Report - defendguard.top/_mysterio_omni/zure/ecd5f64614e7a072fc3a650c495eba6c/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no

Report Overview

Submitted URL
defendguard.top/_mysterio_omni/zure/ecd5f64614e7a072fc3a650c495eba6c/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
IP
104.21.25.137
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-04 03:14:29
Access
public
Website Title
Final URL
defendguard.top/_mysterio_omni/zure/ecd5f64614e7a072fc3a650c495eba6c/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Tags
phishing microsoft outlook
urlquery detections
Phishing - Microsoft Outlook

Detections

urlquery
3
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
defendguard.top	unknown	2024-02-10	2024-02-12	2024-04-16	12 kB	116 kB	172.67.134.71
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2024-05-03	24 kB	2.0 MB	104.17.3.184
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-05-03	1.8 kB	129 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (45)

	URL	Size	First Seen	Last Seen
	challenges.cloudflare.com/turnstile/v0/api.js	43 kB	2024-04-25	2024-05-06
Pretty URL challenges.cloudflare.com/turnstile/v0/api.js IP 104.17.3.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 19:17:04 Last Seen2024-05-06 16:14:42 Times Seen2299 Hash 65b0a652c40c95d12c4ddb3b4567c1ea c654efa19d01d6553ed4e0f500d350011e023ad1 c6b5cd0b65ebbb519dd845ba2979b40e58b056ca2c90f67a8bfea871d39615a7 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js	90 kB	2023-03-10	2024-05-18
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 04:24:46 Last Seen2024-05-18 09:11:37 Times Seen17908 Hash cf2fbbf84281d9ecbffb4993203d543b 832a6a4e86daf38b1975d705c5de5d9e5f5844bc a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=87e551fc8dcb569b	430 kB	2024-05-04	2024-05-04
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=87e551fc8dcb569b IP 104.17.3.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 05:14:32 Last Seen2024-05-04 05:14:34 Times Seen2 Hash 45227453c6f327492109bf3e883ecc05 30d0b5cf429f44e119419dc6c20e07172125ac5c 34ae04b0a7fa2915127e4ddc4c0b49b701a3d7ff16fd58e31b259a896381ca66 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/rsmoe/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal	3.6 kB	2024-05-04	2024-05-04
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/rsmoe/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal IP 104.17.3.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-04 05:14:32 Last Seen2024-05-04 05:14:32 Times Seen1 Hash 3ee50d59e75a5d21caec10a1a981420d a4521b7aaf762bd3e14da3033fb8accfb81bdb7d c2f0f95f7f719ffe164954629b784313a3a303506703ffcd7e1aa012eb239cd6 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=87e5520fee7a569b	435 kB	2024-05-04	2024-05-04
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=87e5520fee7a569b IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 05:14:32 Last Seen2024-05-04 05:14:32 Times Seen1 Hash dee339770d361c380b32476cb45f55f6 0e22b34d30534dff22fe73362a92dce225f8112c 5cfa4da0157e3bb851a6bff8e58c535759693d7f13308173a2a3564c17134d5b Loading...

		Size	First Seen	Last Seen
	#1 Eval - 3e220ab0029d63e9eb68db79bce2cfef	28 B	2024-05-04	2024-05-04
Pretty Observations First Seen2024-05-04 05:14:32 Last Seen2024-05-04 05:14:32 Times Seen1 Hash 3e220ab0029d63e9eb68db79bce2cfef 99d9f3f2d7018b2bcd4e5e9e960d433ac5ea0c51 e8528a1f05bf7003183acb1b01c1c185269eeb9c59f4039416cb455803fb0757 Loading...

	#2 Eval - 53c8f55c07040fa9e31c57fc361abfb5	28 B	2024-05-04	2024-05-04
Pretty Observations First Seen2024-05-04 05:14:32 Last Seen2024-05-04 05:14:32 Times Seen1 Hash 53c8f55c07040fa9e31c57fc361abfb5 4db6bcd69d96ab4c6a28df9d630b885dc6f3d693 6f7e09b7392323ec2041a6c32138caf20987ea87959e22dceae11c858af32cc7 Loading...

	#3 Eval - 2958c7e6e9ac7ed6cfc8314c708f577a	2.8 kB	2024-05-04	2024-05-04
Pretty Observations First Seen2024-05-04 05:14:32 Last Seen2024-05-04 05:14:32 Times Seen1 Hash 2958c7e6e9ac7ed6cfc8314c708f577a ab45c5dfb239112bc12438b20f094fe4ea46ab27 2cef04c9e8c886025fa54ca53807fab19197af10afad3a6aea19b8fefd810e91 Loading...

	#4 Eval - 53902465f3a234f7d8bcfce86f429042	28 B	2024-05-04	2024-05-04
Pretty Observations First Seen2024-05-04 05:14:32 Last Seen2024-05-04 05:14:32 Times Seen1 Hash 53902465f3a234f7d8bcfce86f429042 3ea6942d195787e64db264d84cf5de4404a6ee26 96a1095bd1166dc2d8c21a8e0eec56d968f1ca654b73ba14762e07948173326a Loading...

	#5 Eval - 0e4281da7b29c38778a6abf29eeae842	28 B	2024-05-04	2024-05-04
Pretty Observations First Seen2024-05-04 05:14:32 Last Seen2024-05-04 05:14:32 Times Seen1 Hash 0e4281da7b29c38778a6abf29eeae842 802765a8dd34edb5ad8c1a34b3b2fba233400bd5 bf586c970363de99e98517634ccc58b87f171d57f5e5a040efad0b5f3f3cb649 Loading...

	#6 Eval - 6477a212f80bcb3505ae5699c5b3f219	28 B	2024-05-04	2024-05-04
Pretty Observations First Seen2024-05-04 05:14:32 Last Seen2024-05-04 05:14:32 Times Seen1 Hash 6477a212f80bcb3505ae5699c5b3f219 04fafd3e546b1d7814bb732af3e5222c288af113 abd30836ee1909a9134b9e68ce14d9edb17db145b3fecf4e60b89ee82915a233 Loading...

	#7 Eval - 6f19e673ce22d23e55f729bc9bce3ba0	28 B	2024-05-04	2024-05-04
Pretty Observations First Seen2024-05-04 05:14:32 Last Seen2024-05-04 05:14:32 Times Seen1 Hash 6f19e673ce22d23e55f729bc9bce3ba0 7ce4aa338ed2100fd6360bab785fb789545a5c07 b9150c181dabd193b6f46758555dd358ce4b676644927ca063364198d4068018 Loading...

	#8 Eval - eb49671d7443b79948445505042605b3	28 B	2024-05-04	2024-05-04
Pretty Observations First Seen2024-05-04 05:14:32 Last Seen2024-05-04 05:14:32 Times Seen1 Hash eb49671d7443b79948445505042605b3 fd2d6cee763026e845aab80182fd569764ff3951 f86a02d0383655d3f9b601a7012f7207cdbf128b68464c1ef1bc5729235ad83e Loading...

	#9 Eval - 24caa3a6656842a1d52eb1f66e9eaf3e	28 B	2024-05-04	2024-05-04
Pretty Observations First Seen2024-05-04 05:14:32 Last Seen2024-05-04 05:14:32 Times Seen1 Hash 24caa3a6656842a1d52eb1f66e9eaf3e 337ab977108fde89afd0ac96d5fd0c96c6ceffaf b65f2fe841d6c3881a2e1ee7940e0d83ca01daf60f213470782f7b480dec92ae Loading...

	#10 Eval - 5dd645bc9fc3243bedcfd667e2da17fe	28 B	2024-05-04	2024-05-04
Pretty Observations First Seen2024-05-04 05:14:32 Last Seen2024-05-04 05:14:32 Times Seen1 Hash 5dd645bc9fc3243bedcfd667e2da17fe c3054919358db4b3582a5474a31c4d96a26c04a7 ec4eb70968cc0ed18c30a0df8530d57f7983f96423b927a5e94995ff87433c51 Loading...

	#11 Eval - d203c4bcae5f86d0f764a80ce2271970	28 B	2024-05-04	2024-05-04
Pretty Observations First Seen2024-05-04 05:14:32 Last Seen2024-05-04 05:14:32 Times Seen1 Hash d203c4bcae5f86d0f764a80ce2271970 2bd72ed6221e54453b57ff1cbcb8b46033d67434 990fd79b23d77b23d09c3630d607f9a084829d6719df25192a627613b8a3f5ac Loading...

	#12 Eval - 3c884a30f525105c0797a0bb94fd3552	28 B	2024-05-04	2024-05-04
Pretty Observations First Seen2024-05-04 05:14:32 Last Seen2024-05-04 05:14:32 Times Seen1 Hash 3c884a30f525105c0797a0bb94fd3552 aed5141b1d3d977e5284833408d4378c10b56da1 6c56f7f4b2c9dc3e806c0f11d816d060ac325cef9223b89c283156a017189834 Loading...

	#13 Eval - 626521ef916961c776d55b470b193aab	505 B	2024-05-04	2024-05-04
Pretty Observations First Seen2024-05-04 05:14:32 Last Seen2024-05-04 05:14:32 Times Seen1 Hash 626521ef916961c776d55b470b193aab 3d26982e3eb54c89d9711b6114e5cac1150908fa 2dc94ffea28b13a2358ea1c3b4dede9c23e6341acc615a72034fc637f608f15b Loading...

	#14 Eval - 57fed68fa57c480b9906db76359b9ae7	28 B	2024-05-04	2024-05-04
Pretty Observations First Seen2024-05-04 05:14:32 Last Seen2024-05-04 05:14:32 Times Seen1 Hash 57fed68fa57c480b9906db76359b9ae7 92792fcac87f6b66082cfff866053ed317a7283f 478422157989a0096fd7153b686b1a3296c289344d44918a2a6354c501409b32 Loading...

	#15 Eval - b441a5526a2f4bd1639c988483d15ee5	28 B	2024-05-04	2024-05-04
Pretty Observations First Seen2024-05-04 05:14:32 Last Seen2024-05-04 05:14:32 Times Seen1 Hash b441a5526a2f4bd1639c988483d15ee5 19c33da0503f9800b4dcd4e280ddca3943b57389 f4e022729c9c805f2b0fa94a41259dc792531398d3f178ccfdb7109b3349556e Loading...

	#16 Eval - 999ad42e94b68f851ddec744acce4ee9	28 B	2024-05-04	2024-05-04
Pretty Observations First Seen2024-05-04 05:14:32 Last Seen2024-05-04 05:14:32 Times Seen1 Hash 999ad42e94b68f851ddec744acce4ee9 043b9bfec8ac733fb26e36c35de701eb50c2d459 5b9ed18758ae92a89516179038e3e355247ca11dd291d0ef0d5a4ecf893f12e6 Loading...

	#17 Eval - 289e4504bfbcb46698a92f5da63e0a2d	62 B	2024-04-25	2024-05-06
Pretty Observations First Seen2024-04-25 19:17:05 Last Seen2024-05-06 16:16:09 Times Seen1078 Hash 289e4504bfbcb46698a92f5da63e0a2d a6dcf5b386a04b545d7e94c553c5947d8e95ec2b 3c82ba90261822f61f18c06c5f5efe8f16d31b2486e7dcf16e8c5be62809b917 Loading...

	#18 Eval - 4b219cad68d4c5d0be0b3604f1cf2f33	28 B	2024-05-04	2024-05-04
Pretty Observations First Seen2024-05-04 05:14:32 Last Seen2024-05-04 05:14:32 Times Seen1 Hash 4b219cad68d4c5d0be0b3604f1cf2f33 a81a0826f3fdaf18fb4037171c3097c700a575e5 bc1f1273578b3743838213f027717fa1e51d35716517b3130a89519910d1151a Loading...

	#19 Eval - e2c05ec318fc1e979afe51e1a14605e9	28 B	2024-05-04	2024-05-04
Pretty Observations First Seen2024-05-04 05:14:32 Last Seen2024-05-04 05:14:32 Times Seen1 Hash e2c05ec318fc1e979afe51e1a14605e9 db9a780c3fdba3441f00c0b36763579ec4822f98 e966cac82c035d34f7f8cdccf7e89d68e72b42cd2613bbc1c505afd0d609953b Loading...

	#20 Eval - d2f159aa5f91ce687dbed1faf52b9196	28 B	2024-05-04	2024-05-04
Pretty Observations First Seen2024-05-04 05:14:33 Last Seen2024-05-04 05:14:33 Times Seen1 Hash d2f159aa5f91ce687dbed1faf52b9196 16cee64194eab40f8481eee161264fcebc3c2631 29655b88ccc15a2fbe27271e076f8369ba9821c5afb714fecf8e70b4ec7c0fa4 Loading...

	#21 Eval - 849dbac8ec9a2870345c779cc5e4095e	28 B	2024-05-04	2024-05-04
Pretty Observations First Seen2024-05-04 05:14:33 Last Seen2024-05-04 05:14:33 Times Seen1 Hash 849dbac8ec9a2870345c779cc5e4095e e10be9c98e7fd691ff021d8cf941c79a40936063 39ce7882acc61a7f7ebbe608370b286781ecb85ce4d95704995c1a3ba59cde22 Loading...

	#22 Eval - ff4e5c23e4d849cfe6cd121c3b7c1d79	28 B	2024-05-04	2024-05-04
Pretty Observations First Seen2024-05-04 05:14:33 Last Seen2024-05-04 05:14:33 Times Seen1 Hash ff4e5c23e4d849cfe6cd121c3b7c1d79 688f720c7a4b6b61fa3ae439737f15da099e372c d26e67d3444cfcca194f357c15827fcefe5ce2fe7c37de2414dda04cb14a4e86 Loading...

	#23 Eval - 43e5118dfd9c3df953e9691e4b8c84d8	28 B	2024-05-04	2024-05-04
Pretty Observations First Seen2024-05-04 05:14:33 Last Seen2024-05-04 05:14:33 Times Seen1 Hash 43e5118dfd9c3df953e9691e4b8c84d8 b8c26e880a08b3cb21158c512c4555f017c22e7e 3c9b2dff0de9258df5ca76c828cfac5b48f93bdb8bc58d19096e2cc045ec12b4 Loading...

	#24 Eval - b192b985bff23eb8b90aa1b8f56ee475	28 B	2024-05-04	2024-05-04
Pretty Observations First Seen2024-05-04 05:14:33 Last Seen2024-05-04 05:14:33 Times Seen1 Hash b192b985bff23eb8b90aa1b8f56ee475 ca3c3463a4a657c2dc21ed52ece7745bc77c7f4e d99b27c0ccba9fb71e15f2ac071229cf36d74efb822bf9cc1c6c6917bc356171 Loading...

	#25 Eval - 05edd1de6f36fb4d9a6ae0cf9631b69f	2.8 kB	2024-05-04	2024-05-04
Pretty Observations First Seen2024-05-04 05:14:33 Last Seen2024-05-04 05:14:33 Times Seen1 Hash 05edd1de6f36fb4d9a6ae0cf9631b69f af45cac55d53176a6ac56e25f302d2c867e35480 0e75a1d5dfa2a509dc40d664f205d9fb72860d36a702bed9f0835f89ba32c3b0 Loading...

	#26 Eval - 1a7275276ce8ae27931386b63f3a7503	28 B	2024-05-04	2024-05-04
Pretty Observations First Seen2024-05-04 05:14:33 Last Seen2024-05-04 05:14:33 Times Seen1 Hash 1a7275276ce8ae27931386b63f3a7503 52d2b46534ceb6105d112dbf2f069489001dca6e ccde737e4a3696c9218dc81e4aaf948aa3ce5840572be4d1a9c6fd4d8b0270d3 Loading...

	#27 Eval - 9910ee9ea35b2baac67dac67b29d9280	28 B	2024-05-04	2024-05-04
Pretty Observations First Seen2024-05-04 05:14:33 Last Seen2024-05-04 05:14:33 Times Seen1 Hash 9910ee9ea35b2baac67dac67b29d9280 ebb881af7ae80949f2c3e7277a56a66a52e7d68c 749d00b7708f6277570fc528b9ee70c5da9a5c4046bbb0bc9aa52ce27d587e87 Loading...

	#28 Eval - 67202e037d98d33f98aca5506378ac93	28 B	2024-05-04	2024-05-04
Pretty Observations First Seen2024-05-04 05:14:33 Last Seen2024-05-04 05:14:33 Times Seen1 Hash 67202e037d98d33f98aca5506378ac93 9f39817cf59b530780b45b023aef3f6b02a6bd1e 90c4ae482de204c047c8a2b134aee6cb3ef87bcbc80649d467db8a6b77423a8f Loading...

	#29 Eval - 89b0812beec1683e92078e7fc7c6d590	28 B	2024-05-04	2024-05-04
Pretty Observations First Seen2024-05-04 05:14:33 Last Seen2024-05-04 05:14:33 Times Seen1 Hash 89b0812beec1683e92078e7fc7c6d590 2be2580bac8ed2a1c39a3145decfc614f803a70c 9ed92e94c9e0260b22947e396477df0e9daffa41b1dadca3f693f559d64a2755 Loading...

	#30 Eval - b0cc7cfc14a0c7b93b3798ff51587318	28 B	2024-05-04	2024-05-04
Pretty Observations First Seen2024-05-04 05:14:33 Last Seen2024-05-04 05:14:33 Times Seen1 Hash b0cc7cfc14a0c7b93b3798ff51587318 2fd43b3b38e9056f20e95815a4a347722ca7790b 5ca8b786f5a6d02877fff85d52ecbf8a6292b365209bebc170559dfd6bfc1cac Loading...

	#31 Eval - 51cb828f514b7a4170505ad2f4f36891	28 B	2024-05-04	2024-05-04
Pretty Observations First Seen2024-05-04 05:14:33 Last Seen2024-05-04 05:14:33 Times Seen1 Hash 51cb828f514b7a4170505ad2f4f36891 cc4f7514e8173b666b3445126f778ce6097b256b 8dca81903327d05bdc119f18b6c887920753fa0d1b348a00fd28c555125cbda9 Loading...

	#32 Eval - 834ec77ed816accb18558084fac9b6cd	28 B	2024-05-04	2024-05-04
Pretty Observations First Seen2024-05-04 05:14:33 Last Seen2024-05-04 05:14:33 Times Seen1 Hash 834ec77ed816accb18558084fac9b6cd 6450cf4beda9b6df2ecba40c6e39cc304ddb1cad 01fb104fb6905f5d80fb70a60e28752bb8fa154aa16fb5bc2551bc8d5ee840fb Loading...

	#33 Eval - 1abae9a8864bbbe3a682dcc78ae61576	28 B	2024-05-04	2024-05-04
Pretty Observations First Seen2024-05-04 05:14:33 Last Seen2024-05-04 05:14:33 Times Seen1 Hash 1abae9a8864bbbe3a682dcc78ae61576 57715e4553db8be0b873eddb83cebe6af5625891 3f4895987421b466d42ff758540348dba31d55abd428b8a0d17e791ce6e22710 Loading...

	#34 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07	2024-05-18
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-05-18 10:11:49 Times Seen353038 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	#35 Eval - 7b1a9cc7b8e77b6b0151e66a533f087e	28 B	2024-05-04	2024-05-04
Pretty Observations First Seen2024-05-04 05:14:33 Last Seen2024-05-04 05:14:33 Times Seen1 Hash 7b1a9cc7b8e77b6b0151e66a533f087e 6708fd489856b836b48a2e428868126b281fb97c 1479ed3895debad982a4bc0a209fd50151e52a13153e0cd6b63b798109ba4a63 Loading...

	#36 Eval - 95e6c95adf0ca2a0a1048dfd95f49cf3	28 B	2024-05-04	2024-05-04
Pretty Observations First Seen2024-05-04 05:14:33 Last Seen2024-05-04 05:14:33 Times Seen1 Hash 95e6c95adf0ca2a0a1048dfd95f49cf3 44ddbea3ce7c826b251a19b7ae437c281321e849 ff721d88f57bbca4f9d341b0a0f1609d4303d77c85b411a0bc164cb729b45d3a Loading...

	#37 Eval - 4e66f1a97dee865b6bae3ca597fc9de2	28 B	2024-05-04	2024-05-04
Pretty Observations First Seen2024-05-04 05:14:33 Last Seen2024-05-04 05:14:33 Times Seen1 Hash 4e66f1a97dee865b6bae3ca597fc9de2 b307dc19e53b18340593fc20f45c73bbb6fdc1a9 02b666c9b8ff3e1e8e9721c187a04708702716bbecaf403a8e29668801625e1d Loading...

	#38 Eval - d6a71976bfec6f8b5e6b1b58f55e474e	28 B	2024-05-04	2024-05-04
Pretty Observations First Seen2024-05-04 05:14:33 Last Seen2024-05-04 05:14:33 Times Seen1 Hash d6a71976bfec6f8b5e6b1b58f55e474e 8f81ecf8f1b66524869f484d74919e3de788572e ec8c4543aed74cf5dd34d4350c7eef10ba0ad81f50126036792257ee6c9bab80 Loading...

	#39 Eval - c380d8d7aa4ae27c864a7e97cee88afa	28 B	2024-05-04	2024-05-04
Pretty Observations First Seen2024-05-04 05:14:33 Last Seen2024-05-04 05:14:33 Times Seen1 Hash c380d8d7aa4ae27c864a7e97cee88afa 5d011734e554c5fdf786667f757a014329576164 8c836b6e7216f39cf5f0ae087fbb201c1c02ea19648727e513c9f3198514d4c2 Loading...

		Size	First Seen	Last Seen
	#1 Write - 086707e4369f60afedcafb16050a7618	39 B	2023-03-07	2024-05-18
Pretty Observations First Seen2023-03-07 01:03:24 Last Seen2024-05-18 03:42:34 Times Seen44823 Hash 086707e4369f60afedcafb16050a7618 8216b0cc6876cbd44f01c158e7dff3833ceccd41 a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e Loading...

HTTP Transactions (58)

URL IP Response Size

challenges.cloudflare.com/turnstile/v0/api.js

104.17.3.184

302 Found

0 B

URL GET HTTP/3
challenges.cloudflare.com/turnstile/v0/api.js
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://defendguard.top/_mysterio_omni/zure/ecd5f64614e7a072fc3a650c495eba6c/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://defendguard.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sat, 04 May 2024 03:14:01 GMT
content-length: 0
location: /turnstile/v0/g/d0ff3ebede6b/api.js
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: max-age=300, public
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e55175d8b7b50b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js

142.250.74.106

200 OK

31 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://defendguard.top/_mysterio_omni/zure/ecd5f64614e7a072fc3a650c495eba6c/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (31191 bytes)
Hash
cf2fbbf84281d9ecbffb4993203d543b
832a6a4e86daf38b1975d705c5de5d9e5f5844bc
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

HTTP Headers

GET /ajax/libs/jquery/3.6.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://defendguard.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:01:09 GMT
expires: Fri, 02 May 2025 02:01:09 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Wed, 11 Jan 2023 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 177172
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

defendguard.top/cdn-cgi/challenge-platform/scripts/jsd/main.js

172.67.134.71

0 B

URL
defendguard.top/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
172.67.134.71:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: defendguard.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Sat, 04 May 2024 03:14:01 GMT
content-length: 0
cache-control: max-age=300, public
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FdCQutog9vuezihoYlOgqJiMNM9WS1j%2BghPPklzopyb94JhpOLv0iHbHDUsa%2FZD%2FtacQfIZNEcHgOLv4wLFNErL2rtDbDWQ6T0SNy7Yk3o6TyL8IaLMIIxlz1dRsx8VuopI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e5517789c35699-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D

104.17.3.184

200 OK

61 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/rsmoe/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/xacwf/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 03:14:01 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 87e551783b54569b-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/xacwf/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal

104.17.3.184

195 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/xacwf/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (41702)
Size
195 kB (195262 bytes)
Hash
bab8cc1211eb4ecc9c5484268a03ee04
4ddffa898d6689abce9ba793c448cd4710d3d2c3
a6223b476e2767e6b101676d219153d7e828c3b842f690376d39bbb9c0cc1b5c

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/xacwf/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://defendguard.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 03:14:01 GMT
content-type: text/html; charset=UTF-8
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
origin-agent-cluster: ?1
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cross-origin-opener-policy: same-origin
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
server: cloudflare
cf-ray: 87e551779b07569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

defendguard.top/_mysterio_omni/zure/ecd5f64614e7a072fc3a650c495eba6c/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null

172.67.134.71

200 OK

4.7 kB

URL User Request GET HTTP/3
defendguard.top/_mysterio_omni/zure/ecd5f64614e7a072fc3a650c495eba6c/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
IP
172.67.134.71:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectdefendguard.top
Fingerprint77:FC:29:4F:5A:61:08:38:2B:71:E2:A7:22:1A:53:23:F5:0C:14:56
ValidityWed, 24 Apr 2024 01:14:29 GMT - Tue, 23 Jul 2024 01:14:28 GMT

File type
HTML document, ASCII text, with very long lines (2015), with no line terminators
Size
4.7 kB (4705 bytes)
Hash
e7816e1382c4b2812aec760faaec98c8
fb1d45b36ae5784bcaaa53a9d5b80611406d2dff
0702d95dd5a6cfe8bb9ec333497be5e694ed5275a7d513514cfc8f465b434b40

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /_mysterio_omni/zure/ecd5f64614e7a072fc3a650c495eba6c/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null HTTP/1.1
Host: defendguard.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 03:14:00 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.30
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=To6zybmnA%2B58NcbPBiaRcgySREc7dn27dTXDJGzDQ0ke5700A%2B2OSd3TzceAdHIH%2Fz1fFksJd99FCp%2BnPWnLOntakqcmuZQmdtNmR4EAO6iD1xeuqZhBIMbWj2wApQ1owdA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e55172bc2856ab-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

defendguard.top/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js

172.67.134.71

11 kB

URL
defendguard.top/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
IP
172.67.134.71:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (7848), with no line terminators
Size
11 kB (11205 bytes)
Hash
0cc5c24f73e363ab7c885eebb3f97dd6
0f5426b1e5cd1c3abacc237c69f04c2e5889053a
0a6ffd409ab17c2adc0a4ccfd6f0f4748f15a4770fee69e6dbb5df59d27a4daf

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js HTTP/1.1
Host: defendguard.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 03:14:01 GMT
content-type: application/javascript; charset=UTF-8
vary: accept-encoding
cache-control: max-age=14400, public
content-encoding: br
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xx248%2B3YeJlLRbXXrYNKS3CGZ4FidBLF8Hpw53dgZWA2zdkFuss4e6DOo2jxIpFmXhlNO2GdZdeDWG3qoX6zwkK8fqqcE99qy3FfM%2BWdUpmizaSRfdCwlcrbgMpyPKgAj%2FA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e55177a9d05699-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/87e551779b07569b/1714792441935/d9d10d214faabf00167692f6213b92fa5280dfda169c3318eb27d63ce10b5bf7/PqapMYKSQgj1bwM

104.17.3.184

1 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/87e551779b07569b/1714792441935/d9d10d214faabf00167692f6213b92fa5280dfda169c3318eb27d63ce10b5bf7/PqapMYKSQgj1bwM
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/pat/87e551779b07569b/1714792441935/d9d10d214faabf00167692f6213b92fa5280dfda169c3318eb27d63ce10b5bf7/PqapMYKSQgj1bwM HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/xacwf/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 401 Unauthorized
date: Sat, 04 May 2024 03:14:03 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20g2dENIU-qvwAWdpL2ITuS-lKA39oWnDMY6yfWPOELW_cAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAycESnW8nWijopFBbXs0ShsFXencIiaM4x8DmoYUMDVIj9LKs0W82Vt7SxGoLjV854ZLsONjPcD9gaNsV1U7ial-U1eHrh6bc6pi2_dUVK8NsyLnCLOtvOiP0SY8vabqRR4dPd6S61Y-diDWwToPoCSioJqJhohK4pCLZ5_YF-5VfEFiyMTtIeFQadCwQWCTWWHJgK8wlIzn3e6mBeQZJ1VsOf21BzIlCKUydJy4Pf1ah0N7KjgN2pp4S9j2sSUl0ZbfnPznB7zO130ijqjcDO7wydsvznYw_ApvEdn5mKTlOFBQM1jktH72KBkAGAS-M4Zko5MazCXVbKxK3oLAhkwIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tINnRDSFPqr8AFnaS9iE7kvpSgN_aFpwzGOsn1jzhC1v3ABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAi_Bv1vvWWnyuOfVJgRV-AQLxEJECUUmMRrMnYz-gJA-oMd79ajvP3atoTZqB_EsZIq7SMmpbCRFhPolqzIrtXh7AF1Q-ZWY2RoRVRgKr7d6iJMZ49iZUmbz837eqBZJrEMuXftZmY35str5sb0GjzklF8z_hcQJC9vancYXncsYoiMDaROW0tLwSQA9BGfbmA6GlbVj4XH8DH19cKifxmO6RlIPPKlL1KmZbrRakkpuqvJO2-x1Zc2S5GCpponuvQTqJQH8Ud9loZLI75e-Xa9KAUNtBTM0t9WSEsv8cSJLV1BPBVTy1lOnwghofw4fqmlYv6CXClzAUqWouSTJ7uwIDAQAB", max-age=20
server: cloudflare
cf-ray: 87e55181ceec569b-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/87e551779b07569b/1714792441936/EWzfU2eCNJ7rtbu

104.17.3.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/87e551779b07569b/1714792441936/EWzfU2eCNJ7rtbu
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 23 x 54, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
d0564b49fddf36be09fc642648d2bfec
415e7d418e4a95e4b9badd797ce6dc9f8719fc6c
e5c52ab2cf83ba5eb92b4f1660d713ca67c90092e6538b773183d6dae50cff00

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/i/87e551779b07569b/1714792441936/EWzfU2eCNJ7rtbu HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/xacwf/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 03:14:03 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 87e55185886c569b-OSL
alt-svc: h3=":443"; ma=86400

defendguard.top/cdn-cgi/challenge-platform/h/g/rc/87e551779b07569b

172.67.134.71

21 B

URL
defendguard.top/cdn-cgi/challenge-platform/h/g/rc/87e551779b07569b
IP
172.67.134.71:0
ASN
#13335 CLOUDFLARENET

File type
JSON text data
Size
21 B (21 bytes)
Hash
018598ff9794435b440d1bbf293cc10f
9129b0ca1a4febdf97636946a1fe7be8abf11890
898a24300baa285e173627eb7801c18db52748bb2119f56a71dcce0a5f8c8063

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/rc/87e551779b07569b HTTP/1.1
Host: defendguard.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://defendguard.top/_mysterio_omni/zure/ecd5f64614e7a072fc3a650c495eba6c/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Content-Type: application/json
Content-Length: 596
Origin: https://defendguard.top
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=aKEuw1HvkxwLWxZUG7botZQGbe7yMBZ.IaB08KbXE5I-1714792441-1.0.1.1-PHS5CkO3O_4Ur5Qje5oG5m20_DIZ2iKcf4YoyxZuUnojc3kUnV8vQUVbHkrCpFKHeixwcdX.zOoApTmtLsaqlg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 03:14:04 GMT
content-type: application/json
content-length: 21
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
set-cookie: cf_clearance=TnWF1G6d2Ykj5cVZ79J.jWSem4tW5zWszZp6r.kRQhA-1714792444-1.0.1.1-EAZfkfUmUBBppFT1aYM1xWsXinFfqk9MSf3vpAOQVR1.14tborhMHMNxqKj5FiNhB7nQ.KI_yfsqR9jV8s5jBQ; path=/; expires=Sun, 04-May-25 03:14:04 GMT; domain=.defendguard.top; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=siQyzLyJFxMWb6U7MEYfD4cJfrCUnk1QM7fAUVNeLkqW%2FzWTNRKgZWlfbHl8l1KQPT47RCsgnPMXETafm9LFHpDwTPiAWsgw90%2Bt%2BLjAp2hTMsysWdPkTtO82OW7YwPYHDg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e55187b8305699-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/api.js

104.17.3.184

302 Found

0 B

URL GET HTTP/3
challenges.cloudflare.com/turnstile/v0/api.js
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://defendguard.top/_mysterio_omni/zure/ecd5f64614e7a072fc3a650c495eba6c/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://defendguard.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Sat, 04 May 2024 03:14:04 GMT
content-length: 0
cross-origin-resource-policy: cross-origin
location: /turnstile/v0/g/d0ff3ebede6b/api.js
cache-control: max-age=300, public
access-control-allow-origin: *
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e5518a4a30569b-OSL
alt-svc: h3=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js

142.250.74.106

200 OK

31 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://defendguard.top/_mysterio_omni/zure/ecd5f64614e7a072fc3a650c495eba6c/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (31191 bytes)
Hash
cf2fbbf84281d9ecbffb4993203d543b
832a6a4e86daf38b1975d705c5de5d9e5f5844bc
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

HTTP Headers

GET /ajax/libs/jquery/3.6.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://defendguard.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:01:09 GMT
expires: Fri, 02 May 2025 02:01:09 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Wed, 11 Jan 2023 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 177175
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D

104.17.3.184

200 OK

61 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/rsmoe/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/ogdld/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 03:14:04 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 87e5518b9abd569b-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/87e5518b1a85569b/1714792445103/5vXfnTv5Lccrbwz

104.17.3.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/87e5518b1a85569b/1714792445103/5vXfnTv5Lccrbwz
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 95 x 66, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
d78c63506ef103f22666523a469910f1
0381b6c20d8bc3de1b61bab073afad1eb0e9a9f3
bcd37cc4535ee5c888fcaa5b445dd151d7c489524a8e627bc9b2df8905ee0be9

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/i/87e5518b1a85569b/1714792445103/5vXfnTv5Lccrbwz HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/ogdld/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 03:14:06 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 87e551947e6c569b-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/87e5518b1a85569b/1714792445104/a022f22f7598d32c8d133c3fa8b89a044b6cd54fde4c0d68e94690bb8706e36e/OKVln0_ocUzeRXw

104.17.3.184

1 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/87e5518b1a85569b/1714792445104/a022f22f7598d32c8d133c3fa8b89a044b6cd54fde4c0d68e94690bb8706e36e/OKVln0_ocUzeRXw
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/pat/87e5518b1a85569b/1714792445104/a022f22f7598d32c8d133c3fa8b89a044b6cd54fde4c0d68e94690bb8706e36e/OKVln0_ocUzeRXw HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/ogdld/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 401 Unauthorized
date: Sat, 04 May 2024 03:14:06 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20goCLyL3WY0yyNEzw_qLiaBEts1U_eTA1o6UaQu4cG424AGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAycESnW8nWijopFBbXs0ShsFXencIiaM4x8DmoYUMDVIj9LKs0W82Vt7SxGoLjV854ZLsONjPcD9gaNsV1U7ial-U1eHrh6bc6pi2_dUVK8NsyLnCLOtvOiP0SY8vabqRR4dPd6S61Y-diDWwToPoCSioJqJhohK4pCLZ5_YF-5VfEFiyMTtIeFQadCwQWCTWWHJgK8wlIzn3e6mBeQZJ1VsOf21BzIlCKUydJy4Pf1ah0N7KjgN2pp4S9j2sSUl0ZbfnPznB7zO130ijqjcDO7wydsvznYw_ApvEdn5mKTlOFBQM1jktH72KBkAGAS-M4Zko5MazCXVbKxK3oLAhkwIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIKAi8i91mNMsjRM8P6i4mgRLbNVP3kwNaOlGkLuHBuNuABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAi_Bv1vvWWnyuOfVJgRV-AQLxEJECUUmMRrMnYz-gJA-oMd79ajvP3atoTZqB_EsZIq7SMmpbCRFhPolqzIrtXh7AF1Q-ZWY2RoRVRgKr7d6iJMZ49iZUmbz837eqBZJrEMuXftZmY35str5sb0GjzklF8z_hcQJC9vancYXncsYoiMDaROW0tLwSQA9BGfbmA6GlbVj4XH8DH19cKifxmO6RlIPPKlL1KmZbrRakkpuqvJO2-x1Zc2S5GCpponuvQTqJQH8Ud9loZLI75e-Xa9KAUNtBTM0t9WSEsv8cSJLV1BPBVTy1lOnwghofw4fqmlYv6CXClzAUqWouSTJ7uwIDAQAB", max-age=20
server: cloudflare
cf-ray: 87e55194fe97569b-OSL
alt-svc: h3=":443"; ma=86400

defendguard.top/cdn-cgi/challenge-platform/h/g/rc/87e5518b1a85569b

172.67.134.71

21 B

URL
defendguard.top/cdn-cgi/challenge-platform/h/g/rc/87e5518b1a85569b
IP
172.67.134.71:0
ASN
#13335 CLOUDFLARENET

File type
JSON text data
Size
21 B (21 bytes)
Hash
018598ff9794435b440d1bbf293cc10f
9129b0ca1a4febdf97636946a1fe7be8abf11890
898a24300baa285e173627eb7801c18db52748bb2119f56a71dcce0a5f8c8063

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/rc/87e5518b1a85569b HTTP/1.1
Host: defendguard.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://defendguard.top/_mysterio_omni/zure/ecd5f64614e7a072fc3a650c495eba6c/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Content-Type: application/json
Content-Length: 596
Origin: https://defendguard.top
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=TnWF1G6d2Ykj5cVZ79J.jWSem4tW5zWszZp6r.kRQhA-1714792444-1.0.1.1-EAZfkfUmUBBppFT1aYM1xWsXinFfqk9MSf3vpAOQVR1.14tborhMHMNxqKj5FiNhB7nQ.KI_yfsqR9jV8s5jBQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 03:14:07 GMT
content-type: application/json
content-length: 21
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
set-cookie: cf_clearance=0a4GnpY_FIB0LeQH2zr3srT1apI6gmRVSbh2fZDL62w-1714792447-1.0.1.1-s8eBFnj0FSqMBdCMckKjULbaHQu.FJcpgyR3kQwDmRBYHJFA2HOSNWgSXC7u17Mk94aUIZu1KHqBUMwV4n4HFw; path=/; expires=Sun, 04-May-25 03:14:07 GMT; domain=.defendguard.top; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bXBjXevXalgDa3t5M0%2FhLEj%2BMZw2mVbBA2NYEQi5d%2BnY17Yr5Qg5Fm6nw4a3tVpo9ZprMB3POSH8CzBf%2FUaRobKrY%2BsX3AQr%2BKpSY1h6HtRkZ%2FbWivGr%2Fiznx%2BsBTX3uNaU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e5519a1ee45699-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/api.js

104.17.3.184

302 Found

0 B

URL GET HTTP/3
challenges.cloudflare.com/turnstile/v0/api.js
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://defendguard.top/_mysterio_omni/zure/ecd5f64614e7a072fc3a650c495eba6c/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://defendguard.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Sat, 04 May 2024 03:14:07 GMT
content-length: 0
cross-origin-resource-policy: cross-origin
cache-control: max-age=300, public
location: /turnstile/v0/g/d0ff3ebede6b/api.js
access-control-allow-origin: *
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e5519c09a1569b-OSL
alt-svc: h3=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js

142.250.74.106

200 OK

31 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://defendguard.top/_mysterio_omni/zure/ecd5f64614e7a072fc3a650c495eba6c/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (31191 bytes)
Hash
cf2fbbf84281d9ecbffb4993203d543b
832a6a4e86daf38b1975d705c5de5d9e5f5844bc
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

HTTP Headers

GET /ajax/libs/jquery/3.6.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://defendguard.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:01:09 GMT
expires: Fri, 02 May 2025 02:01:09 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Wed, 11 Jan 2023 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 177178
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/ogdld/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal

104.17.3.184

201 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/ogdld/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (41702)
Size
201 kB (200760 bytes)
Hash
ec089898a60d03067ae1bf6dac21f57d
b5399fda8238797506613e954507d5a382398816
3dd5c221edc381c237f96fa5bc540d91aee504b6b4b0dcb40f7be53d4f3c8a73

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/ogdld/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://defendguard.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 03:14:04 GMT
content-type: text/html; charset=UTF-8
document-policy: js-profiling
referrer-policy: same-origin
cross-origin-opener-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
origin-agent-cluster: ?1
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
vary: accept-encoding
server: cloudflare
cf-ray: 87e5518b1a85569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/g/d0ff3ebede6b/api.js

104.17.3.184

200 OK

114 kB

URL GET HTTP/3
challenges.cloudflare.com/turnstile/v0/g/d0ff3ebede6b/api.js
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://defendguard.top/_mysterio_omni/zure/ecd5f64614e7a072fc3a650c495eba6c/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (42565)
Size
114 kB (114053 bytes)
Hash
65b0a652c40c95d12c4ddb3b4567c1ea
c654efa19d01d6553ed4e0f500d350011e023ad1
c6b5cd0b65ebbb519dd845ba2979b40e58b056ca2c90f67a8bfea871d39615a7

HTTP Headers

GET /turnstile/v0/g/d0ff3ebede6b/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://defendguard.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 03:14:07 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e5519c29ad569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/87e5519cc9e1569b/1714792447909/He-FEGBYSSaL7_A

104.17.3.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/87e5519cc9e1569b/1714792447909/He-FEGBYSSaL7_A
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 11 x 78, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
86fec8a33aeee8b58b32e17394106d0f
3c0ace5aefc5cf4fadf9cffbb05d77dbc53599fa
641531b9fe11a12f6056532c2332543ace11d0fcbb58bdcb5d451cdf09620c3c

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/i/87e5519cc9e1569b/1714792447909/He-FEGBYSSaL7_A HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/69xk9/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 03:14:09 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 87e551a8de56569b-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1096221192:1714789845:_tI2vvGT9INjUU4f_Z8g-wbGU3ycET89jqs5Y212OFE/87e551779b07569b/a5ee610cec1fe8f

104.17.3.184

15 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1096221192:1714789845:_tI2vvGT9INjUU4f_Z8g-wbGU3ycET89jqs5Y212OFE/87e551779b07569b/a5ee610cec1fe8f
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (4400), with no line terminators
Size
15 kB (15106 bytes)
Hash
e96c35e99df876d8ecbe97caddc2651f
40da2dd5bf3f5e1da0d3f29fb7dd0f07d1dfef37
2fecf17b4a236f356a58546797cc4de022a9f38d98427020ef6a427219b31423

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1096221192:1714789845:_tI2vvGT9INjUU4f_Z8g-wbGU3ycET89jqs5Y212OFE/87e551779b07569b/a5ee610cec1fe8f HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/xacwf/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: a5ee610cec1fe8f
Content-Length: 27817
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 03:14:04 GMT
content-type: text/html; charset=UTF-8
cf-chl-out-s: qxVMPpwHCS0UaxnIO+YfIw==$sKh6uNMmRGkm0+1+oPxEHg==
cf-chl-out: LajM3I8TS0H2q5xSyTJCyvdFifkCoWJhZqlAHMF84+zE8N2xR2fSPyKbgwp9QOXPyaAcexWgztVRWGn4g4qlF9oYZVPO1RsfC2yQWdZjiNYgRjIU94Z7v1pI2g2WqytW$6HmqQVDMkNcSvNY2eTqaAA==
vary: accept-encoding
server: cloudflare
cf-ray: 87e551876917569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/222260920:1714789810:sE3435mwiJBzARXwrlxUPkhEvXDySW6pfeQ1SlHcMsg/87e5519cc9e1569b/acc8efada794d88

104.17.3.184

4.2 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/222260920:1714789810:sE3435mwiJBzARXwrlxUPkhEvXDySW6pfeQ1SlHcMsg/87e5519cc9e1569b/acc8efada794d88
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (4400), with no line terminators
Size
4.2 kB (4224 bytes)
Hash
21d03e48e510a287d9b1026893bd2d68
9c1894194cf53abd153c31d4f0ca366cf64b5b64
dc6cc3ce196a22803947a512bbf76d1b1b73092988a76cbb90bc9c2a9e09905e

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/222260920:1714789810:sE3435mwiJBzARXwrlxUPkhEvXDySW6pfeQ1SlHcMsg/87e5519cc9e1569b/acc8efada794d88 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/69xk9/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: acc8efada794d88
Content-Length: 27549
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 03:14:09 GMT
content-type: text/html; charset=UTF-8
cf-chl-out-s: wjiYGZ381wfz1dLJhMa73w==$guGQ8zbOfj0VROy86XvY8A==
cf-chl-out: peeL2etnGxnUVD5kDHWTOIr94uTnuuyecauihYgjGX3Dp3baTMecp7DX63CuoVh/PuW+upSQJbrQnHIQNiCUOPbLGSDJBxAu/m3KSvmD7pjoIBjaja3dqgPxUTtX++oT$ZkXYrfJXWeDd0KyCu5fWwQ==
vary: accept-encoding
server: cloudflare
cf-ray: 87e551ab6f8e569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

defendguard.top/_mysterio_omni/functions/validate.php

172.67.134.71

422 B

URL
defendguard.top/_mysterio_omni/functions/validate.php
IP
172.67.134.71:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
422 B (422 bytes)
Hash
0e3476442580076ac1ae96d40c0851f6
8b43f523bbb4951c995c9733873bca12e8289dea
4f6eae61c5e65b11c05fcdba1c73c58e6f0d0c7b49e7306e50086aa91a571076

HTTP Headers

POST /_mysterio_omni/functions/validate.php HTTP/1.1
Host: defendguard.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 560
Origin: https://defendguard.top
DNT: 1
Connection: keep-alive
Referer: https://defendguard.top/_mysterio_omni/zure/ecd5f64614e7a072fc3a650c495eba6c/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Cookie: cf_clearance=0a4GnpY_FIB0LeQH2zr3srT1apI6gmRVSbh2fZDL62w-1714792447-1.0.1.1-s8eBFnj0FSqMBdCMckKjULbaHQu.FJcpgyR3kQwDmRBYHJFA2HOSNWgSXC7u17Mk94aUIZu1KHqBUMwV4n4HFw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 03:14:07 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.30
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BH8ULieZs9bf7ByjHEHtmCKkMpbrw5KRYllMxWPY7ZUS77pPW9ab7MqcCa5iAs3bBAqmQZgxeCEXAUlyrnrFzXNOYPpwbgHgtiLNNz8q8dzgYrk3XNhbKpPB1CfCxQ%2BBLvc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e5519a4ef05699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js

142.250.74.106

200 OK

31 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://defendguard.top/_mysterio_omni/zure/ecd5f64614e7a072fc3a650c495eba6c/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (31191 bytes)
Hash
cf2fbbf84281d9ecbffb4993203d543b
832a6a4e86daf38b1975d705c5de5d9e5f5844bc
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

HTTP Headers

GET /ajax/libs/jquery/3.6.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://defendguard.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:01:09 GMT
expires: Fri, 02 May 2025 02:01:09 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Wed, 11 Jan 2023 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 177181
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D

104.17.3.184

200 OK

61 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/rsmoe/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/j3ro8/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 03:14:10 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 87e551aec90e569b-OSL
alt-svc: h3=":443"; ma=86400

defendguard.top/favicon.ico

172.67.134.71

404 Not Found

4.8 kB

URL GET HTTP/3
defendguard.top/favicon.ico
IP
172.67.134.71:443
ASN
#13335 CLOUDFLARENET

Requested by
https://defendguard.top/_mysterio_omni/zure/ecd5f64614e7a072fc3a650c495eba6c/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Certificate
IssuerLet's Encrypt
Subjectdefendguard.top
Fingerprint77:FC:29:4F:5A:61:08:38:2B:71:E2:A7:22:1A:53:23:F5:0C:14:56
ValidityWed, 24 Apr 2024 01:14:29 GMT - Tue, 23 Jul 2024 01:14:28 GMT

File type
HTML document, ASCII text
Size
4.8 kB (4790 bytes)
Hash
80a0117131329166f55e7dc4022b63f9
5838a1b9111a88ebb24a1ca6d8a8d5469fdc97bd
b35585cf421afcccd16bca81c01a0f63d01f877a17de377a1160d40a40beb6c0

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: defendguard.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://defendguard.top/_mysterio_omni/zure/ecd5f64614e7a072fc3a650c495eba6c/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Cookie: cf_clearance=WdZ_CKbCJC8S5zn.eVcATTVa9WP8gWfNw4YW7_z1_7Y-1714792449-1.0.1.1-T2A2bDs6dLWRSG0xOtprcOQlVF9axLXbyDMZ2jcc97aLWYs.YuEWgk9Cp7Xzsl471A0cPm9nYrgsSVMdaexXWw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Sat, 04 May 2024 03:14:10 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: HIT
age: 9
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=25KCMWOyxRVoa1FyYaODyK0ag%2FxxHj7gOtbuJoj7629S4VSp3WaU6q9v%2Bkfog1zgjIDWdQPtricqi7Z6Tu%2BfWp7wgypYkCRpmFdI105DC2y0gjrH5XdSFMy8M6Q7T6vZ02Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e551ae1e3d5699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/87e551ae48dd569b/1714792450677/8e849de6dd59cc573c3e54c3e1be333f579787bf02e0f9857cfc5ae86c5809c1/hWBtmITlXbpSMDB

104.17.3.184

1 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/87e551ae48dd569b/1714792450677/8e849de6dd59cc573c3e54c3e1be333f579787bf02e0f9857cfc5ae86c5809c1/hWBtmITlXbpSMDB
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/pat/87e551ae48dd569b/1714792450677/8e849de6dd59cc573c3e54c3e1be333f579787bf02e0f9857cfc5ae86c5809c1/hWBtmITlXbpSMDB HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/j3ro8/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 401 Unauthorized
date: Sat, 04 May 2024 03:14:11 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gjoSd5t1ZzFc8PlTD4b4zP1eXh78C4PmFfPxa6GxYCcEAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAycESnW8nWijopFBbXs0ShsFXencIiaM4x8DmoYUMDVIj9LKs0W82Vt7SxGoLjV854ZLsONjPcD9gaNsV1U7ial-U1eHrh6bc6pi2_dUVK8NsyLnCLOtvOiP0SY8vabqRR4dPd6S61Y-diDWwToPoCSioJqJhohK4pCLZ5_YF-5VfEFiyMTtIeFQadCwQWCTWWHJgK8wlIzn3e6mBeQZJ1VsOf21BzIlCKUydJy4Pf1ah0N7KjgN2pp4S9j2sSUl0ZbfnPznB7zO130ijqjcDO7wydsvznYw_ApvEdn5mKTlOFBQM1jktH72KBkAGAS-M4Zko5MazCXVbKxK3oLAhkwIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tII6EnebdWcxXPD5Uw-G-Mz9Xl4e_AuD5hXz8WuhsWAnBABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAi_Bv1vvWWnyuOfVJgRV-AQLxEJECUUmMRrMnYz-gJA-oMd79ajvP3atoTZqB_EsZIq7SMmpbCRFhPolqzIrtXh7AF1Q-ZWY2RoRVRgKr7d6iJMZ49iZUmbz837eqBZJrEMuXftZmY35str5sb0GjzklF8z_hcQJC9vancYXncsYoiMDaROW0tLwSQA9BGfbmA6GlbVj4XH8DH19cKifxmO6RlIPPKlL1KmZbrRakkpuqvJO2-x1Zc2S5GCpponuvQTqJQH8Ud9loZLI75e-Xa9KAUNtBTM0t9WSEsv8cSJLV1BPBVTy1lOnwghofw4fqmlYv6CXClzAUqWouSTJ7uwIDAQAB", max-age=20
server: cloudflare
cf-ray: 87e551b3daa8569b-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/87e551ae48dd569b/1714792450681/d0flj9uLZLXcFhw

104.17.3.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/87e551ae48dd569b/1714792450681/d0flj9uLZLXcFhw
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 90 x 17, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
6fd312a258dd1892d603a4502e9439d5
ebb0302c8a8253009d06af70f688b80cb703614c
5000fbf67d5ddf4c6cf32f79066dc6d45ba33f44a8402efc6b8f15a05354545b

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/i/87e551ae48dd569b/1714792450681/d0flj9uLZLXcFhw HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/j3ro8/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 03:14:12 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 87e551bb7dc9569b-OSL
alt-svc: h3=":443"; ma=86400

defendguard.top/cdn-cgi/challenge-platform/h/g/rc/87e551ae48dd569b

172.67.134.71

21 B

URL
defendguard.top/cdn-cgi/challenge-platform/h/g/rc/87e551ae48dd569b
IP
172.67.134.71:0
ASN
#13335 CLOUDFLARENET

File type
JSON text data
Size
21 B (21 bytes)
Hash
018598ff9794435b440d1bbf293cc10f
9129b0ca1a4febdf97636946a1fe7be8abf11890
898a24300baa285e173627eb7801c18db52748bb2119f56a71dcce0a5f8c8063

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/rc/87e551ae48dd569b HTTP/1.1
Host: defendguard.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://defendguard.top/_mysterio_omni/zure/ecd5f64614e7a072fc3a650c495eba6c/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Content-Type: application/json
Content-Length: 596
Origin: https://defendguard.top
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=WdZ_CKbCJC8S5zn.eVcATTVa9WP8gWfNw4YW7_z1_7Y-1714792449-1.0.1.1-T2A2bDs6dLWRSG0xOtprcOQlVF9axLXbyDMZ2jcc97aLWYs.YuEWgk9Cp7Xzsl471A0cPm9nYrgsSVMdaexXWw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 03:14:12 GMT
content-type: application/json
content-length: 21
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
set-cookie: cf_clearance=wuvdd8sM5EsXpCpCwysMb6eDPQnhmGOjuxERv4VijfI-1714792452-1.0.1.1-uxF4IO4n_yz57jcaqxWC6bf5CpitvtuwvbxjII0kwCjfmoMPHrWJUcUbKor2rLcP.MVAttJqhCmWI1LvLYqs2w; path=/; expires=Sun, 04-May-25 03:14:12 GMT; domain=.defendguard.top; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hyv96qz9KDD2QM4y9hLRmtoSveuhZ0SKDIa4WfEev8yoXbRrcp5J7eyRgVXBipmbJuBHcl28V8kFUyvRnd%2BJgDDHvAbH7yYe8guFS5qwAJ9sA6dIc6wDCXZ1zz4ycln5Ezw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e551bd3cc55699-OSL
alt-svc: h3=":443"; ma=86400

172.67.134.71

200 OK

421 B

URL User Request GET HTTP/3
defendguard.top/_mysterio_omni/zure/ecd5f64614e7a072fc3a650c495eba6c/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
IP
172.67.134.71:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectdefendguard.top
Fingerprint77:FC:29:4F:5A:61:08:38:2B:71:E2:A7:22:1A:53:23:F5:0C:14:56
ValidityWed, 24 Apr 2024 01:14:29 GMT - Tue, 23 Jul 2024 01:14:28 GMT

File type
HTML document, ASCII text, with very long lines (897), with no line terminators
Size
421 B (421 bytes)
Hash
bdec7bc3a6fcb5453bff9d161caa5fd0
70994f6155f0ab5296242719efe21e85927ff5f6
bae1b28264f55150ef370f61e325cc248518313d1dbcad4e08f8d4bac7bc84e0

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /_mysterio_omni/zure/ecd5f64614e7a072fc3a650c495eba6c/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null HTTP/1.1
Host: defendguard.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=wuvdd8sM5EsXpCpCwysMb6eDPQnhmGOjuxERv4VijfI-1714792452-1.0.1.1-uxF4IO4n_yz57jcaqxWC6bf5CpitvtuwvbxjII0kwCjfmoMPHrWJUcUbKor2rLcP.MVAttJqhCmWI1LvLYqs2w
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 03:14:12 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.30
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ndDsK7nua9C2QvO0WDVeKxj8yZGc%2FiBEt948H3OmdikMisBMfiZ%2F%2BolIjHWEvfzvDbzl5nkbb8wWHYmnJT%2Bca1nh%2F4ZebfUakuCQ3VV6SWPwzOv0DAZb771cf2ERU6GbqJI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e551be3d3c5699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/540765695:1714789886:vXgt1VvWyKx9udGtTiWKKs09F58r9F6hue8y7mFAmGY/87e551ae48dd569b/672c05175d9f00d

104.17.3.184

35 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/540765695:1714789886:vXgt1VvWyKx9udGtTiWKKs09F58r9F6hue8y7mFAmGY/87e551ae48dd569b/672c05175d9f00d
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (4400), with no line terminators
Size
35 kB (35396 bytes)
Hash
24e704e82b9f1072ebbf3e38844aa495
b45b73a36f1d7d9909385fdac4b44c93bafb967d
385f5cc551be73ad558a41a4662822b3a9dfd610ae6ddc0513e67338f1348417

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/540765695:1714789886:vXgt1VvWyKx9udGtTiWKKs09F58r9F6hue8y7mFAmGY/87e551ae48dd569b/672c05175d9f00d HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/j3ro8/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 672c05175d9f00d
Content-Length: 27575
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 03:14:12 GMT
content-type: text/html; charset=UTF-8
cf-chl-out: 0INIepS4QewwKUOx4LV5xS4+FXHEq876oBWAC47wV8+UFE122tPClEJAZ/tZLh0ourJqQ+a5WeZ+fdeClfTKDd18UQEfE3Xian1Y05V4pNOgS3ch6/iJCTRAq9EBGLQQ$4EYJxVjWddq+tMhPvlp+rg==
cf-chl-out-s: AKBhS8K4HHxNpMkWLQuxag==$xJqcOYde/1EficB2CckCAg==
vary: accept-encoding
server: cloudflare
cf-ray: 87e551bcde4c569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/p8uvh/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal

104.17.3.184

26 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/p8uvh/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (41702)
Size
26 kB (25741 bytes)
Hash
6b366452f210f2228886aa0e421e98ba
d8d3606372248d875e259944b18400b34638eadd
450237d40d8afb3028c66c9706377846382801511dee8625dc6fa9e415b34c83

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/p8uvh/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://defendguard.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 03:14:13 GMT
content-type: text/html; charset=UTF-8
origin-agent-cluster: ?1
cross-origin-embedder-policy: require-corp
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
referrer-policy: same-origin
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
document-policy: js-profiling
vary: accept-encoding
server: cloudflare
cf-ray: 87e551bfbf1e569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1096221192:1714789845:_tI2vvGT9INjUU4f_Z8g-wbGU3ycET89jqs5Y212OFE/87e551779b07569b/a5ee610cec1fe8f

104.17.3.184

109 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1096221192:1714789845:_tI2vvGT9INjUU4f_Z8g-wbGU3ycET89jqs5Y212OFE/87e551779b07569b/a5ee610cec1fe8f
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
109 kB (109086 bytes)
Hash
f2a68ed1ef47bf2ebec7e98adbdd5a86
968788233da8d302921319974e7fc4c3b78cd609
a282ec7eae225c07c56b67413f8a72025cd18ad556168320de6ee2e3de760757

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1096221192:1714789845:_tI2vvGT9INjUU4f_Z8g-wbGU3ycET89jqs5Y212OFE/87e551779b07569b/a5ee610cec1fe8f HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/xacwf/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: a5ee610cec1fe8f
Content-Length: 2795
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 03:14:01 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: pzyJrT4ONuX1S4bv930tcmaN+sBv9zH/TLGUvY7uD4hlbiNbw8OtGTSb2eNm5wUkmP2BpWo7EFOcAIsdeso6I92AJZRTZJ6SG6snkVFd6rNjLjNokbUwWn4Aak4eCfepdzkQmXHDHrqDJdr4KSS0QIJbGSo6aR9JmMcI9GzQXednjD2CyU4PYTWvWJHDtKtIqBlRtsOP47kEE7LRvO/nEGqJ8brWyD45YxDaTQ9cvIxYLEdDZWtyFrRNsXXP4Q3dh4aWKdsO72ECVBbtCaTwzMY/iJn39wUuixQWdgvsbutwZZCsGyPCBIpxhDXefJEg8HlzOWoVR4efdDkoWjkFBBls/mhXaDV5pD8firE0Gw1SZaBn0cu1VuLt78sJiJ6Q04pUxjBuNaGhTNxCTMNzOj0rqNZWxCcMuovOp++uTraO3FQhNhBd6QjvP+3Gf3Xn$713LsoCYKOEBEY2U/E+icQ==
vary: accept-encoding
server: cloudflare
cf-ray: 87e5517a0bdb569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/87e551bfbf1e569b/1714792453508/c556c2b203b405fb5458f2067abcbfc3ce2027c834457326fe7342fbe9febecc/djkL8UeUbTKwQAk

104.17.3.184

1 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/87e551bfbf1e569b/1714792453508/c556c2b203b405fb5458f2067abcbfc3ce2027c834457326fe7342fbe9febecc/djkL8UeUbTKwQAk
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/pat/87e551bfbf1e569b/1714792453508/c556c2b203b405fb5458f2067abcbfc3ce2027c834457326fe7342fbe9febecc/djkL8UeUbTKwQAk HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/p8uvh/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 401 Unauthorized
date: Sat, 04 May 2024 03:14:14 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gxVbCsgO0BftUWPIGery_w84gJ8g0RXMm_nNC--n-vswAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAycESnW8nWijopFBbXs0ShsFXencIiaM4x8DmoYUMDVIj9LKs0W82Vt7SxGoLjV854ZLsONjPcD9gaNsV1U7ial-U1eHrh6bc6pi2_dUVK8NsyLnCLOtvOiP0SY8vabqRR4dPd6S61Y-diDWwToPoCSioJqJhohK4pCLZ5_YF-5VfEFiyMTtIeFQadCwQWCTWWHJgK8wlIzn3e6mBeQZJ1VsOf21BzIlCKUydJy4Pf1ah0N7KjgN2pp4S9j2sSUl0ZbfnPznB7zO130ijqjcDO7wydsvznYw_ApvEdn5mKTlOFBQM1jktH72KBkAGAS-M4Zko5MazCXVbKxK3oLAhkwIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIMVWwrIDtAX7VFjyBnq8v8POICfINEVzJv5zQvvp_r7MABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAi_Bv1vvWWnyuOfVJgRV-AQLxEJECUUmMRrMnYz-gJA-oMd79ajvP3atoTZqB_EsZIq7SMmpbCRFhPolqzIrtXh7AF1Q-ZWY2RoRVRgKr7d6iJMZ49iZUmbz837eqBZJrEMuXftZmY35str5sb0GjzklF8z_hcQJC9vancYXncsYoiMDaROW0tLwSQA9BGfbmA6GlbVj4XH8DH19cKifxmO6RlIPPKlL1KmZbrRakkpuqvJO2-x1Zc2S5GCpponuvQTqJQH8Ud9loZLI75e-Xa9KAUNtBTM0t9WSEsv8cSJLV1BPBVTy1lOnwghofw4fqmlYv6CXClzAUqWouSTJ7uwIDAQAB", max-age=20
server: cloudflare
cf-ray: 87e551c9eb56569b-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1073462985:1714789680:G2pdlxFhWiMFAH8o-usyTZCQqVZY4tUeSPQuhJyBtBg/87e551bfbf1e569b/94051638466a971

104.17.3.184

4.2 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1073462985:1714789680:G2pdlxFhWiMFAH8o-usyTZCQqVZY4tUeSPQuhJyBtBg/87e551bfbf1e569b/94051638466a971
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (4400), with no line terminators
Size
4.2 kB (4229 bytes)
Hash
dd473d28fadabd30a2c044bb89dab8df
adc90c08d2026e881255c71099247e2e1a9b26a8
86ff9b32279f62f595efa750b5ccb35af6687cfe4712fe2c6a19b8505656ad59

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1073462985:1714789680:G2pdlxFhWiMFAH8o-usyTZCQqVZY4tUeSPQuhJyBtBg/87e551bfbf1e569b/94051638466a971 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/p8uvh/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 94051638466a971
Content-Length: 28017
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 03:14:15 GMT
content-type: text/html; charset=UTF-8
cf-chl-out: HYCj1f+d5uYAAfmtvCWfZOlwAXh8xbXUFt+4LAPtqjKnyVQgaBbNrcnYsb8LhmhbZRJaVl5bLGUp38JXlERvmJsEfR+DIB6wzpPV77CCDpNh2QLPnFqV7+BWiIHr+dMs$9JLWzignF7//Ga9NfV/3Yg==
cf-chl-out-s: Wf16pcZ+cN//jG1BJHBoCQ==$/6lWTrlsVHYDtwjKjsuYVQ==
vary: accept-encoding
server: cloudflare
cf-ray: 87e551cf4d63569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/69xk9/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal

104.17.3.184

197 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/69xk9/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (41702)
Size
197 kB (196640 bytes)
Hash
6295839637fa350b89f6d9f8d8bb5636
ffb665a7cde042da423248fa66d236146e66fa5d
d58875a86d6439d679f6d391522d493675c2a5fb1561f3337c58d050dca8859b

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/69xk9/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://defendguard.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 03:14:07 GMT
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
referrer-policy: same-origin
cross-origin-opener-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
document-policy: js-profiling
origin-agent-cluster: ?1
vary: accept-encoding
server: cloudflare
cf-ray: 87e5519cc9e1569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

defendguard.top/_mysterio_omni/functions/validate.php

172.67.134.71

31 kB

URL
defendguard.top/_mysterio_omni/functions/validate.php
IP
172.67.134.71:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
31 kB (31192 bytes)
Hash
cd7bc652307ad520366f441f280c3841
6793c65d772047d2f94cae30b74e5e99266731a4
76fac969d2b0e07d21bf7f1c395d0a855abbf6559edb1cc13415db1811ec6187

HTTP Headers

POST /_mysterio_omni/functions/validate.php HTTP/1.1
Host: defendguard.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 560
Origin: https://defendguard.top
DNT: 1
Connection: keep-alive
Referer: https://defendguard.top/_mysterio_omni/zure/ecd5f64614e7a072fc3a650c495eba6c/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Cookie: cf_clearance=wuvdd8sM5EsXpCpCwysMb6eDPQnhmGOjuxERv4VijfI-1714792452-1.0.1.1-uxF4IO4n_yz57jcaqxWC6bf5CpitvtuwvbxjII0kwCjfmoMPHrWJUcUbKor2rLcP.MVAttJqhCmWI1LvLYqs2w
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 03:14:12 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.30
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5rlGa5LabY3UAODzsh8hfwv1sbeJ1tOYEwYNGjFO1CcXXuXIX8ryCDs1p9LNWCyFL92ktkyeEBjzoxXpkYwSkp4Bl81gbuIJbTTl7%2BHTRoQNqkHc7Ntptd6HCou1qBuArQs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e551bd6cdd5699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/p8avc/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal

104.17.3.184

26 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/p8avc/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (41702)
Size
26 kB (25655 bytes)
Hash
76bc184ce60c4428ccd274a85b35a85f
0eafcec05d2b577853ca1a0142774563fb544277
c9c3f3f5871e2dff633d4d66a9ffacd0301f70fe87643bba231ec4a822c5daa4

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/p8avc/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://defendguard.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 03:14:16 GMT
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
origin-agent-cluster: ?1
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
referrer-policy: same-origin
vary: accept-encoding
server: cloudflare
cf-ray: 87e551d2aeac569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

defendguard.top/favicon.ico

172.67.134.71

404 Not Found

292 B

URL GET HTTP/3
defendguard.top/favicon.ico
IP
172.67.134.71:443
ASN
#13335 CLOUDFLARENET

Requested by
https://defendguard.top/_mysterio_omni/zure/ecd5f64614e7a072fc3a650c495eba6c/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Certificate
IssuerLet's Encrypt
Subjectdefendguard.top
Fingerprint77:FC:29:4F:5A:61:08:38:2B:71:E2:A7:22:1A:53:23:F5:0C:14:56
ValidityWed, 24 Apr 2024 01:14:29 GMT - Tue, 23 Jul 2024 01:14:28 GMT

File type
HTML document, ASCII text
Size
292 B (292 bytes)
Hash
80a0117131329166f55e7dc4022b63f9
5838a1b9111a88ebb24a1ca6d8a8d5469fdc97bd
b35585cf421afcccd16bca81c01a0f63d01f877a17de377a1160d40a40beb6c0

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: defendguard.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://defendguard.top/_mysterio_omni/zure/ecd5f64614e7a072fc3a650c495eba6c/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Cookie: cf_clearance=SOzf3TlqDuwoSl2YhsvvqE1vsh8WxedY5bg9z6CXCho-1714792455-1.0.1.1-F0kcV1_T2MxDoWDS_KWjWEjxriGLFjOYkIbFiGm6SqoyLzc.Ho1WFypopsqIwPQD1dbuomQv4F4OPjEhbPNDIA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Sat, 04 May 2024 03:14:16 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: HIT
age: 15
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1Q4SXXerOJEQwuoIAMVI73KBf%2BA8EIs%2FT05pymo8GKBKusGISBSA19coKSPZ2wPT4veUtANMWSN38a4apD5ooOgPz9pMZvilt5mNsAG9P13Dzd5aS0uV3dueJbJAr2yU6%2Bw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e551d28ca45699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/g/d0ff3ebede6b/api.js

104.17.3.184

200 OK

211 kB

URL GET HTTP/3
challenges.cloudflare.com/turnstile/v0/g/d0ff3ebede6b/api.js
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://defendguard.top/_mysterio_omni/zure/ecd5f64614e7a072fc3a650c495eba6c/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (42565)
Size
211 kB (210811 bytes)
Hash
65b0a652c40c95d12c4ddb3b4567c1ea
c654efa19d01d6553ed4e0f500d350011e023ad1
c6b5cd0b65ebbb519dd845ba2979b40e58b056ca2c90f67a8bfea871d39615a7

HTTP Headers

GET /turnstile/v0/g/d0ff3ebede6b/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://defendguard.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 03:14:10 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e551adb895569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

defendguard.top/cdn-cgi/challenge-platform/h/g/rc/87e551d2aeac569b

172.67.134.71

21 B

URL
defendguard.top/cdn-cgi/challenge-platform/h/g/rc/87e551d2aeac569b
IP
172.67.134.71:0
ASN
#13335 CLOUDFLARENET

File type
JSON text data
Size
21 B (21 bytes)
Hash
018598ff9794435b440d1bbf293cc10f
9129b0ca1a4febdf97636946a1fe7be8abf11890
898a24300baa285e173627eb7801c18db52748bb2119f56a71dcce0a5f8c8063

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/rc/87e551d2aeac569b HTTP/1.1
Host: defendguard.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://defendguard.top/_mysterio_omni/zure/ecd5f64614e7a072fc3a650c495eba6c/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Content-Type: application/json
Content-Length: 596
Origin: https://defendguard.top
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=SOzf3TlqDuwoSl2YhsvvqE1vsh8WxedY5bg9z6CXCho-1714792455-1.0.1.1-F0kcV1_T2MxDoWDS_KWjWEjxriGLFjOYkIbFiGm6SqoyLzc.Ho1WFypopsqIwPQD1dbuomQv4F4OPjEhbPNDIA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 03:14:19 GMT
content-type: application/json
content-length: 21
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
set-cookie: cf_clearance=RojZ2stNMY9te8q8ea_Z_3KWraNbUe2hY_Lgd6CnI44-1714792459-1.0.1.1-16db1AGH_cp882mgusj17L.72111OEY8H5Fbhz9JsE5s5wxw_m_.ewWXXVs5quIBgkNaOXcfqH8gBRicwQ3J_w; path=/; expires=Sun, 04-May-25 03:14:19 GMT; domain=.defendguard.top; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RTEFW8due3pT1PflycfZIOkZUheGNRRyJBhBCca0PLce5FRD%2F2xSA%2B%2FXpALzaKmzfXjkL6Z%2F%2F94JdNJ7RzACdTT8W%2BQrGoKOyzS%2FzQnMYuhWdvMf1gmHvClxBWDt8N5z4CA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e551e58bdc5699-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/api.js

104.17.3.184

302 Found

0 B

URL GET HTTP/3
challenges.cloudflare.com/turnstile/v0/api.js
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://defendguard.top/_mysterio_omni/zure/ecd5f64614e7a072fc3a650c495eba6c/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://defendguard.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Sat, 04 May 2024 03:14:19 GMT
content-length: 0
cross-origin-resource-policy: cross-origin
cache-control: max-age=300, public
location: /turnstile/v0/g/d0ff3ebede6b/api.js
access-control-allow-origin: *
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e551e76e6a569b-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/g/d0ff3ebede6b/api.js

104.17.3.184

200 OK

46 kB

URL GET HTTP/3
challenges.cloudflare.com/turnstile/v0/g/d0ff3ebede6b/api.js
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://defendguard.top/_mysterio_omni/zure/ecd5f64614e7a072fc3a650c495eba6c/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (42565)
Size
46 kB (46115 bytes)
Hash
65b0a652c40c95d12c4ddb3b4567c1ea
c654efa19d01d6553ed4e0f500d350011e023ad1
c6b5cd0b65ebbb519dd845ba2979b40e58b056ca2c90f67a8bfea871d39615a7

HTTP Headers

GET /turnstile/v0/g/d0ff3ebede6b/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://defendguard.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 03:14:13 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e551bf3ef9569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8ucdd/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal

104.17.3.184

26 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8ucdd/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (41702)
Size
26 kB (25710 bytes)
Hash
7f9ec7eea97c00bca1166843001971db
e5b654ebf41b971f53bd3518e149a7adc9a19a7f
8c914531cef313f69c4854d11916c6569e1acc01eaa3950d1ccdcfa4304a809a

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8ucdd/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://defendguard.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 03:14:19 GMT
content-type: text/html; charset=UTF-8
referrer-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
document-policy: js-profiling
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
origin-agent-cluster: ?1
vary: accept-encoding
server: cloudflare
cf-ray: 87e551e80e9c569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/859812544:1714789781:E0MwoZpGwR45Xde0Na1j-EHb55snu407L728ChlIZF8/87e551e80e9c569b/b89c7ec6d7e0c08

104.17.3.184

118 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/859812544:1714789781:E0MwoZpGwR45Xde0Na1j-EHb55snu407L728ChlIZF8/87e551e80e9c569b/b89c7ec6d7e0c08
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
118 kB (118121 bytes)
Hash
5c6e929feabf1dd8179f6470d8ee104e
dc3d04ffad24569f171fb2e2b67fadda485cfc06
fec185349d2647ab7029719e254ab1a01ae2f09dde6e9247fc1359eeafc1eec8

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/859812544:1714789781:E0MwoZpGwR45Xde0Na1j-EHb55snu407L728ChlIZF8/87e551e80e9c569b/b89c7ec6d7e0c08 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8ucdd/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: b89c7ec6d7e0c08
Content-Length: 2800
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 03:14:19 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: KaOzE7vjEy5jqJw/YAKsM52OVobX/UFal+xkuT7Tf/31Igumx/AXl7JnwlPZ4zk2IAg7QdjeW4+az/bpoWFuhdMPTK7plUkm3tnAAYulnKoUj6/BFCFLR5MN7y4M+9cS7Gsjixim5j7tvptdCXLg0Ik7XNGHcYyTs3TqAHZAujpyhZyZZCa5LfiOL7cMqY6+bt75cQz2speA1pYSOj7E2R6EBtF26y1or4x1F59KWat6y4aLgcjfYJ1aUT+DF5KttNNfV4WzbNxKRVKCMSFrP+uvB6irVPAQBMOgTCwY6SlkakUfjniTQSonm+6Kz15voHlj0ON7UAhWQM0s4VIYQ16/um5KAhGTnmNy387x9eTUoZFYABlAnZ3VtYelsKl5xxGyKM73VtOjDLnPuVTZsBHeHd/lY14Jzp0qepRh2jukkh67JrdYyu7BhS9WML3fSwSOklOYKARy1Qln/HL7gA==$hApw4P4jc/P3mPXUDWm1xw==
vary: accept-encoding
server: cloudflare
cf-ray: 87e551ea7f58569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/87e551e80e9c569b/1714792459934/HqSnIb_mFOuS6pI

104.17.3.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/87e551e80e9c569b/1714792459934/HqSnIb_mFOuS6pI
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 42 x 9, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
cb150569ad07f5ac33feee2d012ef51e
a7c449e376006e1c9e3307e3466512b314d7089d
fe482f54502324b13c39a6cd6abbaf3636caea89ee9fe9b99163180f10242b44

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/i/87e551e80e9c569b/1714792459934/HqSnIb_mFOuS6pI HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8ucdd/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 03:14:22 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 87e551f7ec31569b-OSL
alt-svc: h3=":443"; ma=86400

defendguard.top/favicon.ico

172.67.134.71

404 Not Found

252 B

URL GET HTTP/3
defendguard.top/favicon.ico
IP
172.67.134.71:443
ASN
#13335 CLOUDFLARENET

Requested by
https://defendguard.top/_mysterio_omni/zure/ecd5f64614e7a072fc3a650c495eba6c/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Certificate
IssuerLet's Encrypt
Subjectdefendguard.top
Fingerprint77:FC:29:4F:5A:61:08:38:2B:71:E2:A7:22:1A:53:23:F5:0C:14:56
ValidityWed, 24 Apr 2024 01:14:29 GMT - Tue, 23 Jul 2024 01:14:28 GMT

File type
HTML document, ASCII text
Size
252 B (252 bytes)
Hash
80a0117131329166f55e7dc4022b63f9
5838a1b9111a88ebb24a1ca6d8a8d5469fdc97bd
b35585cf421afcccd16bca81c01a0f63d01f877a17de377a1160d40a40beb6c0

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: defendguard.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://defendguard.top/_mysterio_omni/zure/ecd5f64614e7a072fc3a650c495eba6c/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Cookie: cf_clearance=RojZ2stNMY9te8q8ea_Z_3KWraNbUe2hY_Lgd6CnI44-1714792459-1.0.1.1-16db1AGH_cp882mgusj17L.72111OEY8H5Fbhz9JsE5s5wxw_m_.ewWXXVs5quIBgkNaOXcfqH8gBRicwQ3J_w
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Sat, 04 May 2024 03:14:19 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: HIT
age: 18
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3nMq3%2B6M42Zritvj6w1tI5R4mgKG38dbwJ54cq508c6orrTYZkCCsbWAHcUEJNlRsjNyvFtdjRkWrh6NtY02ZXsKWshtFuR2RCi7Cz2vYjzGTWzVZF0Xlrv20wO1J4hZpEQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e551e7ec7f5699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=87e551d2aeac569b

104.17.3.184

169 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=87e551d2aeac569b
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
169 kB (168833 bytes)
Hash
608e014c96d5c4c0753ee1a9ba825d48
5c0541370f89bf903b0bdcc2985d051706c281d5
f4568091f614bc2d0e2ba5b4896b6ff00ee2d07ede40748d391fcd2cdf0b0dc6

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=87e551d2aeac569b HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/p8avc/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 03:14:16 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
server: cloudflare
cf-ray: 87e551d35ee4569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/859812544:1714789781:E0MwoZpGwR45Xde0Na1j-EHb55snu407L728ChlIZF8/87e551e80e9c569b/b89c7ec6d7e0c08

104.17.3.184

35 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/859812544:1714789781:E0MwoZpGwR45Xde0Na1j-EHb55snu407L728ChlIZF8/87e551e80e9c569b/b89c7ec6d7e0c08
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (4400), with no line terminators
Size
35 kB (35398 bytes)
Hash
8fdac5963f320bc579870b5714336ac5
3bbd6cc6e89a24a8f227d5abfda3bbe5c9ba51a2
8046d03b9c603ef9748084bdc5e4e04daa7a645582021fbc5fda1a269bafb6aa

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/859812544:1714789781:E0MwoZpGwR45Xde0Na1j-EHb55snu407L728ChlIZF8/87e551e80e9c569b/b89c7ec6d7e0c08 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8ucdd/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: b89c7ec6d7e0c08
Content-Length: 27686
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 03:14:22 GMT
content-type: text/html; charset=UTF-8
cf-chl-out-s: iivwAVBrnLgOKtpRYDAvwA==$ihOFEKE35Fe0jUVPfNFRAA==
cf-chl-out: ie3fHsjfEs87mYZeOHkO941CybmcGRaKJ9Lah3GF2+/16DRJBqLTCafZjFWNJhlggotqSXOn7qgIKBsfKVQr8Qh3S/mWXZ2YBCJ7zeTs9Aib2rs3fkPqY4Er8hIW8Zt8$8etnszHObYiJFs7S8JUY8Q==
vary: accept-encoding
server: cloudflare
cf-ray: 87e551f8fc9a569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

defendguard.top/_mysterio_omni/functions/validate.php

172.67.134.71

26 kB

URL
defendguard.top/_mysterio_omni/functions/validate.php
IP
172.67.134.71:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
26 kB (26156 bytes)
Hash
c9f34e5d55fac51cffde31238b9575b6
442f463f579f18716a4989a8d7e260d15fffebbb
19f61bb5e134bd111d0df6081c01b08afa42a65ae6f324f31421b0ee5d5f3fd9

HTTP Headers

POST /_mysterio_omni/functions/validate.php HTTP/1.1
Host: defendguard.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 560
Origin: https://defendguard.top
DNT: 1
Connection: keep-alive
Referer: https://defendguard.top/_mysterio_omni/zure/ecd5f64614e7a072fc3a650c495eba6c/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Cookie: cf_clearance=TnWF1G6d2Ykj5cVZ79J.jWSem4tW5zWszZp6r.kRQhA-1714792444-1.0.1.1-EAZfkfUmUBBppFT1aYM1xWsXinFfqk9MSf3vpAOQVR1.14tborhMHMNxqKj5FiNhB7nQ.KI_yfsqR9jV8s5jBQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 03:14:04 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.30
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vhRGw4j0vtQFDClMBtUyHDAkfTVr9E9iiv1Zc6XDOQC5HkgFdwBttQjMMay%2BlOigqwUyLQgVAm%2FXTYt44d6GPqnR0joXcW3txi3zpkSVZDPj3o%2B9H3AfsOJ1wMGOdr9kQHY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e55187e8395699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/182150090:1714789875:iW9CYpuQNVeUlqqKvJJ0v3T4OZLKhOVZs5Wi3srnE4I/87e551fc8dcb569b/d407498725fb8bb

104.17.3.184

200 OK

106 kB

URL POST HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/182150090:1714789875:iW9CYpuQNVeUlqqKvJJ0v3T4OZLKhOVZs5Wi3srnE4I/87e551fc8dcb569b/d407498725fb8bb
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/rsmoe/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
106 kB (105800 bytes)
Hash
b831cfaf32c42c89b98f6773d5ae9ef5
c8ffa535bb90c8987c3ec8ef18b72336f66b9844
fe0dd55615893fb6ef4c264d6cf0940217b347822612dd90fd1064d43f861c64

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/182150090:1714789875:iW9CYpuQNVeUlqqKvJJ0v3T4OZLKhOVZs5Wi3srnE4I/87e551fc8dcb569b/d407498725fb8bb HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/rsmoe/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: d407498725fb8bb
Content-Length: 2798
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 03:14:23 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: Rs2h4YrbvFbqbD1dAMlQJGoufC4LySwOi1ciFmN/0BpjeVQjo17IPCOr03llvVJScGCoFL2EGRjMekY+JD/HeDXMkVffkKD6X8vn6BKs7G1A506kjWUjSlOqtWy1aHgvBLuoHJ5rYueFMW3iAGxI19YjOPMmrXZeoTlDOZT46EMWvz5uHIHSF0Qol4sONb96782KBEURIRI7kfPsBqn/mq72AMCMEpNuR5ro6UkTit5A3RsCwHkJTRG9nRaxjZ3lTRHv7jX/DK4yTuO9YzKbMkDcXZVGBN0lyjVM6QzJcNVFrRqn/yTfL9dgY73sxiAvkoyHNeIepv4mnrIiOBWf2AMZDp3vVRRW4ogtt+lx8CouQmJxXZKSBoyK+y7XqCvTQT6AZRsKBJRAHU1KqDwJFAvxDxlMlWfOrvTYgcYhEEq082B2JaGsFxAWDK8ubBauqnt099rbC3trf73DPizoiA==$K1yJjXcNIyxoQkLFYhBERQ==
vary: accept-encoding
server: cloudflare
cf-ray: 87e551ff1e9e569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/87e551fc8dcb569b/1714792463227/f1e0a43d9e069c73b84e781d0aa8e1376dae8161cb1011345c7246ea696d4425/3vbFV7oF5oBui5k

104.17.3.184

1 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/87e551fc8dcb569b/1714792463227/f1e0a43d9e069c73b84e781d0aa8e1376dae8161cb1011345c7246ea696d4425/3vbFV7oF5oBui5k
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/pat/87e551fc8dcb569b/1714792463227/f1e0a43d9e069c73b84e781d0aa8e1376dae8161cb1011345c7246ea696d4425/3vbFV7oF5oBui5k HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/rsmoe/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 401 Unauthorized
date: Sat, 04 May 2024 03:14:24 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20g8eCkPZ4GnHO4TngdCqjhN22ugWHLEBE0XHJG6mltRCUAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAycESnW8nWijopFBbXs0ShsFXencIiaM4x8DmoYUMDVIj9LKs0W82Vt7SxGoLjV854ZLsONjPcD9gaNsV1U7ial-U1eHrh6bc6pi2_dUVK8NsyLnCLOtvOiP0SY8vabqRR4dPd6S61Y-diDWwToPoCSioJqJhohK4pCLZ5_YF-5VfEFiyMTtIeFQadCwQWCTWWHJgK8wlIzn3e6mBeQZJ1VsOf21BzIlCKUydJy4Pf1ah0N7KjgN2pp4S9j2sSUl0ZbfnPznB7zO130ijqjcDO7wydsvznYw_ApvEdn5mKTlOFBQM1jktH72KBkAGAS-M4Zko5MazCXVbKxK3oLAhkwIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIPHgpD2eBpxzuE54HQqo4TdtroFhyxARNFxyRuppbUQlABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAi_Bv1vvWWnyuOfVJgRV-AQLxEJECUUmMRrMnYz-gJA-oMd79ajvP3atoTZqB_EsZIq7SMmpbCRFhPolqzIrtXh7AF1Q-ZWY2RoRVRgKr7d6iJMZ49iZUmbz837eqBZJrEMuXftZmY35str5sb0GjzklF8z_hcQJC9vancYXncsYoiMDaROW0tLwSQA9BGfbmA6GlbVj4XH8DH19cKifxmO6RlIPPKlL1KmZbrRakkpuqvJO2-x1Zc2S5GCpponuvQTqJQH8Ud9loZLI75e-Xa9KAUNtBTM0t9WSEsv8cSJLV1BPBVTy1lOnwghofw4fqmlYv6CXClzAUqWouSTJ7uwIDAQAB", max-age=20
server: cloudflare
cf-ray: 87e552080acd569b-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=87e551fc8dcb569b

104.17.3.184

200 OK

171 kB

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=87e551fc8dcb569b
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/rsmoe/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
171 kB (170708 bytes)
Hash
45227453c6f327492109bf3e883ecc05
30d0b5cf429f44e119419dc6c20e07172125ac5c
34ae04b0a7fa2915127e4ddc4c0b49b701a3d7ff16fd58e31b259a896381ca66

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=87e551fc8dcb569b HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/rsmoe/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 03:14:22 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
server: cloudflare
cf-ray: 87e551fd1e09569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/api.js

104.17.3.184

302 Found

0 B

URL GET HTTP/3
challenges.cloudflare.com/turnstile/v0/api.js
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://defendguard.top/_mysterio_omni/zure/ecd5f64614e7a072fc3a650c495eba6c/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://defendguard.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Sat, 04 May 2024 03:14:25 GMT
content-length: 0
cross-origin-resource-policy: cross-origin
location: /turnstile/v0/g/d0ff3ebede6b/api.js
access-control-allow-origin: *
cache-control: max-age=300, public
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e5520f5e38569b-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/g/d0ff3ebede6b/api.js

104.17.3.184

200 OK

46 kB

URL GET HTTP/3
challenges.cloudflare.com/turnstile/v0/g/d0ff3ebede6b/api.js
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://defendguard.top/_mysterio_omni/zure/ecd5f64614e7a072fc3a650c495eba6c/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (42565)
Size
46 kB (45461 bytes)
Hash
65b0a652c40c95d12c4ddb3b4567c1ea
c654efa19d01d6553ed4e0f500d350011e023ad1
c6b5cd0b65ebbb519dd845ba2979b40e58b056ca2c90f67a8bfea871d39615a7

HTTP Headers

GET /turnstile/v0/g/d0ff3ebede6b/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://defendguard.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 03:14:22 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e551fb7d80569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

defendguard.top/favicon.ico

172.67.134.71

404 Not Found

26 kB

URL GET HTTP/3
defendguard.top/favicon.ico
IP
172.67.134.71:443
ASN
#13335 CLOUDFLARENET

Requested by
https://defendguard.top/_mysterio_omni/zure/ecd5f64614e7a072fc3a650c495eba6c/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Certificate
IssuerLet's Encrypt
Subjectdefendguard.top
Fingerprint77:FC:29:4F:5A:61:08:38:2B:71:E2:A7:22:1A:53:23:F5:0C:14:56
ValidityWed, 24 Apr 2024 01:14:29 GMT - Tue, 23 Jul 2024 01:14:28 GMT

File type
HTML document, ASCII text
Size
26 kB (25883 bytes)
Hash
80a0117131329166f55e7dc4022b63f9
5838a1b9111a88ebb24a1ca6d8a8d5469fdc97bd
b35585cf421afcccd16bca81c01a0f63d01f877a17de377a1160d40a40beb6c0

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: defendguard.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://defendguard.top/_mysterio_omni/zure/ecd5f64614e7a072fc3a650c495eba6c/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Cookie: cf_clearance=4LJkdzdV0CKMK6XWM.8F3RAey7TgsUeq1pIolwdZfak-1714792465-1.0.1.1-smc0ZAa18vsHYzhuWqblvIO8MJWwHpd1cL7At9QayosEyCiB2yDudvgxXfWUhx26lH1XOyfLvgQQDg7SiMnMnw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Sat, 04 May 2024 03:14:25 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: HIT
age: 24
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iRrEFaGUMHfqSTLxt5QDWj7HaaN4THzrLgMH8wi2CQfyKglJuWGzI73vaJXbBH5WAJyoaZscQZG5YcYpYKmmem7ghhEfLBcKhFSvX0PYGGyFeqmmNyKgtODxeAMuu8fa2Fs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e5520fcbd85699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/rsmoe/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal

104.17.3.184

200 OK

80 kB

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/rsmoe/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://defendguard.top/_mysterio_omni/zure/ecd5f64614e7a072fc3a650c495eba6c/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (41702)
Size
80 kB (80050 bytes)
Hash
3ac33ab792118d04d77bd7147d2fc650
28b90205e9df020ca24f9da5cff87c085df5129b
bcc6e96651c8df46c6f5db55183797c9e3da326d9215748db622636e386f6fc4

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/rsmoe/0x4AAAAAAAUZDvNEXYqNiWys/auto/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://defendguard.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 03:14:22 GMT
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: cross-origin
origin-agent-cluster: ?1
referrer-policy: same-origin
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
vary: accept-encoding
server: cloudflare
cf-ray: 87e551fc8dcb569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (45)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations