Report - defendguard.top/_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net

Report Overview

Submitted URL
defendguard.top/_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net
IP
104.21.25.137
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-18 19:09:14
Access
public
Website Title
Final URL
defendguard.top/_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net
Tags
phishing microsoft outlook
urlquery detections
Phishing - Microsoft Outlook

Detections

urlquery
5
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2024-04-18	34 kB	2.6 MB	104.17.3.184
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-04-18	2.2 kB	161 kB	216.58.207.202
defendguard.top	unknown	2024-02-10	2024-02-12	2024-04-16	14 kB	225 kB	172.67.134.71

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (50)

	URL	Size	First Seen	Last Seen
	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8766f2970b4db4fd	432 kB	2024-04-18	2024-04-18
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8766f2970b4db4fd IP 104.17.3.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 21:09:19 Last Seen2024-04-18 21:09:22 Times Seen2 Hash 1a0508245b71e7684d72a4bd11944dd4 87d0ad29adeb718d5083697fbce92e87f65e298c 29c233dfcad1b7fb6f8728255c534977f5ace94461fbb153f357842fbeb0d20e Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/i483j/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal	3.6 kB	2024-04-18	2024-04-18
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/i483j/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal IP 104.17.3.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 21:09:19 Last Seen2024-04-18 21:09:19 Times Seen1 Hash 5c1f723a18039f020d47fde9fc84507d 14bc0040869aef8c359ec7e10a7e7e21c9759c0c 931918583dac19cb1c76bff687dd2770960fb4a329afb7e7f8ff7ebe25fc6add Loading...

	defendguard.top/_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net	202 B	2023-05-05	2024-05-01
Pretty URL defendguard.top/_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net IP 172.67.134.71 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-05 20:07:55 Last Seen2024-05-01 11:06:01 Times Seen498 Hash 8cb487d4459c7a6cd9d6f2d45900c628 d35cc3c00025613a8772575e3daa962b633ea2ec 977d0b37baf294b277f8469a4178563b7b21bd289d9df105b5a37a025bfd4d87 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js	90 kB	2023-03-10	2024-05-01
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js IP 216.58.207.202 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 04:24:46 Last Seen2024-05-01 11:06:03 Times Seen17546 Hash cf2fbbf84281d9ecbffb4993203d543b 832a6a4e86daf38b1975d705c5de5d9e5f5844bc a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575 Loading...

	challenges.cloudflare.com/turnstile/v0/api.js	42 kB	2024-04-17	2024-04-19
Pretty URL challenges.cloudflare.com/turnstile/v0/api.js IP 104.17.3.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-17 13:23:36 Last Seen2024-04-19 12:29:24 Times Seen644 Hash 374fec8b5e50cd6ab980f3fef21a5aa0 7f474607991a19b6f1b78cc32e0f75b501b60774 8af2da74872f03e058ab79a584176d2086afc01bbd42dd2ed14259179341be6a Loading...

		Size	First Seen	Last Seen
	#1 Eval - c5c73b846eaa8e2386a8f45a2ac3ef4b	28 B	2024-04-18	2024-04-18
Pretty Observations First Seen2024-04-18 21:09:19 Last Seen2024-04-18 21:09:19 Times Seen1 Hash c5c73b846eaa8e2386a8f45a2ac3ef4b 63332a138eee38bc9c6470cea8fea9089010440f 7fb188197963fec08227f0ab07226d0221da05567f6724713ecd10b4adef0abf Loading...

	#2 Eval - 400694294205db2f0381580624abe557	28 B	2024-04-18	2024-04-18
Pretty Observations First Seen2024-04-18 21:09:19 Last Seen2024-04-18 21:09:19 Times Seen1 Hash 400694294205db2f0381580624abe557 bbafc67b71539fdbe618eddf5c8b546bdf6edca4 130c0401e751b69c0551d38066f8ee8a0e80a49c2f1d0dc99fe1e1c1081cc521 Loading...

	#3 Eval - a2110f371d63efe41e74b06bebec7e13	28 B	2024-04-18	2024-04-18
Pretty Observations First Seen2024-04-18 21:09:19 Last Seen2024-04-18 21:09:19 Times Seen1 Hash a2110f371d63efe41e74b06bebec7e13 bcf83e5e22201fd2844190937e06418dfb50b527 c8b50dd796fc3cd4e5ea797703e3469681abe3ed58e380ea3b7eb92f4166e61e Loading...

	#4 Eval - e153f77b09b251249e8d2c076059afa3	28 B	2024-04-18	2024-04-18
Pretty Observations First Seen2024-04-18 21:09:19 Last Seen2024-04-18 21:09:19 Times Seen1 Hash e153f77b09b251249e8d2c076059afa3 a03fdabed03871e727c25d8103753844c1a4a786 154381837686894f28e1062ac77a93cfc4d57690456909e18f0fae35c3081f57 Loading...

	#5 Eval - e5acfc79496b847283c0e465908f11ee	28 B	2024-04-18	2024-04-18
Pretty Observations First Seen2024-04-18 21:09:19 Last Seen2024-04-18 21:09:19 Times Seen1 Hash e5acfc79496b847283c0e465908f11ee 96deb802a37e8f894251fa4137e9ffd0f65aef60 a75d8d81d19c962456c94d3a76e2b7963b996103af1af9c3eaafa15dfdae658b Loading...

	#6 Eval - 8882e66270090c1dd65fd3acab2e38e0	28 B	2024-04-18	2024-04-18
Pretty Observations First Seen2024-04-18 21:09:19 Last Seen2024-04-18 21:09:19 Times Seen1 Hash 8882e66270090c1dd65fd3acab2e38e0 65e5de59a8c3a13889ba7aa7f13b38a11ff5a432 7c26ba12f82ef2f1bf7cad6c3508842bf2124c693873248d643b68fc7fb7f48c Loading...

	#7 Eval - 0241595f323a3584f751183ab8382e2d	28 B	2024-04-18	2024-04-18
Pretty Observations First Seen2024-04-18 21:09:19 Last Seen2024-04-18 21:09:19 Times Seen1 Hash 0241595f323a3584f751183ab8382e2d d431a4511525f994fabf6e09267de618f4371620 7b152e2bd385329892603fae06cb640f622e6d3875e331ec312ec32edade4f26 Loading...

	#8 Eval - 40278b7eeb2f8ece9aafea7166089226	28 B	2024-04-18	2024-04-18
Pretty Observations First Seen2024-04-18 21:09:19 Last Seen2024-04-18 21:09:19 Times Seen1 Hash 40278b7eeb2f8ece9aafea7166089226 0ea1125adcdfeb32bc02b981fb4d9372b13e88b5 e6ff2f95f432e8457368c0cc1036a57f038b36747bc240f57b8016a50a2b24cc Loading...

	#9 Eval - 8e6ed9d3e350f613110d1103a773ac30	28 B	2024-04-18	2024-04-18
Pretty Observations First Seen2024-04-18 21:09:19 Last Seen2024-04-18 21:09:19 Times Seen1 Hash 8e6ed9d3e350f613110d1103a773ac30 49239c6e8380932c0b4f546a491f20248877bd5c c615e99996c532b8ec0544cae317da3ecba9e7828460a233842a56dd7e1d3a95 Loading...

	#10 Eval - 5f3d1a0050ae37198b99ad09f7207cf3	28 B	2024-04-18	2024-04-18
Pretty Observations First Seen2024-04-18 21:09:19 Last Seen2024-04-18 21:09:19 Times Seen1 Hash 5f3d1a0050ae37198b99ad09f7207cf3 66d350e23cea7ee1d0b981eb4f30dc1c6dbde0e4 4328701dd5fa7003153def2487bc203b7e3d8ec08a152f773f9e4bc8f76724f7 Loading...

	#11 Eval - 0d708593f32893450251ca7f39f26be9	28 B	2024-04-18	2024-04-18
Pretty Observations First Seen2024-04-18 21:09:19 Last Seen2024-04-18 21:09:19 Times Seen1 Hash 0d708593f32893450251ca7f39f26be9 f0a4c5ff201f6690b4d4016d1bc61c053176ee7a f82c912a02788996587a3e69ec52e042ec2437047a939f2d412b021ce641c400 Loading...

	#12 Eval - c51ae858194d656697508fef66f0cd49	28 B	2024-04-18	2024-04-18
Pretty Observations First Seen2024-04-18 21:09:19 Last Seen2024-04-18 21:09:19 Times Seen1 Hash c51ae858194d656697508fef66f0cd49 b4dba217cadb425fd481b740eb35a3edfa9ce16e 2d53bc25c3b99ae4fefbcf509b6d0b615193b01f8891a7f9d74af53a1cc7426f Loading...

	#13 Eval - a6c94d958ad458c351604fcc0d2b34ca	28 B	2024-04-18	2024-04-18
Pretty Observations First Seen2024-04-18 21:09:19 Last Seen2024-04-18 21:09:19 Times Seen1 Hash a6c94d958ad458c351604fcc0d2b34ca bc98a2ec019b5f673b5b36ff29ebde22e13b8d79 1c0141eb433b1e5418362b03e62dccaa7f8a8831784b1a86845436a84c830e21 Loading...

	#14 Eval - 782db827f0b0f568735ea1bd6f3f9b3a	28 B	2024-04-18	2024-04-18
Pretty Observations First Seen2024-04-18 21:09:19 Last Seen2024-04-18 21:09:19 Times Seen1 Hash 782db827f0b0f568735ea1bd6f3f9b3a fd6e352eb79ced1f7b12989e0abcdf04d7639598 b30026bd0bbc19be2ddf984086de36aac414d332e0057cb200eebeb5261946df Loading...

	#15 Eval - c57ef4ba5d51f46233ff83fc7d6ca50c	28 B	2024-04-18	2024-04-18
Pretty Observations First Seen2024-04-18 21:09:19 Last Seen2024-04-18 21:09:19 Times Seen1 Hash c57ef4ba5d51f46233ff83fc7d6ca50c 5913a1ec2b79743b4c6301845dc6ffb16aea0d69 f022d31e513db10567f07e56fe0e99ee6af6aeac6267b3c0a721e4ad34777f98 Loading...

	#16 Eval - 10fe9f8f5b1d83f3ebbaaafea6ac4137	28 B	2024-04-18	2024-04-18
Pretty Observations First Seen2024-04-18 21:09:20 Last Seen2024-04-18 21:09:20 Times Seen1 Hash 10fe9f8f5b1d83f3ebbaaafea6ac4137 8a370f3ab393788b1fbb0b3bc4a559cb72a708a8 42d1532aa20027f2dd57ab1e647c5352085fbca93902347c53ea78089acd8e6b Loading...

	#17 Eval - 8cbea6ef49fd98dfc6bccb6e1e9ad2e5	28 B	2024-04-18	2024-04-18
Pretty Observations First Seen2024-04-18 21:09:20 Last Seen2024-04-18 21:09:20 Times Seen1 Hash 8cbea6ef49fd98dfc6bccb6e1e9ad2e5 6ceb9ac54058b36e0a51a53773358c36e9254638 351a9d202f12d6c513b96bf185ed808ce25611dc635c0c3675f147e2f048d6c2 Loading...

	#18 Eval - d7e13207a93760b594de140d4961cff8	161 B	2024-04-17	2024-04-19
Pretty Observations First Seen2024-04-17 14:30:15 Last Seen2024-04-19 09:43:07 Times Seen102 Hash d7e13207a93760b594de140d4961cff8 b62363a5d48a4d8c812c41c546852919ffd608bb 30a8a2ad53b8f62af74a96fbda1a34d23391bdcf90e9060af04d31a1834cf7de Loading...

	#19 Eval - e04ded0b3ed116a2746b6c5eaf970c49	28 B	2024-04-18	2024-04-18
Pretty Observations First Seen2024-04-18 21:09:20 Last Seen2024-04-18 21:09:20 Times Seen1 Hash e04ded0b3ed116a2746b6c5eaf970c49 3efbf30f400cfae1556777a1208893e62e2542d3 167a11d632978249d329d8c06c9397a52d6ba284fe7af215e635efb00915b9b7 Loading...

	#20 Eval - dffda4a0dc119acf8c6628f83dc759ad	28 B	2024-04-18	2024-04-18
Pretty Observations First Seen2024-04-18 21:09:20 Last Seen2024-04-18 21:09:20 Times Seen1 Hash dffda4a0dc119acf8c6628f83dc759ad d14c16e861a83f9909a0816089ce03f4fcfe830d 476ce14a2eba26af9a109fb5926c1f0ce0c8572c6c31f9a59e3b96afcf8017c7 Loading...

	#21 Eval - 21798e50097777f84f8afb22afeb951d	28 B	2024-04-18	2024-04-18
Pretty Observations First Seen2024-04-18 21:09:20 Last Seen2024-04-18 21:09:20 Times Seen1 Hash 21798e50097777f84f8afb22afeb951d 3d9105267dc3e3cd5f57f9b4123f82babe528975 b57c3ecc932df4245af2db268463c431b5a2e634e9074a1b3d7ea7fa8756962b Loading...

	#22 Eval - 7ee82a1273be6280e83f2989d127b2bc	28 B	2024-04-18	2024-04-18
Pretty Observations First Seen2024-04-18 21:09:20 Last Seen2024-04-18 21:09:20 Times Seen1 Hash 7ee82a1273be6280e83f2989d127b2bc 3f97a6c27f664b49c421e7dfdbfac24fb8b6efdb d9ce74df7324b73a9a26172e0dc6468f2759a91fc9f7feb9fcff6703a8eb9483 Loading...

	#23 Eval - 3e74b7557097450df062da4c2354d932	28 B	2024-04-18	2024-04-18
Pretty Observations First Seen2024-04-18 21:09:20 Last Seen2024-04-18 21:09:20 Times Seen1 Hash 3e74b7557097450df062da4c2354d932 af52ae1906600a3e76c206f809d29504daf8e139 f182e96b63312557a779d787d6aeebf804f1e337f9abf44f8761cc7b4957cf40 Loading...

	#24 Eval - 0db1b05b8cdef556933eb36a08d421ed	28 B	2024-04-18	2024-04-18
Pretty Observations First Seen2024-04-18 21:09:20 Last Seen2024-04-18 21:09:20 Times Seen1 Hash 0db1b05b8cdef556933eb36a08d421ed 431002e6cf50f80c5634662c0d4065454124c6d5 6878729b98ae22d6bbcfa9b4a4ab466d3ece676968858098f1c1d5156a2b70d6 Loading...

	#25 Eval - 9b8004239ceae782be647c11ec0fb5b1	28 B	2024-04-18	2024-04-18
Pretty Observations First Seen2024-04-18 21:09:20 Last Seen2024-04-18 21:09:20 Times Seen1 Hash 9b8004239ceae782be647c11ec0fb5b1 73d2d3c3055c4d7d20a1360588c9240113df3e7d 37111634834298a37bcce40b11eb2778be4b56bd1099afba562bab6ee31b7267 Loading...

	#26 Eval - 20fc082f7f05fa78ea0a75062c2a8b1d	28 B	2024-04-18	2024-04-18
Pretty Observations First Seen2024-04-18 21:09:20 Last Seen2024-04-18 21:09:20 Times Seen1 Hash 20fc082f7f05fa78ea0a75062c2a8b1d feb5e49ac09572b4177111ed3042c149dc687b81 7d628d5fcd9e861a41da25a60fdf3828ead4450eeab67865da5bd1d6d5ffa330 Loading...

	#27 Eval - c11636f5a6c363b5cd3be7af531a364a	28 B	2024-04-18	2024-04-18
Pretty Observations First Seen2024-04-18 21:09:20 Last Seen2024-04-18 21:09:20 Times Seen1 Hash c11636f5a6c363b5cd3be7af531a364a a6767669e114737a6a7f2a9c230ba20da7e03598 b886a11506bd2c46d24e549b6395cb34a9e79d1d6fe6079ea48349b3f99913e5 Loading...

	#28 Eval - 22663973f492c3119d67560a20d7d714	28 B	2024-04-18	2024-04-18
Pretty Observations First Seen2024-04-18 21:09:20 Last Seen2024-04-18 21:09:20 Times Seen1 Hash 22663973f492c3119d67560a20d7d714 d2a3a4b303bb26edf5882e05bf8c695c423eb745 03599f6ef25a435ea168065f830ba811d86d1028f7390efa3b37ef8aca29ae92 Loading...

	#29 Eval - f729261c7c4001f9a20da1d9c642ca45	28 B	2024-04-18	2024-04-18
Pretty Observations First Seen2024-04-18 21:09:20 Last Seen2024-04-18 21:09:20 Times Seen1 Hash f729261c7c4001f9a20da1d9c642ca45 f24a05608cd808fa86facd3c49d74e7c4e5ae44b db86b0e61dcb1a24546d6914478ee7048847e5b9e41434216a557247e0f57d17 Loading...

	#30 Eval - 9fba386b83419a08ff1faa8007dd23a1	60 B	2024-04-17	2024-04-19
Pretty Observations First Seen2024-04-17 14:11:25 Last Seen2024-04-19 12:29:21 Times Seen535 Hash 9fba386b83419a08ff1faa8007dd23a1 c6148c7d249ddcfe37f49e99ac7cb60fe3bd43f2 a197c137af56d7b49dd589ed67e397152047dea7b7a147b0403d07bd1c6d59ee Loading...

	#31 Eval - 14d39e2cae97c95e2a8ccde3b73b0630	28 B	2024-04-18	2024-04-18
Pretty Observations First Seen2024-04-18 21:09:20 Last Seen2024-04-18 21:09:20 Times Seen1 Hash 14d39e2cae97c95e2a8ccde3b73b0630 07a3a7a6bbfc0a7776360b1a5c6723d72cecf0d6 d94979ed8904cdc6cdc3fbcb4bf0c45082c78119dc5cd60b59ffd3cd204c8258 Loading...

	#32 Eval - eeb35bd87dc23c61cfc11be7da4ee9d5	28 B	2024-04-18	2024-04-18
Pretty Observations First Seen2024-04-18 21:09:20 Last Seen2024-04-18 21:09:20 Times Seen1 Hash eeb35bd87dc23c61cfc11be7da4ee9d5 7f5bf7f61d75fd2453ec5ed40b2c020e42178065 c806e26e5a7a1b8689044c4546bca646ce27caca0e71a1992ea8dbff385f5cdf Loading...

	#33 Eval - 6c3cc69968ebf2e6c8691411bd301a24	28 B	2024-04-18	2024-04-18
Pretty Observations First Seen2024-04-18 21:09:20 Last Seen2024-04-18 21:09:20 Times Seen1 Hash 6c3cc69968ebf2e6c8691411bd301a24 aed2eec57daa2b8ce8c7e2f2f74add1b55d7b67a 02753e01cdf5caee91db4314242ec2697e4c544ef6456b718f0f17cf7b2bef02 Loading...

	#34 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07	2024-05-01
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-05-01 15:49:13 Times Seen351018 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	#35 Eval - f74ef66ed5a41bec338775e12140475b	28 B	2024-04-18	2024-04-18
Pretty Observations First Seen2024-04-18 21:09:20 Last Seen2024-04-18 21:09:20 Times Seen1 Hash f74ef66ed5a41bec338775e12140475b cb0a53ac05a572d6997808b81985a697fc691292 9d65258d1d3e3bdf62ece67c84e808f9d18415827e6a19dc02b5c9ee974dfe13 Loading...

	#36 Eval - a3a64356f4a48d3475307f76f8bb87a5	28 B	2024-04-18	2024-04-18
Pretty Observations First Seen2024-04-18 21:09:20 Last Seen2024-04-18 21:09:20 Times Seen1 Hash a3a64356f4a48d3475307f76f8bb87a5 66b3f55f63a7bc80ae54d3c3708ee526ea4be085 35fc846a505cfdea63bdcac37b244ef458665c3aaf8a8cc0f5f38625af1e9ace Loading...

	#37 Eval - fb2104f014b09b2612972cf98b41f6ed	28 B	2024-04-18	2024-04-18
Pretty Observations First Seen2024-04-18 21:09:20 Last Seen2024-04-18 21:09:20 Times Seen1 Hash fb2104f014b09b2612972cf98b41f6ed 5c664aea00b6fa3b7b4c27c7e45af3d2bbcc0ecf d717739f4145e77a8a12c3f55a4d39dd153a4f225c3c6135bc6086332942defa Loading...

	#38 Eval - bced0a0abd2fc0d57e933e2c8a993a0c	28 B	2024-04-18	2024-04-18
Pretty Observations First Seen2024-04-18 21:09:20 Last Seen2024-04-18 21:09:20 Times Seen1 Hash bced0a0abd2fc0d57e933e2c8a993a0c 5073ff907b927aece611cb190b2c4d9dbeff667a d7c73cea6d8b2a073acc21874fee219fb5ef3f67c406202deff136122597b1f2 Loading...

	#39 Eval - 907178779b5dbc3db09ada409b87e24c	28 B	2024-04-18	2024-04-18
Pretty Observations First Seen2024-04-18 21:09:20 Last Seen2024-04-18 21:09:20 Times Seen1 Hash 907178779b5dbc3db09ada409b87e24c 833cd54b02a0f3a5095f1198076a961f45bddb7a ff1ae492f882247c4dd5999f13b431be8577af677f05dd10ed1fa58d477b59df Loading...

	#40 Eval - d3e2f99ed78d56dded768ddefc2ec422	28 B	2024-04-18	2024-04-18
Pretty Observations First Seen2024-04-18 21:09:20 Last Seen2024-04-18 21:09:20 Times Seen1 Hash d3e2f99ed78d56dded768ddefc2ec422 86aad17f788bb4b40ea9b4e42c5f3221f3da8faa 132c52b2406a74acd3cd3072c9badfd16a85f29149bfc1a82681d340bce61e8f Loading...

	#41 Eval - d45c5c8c5c823f4095264ff5c2154791	28 B	2024-04-18	2024-04-18
Pretty Observations First Seen2024-04-18 21:09:20 Last Seen2024-04-18 21:09:20 Times Seen1 Hash d45c5c8c5c823f4095264ff5c2154791 169b4a7cf1c2dc538b008f7af13d53f3e1e38c76 3a42adb1da86ba34d6848ecdfb7ec335abc45017de1a78508d292d08acb577d6 Loading...

	#42 Eval - 65560194e5eefc11894afb5f28c4dbd2	28 B	2024-04-18	2024-04-18
Pretty Observations First Seen2024-04-18 21:09:20 Last Seen2024-04-18 21:09:20 Times Seen1 Hash 65560194e5eefc11894afb5f28c4dbd2 d9f713a52533c8531da3e21cffbf5c7e3ae5665d 13591b55c39dd52ab6cb2348c737c7e9d7f48b8a41ed43a8625f8d6291bdf34e Loading...

	#43 Eval - 9b72cb007f92833de48581b579acfd3a	28 B	2024-04-18	2024-04-18
Pretty Observations First Seen2024-04-18 21:09:20 Last Seen2024-04-18 21:09:20 Times Seen1 Hash 9b72cb007f92833de48581b579acfd3a 177ac970166b6234bbd636c8d17b9225221c0b66 16e21ece5721cb85c6d1df234caa470e84b4c6a1fa76cfe550b2fe6c0442ea2d Loading...

	#44 Eval - bb094ac37ce7b774bb6e5694109dfff6	28 B	2024-04-18	2024-04-18
Pretty Observations First Seen2024-04-18 21:09:20 Last Seen2024-04-18 21:09:20 Times Seen1 Hash bb094ac37ce7b774bb6e5694109dfff6 ed010af801d03ece4f3cad7be9dba2c5b2bd9e5a 70c475f8d3eb4e0ac14eaad5a2ee74f8ff085a2484b3256d08be5967af3870f2 Loading...

		Size	First Seen	Last Seen
	#1 Write - 086707e4369f60afedcafb16050a7618	39 B	2023-03-07	2024-05-01
Pretty Observations First Seen2023-03-07 01:03:24 Last Seen2024-05-01 13:57:56 Times Seen44698 Hash 086707e4369f60afedcafb16050a7618 8216b0cc6876cbd44f01c158e7dff3833ceccd41 a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e Loading...

HTTP Transactions (79)

URL IP Response Size

challenges.cloudflare.com/turnstile/v0/api.js

104.17.3.184

302 Found

0 B

URL GET HTTP/3
challenges.cloudflare.com/turnstile/v0/api.js
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://defendguard.top/_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://defendguard.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 18 Apr 2024 19:08:48 GMT
content-length: 0
access-control-allow-origin: *
location: /turnstile/v0/g/54ea73d52131/api.js
cross-origin-resource-policy: cross-origin
cache-control: max-age=300, public
vary: Accept-Encoding
server: cloudflare
cf-ray: 8766f210cf56b4f1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js

216.58.207.202

200 OK

31 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js
IP
216.58.207.202:443
ASN
#15169 GOOGLE

Requested by
https://defendguard.top/_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (31191 bytes)
Hash
cf2fbbf84281d9ecbffb4993203d543b
832a6a4e86daf38b1975d705c5de5d9e5f5844bc
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

HTTP Headers

GET /ajax/libs/jquery/3.6.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://defendguard.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 05:54:13 GMT
expires: Wed, 16 Apr 2025 05:54:13 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 220475
last-modified: Wed, 11 Jan 2023 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

defendguard.top/cdn-cgi/challenge-platform/scripts/jsd/main.js

172.67.134.71

0 B

URL
defendguard.top/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
172.67.134.71:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: defendguard.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Thu, 18 Apr 2024 19:08:48 GMT
content-length: 0
cache-control: max-age=300, public
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/54ea73d52131/main.js
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fz%2Bl4u5V52o87foZuWsIVo9qplOYUWFnZLx8gjU785X0sORHUewi14tSyYEktUF%2BTGbQ34%2FGtQdOZresC9sk8%2Bp2ig4Ie2Vm%2FVXqhxitFd21vKpa3v3wgoR3bPyFekI1LWE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8766f2124c4c56bb-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D

104.17.3.184

200 OK

61 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/i483j/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/83mvq/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:08:48 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 8766f212caddb4fd-OSL
alt-svc: h3=":443"; ma=86400

defendguard.top/cdn-cgi/challenge-platform/h/g/jsd/r/8766f20dcdd5b51b

172.67.134.71

0 B

URL
defendguard.top/cdn-cgi/challenge-platform/h/g/jsd/r/8766f20dcdd5b51b
IP
172.67.134.71:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/jsd/r/8766f20dcdd5b51b HTTP/1.1
Host: defendguard.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12282
Origin: https://defendguard.top
DNT: 1
Connection: keep-alive
Referer: https://defendguard.top/_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:08:48 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=nJ1awGHv7bQCryJ80MiPapP.OufYvb.0cE.z2RUK1r4-1713467328-1.0.1.1-ez.FDrYWYzkiBBlPTWJVUzdZas_O1O6MN_DdEKylzjvs8onYGGcQ6gNOpka1L0Q3P3ZmuA8DFa3c5.5mkU7Pww; path=/; expires=Fri, 18-Apr-25 19:08:48 GMT; domain=.defendguard.top; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CQyXNahzi8i%2BQtn0xrggU6zxWEboGenMYjyxfvH5kNCEm0Inke28mpbgdS9mH4DZ%2B%2B6ZetknPBqogorbliHNI4XaXCpJWbdQ9qOxtN9qkt7U%2FoOGZJF31KrgMojsySXOwGY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8766f2133d6856bb-OSL
alt-svc: h3=":443"; ma=86400

defendguard.top/_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net

172.67.134.71

200 OK

14 kB

URL User Request GET HTTP/3
defendguard.top/_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net
IP
172.67.134.71:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectdefendguard.top
Fingerprint25:89:7B:25:31:3A:90:C2:0C:5A:C7:9E:1A:98:E5:78:20:61:81:88
ValidityTue, 19 Mar 2024 14:49:37 GMT - Mon, 17 Jun 2024 14:49:36 GMT

File type
HTML document, ASCII text, with very long lines (1863), with no line terminators
Size
14 kB (13822 bytes)
Hash
07fb4ead457c402af1b242d9fcfa016b
ebdf0fe8b91e4e70db91272f753f9659d4cd9a45
2fc6c56ee85e64c1ed7c9cb8eaf5bad8ff76c5f75b2a0218a699c5002c2c6b8d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net HTTP/1.1
Host: defendguard.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 19:08:47 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.30
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lhaq4p3UorqZMbegm7Vqy5usm23g%2BW5GjUCbmTspew86YB%2F6Cc4x9pySJpKVpez574szT0Fdvv0By78UtW4ltVkl58jpnAic8gXTbzZyU8QS0qOhn%2BnyxcZxPvxzaeziRCM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8766f20dcdd5b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/83mvq/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal

104.17.3.184

33 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/83mvq/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (41702)
Size
33 kB (32843 bytes)
Hash
7e5158db10f1459a78b1ae43b467bebb
d443cfdfdbeb77806ef3aaefeb7669e9efd6205b
7bd1aa8586feaeedce61d90ca726c444e516ac4ee130f22fa1b9e4052de3406b

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/83mvq/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://defendguard.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:08:48 GMT
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
document-policy: js-profiling
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-opener-policy: same-origin
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
origin-agent-cluster: ?1
cross-origin-embedder-policy: require-corp
vary: accept-encoding
server: cloudflare
cf-ray: 8766f2125a7ab4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/8766f2125a7ab4fd/1713467328755/qiB8rr0e6YVSF7C

104.17.3.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/8766f2125a7ab4fd/1713467328755/qiB8rr0e6YVSF7C
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 28 x 99, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
5ab8b7cff201576e7567883ef5a564a4
72a99601eef6e550fc94df616ae56248d30da397
e614a0160f2084cf1494cfa9dfca45b892ea2ae3458f801cc17efc0047d3b2c3

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/i/8766f2125a7ab4fd/1713467328755/qiB8rr0e6YVSF7C HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/83mvq/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:08:49 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 8766f217f88fb4fd-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/8766f2125a7ab4fd/1713467328757/50e0543ca8a6b7ece180fae7bb341f983814dfccf5e9fd57a130194b8b9ffc1f/7dNGEy5CHbEDlg4

104.17.3.184

1 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/8766f2125a7ab4fd/1713467328757/50e0543ca8a6b7ece180fae7bb341f983814dfccf5e9fd57a130194b8b9ffc1f/7dNGEy5CHbEDlg4
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/pat/8766f2125a7ab4fd/1713467328757/50e0543ca8a6b7ece180fae7bb341f983814dfccf5e9fd57a130194b8b9ffc1f/7dNGEy5CHbEDlg4 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/83mvq/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 401 Unauthorized
date: Thu, 18 Apr 2024 19:08:49 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gUOBUPKimt-zhgPrnuzQfmDgU38z16f1XoTAZS4uf_B8AGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEArny_u1wyrVg8e-Kmwxyfb2WoiwwZ2VR7QAnot_CrcySq56Rui-jZM9090K9_dW6HmpAKhOjYXLCJ7g4U74G4z6SRM_YRj-GLp3EaBxay798DZIeAtv_N7Z9CHI_0VTYiqNXVm2z1bF5VtFasnv3JDaWb4yIjBd8vMfNUM4Y4nXXIeMIyXdVK2hlzVO8VxBkXca7UzhCq51WDKlSYPWUy9ieZTdwNf5Q49DwdF9woTnuKPY26TxVlEHMcf8JJiXLUR2bbdG-Qv1fqbwQloSjintj5uXWLsZd84bMpNedRNJBV22T0PgKNeip6oalvdYbaiHiyDATsKlA6-8KJ-CUQTQIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIFDgVDyoprfs4YD657s0H5g4FN_M9en9V6EwGUuLn_wfABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA1FEYykHcK8H9rb_u0aFz3CmWgYloQw4YhedoEOAjJ0vy2Axa4f9UG9Dzs4uXS34_h8l6MDo2nRCvLI9lvebilMnTjCn-6D77bewqYxJKUFZW1z2jBIdu03TrETczfEg7kxgKtJE9NXGDjYJcF_iMgzgNA0PEAVM89tUYXXlFy4cUAGlqU2mPpIEOxm5ARsXC-zlLK60fkJ4cOsZRkZa6EExdhmgdwQ0fEJuSOHrBO_-zJn4hUP8q9g4yqkxW2UrfJgD07F4HaHGBEiei06sGDvH2NEPvswEl5dTGxutNrxlU7W24iYhNa2nhjlc53nNb0mKtszv-czVE9UhXyJ7-RQIDAQAB", max-age=20
server: cloudflare
cf-ray: 8766f21bac76b4fd-OSL
alt-svc: h3=":443"; ma=86400

defendguard.top/cdn-cgi/challenge-platform/h/g/rc/8766f2125a7ab4fd

172.67.134.71

21 B

URL
defendguard.top/cdn-cgi/challenge-platform/h/g/rc/8766f2125a7ab4fd
IP
172.67.134.71:0
ASN
#13335 CLOUDFLARENET

File type
JSON text data
Size
21 B (21 bytes)
Hash
018598ff9794435b440d1bbf293cc10f
9129b0ca1a4febdf97636946a1fe7be8abf11890
898a24300baa285e173627eb7801c18db52748bb2119f56a71dcce0a5f8c8063

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/rc/8766f2125a7ab4fd HTTP/1.1
Host: defendguard.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://defendguard.top/_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net
Content-Type: application/json
Content-Length: 596
Origin: https://defendguard.top
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=nJ1awGHv7bQCryJ80MiPapP.OufYvb.0cE.z2RUK1r4-1713467328-1.0.1.1-ez.FDrYWYzkiBBlPTWJVUzdZas_O1O6MN_DdEKylzjvs8onYGGcQ6gNOpka1L0Q3P3ZmuA8DFa3c5.5mkU7Pww
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:08:50 GMT
content-type: application/json
content-length: 21
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
set-cookie: cf_clearance=9EuSX1G9SsN1_RgHYEQi45yzZfNoRdTTu8IijlsQyNc-1713467330-1.0.1.1-KcIxSHFiXKQvPjGylH7SbaUM0VsBcgPQmnG3GBTuLJZCzWJEQu0tMJvGOFMwzmC7KDu6Cugn5UpAKcMrNusnzQ; path=/; expires=Fri, 18-Apr-25 19:08:50 GMT; domain=.defendguard.top; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eRScr0ELZdOaNkcezIi7FX6dt1cTbeXub%2BZh%2BaNgPtjKMhcRZz0avphDzyXd9DtnyM6KlAAgZZ6ZhAsUYd9oDb21378mI0OwdUKUPHbITEynZ4BVPDCRLYco9XbSuXm%2BNjE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8766f21d091356bb-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/api.js

104.17.3.184

302 Found

0 B

URL GET HTTP/3
challenges.cloudflare.com/turnstile/v0/api.js
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://defendguard.top/_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://defendguard.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Thu, 18 Apr 2024 19:08:50 GMT
content-length: 0
location: /turnstile/v0/g/54ea73d52131/api.js
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=300, public
vary: Accept-Encoding
server: cloudflare
cf-ray: 8766f21fc9c0b4fd-OSL
alt-svc: h3=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js

216.58.207.202

200 OK

31 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js
IP
216.58.207.202:443
ASN
#15169 GOOGLE

Requested by
https://defendguard.top/_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (31191 bytes)
Hash
cf2fbbf84281d9ecbffb4993203d543b
832a6a4e86daf38b1975d705c5de5d9e5f5844bc
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

HTTP Headers

GET /ajax/libs/jquery/3.6.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://defendguard.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 05:54:13 GMT
expires: Wed, 16 Apr 2025 05:54:13 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 220477
last-modified: Wed, 11 Jan 2023 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

challenges.cloudflare.com/turnstile/v0/g/54ea73d52131/api.js

104.17.3.184

200 OK

15 kB

URL GET HTTP/3
challenges.cloudflare.com/turnstile/v0/g/54ea73d52131/api.js
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://defendguard.top/_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (42414)
Size
15 kB (14564 bytes)
Hash
374fec8b5e50cd6ab980f3fef21a5aa0
7f474607991a19b6f1b78cc32e0f75b501b60774
8af2da74872f03e058ab79a584176d2086afc01bbd42dd2ed14259179341be6a

HTTP Headers

GET /turnstile/v0/g/54ea73d52131/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://defendguard.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:08:50 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 8766f21fe9e6b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1411691271:1713464892:Hm9eccjjm_V2dNFd4Gd8vfWnFaWbDT4g7ienn_UBTw4/8766f2204a50b4fd/79bc1d76341973c

104.17.3.184

87 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1411691271:1713464892:Hm9eccjjm_V2dNFd4Gd8vfWnFaWbDT4g7ienn_UBTw4/8766f2204a50b4fd/79bc1d76341973c
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
87 kB (86934 bytes)
Hash
bd5bcd74526847819b0539c89067c5bb
ec7719a2467c97c622e52895395b9192cca832e2
7193bb7c2a6b1f4dbaa4c61d81e4aa52e98f42a5a09b677f1153db170a329c36

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1411691271:1713464892:Hm9eccjjm_V2dNFd4Gd8vfWnFaWbDT4g7ienn_UBTw4/8766f2204a50b4fd/79bc1d76341973c HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/p7fh3/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 79bc1d76341973c
Content-Length: 2662
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:08:51 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: Q76c+AmyoROhJNc9qKHPulubftph/pu4ajdbujflkZBny+lzyYC3lrTlb35EWSA7OUez0aVpPEWyyyqygE6oboZue5GlS2wB87hNawRf/vswlGhWqA5T61Evi1SgYpq2ZfIg0AQgib13UR43rWpkIw6MkPeOoQM5ISooB/+DAC5jztcU2k29/zkfHVBfuxpvbx5KvWeGG9jTjOsPxFTUnjeYjLvUzumEVy5Slx44oROb7FfYwFRjAhurU2WNF0AD5gkZ0iBk++2NOq1t2btn9devam2Zx0Sqi/UQKhJT9gpsFQcDOSmz1aNjaAuAFAnPp/3mfU15DNtmS1kbIwA35FZp4WaAycS2Et0OBIqRkAOXb5HpuMhKmsnPdSCIzH0K$ubZtkJPJZRS3XaGr2nEjpA==
vary: accept-encoding
server: cloudflare
cf-ray: 8766f222bd08b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/8766f2204a50b4fd/1713467331010/6ce3199f9e3dae1f2f72a03448d4a07a0100d6e06ba6ef98dc7a0692f96484be/iYFjxFMHZrP3ThY

104.17.3.184

1 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/8766f2204a50b4fd/1713467331010/6ce3199f9e3dae1f2f72a03448d4a07a0100d6e06ba6ef98dc7a0692f96484be/iYFjxFMHZrP3ThY
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/pat/8766f2204a50b4fd/1713467331010/6ce3199f9e3dae1f2f72a03448d4a07a0100d6e06ba6ef98dc7a0692f96484be/iYFjxFMHZrP3ThY HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/p7fh3/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 401 Unauthorized
date: Thu, 18 Apr 2024 19:08:51 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gbOMZn549rh8vcqA0SNSgegEA1uBrpu-Y3HoGkvlkhL4AGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEArny_u1wyrVg8e-Kmwxyfb2WoiwwZ2VR7QAnot_CrcySq56Rui-jZM9090K9_dW6HmpAKhOjYXLCJ7g4U74G4z6SRM_YRj-GLp3EaBxay798DZIeAtv_N7Z9CHI_0VTYiqNXVm2z1bF5VtFasnv3JDaWb4yIjBd8vMfNUM4Y4nXXIeMIyXdVK2hlzVO8VxBkXca7UzhCq51WDKlSYPWUy9ieZTdwNf5Q49DwdF9woTnuKPY26TxVlEHMcf8JJiXLUR2bbdG-Qv1fqbwQloSjintj5uXWLsZd84bMpNedRNJBV22T0PgKNeip6oalvdYbaiHiyDATsKlA6-8KJ-CUQTQIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIGzjGZ-ePa4fL3KgNEjUoHoBANbga6bvmNx6BpL5ZIS-ABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA1FEYykHcK8H9rb_u0aFz3CmWgYloQw4YhedoEOAjJ0vy2Axa4f9UG9Dzs4uXS34_h8l6MDo2nRCvLI9lvebilMnTjCn-6D77bewqYxJKUFZW1z2jBIdu03TrETczfEg7kxgKtJE9NXGDjYJcF_iMgzgNA0PEAVM89tUYXXlFy4cUAGlqU2mPpIEOxm5ARsXC-zlLK60fkJ4cOsZRkZa6EExdhmgdwQ0fEJuSOHrBO_-zJn4hUP8q9g4yqkxW2UrfJgD07F4HaHGBEiei06sGDvH2NEPvswEl5dTGxutNrxlU7W24iYhNa2nhjlc53nNb0mKtszv-czVE9UhXyJ7-RQIDAQAB", max-age=20
server: cloudflare
cf-ray: 8766f225d8ecb4fd-OSL
alt-svc: h3=":443"; ma=86400

defendguard.top/cdn-cgi/challenge-platform/h/g/rc/8766f2204a50b4fd

172.67.134.71

21 B

URL
defendguard.top/cdn-cgi/challenge-platform/h/g/rc/8766f2204a50b4fd
IP
172.67.134.71:0
ASN
#13335 CLOUDFLARENET

File type
JSON text data
Size
21 B (21 bytes)
Hash
018598ff9794435b440d1bbf293cc10f
9129b0ca1a4febdf97636946a1fe7be8abf11890
898a24300baa285e173627eb7801c18db52748bb2119f56a71dcce0a5f8c8063

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/rc/8766f2204a50b4fd HTTP/1.1
Host: defendguard.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://defendguard.top/_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net
Content-Type: application/json
Content-Length: 596
Origin: https://defendguard.top
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=9EuSX1G9SsN1_RgHYEQi45yzZfNoRdTTu8IijlsQyNc-1713467330-1.0.1.1-KcIxSHFiXKQvPjGylH7SbaUM0VsBcgPQmnG3GBTuLJZCzWJEQu0tMJvGOFMwzmC7KDu6Cugn5UpAKcMrNusnzQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:08:52 GMT
content-type: application/json
content-length: 21
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
set-cookie: cf_clearance=aV0uj0rlhlySk7PjKAWzFYp9lzjtM5MDKs55FVgwl1A-1713467332-1.0.1.1-c487FScyZRDxpTIiuMYqoYs6DA0WU.7pwe2vEcIprNmF9hKw5xB8q5z4.S12X1GyTwSXvhj95NtDbVV2j2WLFQ; path=/; expires=Fri, 18-Apr-25 19:08:52 GMT; domain=.defendguard.top; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2uA1%2F3ZjuiYyKq5X64UEQd6MvlHl9236nhLRzP18Xu3Xdt5V4EkiZIMh11O6Awz64ACKSzWD2iwiejm0RLNdLZFL%2BtpfkNi2Wuk4yHr%2BW1nk3wiep2EmBHcADPzF9mYB%2FRA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8766f22bca8456bb-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/p7fh3/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal

104.17.3.184

26 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/p7fh3/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (41702)
Size
26 kB (25655 bytes)
Hash
26f578df7406dbcf2e52216119458bc9
b42fd5a2543557eea3e2c5d52dc9aec8a0213524
471f40621fef793f20f1efa57e32639a367a692bef107462a1164ffb54a3112b

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/p7fh3/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://defendguard.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:08:50 GMT
content-type: text/html; charset=UTF-8
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
document-policy: js-profiling
origin-agent-cluster: ?1
referrer-policy: same-origin
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
vary: accept-encoding
server: cloudflare
cf-ray: 8766f2204a50b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js

216.58.207.202

200 OK

31 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js
IP
216.58.207.202:443
ASN
#15169 GOOGLE

Requested by
https://defendguard.top/_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (31191 bytes)
Hash
cf2fbbf84281d9ecbffb4993203d543b
832a6a4e86daf38b1975d705c5de5d9e5f5844bc
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

HTTP Headers

GET /ajax/libs/jquery/3.6.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://defendguard.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 05:54:13 GMT
expires: Wed, 16 Apr 2025 05:54:13 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 220479
last-modified: Wed, 11 Jan 2023 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D

104.17.3.184

200 OK

61 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/i483j/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/gji40/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:08:52 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 8766f22edc2fb4fd-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/8766f22e6ba1b4fd/1713467333238/22nYG3xLwjA60oi

104.17.3.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/8766f22e6ba1b4fd/1713467333238/22nYG3xLwjA60oi
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 81 x 72, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
a30a885a1a9a5111ba81567956206c19
2aef8887ade8e70f5b3a396f11ea14665a933348
9d3969dcba01225e16b5ecc1ba4025e6152e9de391aac0d3573594567e9aa247

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/i/8766f22e6ba1b4fd/1713467333238/22nYG3xLwjA60oi HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/gji40/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:08:54 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 8766f2366caeb4fd-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/8766f22e6ba1b4fd/1713467333238/f0a7a98157dc053994e32c49998290f6514b3b5f41d02e359de2520861aeeea6/2jKmJhdtXW42eGH

104.17.3.184

1 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/8766f22e6ba1b4fd/1713467333238/f0a7a98157dc053994e32c49998290f6514b3b5f41d02e359de2520861aeeea6/2jKmJhdtXW42eGH
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/pat/8766f22e6ba1b4fd/1713467333238/f0a7a98157dc053994e32c49998290f6514b3b5f41d02e359de2520861aeeea6/2jKmJhdtXW42eGH HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/gji40/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 401 Unauthorized
date: Thu, 18 Apr 2024 19:08:54 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20g8KepgVfcBTmU4yxJmYKQ9lFLO19B0C41neJSCGGu7qYAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEArny_u1wyrVg8e-Kmwxyfb2WoiwwZ2VR7QAnot_CrcySq56Rui-jZM9090K9_dW6HmpAKhOjYXLCJ7g4U74G4z6SRM_YRj-GLp3EaBxay798DZIeAtv_N7Z9CHI_0VTYiqNXVm2z1bF5VtFasnv3JDaWb4yIjBd8vMfNUM4Y4nXXIeMIyXdVK2hlzVO8VxBkXca7UzhCq51WDKlSYPWUy9ieZTdwNf5Q49DwdF9woTnuKPY26TxVlEHMcf8JJiXLUR2bbdG-Qv1fqbwQloSjintj5uXWLsZd84bMpNedRNJBV22T0PgKNeip6oalvdYbaiHiyDATsKlA6-8KJ-CUQTQIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIPCnqYFX3AU5lOMsSZmCkPZRSztfQdAuNZ3iUghhru6mABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA1FEYykHcK8H9rb_u0aFz3CmWgYloQw4YhedoEOAjJ0vy2Axa4f9UG9Dzs4uXS34_h8l6MDo2nRCvLI9lvebilMnTjCn-6D77bewqYxJKUFZW1z2jBIdu03TrETczfEg7kxgKtJE9NXGDjYJcF_iMgzgNA0PEAVM89tUYXXlFy4cUAGlqU2mPpIEOxm5ARsXC-zlLK60fkJ4cOsZRkZa6EExdhmgdwQ0fEJuSOHrBO_-zJn4hUP8q9g4yqkxW2UrfJgD07F4HaHGBEiei06sGDvH2NEPvswEl5dTGxutNrxlU7W24iYhNa2nhjlc53nNb0mKtszv-czVE9UhXyJ7-RQIDAQAB", max-age=20
server: cloudflare
cf-ray: 8766f2368cceb4fd-OSL
alt-svc: h3=":443"; ma=86400

defendguard.top/cdn-cgi/challenge-platform/h/g/rc/8766f22e6ba1b4fd

172.67.134.71

21 B

URL
defendguard.top/cdn-cgi/challenge-platform/h/g/rc/8766f22e6ba1b4fd
IP
172.67.134.71:0
ASN
#13335 CLOUDFLARENET

File type
JSON text data
Size
21 B (21 bytes)
Hash
018598ff9794435b440d1bbf293cc10f
9129b0ca1a4febdf97636946a1fe7be8abf11890
898a24300baa285e173627eb7801c18db52748bb2119f56a71dcce0a5f8c8063

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/rc/8766f22e6ba1b4fd HTTP/1.1
Host: defendguard.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://defendguard.top/_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net
Content-Type: application/json
Content-Length: 596
Origin: https://defendguard.top
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=aV0uj0rlhlySk7PjKAWzFYp9lzjtM5MDKs55FVgwl1A-1713467332-1.0.1.1-c487FScyZRDxpTIiuMYqoYs6DA0WU.7pwe2vEcIprNmF9hKw5xB8q5z4.S12X1GyTwSXvhj95NtDbVV2j2WLFQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:08:54 GMT
content-type: application/json
content-length: 21
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
set-cookie: cf_clearance=t1bj1A7Ew76g5HxGkcCOqC_AAjr1cZ8pFl48CMpP99Q-1713467334-1.0.1.1-2n..DQEjGEakj8NTGB39ImbGHaWexK.bmyiu1vIt7f7NHbEmVOBARHWabzPkuvaiNHF8rlyEs.w7rPEH.TG8Ug; path=/; expires=Fri, 18-Apr-25 19:08:54 GMT; domain=.defendguard.top; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OaoIrkPM8xMH0DB0ESWysZx2SR5DG9xvBpOJBNcryA6pz68LkohVWyO0vhOtrBe%2BhrIWbi7DqICkeAnrQC2kmIgivdhVa0JsfxDqVkALNVbPtE8cbQjYFoSKiubVYu6%2FExg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8766f238290d56bb-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/api.js

104.17.3.184

302 Found

0 B

URL GET HTTP/3
challenges.cloudflare.com/turnstile/v0/api.js
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://defendguard.top/_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://defendguard.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Thu, 18 Apr 2024 19:08:54 GMT
content-length: 0
access-control-allow-origin: *
location: /turnstile/v0/g/54ea73d52131/api.js
cross-origin-resource-policy: cross-origin
cache-control: max-age=300, public
vary: Accept-Encoding
server: cloudflare
cf-ray: 8766f239f8a3b4fd-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8766f22e6ba1b4fd

104.17.3.184

210 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8766f22e6ba1b4fd
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
210 kB (210006 bytes)
Hash
4e4e7ee29995dc4460813c4ec363cec2
cc5fc870ceb5f3f28578e885f75ffa258e185f9d
ca7f6353a16da0aaa80f692780c965b39fe828ab5b4f7910250f884663b7748c

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8766f22e6ba1b4fd HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/gji40/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:08:52 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
server: cloudflare
cf-ray: 8766f22eec32b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D

104.17.3.184

200 OK

61 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/i483j/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/tto25/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:08:54 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 8766f23ae97bb4fd-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/8766f23a6905b4fd/1713467335157/45a0531ffaec1936861c7f42a4f854bf85ee378ebb7fa127dbf0023bacba8ab5/VhzDJikGObeQcNj

104.17.3.184

1 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/8766f23a6905b4fd/1713467335157/45a0531ffaec1936861c7f42a4f854bf85ee378ebb7fa127dbf0023bacba8ab5/VhzDJikGObeQcNj
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/pat/8766f23a6905b4fd/1713467335157/45a0531ffaec1936861c7f42a4f854bf85ee378ebb7fa127dbf0023bacba8ab5/VhzDJikGObeQcNj HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/tto25/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 401 Unauthorized
date: Thu, 18 Apr 2024 19:08:55 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gRaBTH_rsGTaGHH9CpPhUv4XuN467f6En2_ACO6y6irUAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEArny_u1wyrVg8e-Kmwxyfb2WoiwwZ2VR7QAnot_CrcySq56Rui-jZM9090K9_dW6HmpAKhOjYXLCJ7g4U74G4z6SRM_YRj-GLp3EaBxay798DZIeAtv_N7Z9CHI_0VTYiqNXVm2z1bF5VtFasnv3JDaWb4yIjBd8vMfNUM4Y4nXXIeMIyXdVK2hlzVO8VxBkXca7UzhCq51WDKlSYPWUy9ieZTdwNf5Q49DwdF9woTnuKPY26TxVlEHMcf8JJiXLUR2bbdG-Qv1fqbwQloSjintj5uXWLsZd84bMpNedRNJBV22T0PgKNeip6oalvdYbaiHiyDATsKlA6-8KJ-CUQTQIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIEWgUx_67Bk2hhx_QqT4VL-F7jeOu3-hJ9vwAjusuoq1ABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA1FEYykHcK8H9rb_u0aFz3CmWgYloQw4YhedoEOAjJ0vy2Axa4f9UG9Dzs4uXS34_h8l6MDo2nRCvLI9lvebilMnTjCn-6D77bewqYxJKUFZW1z2jBIdu03TrETczfEg7kxgKtJE9NXGDjYJcF_iMgzgNA0PEAVM89tUYXXlFy4cUAGlqU2mPpIEOxm5ARsXC-zlLK60fkJ4cOsZRkZa6EExdhmgdwQ0fEJuSOHrBO_-zJn4hUP8q9g4yqkxW2UrfJgD07F4HaHGBEiei06sGDvH2NEPvswEl5dTGxutNrxlU7W24iYhNa2nhjlc53nNb0mKtszv-czVE9UhXyJ7-RQIDAQAB", max-age=20
server: cloudflare
cf-ray: 8766f23f9811b4fd-OSL
alt-svc: h3=":443"; ma=86400

defendguard.top/_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net

172.67.134.71

200 OK

460 B

URL User Request GET HTTP/3
defendguard.top/_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net
IP
172.67.134.71:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectdefendguard.top
Fingerprint25:89:7B:25:31:3A:90:C2:0C:5A:C7:9E:1A:98:E5:78:20:61:81:88
ValidityTue, 19 Mar 2024 14:49:37 GMT - Mon, 17 Jun 2024 14:49:36 GMT

File type
HTML document, ASCII text, with very long lines (745), with no line terminators
Size
460 B (460 bytes)
Hash
0317d9eb677b5498c5b2fa0da5e324e0
ab7e86fafdfffbdd306d68f0a4dd5de485fdea17
72ce25c371b475e34ca8fda85d8ba3de7bb53b92c5378f6c7d091e59861763e4

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net HTTP/1.1
Host: defendguard.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=aV0uj0rlhlySk7PjKAWzFYp9lzjtM5MDKs55FVgwl1A-1713467332-1.0.1.1-c487FScyZRDxpTIiuMYqoYs6DA0WU.7pwe2vEcIprNmF9hKw5xB8q5z4.S12X1GyTwSXvhj95NtDbVV2j2WLFQ
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:08:52 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.30
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cVdpFTeGR3eb%2Fd9QYXSwwVFJrq%2Bi1I%2BUHVHy441acWhN2z7MkoANQRSlbE%2FKtg%2BHXsJL4xXg8OeqSHIICWEVW6jkgQpmeCiWPB%2Fpnuk5VjTly5hzCmf2eN7t9vUfmQds9WU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8766f22cdbd656bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

defendguard.top/cdn-cgi/challenge-platform/h/g/rc/8766f23a6905b4fd

172.67.134.71

21 B

URL
defendguard.top/cdn-cgi/challenge-platform/h/g/rc/8766f23a6905b4fd
IP
172.67.134.71:0
ASN
#13335 CLOUDFLARENET

File type
JSON text data
Size
21 B (21 bytes)
Hash
018598ff9794435b440d1bbf293cc10f
9129b0ca1a4febdf97636946a1fe7be8abf11890
898a24300baa285e173627eb7801c18db52748bb2119f56a71dcce0a5f8c8063

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/rc/8766f23a6905b4fd HTTP/1.1
Host: defendguard.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://defendguard.top/_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net
Content-Type: application/json
Content-Length: 596
Origin: https://defendguard.top
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=t1bj1A7Ew76g5HxGkcCOqC_AAjr1cZ8pFl48CMpP99Q-1713467334-1.0.1.1-2n..DQEjGEakj8NTGB39ImbGHaWexK.bmyiu1vIt7f7NHbEmVOBARHWabzPkuvaiNHF8rlyEs.w7rPEH.TG8Ug
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:08:56 GMT
content-type: application/json
content-length: 21
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
set-cookie: cf_clearance=atpGTK0X0L4pc3y6rDufnjbYwRBbDvySqm46foIhKaU-1713467336-1.0.1.1-YuhwCaFLiAYrTJ2mRIre.b8bz_Uge0Ib49PVpYwv.Th4gpOemrPy7cZat4VSJhNDSZi_F6l21AuTIM5JLUCMUQ; path=/; expires=Fri, 18-Apr-25 19:08:56 GMT; domain=.defendguard.top; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VSwfV3x0%2BmSAUlKDPMBFYCilwaABtnb%2B1R%2B9ZcGbCShYSF9n2UmfAEYTaTqQXG%2Fmiuz6N5x0u0Opj8FfHwP4KJ9TLwoZs7Hy%2BiZHQZl0SihW1BErhmJHbfWBKrmSe2C9Zbc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8766f244beb056bb-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/api.js

104.17.3.184

302 Found

0 B

URL GET HTTP/3
challenges.cloudflare.com/turnstile/v0/api.js
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://defendguard.top/_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://defendguard.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Thu, 18 Apr 2024 19:08:56 GMT
content-length: 0
location: /turnstile/v0/g/54ea73d52131/api.js
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=300, public
vary: Accept-Encoding
server: cloudflare
cf-ray: 8766f246e899b4fd-OSL
alt-svc: h3=":443"; ma=86400

defendguard.top/_mysterio_omni/functions/validate.php

172.67.134.71

31 kB

URL
defendguard.top/_mysterio_omni/functions/validate.php
IP
172.67.134.71:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
31 kB (31192 bytes)
Hash
cd7bc652307ad520366f441f280c3841
6793c65d772047d2f94cae30b74e5e99266731a4
76fac969d2b0e07d21bf7f1c395d0a855abbf6559edb1cc13415db1811ec6187

HTTP Headers

POST /_mysterio_omni/functions/validate.php HTTP/1.1
Host: defendguard.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 560
Origin: https://defendguard.top
DNT: 1
Connection: keep-alive
Referer: https://defendguard.top/_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net
Cookie: cf_clearance=atpGTK0X0L4pc3y6rDufnjbYwRBbDvySqm46foIhKaU-1713467336-1.0.1.1-YuhwCaFLiAYrTJ2mRIre.b8bz_Uge0Ib49PVpYwv.Th4gpOemrPy7cZat4VSJhNDSZi_F6l21AuTIM5JLUCMUQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:08:56 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.30
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=slfCbrf2vy%2BycbXNsB6QhuN451r6xB38DZvPUTdOjPyDPrZSPpv%2F7A9SH0B9shlSweD08FdxKPyb4oFFlr79ICZUiDhrmiJdd4C%2FSYBFgawZDfp9hv%2BQyRbkdFQ4%2BpbEJ0c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8766f2452f0d56bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/g/54ea73d52131/api.js

104.17.3.184

200 OK

23 kB

URL GET HTTP/3
challenges.cloudflare.com/turnstile/v0/g/54ea73d52131/api.js
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://defendguard.top/_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (42414)
Size
23 kB (23306 bytes)
Hash
374fec8b5e50cd6ab980f3fef21a5aa0
7f474607991a19b6f1b78cc32e0f75b501b60774
8af2da74872f03e058ab79a584176d2086afc01bbd42dd2ed14259179341be6a

HTTP Headers

GET /turnstile/v0/g/54ea73d52131/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://defendguard.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:08:56 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 8766f24708bab4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D

104.17.3.184

200 OK

61 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/i483j/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/sb6ib/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:08:56 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 8766f247d986b4fd-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/8766f2476916b4fd/1713467337221/EH70QNJj__mu5GL

104.17.3.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/8766f2476916b4fd/1713467337221/EH70QNJj__mu5GL
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 12 x 91, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
4bf8e4b310d5a13ae1fdc82f4846aa21
bb76b86cce6dc6370f959c8c66ceb15e04a4fc4e
f7ee60943440b79ed8a6ba154b11c40d58f11945618e2d9d5265f442dc94717e

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/i/8766f2476916b4fd/1713467337221/EH70QNJj__mu5GL HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/sb6ib/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:08:58 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 8766f24e79dfb4fd-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/8766f2476916b4fd/1713467337222/8b529890bfc366cef064792d6c2dfef2b0768c8bdbb605d912768431cc3fdbc2/6jzu1jq8kA7PIsO

104.17.3.184

1 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/8766f2476916b4fd/1713467337222/8b529890bfc366cef064792d6c2dfef2b0768c8bdbb605d912768431cc3fdbc2/6jzu1jq8kA7PIsO
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/pat/8766f2476916b4fd/1713467337222/8b529890bfc366cef064792d6c2dfef2b0768c8bdbb605d912768431cc3fdbc2/6jzu1jq8kA7PIsO HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/sb6ib/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 401 Unauthorized
date: Thu, 18 Apr 2024 19:08:58 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gi1KYkL_DZs7wZHktbC3-8rB2jIvbtgXZEnaEMcw_28IAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEArny_u1wyrVg8e-Kmwxyfb2WoiwwZ2VR7QAnot_CrcySq56Rui-jZM9090K9_dW6HmpAKhOjYXLCJ7g4U74G4z6SRM_YRj-GLp3EaBxay798DZIeAtv_N7Z9CHI_0VTYiqNXVm2z1bF5VtFasnv3JDaWb4yIjBd8vMfNUM4Y4nXXIeMIyXdVK2hlzVO8VxBkXca7UzhCq51WDKlSYPWUy9ieZTdwNf5Q49DwdF9woTnuKPY26TxVlEHMcf8JJiXLUR2bbdG-Qv1fqbwQloSjintj5uXWLsZd84bMpNedRNJBV22T0PgKNeip6oalvdYbaiHiyDATsKlA6-8KJ-CUQTQIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIItSmJC_w2bO8GR5LWwt_vKwdoyL27YF2RJ2hDHMP9vCABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA1FEYykHcK8H9rb_u0aFz3CmWgYloQw4YhedoEOAjJ0vy2Axa4f9UG9Dzs4uXS34_h8l6MDo2nRCvLI9lvebilMnTjCn-6D77bewqYxJKUFZW1z2jBIdu03TrETczfEg7kxgKtJE9NXGDjYJcF_iMgzgNA0PEAVM89tUYXXlFy4cUAGlqU2mPpIEOxm5ARsXC-zlLK60fkJ4cOsZRkZa6EExdhmgdwQ0fEJuSOHrBO_-zJn4hUP8q9g4yqkxW2UrfJgD07F4HaHGBEiei06sGDvH2NEPvswEl5dTGxutNrxlU7W24iYhNa2nhjlc53nNb0mKtszv-czVE9UhXyJ7-RQIDAQAB", max-age=20
server: cloudflare
cf-ray: 8766f2524ef0b4fd-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/808888227:1713464996:PNZOclW0exx9Xv2lb7gDzaagWkAsI1oSmAxm1aoLFYA/8766f2476916b4fd/4fedef71517cee3

104.17.3.184

108 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/808888227:1713464996:PNZOclW0exx9Xv2lb7gDzaagWkAsI1oSmAxm1aoLFYA/8766f2476916b4fd/4fedef71517cee3
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
108 kB (107834 bytes)
Hash
0167c829533956e61ffdfee7aa632a97
8a912dcbdd033dbc960f8da49f772d871eecdd1f
ac724891e053860f43624c63937e26dca6b9570547adad3db9e5891aba04b5ff

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/808888227:1713464996:PNZOclW0exx9Xv2lb7gDzaagWkAsI1oSmAxm1aoLFYA/8766f2476916b4fd/4fedef71517cee3 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/sb6ib/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 4fedef71517cee3
Content-Length: 2675
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:08:57 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: oF4tUJz0u5ngz3sY+4rmaLW39PplTXJ4g850dRJSO5yDnt90Jubp8ozF1NBi195KzeITcXDyQFYTQoqXPXetDkSl2l/9jRhxpJNLn2i9vcVEtqfiFVAVGzTPxNCR8kXi/ebNTDooH9HV3yyGVRnfIcQOoBTFqT1vc7K62NHfYlCZG5PLnvI5iMWQZ84474RqnEgbdl26CTDbQT8FJQfiVrnN3ihaSI+ZIZbVQpPtJoHilAY5SC1Egqy25dsOYPxcM0a73UFe76lvNmfuuotFhaB9jM7/CyIznVqOLnH0pRVYGxvi93+j57RSa1H4GWKek4tZL2gV2R8pR0WCIyXS8igyyhQgqaJB/5eqc13oFGqrqa1iLtFxtUY2H9N2bdkDjuCwwuJfgWAoKAwbzQ/VQg==$lWd5NOEQ4ZSSfHMJcIfBgw==
vary: accept-encoding
server: cloudflare
cf-ray: 8766f2498baab4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1411691271:1713464892:Hm9eccjjm_V2dNFd4Gd8vfWnFaWbDT4g7ienn_UBTw4/8766f2204a50b4fd/79bc1d76341973c

104.17.3.184

8.9 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1411691271:1713464892:Hm9eccjjm_V2dNFd4Gd8vfWnFaWbDT4g7ienn_UBTw4/8766f2204a50b4fd/79bc1d76341973c
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (4412), with no line terminators
Size
8.9 kB (8933 bytes)
Hash
076c1f6077e86e69b41ad259724b652e
f43bc7fa6c6eb869dadc8736d3af4733a12ca8ab
5f54a004b1b88fe79b45fa0373b23635cca84f9b2d16fb3e128f3cff3caf3bda

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1411691271:1713464892:Hm9eccjjm_V2dNFd4Gd8vfWnFaWbDT4g7ienn_UBTw4/8766f2204a50b4fd/79bc1d76341973c HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/p7fh3/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 79bc1d76341973c
Content-Length: 25412
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:08:52 GMT
content-type: text/html; charset=UTF-8
cf-chl-out: okao6oyfaYJdBH8Z5kEIQTU8LyYagUak3Jxcck5cSzSe3fKS5gmpHc19ds14fEtWNnv0N1/FdWetpND8CiXSTjmKotNJPHgzGeBWI9pAW58TnXztkDJLpQRpe4NtWy9E$M4lwiFl0SYsXkc66RAjZrA==
cf-chl-out-s: 41OHBGpSMdisnVWmD5hAkAn4s+nKE4uH8YwNArDR9hM7TDwbddrubRrwTA6H12kb5/3mv2RaZIitYeGEivxYQPjgow9nQRE6i2+lNWfvXSi7SmXoLLGgOuy/MFHNEwQwHeatSb7XJqKjaVdWs5vmdGZ5/fmTCimJWBgCbkQPC/Kbp+mBwqvEGqgviNjXtAav$AB3xv4eN+vQAF9Doe1/ZMg==
vary: accept-encoding
server: cloudflare
cf-ray: 8766f22b5fb6b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/api.js

104.17.3.184

302 Found

0 B

URL GET HTTP/3
challenges.cloudflare.com/turnstile/v0/api.js
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://defendguard.top/_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://defendguard.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Thu, 18 Apr 2024 19:08:59 GMT
content-length: 0
location: /turnstile/v0/g/54ea73d52131/api.js
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=300, public
vary: Accept-Encoding
server: cloudflare
cf-ray: 8766f255fbfeb4fd-OSL
alt-svc: h3=":443"; ma=86400

defendguard.top/_mysterio_omni/functions/validate.php

172.67.134.71

31 kB

URL
defendguard.top/_mysterio_omni/functions/validate.php
IP
172.67.134.71:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
31 kB (31192 bytes)
Hash
cd7bc652307ad520366f441f280c3841
6793c65d772047d2f94cae30b74e5e99266731a4
76fac969d2b0e07d21bf7f1c395d0a855abbf6559edb1cc13415db1811ec6187

HTTP Headers

POST /_mysterio_omni/functions/validate.php HTTP/1.1
Host: defendguard.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 560
Origin: https://defendguard.top
DNT: 1
Connection: keep-alive
Referer: https://defendguard.top/_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net
Cookie: cf_clearance=adL6XgUpCztiUxBhJKygzHQ3XouPgz9opY1ADfTkrKo-1713467338-1.0.1.1-TbeXVtSACBUDa5jUuvr1VumNAO1m0qzEuQUg.cmyTj.Hu6H9N2Rpt4Ajaqw.e7kjxFF18FqTK0mj0UlYhIrF.w
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:08:59 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.30
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cQ6V4VV3rHWabAzL0K86yA1wfynejX7P6KM07DAq7V37GHJAgorA2ID%2FRcWvwZPYg2g3EAjiSjiv%2FUAMTzuHNHZ%2BU5oB8GVcdOkiqP40YAf8aXSyv2Uh7G9WGlQJ2dYOaGc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8766f254380a56bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/h1mpq/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal

104.17.3.184

26 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/h1mpq/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (41702)
Size
26 kB (25676 bytes)
Hash
8a60f6c93fc09b166dc9fc6a3625792e
caf84374f1f03fc36885e7bd74bb505780b8c0f9
48e7b5e926531004627abd2f3a2e663c875b3c19c42aa051f066cc4011cdeca6

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/h1mpq/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://defendguard.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:08:59 GMT
content-type: text/html; charset=UTF-8
referrer-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
document-policy: js-profiling
origin-agent-cluster: ?1
vary: accept-encoding
server: cloudflare
cf-ray: 8766f2566c5ab4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/g/54ea73d52131/api.js

104.17.3.184

200 OK

23 kB

URL GET HTTP/3
challenges.cloudflare.com/turnstile/v0/g/54ea73d52131/api.js
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://defendguard.top/_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (42414)
Size
23 kB (23404 bytes)
Hash
374fec8b5e50cd6ab980f3fef21a5aa0
7f474607991a19b6f1b78cc32e0f75b501b60774
8af2da74872f03e058ab79a584176d2086afc01bbd42dd2ed14259179341be6a

HTTP Headers

GET /turnstile/v0/g/54ea73d52131/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://defendguard.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:08:54 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 8766f23a18bcb4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/8766f2566c5ab4fd/1713467339613/f4de856f9720bc93806a19b212d38adc60b22ea6f10d97b1bcf46f9d3aad9c1e/bQcERFz-2Rqhz2W

104.17.3.184

1 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/8766f2566c5ab4fd/1713467339613/f4de856f9720bc93806a19b212d38adc60b22ea6f10d97b1bcf46f9d3aad9c1e/bQcERFz-2Rqhz2W
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/pat/8766f2566c5ab4fd/1713467339613/f4de856f9720bc93806a19b212d38adc60b22ea6f10d97b1bcf46f9d3aad9c1e/bQcERFz-2Rqhz2W HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/h1mpq/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 401 Unauthorized
date: Thu, 18 Apr 2024 19:09:00 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20g9N6Fb5cgvJOAahmyEtOK3GCyLqbxDZexvPRvnTqtnB4AGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEArny_u1wyrVg8e-Kmwxyfb2WoiwwZ2VR7QAnot_CrcySq56Rui-jZM9090K9_dW6HmpAKhOjYXLCJ7g4U74G4z6SRM_YRj-GLp3EaBxay798DZIeAtv_N7Z9CHI_0VTYiqNXVm2z1bF5VtFasnv3JDaWb4yIjBd8vMfNUM4Y4nXXIeMIyXdVK2hlzVO8VxBkXca7UzhCq51WDKlSYPWUy9ieZTdwNf5Q49DwdF9woTnuKPY26TxVlEHMcf8JJiXLUR2bbdG-Qv1fqbwQloSjintj5uXWLsZd84bMpNedRNJBV22T0PgKNeip6oalvdYbaiHiyDATsKlA6-8KJ-CUQTQIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIPTehW-XILyTgGoZshLTitxgsi6m8Q2Xsbz0b506rZweABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA1FEYykHcK8H9rb_u0aFz3CmWgYloQw4YhedoEOAjJ0vy2Axa4f9UG9Dzs4uXS34_h8l6MDo2nRCvLI9lvebilMnTjCn-6D77bewqYxJKUFZW1z2jBIdu03TrETczfEg7kxgKtJE9NXGDjYJcF_iMgzgNA0PEAVM89tUYXXlFy4cUAGlqU2mPpIEOxm5ARsXC-zlLK60fkJ4cOsZRkZa6EExdhmgdwQ0fEJuSOHrBO_-zJn4hUP8q9g4yqkxW2UrfJgD07F4HaHGBEiei06sGDvH2NEPvswEl5dTGxutNrxlU7W24iYhNa2nhjlc53nNb0mKtszv-czVE9UhXyJ7-RQIDAQAB", max-age=20
server: cloudflare
cf-ray: 8766f25b6a8eb4fd-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/8766f2566c5ab4fd/1713467339614/HA8BIQvM1LYe_tq

104.17.3.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/8766f2566c5ab4fd/1713467339614/HA8BIQvM1LYe_tq
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 60 x 31, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
efc572301226b0b4d0d37c7d7865d321
639665bfa4fa3937569e5eb5535533431af7b093
f4a2655c9489c923aac6777aed9d370d086502d226118ea129d2f2b7573d4a74

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/i/8766f2566c5ab4fd/1713467339614/HA8BIQvM1LYe_tq HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/h1mpq/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:09:00 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 8766f25b8aa9b4fd-OSL
alt-svc: h3=":443"; ma=86400

defendguard.top/cdn-cgi/challenge-platform/h/g/rc/8766f2566c5ab4fd

172.67.134.71

21 B

URL
defendguard.top/cdn-cgi/challenge-platform/h/g/rc/8766f2566c5ab4fd
IP
172.67.134.71:0
ASN
#13335 CLOUDFLARENET

File type
JSON text data
Size
21 B (21 bytes)
Hash
018598ff9794435b440d1bbf293cc10f
9129b0ca1a4febdf97636946a1fe7be8abf11890
898a24300baa285e173627eb7801c18db52748bb2119f56a71dcce0a5f8c8063

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/rc/8766f2566c5ab4fd HTTP/1.1
Host: defendguard.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://defendguard.top/_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net
Content-Type: application/json
Content-Length: 596
Origin: https://defendguard.top
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=adL6XgUpCztiUxBhJKygzHQ3XouPgz9opY1ADfTkrKo-1713467338-1.0.1.1-TbeXVtSACBUDa5jUuvr1VumNAO1m0qzEuQUg.cmyTj.Hu6H9N2Rpt4Ajaqw.e7kjxFF18FqTK0mj0UlYhIrF.w
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:09:00 GMT
content-type: application/json
content-length: 21
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
set-cookie: cf_clearance=BDhaUunG7PsG2SzWYBXc9mGxiAgRqBhLuGC3r5PkJwo-1713467340-1.0.1.1-ETlPcmXIGTHbii1.ll9WOITET8.Jlk_XiQTIPqymKYeuK2YQnjyrBwjQQCmc7d_G7AGfO87qxrqh6SiFjhQZmA; path=/; expires=Fri, 18-Apr-25 19:09:00 GMT; domain=.defendguard.top; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pk8lC3Pf8G7sjYmNZU9TP%2BMTVzLXgWnCghqVS%2FTkFsDKZ8XUBubYpKZvlmrM5i8BPxctBrG1G9uyc3cWqXTLcd%2BpUd5vjh6c25ILQJLYwDcQ%2Fl8p5VgpazdEXcTSxs7%2F51k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8766f2608d9456bb-OSL
alt-svc: h3=":443"; ma=86400

defendguard.top/_mysterio_omni/functions/validate.php

172.67.134.71

31 kB

URL
defendguard.top/_mysterio_omni/functions/validate.php
IP
172.67.134.71:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
31 kB (31192 bytes)
Hash
cd7bc652307ad520366f441f280c3841
6793c65d772047d2f94cae30b74e5e99266731a4
76fac969d2b0e07d21bf7f1c395d0a855abbf6559edb1cc13415db1811ec6187

HTTP Headers

POST /_mysterio_omni/functions/validate.php HTTP/1.1
Host: defendguard.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 560
Origin: https://defendguard.top
DNT: 1
Connection: keep-alive
Referer: https://defendguard.top/_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net
Cookie: cf_clearance=BDhaUunG7PsG2SzWYBXc9mGxiAgRqBhLuGC3r5PkJwo-1713467340-1.0.1.1-ETlPcmXIGTHbii1.ll9WOITET8.Jlk_XiQTIPqymKYeuK2YQnjyrBwjQQCmc7d_G7AGfO87qxrqh6SiFjhQZmA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:09:01 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.30
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fQ7ltVi6R9dAbpcMsvZ1uBa6uR3pC6gGcf1%2FQ0yYYzQoSGnL7dt6mFfRsCF2Q2CV1Aqla2KEdWPLEaS3qu7FXixjhptxkl3r4NrxOyfkAw2wD5lVRDan8PZcbxfjSod0VEw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8766f260bdd156bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/api.js

104.17.3.184

302 Found

0 B

URL GET HTTP/3
challenges.cloudflare.com/turnstile/v0/api.js
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://defendguard.top/_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://defendguard.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Thu, 18 Apr 2024 19:09:01 GMT
content-length: 0
location: /turnstile/v0/g/54ea73d52131/api.js
cross-origin-resource-policy: cross-origin
cache-control: max-age=300, public
access-control-allow-origin: *
vary: Accept-Encoding
server: cloudflare
cf-ray: 8766f2628b89b4fd-OSL
alt-svc: h3=":443"; ma=86400

defendguard.top/_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net

172.67.134.71

200 OK

26 kB

URL User Request GET HTTP/3
defendguard.top/_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net
IP
172.67.134.71:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectdefendguard.top
Fingerprint25:89:7B:25:31:3A:90:C2:0C:5A:C7:9E:1A:98:E5:78:20:61:81:88
ValidityTue, 19 Mar 2024 14:49:37 GMT - Mon, 17 Jun 2024 14:49:36 GMT

File type
HTML document, ASCII text, with very long lines (745), with no line terminators
Size
26 kB (26122 bytes)
Hash
0317d9eb677b5498c5b2fa0da5e324e0
ab7e86fafdfffbdd306d68f0a4dd5de485fdea17
72ce25c371b475e34ca8fda85d8ba3de7bb53b92c5378f6c7d091e59861763e4

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net HTTP/1.1
Host: defendguard.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=atpGTK0X0L4pc3y6rDufnjbYwRBbDvySqm46foIhKaU-1713467336-1.0.1.1-YuhwCaFLiAYrTJ2mRIre.b8bz_Uge0Ib49PVpYwv.Th4gpOemrPy7cZat4VSJhNDSZi_F6l21AuTIM5JLUCMUQ
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:08:56 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.30
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NR%2FykxfwrOxaLx1nuCgLaKPuIKoBbVOV0FKDpn7oA6fievA9KjFZ8gKi1Ubvy66BlChkZbIH%2BmxSz%2BKA5rXtepi4jFkbRBw%2FTP%2BmdlWzyJPjFPok%2B%2Flo1N40HyFgSURer7I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8766f246084156bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/8766f2630c18b4fd/1713467341648/iG1koSVtgu9Vp-L

104.17.3.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/8766f2630c18b4fd/1713467341648/iG1koSVtgu9Vp-L
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 31 x 90, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
dcaa7ccec5daaaa064f467705ffd27be
beaf1736ffe697c2fb87a5f40522a41070cb9a24
0a2a1630539711987064d724144f4d9bef4cd0ac13eddf7edce7fe48e16eacd4

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/i/8766f2630c18b4fd/1713467341648/iG1koSVtgu9Vp-L HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/eniam/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:09:02 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 8766f26839feb4fd-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/487352685:1713464962:aLoBf68mNlI57fyd-2yzB9UFEmyWcRD7cTqWItPEb24/8766f2566c5ab4fd/2ed10437bc884ff

104.17.3.184

91 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/487352685:1713464962:aLoBf68mNlI57fyd-2yzB9UFEmyWcRD7cTqWItPEb24/8766f2566c5ab4fd/2ed10437bc884ff
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (4412), with no line terminators
Size
91 kB (91352 bytes)
Hash
4677afd0518581fcaf8694aaaac05c95
200c6520e5ae22789f0e112128aba451101909af
ae38ae31305945f5af919ac36bfa0bb48545261816a4ae1d9c7b7ba47b4382fc

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/487352685:1713464962:aLoBf68mNlI57fyd-2yzB9UFEmyWcRD7cTqWItPEb24/8766f2566c5ab4fd/2ed10437bc884ff HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/h1mpq/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 2ed10437bc884ff
Content-Length: 26217
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:09:00 GMT
content-type: text/html; charset=UTF-8
cf-chl-out: LojVIQHVbB290decf7mAVjaeLhkcfDF3tk26KfsCZoXf23I5ATUYyHlJxzHV8oNz3Q6lOn+DXlcnn46j6K7TekA7fLICLm6d2/QuIrMQaCgklWb2jYQ9m1Tm7e+ahpP8$MeiybPL/OgO97QYeN0qvIA==
cf-chl-out-s: M7HUlNNCy33mEi9O7s/ee7anchkZTIIUVY0EPP1gjo2Yaofx79cNHxbtoud7Q26cPxFTtR6EH5cMWmUQMTV5UFPrZlTt+qbP1w/OolIsfG7OT52HIXL9Fty9MxJFe9YP+OeqmmUVgDQYxjiYhfTRnL+cQlA/XybgQbJB+5YtxKmgd1R9neJ4FntJzHttCbv2$Yxv6IvwMIJ+bj90opoBvog==
vary: accept-encoding
server: cloudflare
cf-ray: 8766f26028c5b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1640391474:1713464848:6disvdjaAW64nHTm1XNqOGW3lH1Q0UXSqyOY9w6XiyA/8766f2630c18b4fd/04a87cb45cde79e

104.17.3.184

4.2 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1640391474:1713464848:6disvdjaAW64nHTm1XNqOGW3lH1Q0UXSqyOY9w6XiyA/8766f2630c18b4fd/04a87cb45cde79e
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (4412), with no line terminators
Size
4.2 kB (4229 bytes)
Hash
7ec0fe07118d6cbc233ab314a8665ddc
e9362bd24dd40109bcc0d952ebb4d939f9f2497f
991284db1bee6a03181a57519277296f7ce8631f273527f5c52e9923d9c55266

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1640391474:1713464848:6disvdjaAW64nHTm1XNqOGW3lH1Q0UXSqyOY9w6XiyA/8766f2630c18b4fd/04a87cb45cde79e HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/eniam/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 04a87cb45cde79e
Content-Length: 25634
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:09:02 GMT
content-type: text/html; charset=UTF-8
cf-chl-out: 7xYWw3Vywtdt98GjZ8iySQCkW13HK4j0131aQG8G/Ukh9LoenOPXGBRPyVcycBBlJvS/ysDIDDj2mgQ5MqCZbLDAzaMtvWc9KV0dcEd2TM+Ubxm4l01xK0x9cMwVHhkk$UXkv2JFj5XbLhp5gNgEz8A==
cf-chl-out-s: h28q0EvRj/x9Jt5yEb9HZRgxkHE0R3/ZBdxKBGyqrgMIz1nTCc+ciJ4FhlT64eGp71m+Bqz1vS29pVhULqA/RDYf3oKQ/jEVC8I5OtkwhQWNDn37gd0AcmZAEuNbxptZvOK/VGSX5utdPNCAFm66Ry59vLnoIBw3kRI38cL7xqnq8uGsHUY0N1lL3CL9jq/N$tJrqYLxBIgdMutD7qUfCIg==
vary: accept-encoding
server: cloudflare
cf-ray: 8766f26d886fb4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/api.js

104.17.3.184

302 Found

0 B

URL GET HTTP/3
challenges.cloudflare.com/turnstile/v0/api.js
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://defendguard.top/_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://defendguard.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Thu, 18 Apr 2024 19:09:03 GMT
content-length: 0
access-control-allow-origin: *
location: /turnstile/v0/g/54ea73d52131/api.js
cross-origin-resource-policy: cross-origin
cache-control: max-age=300, public
vary: Accept-Encoding
server: cloudflare
cf-ray: 8766f2708ca2b4fd-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8766f2476916b4fd

104.17.3.184

374 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8766f2476916b4fd
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
374 kB (373785 bytes)
Hash
450e1b1ae6e1054c38f36bcc339c9384
d684c36f8cc0d805481d51d6686fe69631218e0b
267f3d14838193c38f0dffd84fc10568c8d82d66a61c53acf06f42a6a7ea1a3a

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8766f2476916b4fd HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/sb6ib/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:08:56 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
server: cloudflare
cf-ray: 8766f247e98ab4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8766f2630c18b4fd

104.17.3.184

172 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8766f2630c18b4fd
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
172 kB (171965 bytes)
Hash
2c9d81d3363391e3838c584429c175c2
677e46fcde6a632e0df71434fad9c6a9b848bc16
10338d006aba44b7e0e9fd395a25a94799bc57fb672d037966fb5cd36649f78f

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8766f2630c18b4fd HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/eniam/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:09:01 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
server: cloudflare
cf-ray: 8766f2637c91b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/8766f2710d37b4fd/1713467343873/aac27d98951834b1b8aac660e135ab5ce55b76f0bd4e46b78d23ea02eb39c807/oPjjRlqlKQJb9FB

104.17.3.184

1 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/8766f2710d37b4fd/1713467343873/aac27d98951834b1b8aac660e135ab5ce55b76f0bd4e46b78d23ea02eb39c807/oPjjRlqlKQJb9FB
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/pat/8766f2710d37b4fd/1713467343873/aac27d98951834b1b8aac660e135ab5ce55b76f0bd4e46b78d23ea02eb39c807/oPjjRlqlKQJb9FB HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/fguc4/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 401 Unauthorized
date: Thu, 18 Apr 2024 19:09:04 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gqsJ9mJUYNLG4qsZg4TWrXOVbdvC9Tka3jSPqAus5yAcAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEArny_u1wyrVg8e-Kmwxyfb2WoiwwZ2VR7QAnot_CrcySq56Rui-jZM9090K9_dW6HmpAKhOjYXLCJ7g4U74G4z6SRM_YRj-GLp3EaBxay798DZIeAtv_N7Z9CHI_0VTYiqNXVm2z1bF5VtFasnv3JDaWb4yIjBd8vMfNUM4Y4nXXIeMIyXdVK2hlzVO8VxBkXca7UzhCq51WDKlSYPWUy9ieZTdwNf5Q49DwdF9woTnuKPY26TxVlEHMcf8JJiXLUR2bbdG-Qv1fqbwQloSjintj5uXWLsZd84bMpNedRNJBV22T0PgKNeip6oalvdYbaiHiyDATsKlA6-8KJ-CUQTQIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIKrCfZiVGDSxuKrGYOE1q1zlW3bwvU5Gt40j6gLrOcgHABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA1FEYykHcK8H9rb_u0aFz3CmWgYloQw4YhedoEOAjJ0vy2Axa4f9UG9Dzs4uXS34_h8l6MDo2nRCvLI9lvebilMnTjCn-6D77bewqYxJKUFZW1z2jBIdu03TrETczfEg7kxgKtJE9NXGDjYJcF_iMgzgNA0PEAVM89tUYXXlFy4cUAGlqU2mPpIEOxm5ARsXC-zlLK60fkJ4cOsZRkZa6EExdhmgdwQ0fEJuSOHrBO_-zJn4hUP8q9g4yqkxW2UrfJgD07F4HaHGBEiei06sGDvH2NEPvswEl5dTGxutNrxlU7W24iYhNa2nhjlc53nNb0mKtszv-czVE9UhXyJ7-RQIDAQAB", max-age=20
server: cloudflare
cf-ray: 8766f2755aadb4fd-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1443299764:1713464773:cS5PudJGbYpxFzd9IihvY_zYkRp09n3l40KhsY-qyPQ/8766f2125a7ab4fd/42d717b8cae23a5

104.17.3.184

112 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1443299764:1713464773:cS5PudJGbYpxFzd9IihvY_zYkRp09n3l40KhsY-qyPQ/8766f2125a7ab4fd/42d717b8cae23a5
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (4412), with no line terminators
Size
112 kB (111939 bytes)
Hash
1ad6067fe0e9c6aaec0db401dd1be02e
f4216327fc26cafbbc62a8c669e7f55bd9733226
e31bdea34240e23fa5659e95a900ece2f8590e097e3576ceffac033e90aa2e80

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1443299764:1713464773:cS5PudJGbYpxFzd9IihvY_zYkRp09n3l40KhsY-qyPQ/8766f2125a7ab4fd/42d717b8cae23a5 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/83mvq/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 42d717b8cae23a5
Content-Length: 25479
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:08:50 GMT
content-type: text/html; charset=UTF-8
cf-chl-out-s: 34IapGeoSdbw3F9jpt3GQleylx2I1++UuHCElKKsO2uN7C7LDdhFHcVsKnGPgv8hgvgEaNGL39QGAYdX3XaJZyduBz4dvzGuobp4wLK9aC4Y0HAW/Ajj+mowTombQWawBuRr0aVjgMQwIGFOLXeE6kvWQyJeMeoZwI8fNQ0Mmq72chzJlyZSmAVAxAjA9VMK$c9mRZZXldUvsBP+weMKZxA==
cf-chl-out: bYKApeWkfL8raeuedo0HkNNm8pmxOia3Yj+h0KdOkJMVrNObBPt+G0MTbtLzIOWlkfghsu59S+vTpjf/CXGbP9x+T9+AJncr7CgSKxHgKJLWU2WcufTny32Y4YRQviAw$rxWVuCnrorPTZdTqTuX8rg==
vary: accept-encoding
server: cloudflare
cf-ray: 8766f21cbdabb4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

defendguard.top/favicon.ico

172.67.134.71

404 Not Found

30 kB

URL GET HTTP/3
defendguard.top/favicon.ico
IP
172.67.134.71:443
ASN
#13335 CLOUDFLARENET

Requested by
https://defendguard.top/_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net
Certificate
IssuerLet's Encrypt
Subjectdefendguard.top
Fingerprint25:89:7B:25:31:3A:90:C2:0C:5A:C7:9E:1A:98:E5:78:20:61:81:88
ValidityTue, 19 Mar 2024 14:49:37 GMT - Mon, 17 Jun 2024 14:49:36 GMT

File type
HTML document, ASCII text
Size
30 kB (30491 bytes)
Hash
80a0117131329166f55e7dc4022b63f9
5838a1b9111a88ebb24a1ca6d8a8d5469fdc97bd
b35585cf421afcccd16bca81c01a0f63d01f877a17de377a1160d40a40beb6c0

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: defendguard.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://defendguard.top/_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Thu, 18 Apr 2024 19:08:48 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iruMTJvM1b3dS2O84Au3RJB89i0OK2x%2Bd9vK0lVg%2FzcbcggR0QrAO6vd3rVId4y7DQMjoAXKK2mtXpN4oSpoABYbSrhKg80myscWZi%2BRHSeviuhcLTnKdI6Qoyv6i02frs0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8766f2123c4556bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/api.js

104.17.3.184

302 Found

0 B

URL GET HTTP/3
challenges.cloudflare.com/turnstile/v0/api.js
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://defendguard.top/_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://defendguard.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Thu, 18 Apr 2024 19:09:05 GMT
content-length: 0
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
location: /turnstile/v0/g/54ea73d52131/api.js
cache-control: max-age=300, public
vary: Accept-Encoding
server: cloudflare
cf-ray: 8766f27cbc54b4fd-OSL
alt-svc: h3=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js

216.58.207.202

200 OK

31 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js
IP
216.58.207.202:443
ASN
#15169 GOOGLE

Requested by
https://defendguard.top/_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (31191 bytes)
Hash
cf2fbbf84281d9ecbffb4993203d543b
832a6a4e86daf38b1975d705c5de5d9e5f5844bc
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

HTTP Headers

GET /ajax/libs/jquery/3.6.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://defendguard.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 05:54:13 GMT
expires: Wed, 16 Apr 2025 05:54:13 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 220492
last-modified: Wed, 11 Jan 2023 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/487352685:1713464962:aLoBf68mNlI57fyd-2yzB9UFEmyWcRD7cTqWItPEb24/8766f2566c5ab4fd/2ed10437bc884ff

104.17.3.184

114 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/487352685:1713464962:aLoBf68mNlI57fyd-2yzB9UFEmyWcRD7cTqWItPEb24/8766f2566c5ab4fd/2ed10437bc884ff
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
114 kB (113595 bytes)
Hash
8d754d53792c1e4b2217cc5769367d82
1d73a550161e3874b9d0630c8732c78574c94c98
e94f91865856f3ec445feaa2c9dcdd7c21eadab61e2cf5de0e70587e2674f5ec

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/487352685:1713464962:aLoBf68mNlI57fyd-2yzB9UFEmyWcRD7cTqWItPEb24/8766f2566c5ab4fd/2ed10437bc884ff HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/h1mpq/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 2ed10437bc884ff
Content-Length: 2682
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:08:59 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: Qx+9z052J9BNBAc9Tc2CHo8jpWShFnStRCMP3ohojX4cwUEl4GnKEeVnAJEUKFL3k0KB04kwkpTyJ/ukRg3vY6jSX5HZRkR9z2RpGbCUk4n5az7YK3+ssV1T/ibSZlzq0aCMXXGPxqpZlvIyUtod/AJC63Lp+ffBazN1QX1LU2VRug8XuQcU4b8ronX00oUZUyyGgszGP2F8fyfk70vss6NjNe4AmpC008hhu4SIeTrHqqjp1pd0/ZQ3M4uMRj0LS2+WcmDjzeAaVfS1xxZsDeXdGbtA/xTnBl8KOovMNHrwWkit1lXb57Sa0rNe3sR3r5lNBtsJBMswFBwkPRmHHpoKO5CgA1IwKg//Ovjpt/xHbqhFkd4N7kEqHqeJPEu9u0lKH1I+4Tzpu3X81wwiz6m7ud7nzqQBW4J4TejT4gJtbEf1ZvcKx0rmYSNVkzDEnaBX+ediVEPSozDsomqNpmE3wGM2xMFEJSFW2Yfx/NH7lOW4CPUYNQHlZ5J6Ba/KYm8P7Nw00891PxzfV/iRkg==$J10CiAjnbriH48PcIzb9Hg==
vary: accept-encoding
server: cloudflare
cf-ray: 8766f2587f2fb4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8766f2710d37b4fd

104.17.3.184

342 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8766f2710d37b4fd
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
342 kB (341603 bytes)
Hash
d520291aa75c4ad56e72a89441d11547
fa91e36d97edcd0448287b24962eb8881f7ac26c
091b1aa34ecb5eba0f0558529568027d5fda814cb558fca5999fedd9598eb52a

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8766f2710d37b4fd HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/fguc4/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:09:03 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
server: cloudflare
cf-ray: 8766f2718da9b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/8766f27d2cccb4fd/1713467345844/8859e44f382e46a17d73f86a54e2d2a591179c4a6ce84bd96057297dfd7d92ed/c-L1qAbJ22LCQ0m

104.17.3.184

1 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/8766f27d2cccb4fd/1713467345844/8859e44f382e46a17d73f86a54e2d2a591179c4a6ce84bd96057297dfd7d92ed/c-L1qAbJ22LCQ0m
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/pat/8766f27d2cccb4fd/1713467345844/8859e44f382e46a17d73f86a54e2d2a591179c4a6ce84bd96057297dfd7d92ed/c-L1qAbJ22LCQ0m HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/hzs4s/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 401 Unauthorized
date: Thu, 18 Apr 2024 19:09:06 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20giFnkTzguRqF9c_hqVOLSpZEXnEps6EvZYFcpff19ku0AGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEArny_u1wyrVg8e-Kmwxyfb2WoiwwZ2VR7QAnot_CrcySq56Rui-jZM9090K9_dW6HmpAKhOjYXLCJ7g4U74G4z6SRM_YRj-GLp3EaBxay798DZIeAtv_N7Z9CHI_0VTYiqNXVm2z1bF5VtFasnv3JDaWb4yIjBd8vMfNUM4Y4nXXIeMIyXdVK2hlzVO8VxBkXca7UzhCq51WDKlSYPWUy9ieZTdwNf5Q49DwdF9woTnuKPY26TxVlEHMcf8JJiXLUR2bbdG-Qv1fqbwQloSjintj5uXWLsZd84bMpNedRNJBV22T0PgKNeip6oalvdYbaiHiyDATsKlA6-8KJ-CUQTQIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIIhZ5E84LkahfXP4alTi0qWRF5xKbOhL2WBXKX39fZLtABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA1FEYykHcK8H9rb_u0aFz3CmWgYloQw4YhedoEOAjJ0vy2Axa4f9UG9Dzs4uXS34_h8l6MDo2nRCvLI9lvebilMnTjCn-6D77bewqYxJKUFZW1z2jBIdu03TrETczfEg7kxgKtJE9NXGDjYJcF_iMgzgNA0PEAVM89tUYXXlFy4cUAGlqU2mPpIEOxm5ARsXC-zlLK60fkJ4cOsZRkZa6EExdhmgdwQ0fEJuSOHrBO_-zJn4hUP8q9g4yqkxW2UrfJgD07F4HaHGBEiei06sGDvH2NEPvswEl5dTGxutNrxlU7W24iYhNa2nhjlc53nNb0mKtszv-czVE9UhXyJ7-RQIDAQAB", max-age=20
server: cloudflare
cf-ray: 8766f2868f66b4fd-OSL
alt-svc: h3=":443"; ma=86400

defendguard.top/cdn-cgi/challenge-platform/h/g/rc/8766f27d2cccb4fd

172.67.134.71

21 B

URL
defendguard.top/cdn-cgi/challenge-platform/h/g/rc/8766f27d2cccb4fd
IP
172.67.134.71:0
ASN
#13335 CLOUDFLARENET

File type
JSON text data
Size
21 B (21 bytes)
Hash
018598ff9794435b440d1bbf293cc10f
9129b0ca1a4febdf97636946a1fe7be8abf11890
898a24300baa285e173627eb7801c18db52748bb2119f56a71dcce0a5f8c8063

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/rc/8766f27d2cccb4fd HTTP/1.1
Host: defendguard.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://defendguard.top/_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net
Content-Type: application/json
Content-Length: 596
Origin: https://defendguard.top
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=3TV.hEqgA1JMotg7a_xaH4Pu8RcTCVnRKirPID3Utzw-1713467345-1.0.1.1-43JMnSCBTW9xiOW66l17lNPUmKkx9v0prlVWIvoljibhiuQpC5JCKGsWVdm21JM0oNVcMy6FYQAsIYxjvs4TUA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:09:07 GMT
content-type: application/json
content-length: 21
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
set-cookie: cf_clearance=gHP2BOyZCs7b25K7dy83JeIVAV8D.yM21jastTw3Jhc-1713467347-1.0.1.1-TXP0tVxFCAXH10LtJCJlX5HzNn3e5bLzYtuMk5kKh2pixAUHir37tqFiXXcbgbrqz8OeUKJa4nZTS7UU8CIB6g; path=/; expires=Fri, 18-Apr-25 19:09:07 GMT; domain=.defendguard.top; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TmG5z2T8m4rkOFeGEBPHrpqdewIZh9Wpm%2B%2FyFLBOVoyF2jxRcaR93iqQS1x4y2rPQI4FCMz0Q%2FY7gUPJUzBuMUJFurzHpgTHXSus9Wun83v2ZG9kEClhJOD4fOKE9JIS1JQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8766f287a93356bb-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/api.js

104.17.3.184

302 Found

0 B

URL GET HTTP/3
challenges.cloudflare.com/turnstile/v0/api.js
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://defendguard.top/_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://defendguard.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Thu, 18 Apr 2024 19:09:07 GMT
content-length: 0
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
location: /turnstile/v0/g/54ea73d52131/api.js
cache-control: max-age=300, public
vary: Accept-Encoding
server: cloudflare
cf-ray: 8766f2899aeeb4fd-OSL
alt-svc: h3=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js

216.58.207.202

200 OK

31 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js
IP
216.58.207.202:443
ASN
#15169 GOOGLE

Requested by
https://defendguard.top/_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (31191 bytes)
Hash
cf2fbbf84281d9ecbffb4993203d543b
832a6a4e86daf38b1975d705c5de5d9e5f5844bc
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

HTTP Headers

GET /ajax/libs/jquery/3.6.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://defendguard.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 05:54:13 GMT
expires: Wed, 16 Apr 2025 05:54:13 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 220494
last-modified: Wed, 11 Jan 2023 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D

104.17.3.184

200 OK

61 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/i483j/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/i8vr1/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:09:07 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 8766f28a9c32b4fd-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/i8vr1/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal

104.17.3.184

26 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/i8vr1/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (41702)
Size
26 kB (25764 bytes)
Hash
d75418bc4ed77e33271c961274f46e65
941bf7ad7e7cfad6b88dd898d2c337c87d733ab1
4be699b3d868a7b972b3d22b1ccfd5bf4dffc6d69d8c822aa6edf0b4ec58466a

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/i8vr1/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://defendguard.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:09:07 GMT
content-type: text/html; charset=UTF-8
origin-agent-cluster: ?1
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cross-origin-opener-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
referrer-policy: same-origin
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
vary: accept-encoding
server: cloudflare
cf-ray: 8766f28a1b6eb4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/8766f28a1b6eb4fd/1713467347894/4249c8874850c8c5b5467352ae8ec34108e97c5ff2779ed8d965759e87d86d3d/4F0Y4mXsV5SHn4e

104.17.3.184

1 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/8766f28a1b6eb4fd/1713467347894/4249c8874850c8c5b5467352ae8ec34108e97c5ff2779ed8d965759e87d86d3d/4F0Y4mXsV5SHn4e
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/pat/8766f28a1b6eb4fd/1713467347894/4249c8874850c8c5b5467352ae8ec34108e97c5ff2779ed8d965759e87d86d3d/4F0Y4mXsV5SHn4e HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/i8vr1/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 401 Unauthorized
date: Thu, 18 Apr 2024 19:09:08 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gQknIh0hQyMW1RnNSro7DQQjpfF_yd57Y2WV1nofYbT0AGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEArny_u1wyrVg8e-Kmwxyfb2WoiwwZ2VR7QAnot_CrcySq56Rui-jZM9090K9_dW6HmpAKhOjYXLCJ7g4U74G4z6SRM_YRj-GLp3EaBxay798DZIeAtv_N7Z9CHI_0VTYiqNXVm2z1bF5VtFasnv3JDaWb4yIjBd8vMfNUM4Y4nXXIeMIyXdVK2hlzVO8VxBkXca7UzhCq51WDKlSYPWUy9ieZTdwNf5Q49DwdF9woTnuKPY26TxVlEHMcf8JJiXLUR2bbdG-Qv1fqbwQloSjintj5uXWLsZd84bMpNedRNJBV22T0PgKNeip6oalvdYbaiHiyDATsKlA6-8KJ-CUQTQIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIEJJyIdIUMjFtUZzUq6Ow0EI6Xxf8nee2NlldZ6H2G09ABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA1FEYykHcK8H9rb_u0aFz3CmWgYloQw4YhedoEOAjJ0vy2Axa4f9UG9Dzs4uXS34_h8l6MDo2nRCvLI9lvebilMnTjCn-6D77bewqYxJKUFZW1z2jBIdu03TrETczfEg7kxgKtJE9NXGDjYJcF_iMgzgNA0PEAVM89tUYXXlFy4cUAGlqU2mPpIEOxm5ARsXC-zlLK60fkJ4cOsZRkZa6EExdhmgdwQ0fEJuSOHrBO_-zJn4hUP8q9g4yqkxW2UrfJgD07F4HaHGBEiei06sGDvH2NEPvswEl5dTGxutNrxlU7W24iYhNa2nhjlc53nNb0mKtszv-czVE9UhXyJ7-RQIDAQAB", max-age=20
server: cloudflare
cf-ray: 8766f28fda5cb4fd-OSL
alt-svc: h3=":443"; ma=86400

defendguard.top/cdn-cgi/challenge-platform/h/g/rc/8766f28a1b6eb4fd

172.67.134.71

21 B

URL
defendguard.top/cdn-cgi/challenge-platform/h/g/rc/8766f28a1b6eb4fd
IP
172.67.134.71:0
ASN
#13335 CLOUDFLARENET

File type
JSON text data
Size
21 B (21 bytes)
Hash
018598ff9794435b440d1bbf293cc10f
9129b0ca1a4febdf97636946a1fe7be8abf11890
898a24300baa285e173627eb7801c18db52748bb2119f56a71dcce0a5f8c8063

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/rc/8766f28a1b6eb4fd HTTP/1.1
Host: defendguard.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://defendguard.top/_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net
Content-Type: application/json
Content-Length: 596
Origin: https://defendguard.top
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=gHP2BOyZCs7b25K7dy83JeIVAV8D.yM21jastTw3Jhc-1713467347-1.0.1.1-TXP0tVxFCAXH10LtJCJlX5HzNn3e5bLzYtuMk5kKh2pixAUHir37tqFiXXcbgbrqz8OeUKJa4nZTS7UU8CIB6g
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:09:09 GMT
content-type: application/json
content-length: 21
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
set-cookie: cf_clearance=0RRgsGzzY4_osqiXdudAQ4p21EV9lOVg1Y1DqqbmYkc-1713467349-1.0.1.1-Xv549ruHkbkjSCpPptjzmLuFv.Ihm1xEOFECNvTHI4xR3MmBfsLs.m8V3TwJ3WyUlLC3SKehsO6xo4N8pAgtIA; path=/; expires=Fri, 18-Apr-25 19:09:09 GMT; domain=.defendguard.top; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4jYIC9%2Ba1IeVweScBWCvwM3jQ71v5pPvrUtJI3ZsILGc%2BGCqUoxn%2B1pP5ef7QCwqEJBXHdsn%2BBjKAbvSOGOCplzFHky1ee5FuLNmeAawQbEpTWW6u4w%2B2p7YS5ktyB5bqxo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8766f294af9756bb-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/g/54ea73d52131/api.js

104.17.3.184

200 OK

14 kB

URL GET HTTP/3
challenges.cloudflare.com/turnstile/v0/g/54ea73d52131/api.js
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://defendguard.top/_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (42414)
Size
14 kB (14272 bytes)
Hash
374fec8b5e50cd6ab980f3fef21a5aa0
7f474607991a19b6f1b78cc32e0f75b501b60774
8af2da74872f03e058ab79a584176d2086afc01bbd42dd2ed14259179341be6a

HTTP Headers

GET /turnstile/v0/g/54ea73d52131/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://defendguard.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:09:03 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 8766f270acccb4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/g/54ea73d52131/api.js

104.17.3.184

200 OK

50 kB

URL GET HTTP/3
challenges.cloudflare.com/turnstile/v0/g/54ea73d52131/api.js
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://defendguard.top/_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (42414)
Size
50 kB (49677 bytes)
Hash
374fec8b5e50cd6ab980f3fef21a5aa0
7f474607991a19b6f1b78cc32e0f75b501b60774
8af2da74872f03e058ab79a584176d2086afc01bbd42dd2ed14259179341be6a

HTTP Headers

GET /turnstile/v0/g/54ea73d52131/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://defendguard.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:08:52 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 8766f22e0b55b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D

104.17.3.184

200 OK

61 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/i483j/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/i483j/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:09:09 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 8766f2977bc5b4fd-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/8766f2970b4db4fd/1713467349944/77c2d5a1402ae30ba7c193cbec67f9911a8a58a3a14bde8ace2e45ea359851a3/4QVLAgdDnpoWOPL

104.17.3.184

1 B

URL GET
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/8766f2970b4db4fd/1713467349944/77c2d5a1402ae30ba7c193cbec67f9911a8a58a3a14bde8ace2e45ea359851a3/4QVLAgdDnpoWOPL
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/i483j/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/pat/8766f2970b4db4fd/1713467349944/77c2d5a1402ae30ba7c193cbec67f9911a8a58a3a14bde8ace2e45ea359851a3/4QVLAgdDnpoWOPL HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/i483j/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 401 Unauthorized
date: Thu, 18 Apr 2024 19:09:10 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gd8LVoUAq4wunwZPL7Gf5kRqKWKOhS96Kzi5F6jWYUaMAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEArny_u1wyrVg8e-Kmwxyfb2WoiwwZ2VR7QAnot_CrcySq56Rui-jZM9090K9_dW6HmpAKhOjYXLCJ7g4U74G4z6SRM_YRj-GLp3EaBxay798DZIeAtv_N7Z9CHI_0VTYiqNXVm2z1bF5VtFasnv3JDaWb4yIjBd8vMfNUM4Y4nXXIeMIyXdVK2hlzVO8VxBkXca7UzhCq51WDKlSYPWUy9ieZTdwNf5Q49DwdF9woTnuKPY26TxVlEHMcf8JJiXLUR2bbdG-Qv1fqbwQloSjintj5uXWLsZd84bMpNedRNJBV22T0PgKNeip6oalvdYbaiHiyDATsKlA6-8KJ-CUQTQIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIHfC1aFAKuMLp8GTy-xn-ZEailijoUveis4uReo1mFGjABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA1FEYykHcK8H9rb_u0aFz3CmWgYloQw4YhedoEOAjJ0vy2Axa4f9UG9Dzs4uXS34_h8l6MDo2nRCvLI9lvebilMnTjCn-6D77bewqYxJKUFZW1z2jBIdu03TrETczfEg7kxgKtJE9NXGDjYJcF_iMgzgNA0PEAVM89tUYXXlFy4cUAGlqU2mPpIEOxm5ARsXC-zlLK60fkJ4cOsZRkZa6EExdhmgdwQ0fEJuSOHrBO_-zJn4hUP8q9g4yqkxW2UrfJgD07F4HaHGBEiei06sGDvH2NEPvswEl5dTGxutNrxlU7W24iYhNa2nhjlc53nNb0mKtszv-czVE9UhXyJ7-RQIDAQAB", max-age=20
server: cloudflare
cf-ray: 8766f29c18b1b4fd-OSL
alt-svc: h3=":443"; ma=86400

defendguard.top/_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net

172.67.134.71

200 OK

15 kB

URL User Request GET HTTP/3
defendguard.top/_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net
IP
172.67.134.71:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectdefendguard.top
Fingerprint25:89:7B:25:31:3A:90:C2:0C:5A:C7:9E:1A:98:E5:78:20:61:81:88
ValidityTue, 19 Mar 2024 14:49:37 GMT - Mon, 17 Jun 2024 14:49:36 GMT

File type
HTML document, ASCII text, with very long lines (745), with no line terminators
Size
15 kB (14963 bytes)
Hash
0317d9eb677b5498c5b2fa0da5e324e0
ab7e86fafdfffbdd306d68f0a4dd5de485fdea17
72ce25c371b475e34ca8fda85d8ba3de7bb53b92c5378f6c7d091e59861763e4

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net HTTP/1.1
Host: defendguard.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=nWej9locpPjMukIMqAr0hC70zDDArafaEyLYBM7xMB0-1713467343-1.0.1.1-DWzo9yq2vEZJqdZPVPHZUVGKoSl0YtICFKr.oy8NqgtSN4W4VXTW3JIOTVDqxlExGMa5vl1EzxikFTrc.qacwg
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:09:03 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.30
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x2VhBD3j29X7AOr041fnsfA3tN69RIAxzmwxqvSHBQQaQ35ZsVqN2M%2BDbdu%2FXtWYInJa%2FyyjmtsFZ%2BQ%2FtNeVQ2Z2SWCDxDRenOr9IKQFXQ7%2BvgfiHnRvcmciSknLYtFOvxI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8766f26f0dfb56bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

defendguard.top/cdn-cgi/challenge-platform/h/g/rc/8766f2970b4db4fd

172.67.134.71

21 B

URL
defendguard.top/cdn-cgi/challenge-platform/h/g/rc/8766f2970b4db4fd
IP
172.67.134.71:0
ASN
#13335 CLOUDFLARENET

File type
JSON text data
Size
21 B (21 bytes)
Hash
018598ff9794435b440d1bbf293cc10f
9129b0ca1a4febdf97636946a1fe7be8abf11890
898a24300baa285e173627eb7801c18db52748bb2119f56a71dcce0a5f8c8063

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/rc/8766f2970b4db4fd HTTP/1.1
Host: defendguard.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://defendguard.top/_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net
Content-Type: application/json
Content-Length: 596
Origin: https://defendguard.top
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=0RRgsGzzY4_osqiXdudAQ4p21EV9lOVg1Y1DqqbmYkc-1713467349-1.0.1.1-Xv549ruHkbkjSCpPptjzmLuFv.Ihm1xEOFECNvTHI4xR3MmBfsLs.m8V3TwJ3WyUlLC3SKehsO6xo4N8pAgtIA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:09:11 GMT
content-type: application/json
content-length: 21
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
set-cookie: cf_clearance=QL6zhIGeVpsCAj5B8v6ip61mWPJRV.9heFsYkQhqtWM-1713467351-1.0.1.1-dzbOQpJoF8mnHlBkoWo54AUn_Z_4GL7NaBmMBk4t73PovTggHm_xlQXUwfqiQeYVpegQ1ME8tZK2VUBOiOSeMQ; path=/; expires=Fri, 18-Apr-25 19:09:11 GMT; domain=.defendguard.top; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KgSC%2FMZ31Ls41MLV7fnKHbSwVh1fc5wpV6m3cTcMCGpn5UTvTRNu72U6MW%2FwIgIpZ3MKWmZwySYeDBkh6lWpBK4Si2Fe%2F6uJXQRwnFPxn3kY7Fu%2Fgg1dTwfQvnnji5wnsUo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8766f2a1aee456bb-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/api.js

104.17.3.184

302 Found

0 B

URL GET HTTP/3
challenges.cloudflare.com/turnstile/v0/api.js
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://defendguard.top/_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://defendguard.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Thu, 18 Apr 2024 19:09:11 GMT
content-length: 0
location: /turnstile/v0/g/54ea73d52131/api.js
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=300, public
vary: Accept-Encoding
server: cloudflare
cf-ray: 8766f2a39983b4fd-OSL
alt-svc: h3=":443"; ma=86400

defendguard.top/_mysterio_omni/functions/validate.php

172.67.134.71

31 kB

URL
defendguard.top/_mysterio_omni/functions/validate.php
IP
172.67.134.71:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
31 kB (31192 bytes)
Hash
cd7bc652307ad520366f441f280c3841
6793c65d772047d2f94cae30b74e5e99266731a4
76fac969d2b0e07d21bf7f1c395d0a855abbf6559edb1cc13415db1811ec6187

HTTP Headers

POST /_mysterio_omni/functions/validate.php HTTP/1.1
Host: defendguard.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 560
Origin: https://defendguard.top
DNT: 1
Connection: keep-alive
Referer: https://defendguard.top/_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net
Cookie: cf_clearance=QL6zhIGeVpsCAj5B8v6ip61mWPJRV.9heFsYkQhqtWM-1713467351-1.0.1.1-dzbOQpJoF8mnHlBkoWo54AUn_Z_4GL7NaBmMBk4t73PovTggHm_xlQXUwfqiQeYVpegQ1ME8tZK2VUBOiOSeMQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:09:11 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.30
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BxctxE46H7k8M031d8rmP1QwmRUj%2B3CmayK0DqZV085Ub8nqPK1cD4f7LL29AagW%2B5ZZkVfWzsohXCQvec21e1h91CMUcRfE%2B0XIAw0Z%2Fhue%2BkbKmlSAe8QTmXWHVBbJcu4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8766f2a1df1f56bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/487352685:1713464962:aLoBf68mNlI57fyd-2yzB9UFEmyWcRD7cTqWItPEb24/8766f27d2cccb4fd/89687436e14e1e3

104.17.3.184

131 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/487352685:1713464962:aLoBf68mNlI57fyd-2yzB9UFEmyWcRD7cTqWItPEb24/8766f27d2cccb4fd/89687436e14e1e3
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
131 kB (131352 bytes)
Hash
dc6e34c2e9bf300e5019ba1bb7e5e7b1
670397bd642cf6d6159f3dfaedc9bf39cdfe15c7
400d46d47f3554e7a472518d94ee35cfca177a723946721520ed23f060f99280

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/487352685:1713464962:aLoBf68mNlI57fyd-2yzB9UFEmyWcRD7cTqWItPEb24/8766f27d2cccb4fd/89687436e14e1e3 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/hzs4s/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 89687436e14e1e3
Content-Length: 2689
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:09:05 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: I4V349zyq7Hxss7R2TljrY+v2uJ2Z6nIs5RSrG+Wg1ffDZ79QKU1+cee7leNujnXo+2K4bqI0Sm+bAYAFmfyQ0x2ao+jyGMkt2gYNUP5EwDiuZaMl+iim2Ua25YdF+TuDoV9X86Etn5Q3T68BN0WwHQGDlkvjdil1bNyzlWaMzvLtJnle/LvNhOstYcQuXjyFm4mcSSuqo8Le1irJ6nyP5U2ScmUTKRNvEoa+smCyfthg3RgfNQwKwsywm9bOUs8T+4DL0vQoPT3q3topvZ5T8mGMWXdSvqaOxw10/i1WfaQgg/l3ZKyrA48cHroYqtAwQlAyXb3YtxMhD9o7tbbK+YeeIF2ld3jmWnbqn+vdhdOPwioeLxCLURG0a83FSMz8OSV/Pt1GUlVCKM39bqU0OCB5XoALJAiX831+ysF64U=$rNIHZU+sGU58aNSfq6j4CQ==
vary: accept-encoding
server: cloudflare
cf-ray: 8766f27f6f5ab4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8766f2970b4db4fd

104.17.3.184

200 OK

432 kB

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8766f2970b4db4fd
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/i483j/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
432 kB (431663 bytes)
Hash
1a0508245b71e7684d72a4bd11944dd4
87d0ad29adeb718d5083697fbce92e87f65e298c
29c233dfcad1b7fb6f8728255c534977f5ace94461fbb153f357842fbeb0d20e

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8766f2970b4db4fd HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/i483j/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:09:09 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
server: cloudflare
cf-ray: 8766f2977bc9b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1546122791:1713464641:rwISRxc6TBPFKqILXrrmRGuhMZxviF0jaXplY-zQ-Lk/8766f2970b4db4fd/f77aa363b165cac

104.17.3.184

200 OK

91 kB

URL POST HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1546122791:1713464641:rwISRxc6TBPFKqILXrrmRGuhMZxviF0jaXplY-zQ-Lk/8766f2970b4db4fd/f77aa363b165cac
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/i483j/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
91 kB (91400 bytes)
Hash
b32d6556e41e1c04995b093d69a61333
c4418e2c27b8ebb4c994606d58290a5e25010228
5d059d43c6adc6594116a67578121d563adcdfb966abf7d9b4a5fd891d4881c5

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1546122791:1713464641:rwISRxc6TBPFKqILXrrmRGuhMZxviF0jaXplY-zQ-Lk/8766f2970b4db4fd/f77aa363b165cac HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/i483j/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: f77aa363b165cac
Content-Length: 2675
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:09:09 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: qnYck0AEuqYiCacXhExaPoBOLN/mf4htCfYkWBjGYn9kxojoyNv52UAKgS7x0pyWnZfwPB380rSxtOeXVkxPowGzOfINdi+VrWueVNQ8wSlChSuVnl1a5ygCbtrNotajDt5yD0dP38VkBL58w1roIUYz/tOyvgMEnpcl7YADoqi2cS+bQFtN34qS+5c7KQIlIuaeqa27Qv3AUd5GeM3i1lep9yrfCJO/sKMxGyn4ct7CQUbEny8x1Lsz8FpJbQqO+F4i3LoQ4fZrg9+axUTFrC3JYqqBi5Se3JroCeKfV9hgHKg5N6tcokrh30dB1jK6MlE9rpF9Uw3ImRSH1AkupYj1W1fYmQMle874x4DbOy1koypQjnCZAbCzMOQ2iirN$9ueOonZfSmruLrZUb0EBxA==
vary: accept-encoding
server: cloudflare
cf-ray: 8766f2991d82b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/i483j/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal

104.17.3.184

200 OK

80 kB

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/i483j/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://defendguard.top/_mysterio_omni/zone/cd0fbb7849b9b9d84c4f8e48e7301ecf/login.php?id=bnovosiwsky@slurpmail.net
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (41702)
Size
80 kB (80048 bytes)
Hash
23d97d559428dbd686e69981d5d04a5f
36d18ad694495bfc814ea8e7c5fe1fc95bc7182d
88d3cb199230578ca78c4cfd298d7054c960aeaf572b34ca238e8faa409d3461

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/i483j/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://defendguard.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:09:09 GMT
content-type: text/html; charset=UTF-8
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
cross-origin-embedder-policy: require-corp
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy: same-origin
document-policy: js-profiling
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: cross-origin
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
vary: accept-encoding
server: cloudflare
cf-ray: 8766f2970b4db4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (50)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations