186-1345637.3.9056607x0zflq4d1bpfjgz1x3&apache=elx_clounge&tnum=5005&ci_j2_ccn=combo5&iframe=y&ci_j2_ccn_style=elx_clounge_1&custom=y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Tue, 19 Nov 2019 18:12:35 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 26 Jun 2013 16:22:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=600
x-cache-info
caching
accept-ranges
bytes
cf-ray
538427385d3c9778-FRA
content-length
999
expires
Tue, 19 Nov 2019 18:22:35 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

2 Cookies

Domain/Path Name / Value
securejoinsite.com/ Name: X-Mapping-ponelalg
Value: 1216A7E58D6E17178DE1188FBE2994CB
.securejoinsite.com/ Name: __cfduid
Value: d01d9b97383855d0d8fd67e07881067061574187154

1 Console Messages

Source Level URL
Text
console-api log URL: https://conxtdt.com/1-1em7612qb(Line 39)
Message:
Redirecting...

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

conxtdt.com
nlntrk.com
securejoinsite.com
ssl.gmyze.com
tinyurl.com
www.google-analytics.com
www.securejoinaccess.com
104.17.127.50
104.17.130.50
178.63.199.193
2606:4700:10::6814:da2a
2a00:1450:4001:808::200e
35.156.88.7
094e5bedaa381df49079882ed3739358cdbcdb601d8ee8f189f99fd900124224
0ec59c72b863c57be207a81d8d625a414c743ae17dc950444be47d93e6655908
26e03b47f9dea9ef5ce8569928e877a79354d1e105c6be615f57e7ab759593e0
29c14898d521bd35f432a7d1bbadf3f0bb788a2f47ef58bd68ca10d4fe9a01e6
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
55adc97e9dede05a9fc6bcbea60cc146c52aaf26c50637db246bf058c17beafa
634c3ee2b7477630a8f964c6b9fe5bdda66d66e495857afbb580afc64b73eefa
7d736e15211336dd48f0764286d0e7f74c6d916e2662ddd85d2d76161c36359b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
97822d7b35c97f14cd545f32e77db480386d0832bc177dd3481f88504a6c28b6
a3a24a6071d20a6dc54221cbb0d244a9e8f9120c0234e3c61a7ef4ceefd19756
a4e3af47c2d2f90fb528baf167516006091f918e1e1896f13f09f2178f3a9656
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
d39d92cd948ab76439c5404d749d64b2c240e88d6c9abcf518b5410a1e0cdfc8
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fc7f831761a606bdffc2f373346c11ad6f29ced993f1e9df6b4cdd4a66bf0831