Report - topgan.top/_rebelmoon_meta/zure/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=load&no_redrct=null&pcnt=null&no

Report Overview

Submitted URL
topgan.top/_rebelmoon_meta/zure/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=load&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
IP
172.67.222.245
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-07 07:59:45
Access
public
Website Title
topgan.top/_rebelmoon_meta/zure/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=load&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Final URL
topgan.top/_rebelmoon_meta/zure/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=load&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Tags
phishing microsoft outlook
urlquery detections
Phishing - Microsoft Outlook

Detections

urlquery
4
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
topgan.top	unknown	unknown	No data	No data	14 kB	83 kB	172.67.222.245
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2024-05-06	14 kB	858 kB	104.17.3.184
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-05-06	2.6 kB	193 kB	142.250.74.138

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (34)

		Size	First Seen	Last Seen
	#1 Eval - 7f2243e23b28f719df826299706af873	28 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 09:59:52 Last Seen2024-05-07 09:59:52 Times Seen1 Hash 7f2243e23b28f719df826299706af873 a03b2681f001e84ae4e3310837f0bc3f97fe7781 01520b0f72d30c54def64f232c378cfe410a3e2aa2eb967b5f9b5fd37e09616c Loading...

	#2 Eval - 44ce9c2b5dbdc0f28d7037c070550b74	62 B	2024-05-03	2024-05-09
Pretty Observations First Seen2024-05-03 14:37:29 Last Seen2024-05-09 15:26:38 Times Seen386 Hash 44ce9c2b5dbdc0f28d7037c070550b74 a9d8ff605c113bef81e606ea0bb2d8b0d65bd13e b87899b17160a1ab0138f3ff2eacc0c7c9107f22f6ab3ad6e9d9973b98deb26d Loading...

	#3 Eval - 3acbd0b0789a2fc71bcd29d2e4569bfe	28 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 09:59:52 Last Seen2024-05-07 09:59:52 Times Seen1 Hash 3acbd0b0789a2fc71bcd29d2e4569bfe bdafea635529fa9041efc84dc58daa16d4dd1b46 ab489d73357baa10ca619a63ae8407a0c45b4bbd6301d36e4c75f4c804621211 Loading...

	#4 Eval - 68fc0af6ab80967d9bf5221d1386d092	28 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 09:59:52 Last Seen2024-05-07 09:59:52 Times Seen1 Hash 68fc0af6ab80967d9bf5221d1386d092 8cc7cb53e5f5aaae08fc0251d2fa5279d0a11596 e09ad5c7f3d20a8c6b280e1c6fe57480bdda3bd85ff04ff20ad9c1288dcdf37c Loading...

	#5 Eval - 14eb2aafb23a96d7965843e39fcd00b2	28 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 09:59:52 Last Seen2024-05-07 09:59:52 Times Seen1 Hash 14eb2aafb23a96d7965843e39fcd00b2 ac05e0dc7c9f25fc644046c6e76435fbb020f307 cd7372bad4490c608a29896fc07e6b36a4cea6951dee40da45455e377e06f936 Loading...

	#6 Eval - 3e3e73f532d85662b030a7ba7043c29b	1.0 kB	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 09:59:52 Last Seen2024-05-07 09:59:52 Times Seen1 Hash 3e3e73f532d85662b030a7ba7043c29b 836b2f99de649a63aa584bccd2e9c879435228aa 0496d8f9c572702b3e4910d26dc050920b6377c4d8ab501e4eb4a1f14c567c99 Loading...

	#7 Eval - 905d2cdf2360ba471ec20b8abc4b076e	28 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 09:59:52 Last Seen2024-05-07 09:59:52 Times Seen1 Hash 905d2cdf2360ba471ec20b8abc4b076e 2134a3723e398143e62b2e3d6533739bb502038f 86b6a6080fd503b0af9275fde7596a8b50ce914ee9130b512571ed568ee41ec1 Loading...

	#8 Eval - cff13da02f2ca1547ab3366a7dec181a	28 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 09:59:52 Last Seen2024-05-07 09:59:52 Times Seen1 Hash cff13da02f2ca1547ab3366a7dec181a 94e3ab0b39616a771174e654800dc3d3d5feeb59 f1f169acb802f2bbd5de815278417e86801a81a157af529f69557ea591693d37 Loading...

	#9 Eval - 0c603cee961daa7d72a7b27024d38137	28 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 09:59:52 Last Seen2024-05-07 09:59:52 Times Seen1 Hash 0c603cee961daa7d72a7b27024d38137 b8c27e5e47f9c2e574b808538249a16dec97a58a 35e775e102c840e3efb6f63fb5db622bedd2005f5470dfe778bfb766b32645c9 Loading...

	#10 Eval - 9cb13256002abf4c5a1f34ca9a2dcdba	28 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 09:59:52 Last Seen2024-05-07 09:59:52 Times Seen1 Hash 9cb13256002abf4c5a1f34ca9a2dcdba f85f8bedc9965c967655410ad9b89c1102b8e302 5fb0feea87500cc4e226e1be77d2c3ee5af6e9f35d8278735be183bdd8d54e40 Loading...

	#11 Eval - 320f10040860530c77ce02a39b20c353	28 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 09:59:52 Last Seen2024-05-07 09:59:52 Times Seen1 Hash 320f10040860530c77ce02a39b20c353 8db4033e337cb72cc44fb279a0e0b5b868b1804a aa541f7375c812537c401d3d8d205972e80667290fab4fddf683dba9e1bbbbbd Loading...

	#12 Eval - c8d364d024df12fea6d03ce7cd32e3f1	28 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 09:59:52 Last Seen2024-05-07 09:59:52 Times Seen1 Hash c8d364d024df12fea6d03ce7cd32e3f1 db1df8f1f2f81e982b2684d2e03696a7d5466ef0 2c970c06f635d88eb1dc3cc20d2465421ee20c5c6f2720ebf7828529cd0f24e9 Loading...

	#13 Eval - 29bce0b40b0ee79804d736b1f3645294	1.1 kB	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 09:59:52 Last Seen2024-05-07 09:59:52 Times Seen1 Hash 29bce0b40b0ee79804d736b1f3645294 3ac5c921b3f76626064f59049ae5a16654867cea 26e47a6adca9b538720600c75d88031ded16b2b6cfe0da44c98f28c46a5b8124 Loading...

	#14 Eval - 1c0e2ec99060a47bc58cba67f55dfb35	28 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 09:59:52 Last Seen2024-05-07 09:59:52 Times Seen1 Hash 1c0e2ec99060a47bc58cba67f55dfb35 6967fdb6416508ebbe56b22138d9e36369e7459d 8cd06944f78a4610f78696768fa2ed3753a801b1569004a2b9e81a1877482aa0 Loading...

	#15 Eval - 27aaca68749d7ba31efa90c559e5cc2a	28 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 09:59:52 Last Seen2024-05-07 09:59:52 Times Seen1 Hash 27aaca68749d7ba31efa90c559e5cc2a 260f82c385942173de0803885836d300e6aa86e1 668e6257920ecf8356518f811fcc5553774c155bde2d2b20e93dd35128a37a60 Loading...

	#16 Eval - c94415fb343ae20e8147ac72f14a5a27	28 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 09:59:52 Last Seen2024-05-07 09:59:52 Times Seen1 Hash c94415fb343ae20e8147ac72f14a5a27 0039d18a176260b45b9543c9fbaaace819510f4f 2c5df939a408c14646ebeabfdfc71bafd683a4e2af7a51c06dae145933664898 Loading...

	#17 Eval - 2940971cec92bbd52b645ef129839d64	28 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 09:59:52 Last Seen2024-05-07 09:59:52 Times Seen1 Hash 2940971cec92bbd52b645ef129839d64 33f3b4c5f91506370edd81ba80b667ad95dd67f0 435e03441bdb8259ca929e2aee3e793d325a5647348734ddf697c8fd5e6a2804 Loading...

	#18 Eval - b054e39123dcea9128dbab31ee5c62bc	144 B	2024-05-03	2024-05-09
Pretty Observations First Seen2024-05-03 17:22:42 Last Seen2024-05-09 14:34:52 Times Seen40 Hash b054e39123dcea9128dbab31ee5c62bc 16bf068d714789cb64c56fc988ba383728ec81ba 6d9936ae6387805decf9710670ffe1ac519a9a74ed473ca3c95962067dc32dfe Loading...

	#19 Eval - 90982ba1863b8c8b1c3f7cf43ccd8dd5	161 B	2024-05-03	2024-05-09
Pretty Observations First Seen2024-05-03 20:21:33 Last Seen2024-05-09 14:01:34 Times Seen45 Hash 90982ba1863b8c8b1c3f7cf43ccd8dd5 2cb3f2ac4e1d986da5c9197a90e0d8ea67c8077a 510ef32495a432df1475f95417dcb39d7ab0bd4526c5ac96f6b0117649b66a81 Loading...

	#20 Eval - e353fa4c0f86a40d8dc0d4b43c99d458	28 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 09:59:52 Last Seen2024-05-07 09:59:52 Times Seen1 Hash e353fa4c0f86a40d8dc0d4b43c99d458 ae39f8f29379926093ec3f3f39c9cd0a9d148762 9ee24f79553ee06bd57c9c00de3e58584ff965a7f292d62b4d434e74df43b950 Loading...

	#21 Eval - 1884c36f20fba7aad20090d54e503c36	28 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 09:59:52 Last Seen2024-05-07 09:59:52 Times Seen1 Hash 1884c36f20fba7aad20090d54e503c36 dcff8fa2bb5a174e3ada96ba44b55c0f0273b72d ef9c0eb525786c640e5b51f806b313d494e471fd2db338bd78d808d4366982cb Loading...

	#22 Eval - d504088917a437f8296c9d32bd3edd62	28 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 09:59:52 Last Seen2024-05-07 09:59:52 Times Seen1 Hash d504088917a437f8296c9d32bd3edd62 1882fed809d97583f256236aa3119713bded9dd8 a77f61f1c8c84bb498693512812dd7f63486184980b0ee75cf7f5d272b5077a1 Loading...

	#23 Eval - b12e44bbef883e83ca971a8d68c025fa	28 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 09:59:52 Last Seen2024-05-07 09:59:52 Times Seen1 Hash b12e44bbef883e83ca971a8d68c025fa cab6f3ead41703e1b43badf2cc621992f02781ac 02c9aab42b211d1943b55a215fcc3ead1688eccf918000c9407b9ba7b240569c Loading...

	#24 Eval - 34f338903fca69d24fb5a43131de34bd	28 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 09:59:52 Last Seen2024-05-07 09:59:52 Times Seen1 Hash 34f338903fca69d24fb5a43131de34bd cfa10be4f2586d2206aff6e04d94deca42775b79 1ade0b51b394ea4c91467a188d0af83540ab79fbf6fe616cecf71b4b3d76b1ce Loading...

	#25 Eval - d83069a91ad8ef89d06050c068277e86	28 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 09:59:52 Last Seen2024-05-07 09:59:52 Times Seen1 Hash d83069a91ad8ef89d06050c068277e86 ea040e1efb99bcb4bf4d7736e9590d4df4b60224 5ada65a0ab1e39cf4043f11c2155acfc98f559ec49ee4145703a255dd2189f00 Loading...

	#26 Eval - 5a42f5208c3f4e8331ed85162f0ba70a	28 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 09:59:52 Last Seen2024-05-07 09:59:52 Times Seen1 Hash 5a42f5208c3f4e8331ed85162f0ba70a 7302a05e95487412573b06cd8d8e235c06533373 86ddf4a4e9e34b0650ba6125a4ae8484e69e8f7893195b5ae2c8ab52f9c49299 Loading...

	#27 Eval - e4d302bd7d37f124118efa6dd06e56b1	28 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 09:59:52 Last Seen2024-05-07 09:59:52 Times Seen1 Hash e4d302bd7d37f124118efa6dd06e56b1 194fb3ffaedf47d67664ad22ab409e261cca9ad3 6fea5eb9c4f5ac47c05fce14deb9ce4ce55ade71866ff2c95de9d882343271cf Loading...

	#28 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07	2024-05-19
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-05-19 15:28:26 Times Seen353094 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	#29 Eval - 08d281810c32daac7033949eed2a9128	28 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 09:59:52 Last Seen2024-05-07 09:59:52 Times Seen1 Hash 08d281810c32daac7033949eed2a9128 6d192380e328bde70dbb1a584c28b552a668b79d 2bd1c63b6ca46883c41d00bc89c14b164c1bd2d4ce427077c4f9fb5ba22d0141 Loading...

	#30 Eval - 4fd1eff5851b832cc8cca6bdb7a5c772	28 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 09:59:52 Last Seen2024-05-07 09:59:52 Times Seen1 Hash 4fd1eff5851b832cc8cca6bdb7a5c772 5e44d5ac93eec77336c7d742e1205c8352ba5c3c f5719b75f1979051379db8e4efd0626f130f9176d37423f0293a45d20c6488ea Loading...

	#31 Eval - bafb199b6152fe999587e667cf1dd246	28 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 09:59:52 Last Seen2024-05-07 09:59:52 Times Seen1 Hash bafb199b6152fe999587e667cf1dd246 b2017fe799092e913085fd5722b9242d8b70c52e 6c022276b49dcb097072be645da3f42256df54657dedc776789a627f41479a38 Loading...

	#32 Eval - dd1eea5d39e3b5b1c54fe72e23832e2a	28 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 09:59:52 Last Seen2024-05-07 09:59:52 Times Seen1 Hash dd1eea5d39e3b5b1c54fe72e23832e2a 418cf32faaa1793195e1f3eada0779f05746f840 5194d6796d77466903a2d39cc4d8afb15ff1411a2d56cab303572ca2ab77e2eb Loading...

	#33 Eval - e73eb805cd8145ac0ddb5e22788b6e58	28 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 09:59:52 Last Seen2024-05-07 09:59:52 Times Seen1 Hash e73eb805cd8145ac0ddb5e22788b6e58 6e638024d2934d2d066a98c8e001cd37af6a3eb5 5508393038ff8000e84db36e4eabc307dba270818a1a2c3f28a410a087b1179a Loading...

	#34 Eval - 209401061c026c4dd5cb7924d8949c7a	28 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 09:59:52 Last Seen2024-05-07 09:59:52 Times Seen1 Hash 209401061c026c4dd5cb7924d8949c7a 5557b0ad0ba3710d02fc3e4e923fe0bb1ffa49be 1b8a14300e8fb6947a7d8e61ee41df7a6ca697d9d77a1747dce43d2bd26ceb02 Loading...

HTTP Transactions (46)

URL IP Response Size

challenges.cloudflare.com/turnstile/v0/api.js

104.17.3.184

302 Found

0 B

URL GET HTTP/3
challenges.cloudflare.com/turnstile/v0/api.js
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://topgan.top/_rebelmoon_meta/zure/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=load&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://topgan.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 07 May 2024 07:59:20 GMT
content-length: 0
cache-control: max-age=300, public
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
location: /turnstile/v0/b/ce7818f50e39/api.js
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ffab89da377128-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js

142.250.74.138

200 OK

31 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://topgan.top/_rebelmoon_meta/zure/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=load&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (31191 bytes)
Hash
cf2fbbf84281d9ecbffb4993203d543b
832a6a4e86daf38b1975d705c5de5d9e5f5844bc
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

HTTP Headers

GET /ajax/libs/jquery/3.6.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://topgan.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:01:09 GMT
expires: Fri, 02 May 2025 02:01:09 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Wed, 11 Jan 2023 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 453491
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

topgan.top/cdn-cgi/challenge-platform/scripts/jsd/main.js

172.67.222.245

0 B

URL
topgan.top/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
172.67.222.245:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: topgan.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Tue, 07 May 2024 07:59:20 GMT
content-length: 0
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NnVEhoX9oaC3K4mpRl9nfa5Z85yf838xzGWphUVmO3gl0VtMkT9fNDf9w8dRJyGq043SJRKTFoZs6cxyrnoaGZ8ngTu36J4GCMdIYnjDKqNxTA8HuDKncKKmnFJx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ffab8bca860b02-OSL
alt-svc: h3=":443"; ma=86400

topgan.top/cdn-cgi/challenge-platform/h/b/jsd/r/87ffab8488d7569a

172.67.222.245

0 B

URL
topgan.top/cdn-cgi/challenge-platform/h/b/jsd/r/87ffab8488d7569a
IP
172.67.222.245:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/jsd/r/87ffab8488d7569a HTTP/1.1
Host: topgan.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12378
Origin: https://topgan.top
DNT: 1
Connection: keep-alive
Referer: https://topgan.top/_rebelmoon_meta/zure/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=load&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 07:59:21 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=NzEFoMUvWc.AVSlh_qKE2Xql8lVbypZEPqmmlhX6u7M-1715068761-1.0.1.1-9XyJjgK70zhr5t7gwuKJ.HpboO5nobMM08Uk.ebtsV6C3JKipoibbzGsUaBAnbSfpg05_RgzJJljVAdMvLmagg; path=/; expires=Wed, 07-May-25 07:59:21 GMT; domain=.topgan.top; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2hOPeFlqu%2Fi76GFKJ2z6euZpvXjdogX2EzyQhXl6EPP6WOvwivRVxFDiF0%2BeefVsgM%2B9QEvBy6jgte4AKHalqHfzuQKrZq7UQ%2BkS5i4xJ%2FTAWDwpoJZhq38lzUuD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ffab8dfe090b02-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D

104.17.3.184

200 OK

61 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/mxdt4/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/mfckf/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 07:59:21 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 87ffab8e9dcb56a9-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/87ffab8c38e756a9/1715068761865/3f8928d396b173c1f98be198ad09e6c8e0858d40529e57fb236228e2b8c7d0ca/1ikWFzY2GPL7QMX

104.17.3.184

1 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/87ffab8c38e756a9/1715068761865/3f8928d396b173c1f98be198ad09e6c8e0858d40529e57fb236228e2b8c7d0ca/1ikWFzY2GPL7QMX
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/pat/87ffab8c38e756a9/1715068761865/3f8928d396b173c1f98be198ad09e6c8e0858d40529e57fb236228e2b8c7d0ca/1ikWFzY2GPL7QMX HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/mfckf/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 401 Unauthorized
date: Tue, 07 May 2024 07:59:23 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gP4ko05axc8H5i-GYrQnmyOCFjUBSnlf7I2Io4rjH0MoAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAycESnW8nWijopFBbXs0ShsFXencIiaM4x8DmoYUMDVIj9LKs0W82Vt7SxGoLjV854ZLsONjPcD9gaNsV1U7ial-U1eHrh6bc6pi2_dUVK8NsyLnCLOtvOiP0SY8vabqRR4dPd6S61Y-diDWwToPoCSioJqJhohK4pCLZ5_YF-5VfEFiyMTtIeFQadCwQWCTWWHJgK8wlIzn3e6mBeQZJ1VsOf21BzIlCKUydJy4Pf1ah0N7KjgN2pp4S9j2sSUl0ZbfnPznB7zO130ijqjcDO7wydsvznYw_ApvEdn5mKTlOFBQM1jktH72KBkAGAS-M4Zko5MazCXVbKxK3oLAhkwIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tID-JKNOWsXPB-YvhmK0J5sjghY1AUp5X-yNiKOK4x9DKABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAi_Bv1vvWWnyuOfVJgRV-AQLxEJECUUmMRrMnYz-gJA-oMd79ajvP3atoTZqB_EsZIq7SMmpbCRFhPolqzIrtXh7AF1Q-ZWY2RoRVRgKr7d6iJMZ49iZUmbz837eqBZJrEMuXftZmY35str5sb0GjzklF8z_hcQJC9vancYXncsYoiMDaROW0tLwSQA9BGfbmA6GlbVj4XH8DH19cKifxmO6RlIPPKlL1KmZbrRakkpuqvJO2-x1Zc2S5GCpponuvQTqJQH8Ud9loZLI75e-Xa9KAUNtBTM0t9WSEsv8cSJLV1BPBVTy1lOnwghofw4fqmlYv6CXClzAUqWouSTJ7uwIDAQAB", max-age=20
server: cloudflare
cf-ray: 87ffab9e5af256a9-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/87ffab8c38e756a9/1715068761870/lrLlH8SWoRRUiQy

104.17.3.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/87ffab8c38e756a9/1715068761870/lrLlH8SWoRRUiQy
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 30 x 97, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
c27faf712ded80ace26d18f8fe012433
c3aae9f1a25f5c3becf669f0ef3e7c8a8ce8153d
6412ecdea3df07a1c461224d3adcfe59fe895f5fe895c10b884c1df86a40c37c

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/i/87ffab8c38e756a9/1715068761870/lrLlH8SWoRRUiQy HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/mfckf/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 07:59:24 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 87ffaba35c6e56a9-OSL
alt-svc: h3=":443"; ma=86400

topgan.top/cdn-cgi/challenge-platform/h/b/rc/87ffab8c38e756a9

172.67.222.245

21 B

URL
topgan.top/cdn-cgi/challenge-platform/h/b/rc/87ffab8c38e756a9
IP
172.67.222.245:0
ASN
#13335 CLOUDFLARENET

File type
JSON text data
Size
21 B (21 bytes)
Hash
018598ff9794435b440d1bbf293cc10f
9129b0ca1a4febdf97636946a1fe7be8abf11890
898a24300baa285e173627eb7801c18db52748bb2119f56a71dcce0a5f8c8063

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/rc/87ffab8c38e756a9 HTTP/1.1
Host: topgan.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://topgan.top/_rebelmoon_meta/zure/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=load&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Content-Type: application/json
Content-Length: 596
Origin: https://topgan.top
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=NzEFoMUvWc.AVSlh_qKE2Xql8lVbypZEPqmmlhX6u7M-1715068761-1.0.1.1-9XyJjgK70zhr5t7gwuKJ.HpboO5nobMM08Uk.ebtsV6C3JKipoibbzGsUaBAnbSfpg05_RgzJJljVAdMvLmagg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 07:59:24 GMT
content-type: application/json
content-length: 21
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
set-cookie: cf_clearance=qTpGw2VlocBvTamgFZNbqqHbs0ksMDu.PSDqR5aQyAs-1715068764-1.0.1.1-Aem92CeLfGvXWq_0MmN3Frwdf3TdarN35_655AqfDwY_PnCfqlS2gkDI.mwjv21D2ng_9dzV3r3KbcjQ9NyjVg; path=/; expires=Wed, 07-May-25 07:59:24 GMT; domain=.topgan.top; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cd9qzdgjQ0GEGwF%2BvdMqcszIsz98fsgIA76w6WG7LkaAt%2FQE5qKQhx6ApgFGDLGdBFBHU9ZNkoL3JujYpRdOfCfEdnOgcy6cjxeKsLPNoheTIFuVSoNg%2FQjMAaaB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ffaba4fe6a0b02-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/715605903:1715065742:08UXx7QYQodbLTV2AgcueoBt0QFW55sEtIAc5J6ef5w/87ffab8c38e756a9/47c63a8c48ddb1f

104.17.3.184

4.2 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/715605903:1715065742:08UXx7QYQodbLTV2AgcueoBt0QFW55sEtIAc5J6ef5w/87ffab8c38e756a9/47c63a8c48ddb1f
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (4400), with no line terminators
Size
4.2 kB (4204 bytes)
Hash
bbe887cf341dfc763f1f9ac55dfab550
fbdb9cda840043568a4fdcfee66a62cde99fa4e9
2941c638732209f8c7589f79562ca61ec23535fe4def48657bc437be5c8255ac

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/715605903:1715065742:08UXx7QYQodbLTV2AgcueoBt0QFW55sEtIAc5J6ef5w/87ffab8c38e756a9/47c63a8c48ddb1f HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/mfckf/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 47c63a8c48ddb1f
Content-Length: 28071
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 07:59:24 GMT
content-type: text/html; charset=UTF-8
cf-chl-out-s: 2ugXsw40XVdeQRBZY0251A==$zD8se9m4pXNIVXafQPv3pQ==
cf-chl-out: JHkqqa78cPjtdi0Lp14crchl/2nOmfusAq0ZlbivHxyWt8whaJveHojhM6VHB+IwvJN/GGelOklgLdIsgKnUuI//w2MY/Zj+3HIxJkXByQaaapeAU6g/+GdzqMXoHKPO$gD95c5N+QUtReWCrOC7BGg==
vary: accept-encoding
server: cloudflare
cf-ray: 87ffaba46e4856a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js

142.250.74.138

200 OK

31 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://topgan.top/_rebelmoon_meta/zure/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=load&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (31191 bytes)
Hash
cf2fbbf84281d9ecbffb4993203d543b
832a6a4e86daf38b1975d705c5de5d9e5f5844bc
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

HTTP Headers

GET /ajax/libs/jquery/3.6.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://topgan.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:01:09 GMT
expires: Fri, 02 May 2025 02:01:09 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Wed, 11 Jan 2023 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 453496
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D

104.17.3.184

200 OK

61 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/mxdt4/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/rh5b9/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 07:59:25 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 87ffabaa280156a9-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/502586017:1715065695:wmGuQeNM2UDJD8YdtvcR_CNCqnhrI3bLj7jhRpH5MvA/87ffaba93e8b56a9/74da89d0d438355

104.17.3.184

115 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/502586017:1715065695:wmGuQeNM2UDJD8YdtvcR_CNCqnhrI3bLj7jhRpH5MvA/87ffaba93e8b56a9/74da89d0d438355
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
115 kB (115405 bytes)
Hash
2460d2cb0727d62c415aa5d5a54c2e7d
926c293caf5bf2fdd005330528e327fef4a73a4e
b4b4632f6cb14e8f47146ed9e0df8e9c99decd346f7818a65f4e9b7743c63745

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/502586017:1715065695:wmGuQeNM2UDJD8YdtvcR_CNCqnhrI3bLj7jhRpH5MvA/87ffaba93e8b56a9/74da89d0d438355 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/rh5b9/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 74da89d0d438355
Content-Length: 2885
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 07:59:26 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: efix43kApy0SV6Rr25TyTo9mllzx2hhW6Rntu9PO0UQDkwOWntwQTEP+4rFTMixwvTC9zuRU4D+QB27cVYfyZxo4gInkM8G8VgPUTLQ0Dc7arQ0xVOovWBbH9cTTPV6GbKFIOPxvmXyzVR03yw2kkIFJPFd5gaAjkkenh8SeH9yahFo7uE3helcibJBvtQ1+E9i82EC7cmELXceCaF31crRY5H46DsYKJz8i13bvyO88itZFrMX+aWQ+91GopoVQATvCSrXSkvxmDJxPXZmHgPUKDARIEcj0h31Dh6RjA3vpDDkAQ29vcWrzi9f3bAxN/OKFJ7mg8NVi+AExSHLh8zmkjJCBsSwgS8F1aQ5zSuMSlNJJ+vMEgj81nMaysUqsOHLI88jy+IAPYTasNi3LlrBgm1o2ZMZ7DLXgWiDktufVa9NsucTaWj4cGZrJu1gd5RIP0K2Il72wxOvAC1nV1RBurDG25IRPdAOIq4Kz/GVRyIzEoD/HiYgjZ2GHI1b6Dee2HxmMDbNxpLHvdlxz6bFH5/BamYeG2F89HC0NO+g=$XOqaAUT+JoUwVesnL/YuaQ==
vary: accept-encoding
server: cloudflare
cf-ray: 87ffabac4b9456a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

topgan.top/_rebelmoon_meta/functions/validate.php

172.67.222.245

2 B

URL
topgan.top/_rebelmoon_meta/functions/validate.php
IP
172.67.222.245:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
a42608414e57197648377aaf910a74d2
bf6e9bb31273af0b2b8405738587f81f2fea216e
6682636f3234c54e5b4c436669805918d538ba93f66d307250ea0176f852e2f6

HTTP Headers

POST /_rebelmoon_meta/functions/validate.php HTTP/1.1
Host: topgan.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 560
Origin: https://topgan.top
DNT: 1
Connection: keep-alive
Referer: https://topgan.top/_rebelmoon_meta/zure/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=load&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Cookie: cf_clearance=qTpGw2VlocBvTamgFZNbqqHbs0ksMDu.PSDqR5aQyAs-1715068764-1.0.1.1-Aem92CeLfGvXWq_0MmN3Frwdf3TdarN35_655AqfDwY_PnCfqlS2gkDI.mwjv21D2ng_9dzV3r3KbcjQ9NyjVg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 07:59:25 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q4OrdxAwJCAYTAvQhJIe3oMYxm9HSua30y4cgfUsvL0zjnJ8SPo8Rzb0FxVApPa8u0vy8z3HcKnF5FtzlXLlmV%2B2wi6NoKhf7pwc1FflPg%2FMaHzP1wnIk3AKonj6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ffaba54ece0b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

topgan.top/cdn-cgi/challenge-platform/h/b/rc/87ffaba93e8b56a9

172.67.222.245

21 B

URL
topgan.top/cdn-cgi/challenge-platform/h/b/rc/87ffaba93e8b56a9
IP
172.67.222.245:0
ASN
#13335 CLOUDFLARENET

File type
JSON text data
Size
21 B (21 bytes)
Hash
018598ff9794435b440d1bbf293cc10f
9129b0ca1a4febdf97636946a1fe7be8abf11890
898a24300baa285e173627eb7801c18db52748bb2119f56a71dcce0a5f8c8063

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/rc/87ffaba93e8b56a9 HTTP/1.1
Host: topgan.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://topgan.top/_rebelmoon_meta/zure/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=load&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Content-Type: application/json
Content-Length: 596
Origin: https://topgan.top
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=qTpGw2VlocBvTamgFZNbqqHbs0ksMDu.PSDqR5aQyAs-1715068764-1.0.1.1-Aem92CeLfGvXWq_0MmN3Frwdf3TdarN35_655AqfDwY_PnCfqlS2gkDI.mwjv21D2ng_9dzV3r3KbcjQ9NyjVg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 07:59:28 GMT
content-type: application/json
content-length: 21
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
set-cookie: cf_clearance=Kguezt3pmQxpFBF4gRE0ZyaV18F6u5kKS96k_qAR5BU-1715068768-1.0.1.1-rQL._eaMYwnjRoZUDLJCOXX.9XU1rZjlPil_3XvmjathesdIvtIAMLReflPyFUhbrkcwQuJNJyaOJURiq4ggzg; path=/; expires=Wed, 07-May-25 07:59:28 GMT; domain=.topgan.top; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UAv%2FF50IkgHMoLbBEjfuAlUuwSm8khwVWZxa%2FprnscE%2FxCAViIQNAqeDy%2BSaLL8AkH3mLQkA8InaWvH9NQLrgX%2FRDPQjo4Tfv7su5F%2FhjTBZ3iZxvfYnnEXGH3k1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ffabbc5f2a0b02-OSL
alt-svc: h3=":443"; ma=86400

topgan.top/_rebelmoon_meta/zure/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=load&no_redrct=null&pcnt=null&no_psplash=null&pmax=null

172.67.222.245

200 OK

418 B

URL User Request GET HTTP/3
topgan.top/_rebelmoon_meta/zure/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=load&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
IP
172.67.222.245:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjecttopgan.top
Fingerprint56:04:B4:58:65:97:1B:EC:AB:A4:8C:6B:9F:69:56:BF:39:F4:D1:23
ValiditySat, 13 Apr 2024 08:36:43 GMT - Fri, 12 Jul 2024 08:36:42 GMT

File type
HTML document, ASCII text, with very long lines (783), with no line terminators
Size
418 B (418 bytes)
Hash
4ca8d76cb22b110e74968bccf76a4d01
d37207348c7695443ac81060ccd9107a861ca01d
d8beb15504e540f5baaeece98d4153b0bf8c6c404808b5c60fe9d71c1b760b30

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /_rebelmoon_meta/zure/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=load&no_redrct=null&pcnt=null&no_psplash=null&pmax=null HTTP/1.1
Host: topgan.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=Kguezt3pmQxpFBF4gRE0ZyaV18F6u5kKS96k_qAR5BU-1715068768-1.0.1.1-rQL._eaMYwnjRoZUDLJCOXX.9XU1rZjlPil_3XvmjathesdIvtIAMLReflPyFUhbrkcwQuJNJyaOJURiq4ggzg
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 07:59:29 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q3lqQpvHyndls2%2BKw55KdewDNWEE3bJLY0qJwLEo2eHU3RAotsqGTvVI%2FlW20G59%2BfDzynUBOV4uy9Qc%2BXbDJHhp5E4fXPtcDv0aWWt8s08FdiAZZQYyAmxRPEsV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ffabbd88d00b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js

142.250.74.138

200 OK

31 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://topgan.top/_rebelmoon_meta/zure/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=load&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (31191 bytes)
Hash
cf2fbbf84281d9ecbffb4993203d543b
832a6a4e86daf38b1975d705c5de5d9e5f5844bc
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

HTTP Headers

GET /ajax/libs/jquery/3.6.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://topgan.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:01:09 GMT
expires: Fri, 02 May 2025 02:01:09 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Wed, 11 Jan 2023 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 453500
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/swfp1/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal

104.17.3.184

26 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/swfp1/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (41702)
Size
26 kB (25831 bytes)
Hash
db7df2cf2e0bd6edae922e2c81856aff
196f0cb0f1beef10628c9b4c1b38cfdbb4cea158
aceb1d8c2d02e445d25c13b9fd6d81d5d34b6393ff273efce51059e2ea49144d

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/swfp1/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://topgan.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 07:59:29 GMT
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
referrer-policy: same-origin
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
document-policy: js-profiling
origin-agent-cluster: ?1
vary: accept-encoding
server: cloudflare
cf-ray: 87ffabbf1cd956a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

topgan.top/favicon.ico

172.67.222.245

404 Not Found

3.9 kB

URL GET HTTP/3
topgan.top/favicon.ico
IP
172.67.222.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://topgan.top/_rebelmoon_meta/zure/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=load&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Certificate
IssuerGoogle Trust Services LLC
Subjecttopgan.top
Fingerprint56:04:B4:58:65:97:1B:EC:AB:A4:8C:6B:9F:69:56:BF:39:F4:D1:23
ValiditySat, 13 Apr 2024 08:36:43 GMT - Fri, 12 Jul 2024 08:36:42 GMT

File type
HTML document, ASCII text
Size
3.9 kB (3879 bytes)
Hash
91bb4645ef06a33d5386c9533946dda3
b2b607a1e83c201bd8b703f65e36c9c215dc68f0
50a863e28178a78a6ad5933e33c9920bed8e20af02d5b7fc6a9d99a7f3789f00

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: topgan.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://topgan.top/_rebelmoon_meta/zure/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=load&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Cookie: cf_clearance=Kguezt3pmQxpFBF4gRE0ZyaV18F6u5kKS96k_qAR5BU-1715068768-1.0.1.1-rQL._eaMYwnjRoZUDLJCOXX.9XU1rZjlPil_3XvmjathesdIvtIAMLReflPyFUhbrkcwQuJNJyaOJURiq4ggzg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Tue, 07 May 2024 07:59:29 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: HIT
age: 8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x4bWeVvHpI%2FUVAqmPS0xsKSDKMW8v%2FjySzUl%2ByI5rcYVuv1LU8fVhh7LHnzOA%2FZOFAOXp654%2FMe328Ibl12CY6MQi9s3H9wvb98VQbZVji8F%2FRMzIB8oG8USlsy7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ffabbefb130b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/b/ce7818f50e39/api.js

104.17.3.184

200 OK

14 kB

URL GET HTTP/3
challenges.cloudflare.com/turnstile/v0/b/ce7818f50e39/api.js
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://topgan.top/_rebelmoon_meta/zure/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=load&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (42565)
Size
14 kB (14334 bytes)
Hash
a5b92920e25651d2058f4982a108347b
caeeadd68d38fdb681c52006c68880abc2e8a1a6
49a5abedf03eb8ad9a66eca7c5ccb8e59a440e06958e1e7b71d078f494178dc5

HTTP Headers

GET /turnstile/v0/b/ce7818f50e39/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://topgan.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 07:59:29 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ffabbeac2a56a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/87ffabbf1cd956a9/1715068769598/c5c95b8bb6cc903418800833ae7913deec51432068585797ac058adf1f0f2387/5XOljOGbZ50C536

104.17.3.184

1 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/87ffabbf1cd956a9/1715068769598/c5c95b8bb6cc903418800833ae7913deec51432068585797ac058adf1f0f2387/5XOljOGbZ50C536
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/pat/87ffabbf1cd956a9/1715068769598/c5c95b8bb6cc903418800833ae7913deec51432068585797ac058adf1f0f2387/5XOljOGbZ50C536 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/swfp1/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 401 Unauthorized
date: Tue, 07 May 2024 07:59:30 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gxclbi7bMkDQYgAgzrnkT3uxRQyBoWFeXrAWK3x8PI4cAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAycESnW8nWijopFBbXs0ShsFXencIiaM4x8DmoYUMDVIj9LKs0W82Vt7SxGoLjV854ZLsONjPcD9gaNsV1U7ial-U1eHrh6bc6pi2_dUVK8NsyLnCLOtvOiP0SY8vabqRR4dPd6S61Y-diDWwToPoCSioJqJhohK4pCLZ5_YF-5VfEFiyMTtIeFQadCwQWCTWWHJgK8wlIzn3e6mBeQZJ1VsOf21BzIlCKUydJy4Pf1ah0N7KjgN2pp4S9j2sSUl0ZbfnPznB7zO130ijqjcDO7wydsvznYw_ApvEdn5mKTlOFBQM1jktH72KBkAGAS-M4Zko5MazCXVbKxK3oLAhkwIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIMXJW4u2zJA0GIAIM655E97sUUMgaFhXl6wFit8fDyOHABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAi_Bv1vvWWnyuOfVJgRV-AQLxEJECUUmMRrMnYz-gJA-oMd79ajvP3atoTZqB_EsZIq7SMmpbCRFhPolqzIrtXh7AF1Q-ZWY2RoRVRgKr7d6iJMZ49iZUmbz837eqBZJrEMuXftZmY35str5sb0GjzklF8z_hcQJC9vancYXncsYoiMDaROW0tLwSQA9BGfbmA6GlbVj4XH8DH19cKifxmO6RlIPPKlL1KmZbrRakkpuqvJO2-x1Zc2S5GCpponuvQTqJQH8Ud9loZLI75e-Xa9KAUNtBTM0t9WSEsv8cSJLV1BPBVTy1lOnwghofw4fqmlYv6CXClzAUqWouSTJ7uwIDAQAB", max-age=20
server: cloudflare
cf-ray: 87ffabc9697056a9-OSL
alt-svc: h3=":443"; ma=86400

topgan.top/cdn-cgi/challenge-platform/h/b/rc/87ffabbf1cd956a9

172.67.222.245

21 B

URL
topgan.top/cdn-cgi/challenge-platform/h/b/rc/87ffabbf1cd956a9
IP
172.67.222.245:0
ASN
#13335 CLOUDFLARENET

File type
JSON text data
Size
21 B (21 bytes)
Hash
018598ff9794435b440d1bbf293cc10f
9129b0ca1a4febdf97636946a1fe7be8abf11890
898a24300baa285e173627eb7801c18db52748bb2119f56a71dcce0a5f8c8063

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/rc/87ffabbf1cd956a9 HTTP/1.1
Host: topgan.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://topgan.top/_rebelmoon_meta/zure/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=load&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Content-Type: application/json
Content-Length: 596
Origin: https://topgan.top
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=Kguezt3pmQxpFBF4gRE0ZyaV18F6u5kKS96k_qAR5BU-1715068768-1.0.1.1-rQL._eaMYwnjRoZUDLJCOXX.9XU1rZjlPil_3XvmjathesdIvtIAMLReflPyFUhbrkcwQuJNJyaOJURiq4ggzg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 07:59:32 GMT
content-type: application/json
content-length: 21
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
set-cookie: cf_clearance=WJbVFlesI.jDDbd1vAn8kNpXTxjX2R8z8UOedO9tltY-1715068772-1.0.1.1-okm2YJYRNqKUkPUS0NlvwhrJhN53ZJSQsymCIMKZ5bGArixeuBCC3tDyQtM69uObiwzb6Xi1vIoZIXpyQpxZpA; path=/; expires=Wed, 07-May-25 07:59:32 GMT; domain=.topgan.top; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sqNpwUlZm7KqwhhviqsNdZEDAHFRtVw8eiz5%2FLOb4AwFtl9ZBCDCngo2eq7mcm0SOjVYItrvw%2F%2Fwr5Q2V9CdiI5McH1kqo0%2FEjDN%2BxJwiCrpYluPbOx2XTUsVsOL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ffabd0eb0f0b02-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/api.js

104.17.3.184

302 Found

0 B

URL GET HTTP/3
challenges.cloudflare.com/turnstile/v0/api.js
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://topgan.top/_rebelmoon_meta/zure/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=load&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://topgan.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Tue, 07 May 2024 07:59:32 GMT
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
location: /turnstile/v0/b/ce7818f50e39/api.js
cache-control: max-age=300, public
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ffabd30ba356a9-OSL
alt-svc: h3=":443"; ma=86400

topgan.top/_rebelmoon_meta/functions/validate.php

172.67.222.245

31 kB

URL
topgan.top/_rebelmoon_meta/functions/validate.php
IP
172.67.222.245:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
31 kB (31192 bytes)
Hash
cd7bc652307ad520366f441f280c3841
6793c65d772047d2f94cae30b74e5e99266731a4
76fac969d2b0e07d21bf7f1c395d0a855abbf6559edb1cc13415db1811ec6187

HTTP Headers

POST /_rebelmoon_meta/functions/validate.php HTTP/1.1
Host: topgan.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 560
Origin: https://topgan.top
DNT: 1
Connection: keep-alive
Referer: https://topgan.top/_rebelmoon_meta/zure/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=load&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Cookie: cf_clearance=WJbVFlesI.jDDbd1vAn8kNpXTxjX2R8z8UOedO9tltY-1715068772-1.0.1.1-okm2YJYRNqKUkPUS0NlvwhrJhN53ZJSQsymCIMKZ5bGArixeuBCC3tDyQtM69uObiwzb6Xi1vIoZIXpyQpxZpA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 07:59:32 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LOvXXmmZFwSCs1MoorUqvodq8RijAht2eCp8H8mhw2uljv56WYvXX3kj%2FDnzdH41WJ1bZqLHW0nekTWubCN8Okrx0nsTvFAvDtEIyGgt%2FsyVkIVUfjorsJbkkSKv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ffabd11b4e0b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

172.67.222.245

200 OK

479 B

URL User Request GET HTTP/3
topgan.top/_rebelmoon_meta/zure/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=load&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
IP
172.67.222.245:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjecttopgan.top
Fingerprint56:04:B4:58:65:97:1B:EC:AB:A4:8C:6B:9F:69:56:BF:39:F4:D1:23
ValiditySat, 13 Apr 2024 08:36:43 GMT - Fri, 12 Jul 2024 08:36:42 GMT

File type
HTML document, ASCII text, with very long lines (783), with no line terminators
Size
479 B (479 bytes)
Hash
4ca8d76cb22b110e74968bccf76a4d01
d37207348c7695443ac81060ccd9107a861ca01d
d8beb15504e540f5baaeece98d4153b0bf8c6c404808b5c60fe9d71c1b760b30

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /_rebelmoon_meta/zure/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=load&no_redrct=null&pcnt=null&no_psplash=null&pmax=null HTTP/1.1
Host: topgan.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=WJbVFlesI.jDDbd1vAn8kNpXTxjX2R8z8UOedO9tltY-1715068772-1.0.1.1-okm2YJYRNqKUkPUS0NlvwhrJhN53ZJSQsymCIMKZ5bGArixeuBCC3tDyQtM69uObiwzb6Xi1vIoZIXpyQpxZpA
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 07:59:32 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rps1F%2FTVPu5RZfFPulSO3pdeNczx%2Fl%2FfXcROMuzuPcRQAnlFvgK5pfcxqiCyrHi2cV8NHIRaaCxGyGJTxogEqXR5zZ%2BgQQ5fPmguEMGCoczNosiAGty82ImFksHq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ffabd20c720b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/87ffabd3acbb56a9/1715068772927/58a7d5440e729e0ba0454d0d078f8cb6e801cda776b5e39ee85c09221a10ba91/1zzlDeAWweEZncN

104.17.3.184

1 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/87ffabd3acbb56a9/1715068772927/58a7d5440e729e0ba0454d0d078f8cb6e801cda776b5e39ee85c09221a10ba91/1zzlDeAWweEZncN
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/pat/87ffabd3acbb56a9/1715068772927/58a7d5440e729e0ba0454d0d078f8cb6e801cda776b5e39ee85c09221a10ba91/1zzlDeAWweEZncN HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/xkx64/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 401 Unauthorized
date: Tue, 07 May 2024 07:59:33 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gWKfVRA5yngugRU0NB4-MtugBzad2teOe6FwJIhoQupEAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAycESnW8nWijopFBbXs0ShsFXencIiaM4x8DmoYUMDVIj9LKs0W82Vt7SxGoLjV854ZLsONjPcD9gaNsV1U7ial-U1eHrh6bc6pi2_dUVK8NsyLnCLOtvOiP0SY8vabqRR4dPd6S61Y-diDWwToPoCSioJqJhohK4pCLZ5_YF-5VfEFiyMTtIeFQadCwQWCTWWHJgK8wlIzn3e6mBeQZJ1VsOf21BzIlCKUydJy4Pf1ah0N7KjgN2pp4S9j2sSUl0ZbfnPznB7zO130ijqjcDO7wydsvznYw_ApvEdn5mKTlOFBQM1jktH72KBkAGAS-M4Zko5MazCXVbKxK3oLAhkwIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIFin1UQOcp4LoEVNDQePjLboAc2ndrXjnuhcCSIaELqRABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAi_Bv1vvWWnyuOfVJgRV-AQLxEJECUUmMRrMnYz-gJA-oMd79ajvP3atoTZqB_EsZIq7SMmpbCRFhPolqzIrtXh7AF1Q-ZWY2RoRVRgKr7d6iJMZ49iZUmbz837eqBZJrEMuXftZmY35str5sb0GjzklF8z_hcQJC9vancYXncsYoiMDaROW0tLwSQA9BGfbmA6GlbVj4XH8DH19cKifxmO6RlIPPKlL1KmZbrRakkpuqvJO2-x1Zc2S5GCpponuvQTqJQH8Ud9loZLI75e-Xa9KAUNtBTM0t9WSEsv8cSJLV1BPBVTy1lOnwghofw4fqmlYv6CXClzAUqWouSTJ7uwIDAQAB", max-age=20
server: cloudflare
cf-ray: 87ffabd9be7656a9-OSL
alt-svc: h3=":443"; ma=86400

topgan.top/favicon.ico

172.67.222.245

404 Not Found

26 kB

URL GET HTTP/3
topgan.top/favicon.ico
IP
172.67.222.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://topgan.top/_rebelmoon_meta/zure/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=load&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Certificate
IssuerGoogle Trust Services LLC
Subjecttopgan.top
Fingerprint56:04:B4:58:65:97:1B:EC:AB:A4:8C:6B:9F:69:56:BF:39:F4:D1:23
ValiditySat, 13 Apr 2024 08:36:43 GMT - Fri, 12 Jul 2024 08:36:42 GMT

File type
HTML document, ASCII text
Size
26 kB (26026 bytes)
Hash
91bb4645ef06a33d5386c9533946dda3
b2b607a1e83c201bd8b703f65e36c9c215dc68f0
50a863e28178a78a6ad5933e33c9920bed8e20af02d5b7fc6a9d99a7f3789f00

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: topgan.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://topgan.top/_rebelmoon_meta/zure/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=load&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Cookie: cf_clearance=WJbVFlesI.jDDbd1vAn8kNpXTxjX2R8z8UOedO9tltY-1715068772-1.0.1.1-okm2YJYRNqKUkPUS0NlvwhrJhN53ZJSQsymCIMKZ5bGArixeuBCC3tDyQtM69uObiwzb6Xi1vIoZIXpyQpxZpA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Tue, 07 May 2024 07:59:32 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: HIT
age: 11
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f5zjc0InFp07JBEcKN0w4abXpHIaGN4%2FBBnCMBsF8s7%2FRlUnpgS4SIGs4CNf6303Oi0mJsIuEl8HuVL8f8zyt8gb4CXyfiZRSHSLqSVvVoYTK17IhW9AEhERi2u7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ffabd38e370b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1834870104:1715065672:UhTlrT5FheTRJ7rCTty6jc3CKhT6A5ywqFmcowmrxao/87ffabd3acbb56a9/198b0a8e4a73030

104.17.3.184

104 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1834870104:1715065672:UhTlrT5FheTRJ7rCTty6jc3CKhT6A5ywqFmcowmrxao/87ffabd3acbb56a9/198b0a8e4a73030
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
104 kB (104454 bytes)
Hash
da7f64c5fcf6ad3034bcf932716a9fa4
c28e1935316c35bff665ce850119655fcf0a6bb6
70fd9e5cc5b6e4d7be2fdc188ade8a13d6e189a7976c7ff5085b1b7a993b1283

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1834870104:1715065672:UhTlrT5FheTRJ7rCTty6jc3CKhT6A5ywqFmcowmrxao/87ffabd3acbb56a9/198b0a8e4a73030 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/xkx64/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 198b0a8e4a73030
Content-Length: 2853
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 07:59:32 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: DV/shUWh7MulWNznNFtsOwg3X1K+n8hjwXKkhpLFuKY1h549LS2KIzv5eixkQsBXfEoTxQxsNegEDO435ILXTS3ESet57w/LPtwPR5RU8W2Lfvk+NhKUuexJp1mvJafRxxzQ/N3RK6lFgLHws47lCJfaSJ5IHy/pqeBCCvaIxAgiSCmNdR+3V2cpBFbXBEdBfKd0s+y2gD/Yk1E/yS/WPvRNqvwfudL1zBsJ6DnDeZoMu0cnaBna6y28LZscQHkr/xsuZl5QpH8TQ14M6exMtwePbp5ulQG62FQvKLgP8O9K6YMphMpoTvothQbaJtjmOeUxz5cQ+roZt/yCkyNUcHISkEaPPVKCA/O6Hdk+ykGCzCquR+jnMTiQoG+D76LHji6rzYje9iss+1+KNpHx3TMRb3UUw/f978o6sgRoH0E=$PttFnwrY5+3J6sUbGyR55Q==
vary: accept-encoding
server: cloudflare
cf-ray: 87ffabd6b9a756a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

topgan.top/cdn-cgi/challenge-platform/h/b/rc/87ffabd3acbb56a9

172.67.222.245

21 B

URL
topgan.top/cdn-cgi/challenge-platform/h/b/rc/87ffabd3acbb56a9
IP
172.67.222.245:0
ASN
#13335 CLOUDFLARENET

File type
JSON text data
Size
21 B (21 bytes)
Hash
018598ff9794435b440d1bbf293cc10f
9129b0ca1a4febdf97636946a1fe7be8abf11890
898a24300baa285e173627eb7801c18db52748bb2119f56a71dcce0a5f8c8063

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/rc/87ffabd3acbb56a9 HTTP/1.1
Host: topgan.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://topgan.top/_rebelmoon_meta/zure/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=load&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Content-Type: application/json
Content-Length: 596
Origin: https://topgan.top
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=WJbVFlesI.jDDbd1vAn8kNpXTxjX2R8z8UOedO9tltY-1715068772-1.0.1.1-okm2YJYRNqKUkPUS0NlvwhrJhN53ZJSQsymCIMKZ5bGArixeuBCC3tDyQtM69uObiwzb6Xi1vIoZIXpyQpxZpA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 07:59:35 GMT
content-type: application/json
content-length: 21
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
set-cookie: cf_clearance=EryhFo.CSwKKYhgk2GpnKsaaHZW0zNxz2q8sieg0fuA-1715068775-1.0.1.1-Gc_hj1AHyWRn6ylk3w0CnDcTnxbIe.ggcGeJEsLQUouZ6t8MsKlsACaFp07AdlLRzM3Kw1IpnFqT_amWnUs0eg; path=/; expires=Wed, 07-May-25 07:59:35 GMT; domain=.topgan.top; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FNQlcEnYz9rzc9AqWKrlfKIFw7mx%2FIebPQG%2B%2BFp%2Bz%2BBjQX6O%2BXhYtRoGFbdy1Z1KgUuerVBJ6%2B8vnRVnvtqstj%2F6wt8fXpVqm1DzJv55kab4mKVY%2F%2FCQCK7JYcZ9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ffabe51e410b02-OSL
alt-svc: h3=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js

142.250.74.138

200 OK

31 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://topgan.top/_rebelmoon_meta/zure/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=load&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (31191 bytes)
Hash
cf2fbbf84281d9ecbffb4993203d543b
832a6a4e86daf38b1975d705c5de5d9e5f5844bc
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

HTTP Headers

GET /ajax/libs/jquery/3.6.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://topgan.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:01:09 GMT
expires: Fri, 02 May 2025 02:01:09 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Wed, 11 Jan 2023 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 453506
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

challenges.cloudflare.com/turnstile/v0/api.js

104.17.3.184

302 Found

0 B

URL GET HTTP/3
challenges.cloudflare.com/turnstile/v0/api.js
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://topgan.top/_rebelmoon_meta/zure/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=load&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://topgan.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Tue, 07 May 2024 07:59:35 GMT
content-length: 0
location: /turnstile/v0/b/ce7818f50e39/api.js
access-control-allow-origin: *
cache-control: max-age=300, public
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ffabe73e5f56a9-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1834870104:1715065672:UhTlrT5FheTRJ7rCTty6jc3CKhT6A5ywqFmcowmrxao/87ffabd3acbb56a9/198b0a8e4a73030

104.17.3.184

30 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1834870104:1715065672:UhTlrT5FheTRJ7rCTty6jc3CKhT6A5ywqFmcowmrxao/87ffabd3acbb56a9/198b0a8e4a73030
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (4400), with no line terminators
Size
30 kB (29974 bytes)
Hash
9b76737f6026857f3c838473f73e92a1
d377873b330ade521a24cb2cc64b7acf97871099
d41f87c58732ec313806f676c63ab82b7864567310b263eb442c56203cd32204

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1834870104:1715065672:UhTlrT5FheTRJ7rCTty6jc3CKhT6A5ywqFmcowmrxao/87ffabd3acbb56a9/198b0a8e4a73030 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/xkx64/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 198b0a8e4a73030
Content-Length: 27721
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 07:59:35 GMT
content-type: text/html; charset=UTF-8
cf-chl-out: mL3ebgE56FJXVnHCIZv6QSZKh0ozRKaF9SINcT0MPcz4VrLjGDSrtAVIoel5c1SN+HgE2wqOEdK4a8GZiqjmgZHeUfgokztXdlIZgDQ+Rd0eIXnINCnLVXPwV83buL3d$8YM84q1CESrD/3INH3mXgg==
cf-chl-out-s: 88UzDyP1KWqRRoqebASNrw==$Qc9L+gTWkkzEqeSTt5AL2Q==
vary: accept-encoding
server: cloudflare
cf-ray: 87ffabe4a91456a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

topgan.top/favicon.ico

172.67.222.245

404 Not Found

286 B

URL GET HTTP/3
topgan.top/favicon.ico
IP
172.67.222.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://topgan.top/_rebelmoon_meta/zure/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=load&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Certificate
IssuerGoogle Trust Services LLC
Subjecttopgan.top
Fingerprint56:04:B4:58:65:97:1B:EC:AB:A4:8C:6B:9F:69:56:BF:39:F4:D1:23
ValiditySat, 13 Apr 2024 08:36:43 GMT - Fri, 12 Jul 2024 08:36:42 GMT

File type
HTML document, ASCII text
Size
286 B (286 bytes)
Hash
91bb4645ef06a33d5386c9533946dda3
b2b607a1e83c201bd8b703f65e36c9c215dc68f0
50a863e28178a78a6ad5933e33c9920bed8e20af02d5b7fc6a9d99a7f3789f00

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: topgan.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://topgan.top/_rebelmoon_meta/zure/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=load&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Cookie: cf_clearance=EryhFo.CSwKKYhgk2GpnKsaaHZW0zNxz2q8sieg0fuA-1715068775-1.0.1.1-Gc_hj1AHyWRn6ylk3w0CnDcTnxbIe.ggcGeJEsLQUouZ6t8MsKlsACaFp07AdlLRzM3Kw1IpnFqT_amWnUs0eg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Tue, 07 May 2024 07:59:35 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: HIT
age: 14
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s1vF1EVRyKj54vbeEUZ4gPWMMrcXci6njTs%2BP7jZKHLhxmutm0N%2FRtB9NLp4Fv6yH6cKHq84z6rWt%2FKQQZfKex0B1cmv7e%2B9yILhi20Bb59cG7BeXQ68bUvJyFOO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ffabe7a9840b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/87ffabe7df8f56a9/1715068776127/4f7939314f21ea27be644e303f810c79981b1fc8611d9248d903fd834bc818be/mPas-rD3YyndwNr

104.17.3.184

1 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/87ffabe7df8f56a9/1715068776127/4f7939314f21ea27be644e303f810c79981b1fc8611d9248d903fd834bc818be/mPas-rD3YyndwNr
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/pat/87ffabe7df8f56a9/1715068776127/4f7939314f21ea27be644e303f810c79981b1fc8611d9248d903fd834bc818be/mPas-rD3YyndwNr HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ndfpb/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 401 Unauthorized
date: Tue, 07 May 2024 07:59:38 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gT3k5MU8h6ie-ZE4wP4EMeZgbH8hhHZJI2QP9g0vIGL4AGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAycESnW8nWijopFBbXs0ShsFXencIiaM4x8DmoYUMDVIj9LKs0W82Vt7SxGoLjV854ZLsONjPcD9gaNsV1U7ial-U1eHrh6bc6pi2_dUVK8NsyLnCLOtvOiP0SY8vabqRR4dPd6S61Y-diDWwToPoCSioJqJhohK4pCLZ5_YF-5VfEFiyMTtIeFQadCwQWCTWWHJgK8wlIzn3e6mBeQZJ1VsOf21BzIlCKUydJy4Pf1ah0N7KjgN2pp4S9j2sSUl0ZbfnPznB7zO130ijqjcDO7wydsvznYw_ApvEdn5mKTlOFBQM1jktH72KBkAGAS-M4Zko5MazCXVbKxK3oLAhkwIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIE95OTFPIeonvmROMD-BDHmYGx_IYR2SSNkD_YNLyBi-ABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAi_Bv1vvWWnyuOfVJgRV-AQLxEJECUUmMRrMnYz-gJA-oMd79ajvP3atoTZqB_EsZIq7SMmpbCRFhPolqzIrtXh7AF1Q-ZWY2RoRVRgKr7d6iJMZ49iZUmbz837eqBZJrEMuXftZmY35str5sb0GjzklF8z_hcQJC9vancYXncsYoiMDaROW0tLwSQA9BGfbmA6GlbVj4XH8DH19cKifxmO6RlIPPKlL1KmZbrRakkpuqvJO2-x1Zc2S5GCpponuvQTqJQH8Ud9loZLI75e-Xa9KAUNtBTM0t9WSEsv8cSJLV1BPBVTy1lOnwghofw4fqmlYv6CXClzAUqWouSTJ7uwIDAQAB", max-age=20
server: cloudflare
cf-ray: 87ffabf71e0d56a9-OSL
alt-svc: h3=":443"; ma=86400

172.67.222.245

200 OK

862 B

URL User Request GET HTTP/3
topgan.top/_rebelmoon_meta/zure/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=load&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
IP
172.67.222.245:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjecttopgan.top
Fingerprint56:04:B4:58:65:97:1B:EC:AB:A4:8C:6B:9F:69:56:BF:39:F4:D1:23
ValiditySat, 13 Apr 2024 08:36:43 GMT - Fri, 12 Jul 2024 08:36:42 GMT

File type
HTML document, ASCII text, with very long lines (783), with no line terminators
Size
862 B (862 bytes)
Hash
4ca8d76cb22b110e74968bccf76a4d01
d37207348c7695443ac81060ccd9107a861ca01d
d8beb15504e540f5baaeece98d4153b0bf8c6c404808b5c60fe9d71c1b760b30

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /_rebelmoon_meta/zure/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=load&no_redrct=null&pcnt=null&no_psplash=null&pmax=null HTTP/1.1
Host: topgan.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=EryhFo.CSwKKYhgk2GpnKsaaHZW0zNxz2q8sieg0fuA-1715068775-1.0.1.1-Gc_hj1AHyWRn6ylk3w0CnDcTnxbIe.ggcGeJEsLQUouZ6t8MsKlsACaFp07AdlLRzM3Kw1IpnFqT_amWnUs0eg
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 07:59:35 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kOA59phGOX1CU6B1Muz7UDFf5FDXaB%2BJk7T30FKRMU54J%2BGR%2BltFVGn09RcQy4JI5rzOS%2BINuLnLJuT9cZ5kFqxB5wXe5v5Vk1ZyqLwmV0gVYE8hkjrHFBBDouJv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ffabe63f910b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

topgan.top/cdn-cgi/challenge-platform/h/b/rc/87ffabe7df8f56a9

172.67.222.245

21 B

URL
topgan.top/cdn-cgi/challenge-platform/h/b/rc/87ffabe7df8f56a9
IP
172.67.222.245:0
ASN
#13335 CLOUDFLARENET

File type
JSON text data
Size
21 B (21 bytes)
Hash
018598ff9794435b440d1bbf293cc10f
9129b0ca1a4febdf97636946a1fe7be8abf11890
898a24300baa285e173627eb7801c18db52748bb2119f56a71dcce0a5f8c8063

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/rc/87ffabe7df8f56a9 HTTP/1.1
Host: topgan.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://topgan.top/_rebelmoon_meta/zure/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=load&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Content-Type: application/json
Content-Length: 596
Origin: https://topgan.top
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=EryhFo.CSwKKYhgk2GpnKsaaHZW0zNxz2q8sieg0fuA-1715068775-1.0.1.1-Gc_hj1AHyWRn6ylk3w0CnDcTnxbIe.ggcGeJEsLQUouZ6t8MsKlsACaFp07AdlLRzM3Kw1IpnFqT_amWnUs0eg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 07:59:38 GMT
content-type: application/json
content-length: 21
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
set-cookie: cf_clearance=_l12MuDdtFRxRMgVBd1LHCQ2W6gVX2dmtj7RstfBbnk-1715068778-1.0.1.1-f_ZCz0G8ss6UHKkJzNpCVXTy6j4sLa5ggLACDCl.O.Xmaw_dm8FeQT3vPu5yxEFhVYLf8wJ.1064aVNv7isoiw; path=/; expires=Wed, 07-May-25 07:59:38 GMT; domain=.topgan.top; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O4z%2FaYbMdKKWhs0K%2FR593Ml5RAFGyN3JxNXPDXsVHLieZDItBhpCA0vvnBu0SiWkvqjqc8whgbmFgq76AE3mGKyfzlaXZ4SW5KEaq03LZ0phyz%2FZ6ZS%2FPAak8HR9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ffabf91a190b02-OSL
alt-svc: h3=":443"; ma=86400

topgan.top/cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js

172.67.222.245

7.8 kB

URL
topgan.top/cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js
IP
172.67.222.245:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (7796), with no line terminators
Size
7.8 kB (7839 bytes)
Hash
130b9cf730bbbb2b2e738a49c78fb10b
af5551b96a426ac1691a5ecb3fd9abaa32e421e9
42b41e232392e37e178219b8a5c606ce445ee0205ca73cb7feabf4186dada406

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js HTTP/1.1
Host: topgan.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 07:59:20 GMT
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
cache-control: max-age=14400, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kHid3nykpLWiv4n%2FFaMxA9dhAK63n59lCo%2FTXtxrbwz9jTzhej2m6dPm2vm9R74eBFy61c1Iym9ZJYb%2FRZSZmEa47W2ObGIrddrqxqUV62bCQghfxZjFVLGO%2BzhV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ffab8bfad80b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js

142.250.74.138

200 OK

31 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://topgan.top/_rebelmoon_meta/zure/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=load&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (31191 bytes)
Hash
cf2fbbf84281d9ecbffb4993203d543b
832a6a4e86daf38b1975d705c5de5d9e5f5844bc
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

HTTP Headers

GET /ajax/libs/jquery/3.6.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://topgan.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:01:09 GMT
expires: Fri, 02 May 2025 02:01:09 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Wed, 11 Jan 2023 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 453509
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D

104.17.3.184

200 OK

61 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/mxdt4/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/mxdt4/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 07:59:38 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 87ffabfc881f56a9-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/87ffabfbcea756a9/1715068779288/99dd4d99f9a83e0dc7293067824633be50e8580290eca79b5a0871fe8704f4a1/Hkp8e5peDyczNrr

104.17.3.184

1 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/87ffabfbcea756a9/1715068779288/99dd4d99f9a83e0dc7293067824633be50e8580290eca79b5a0871fe8704f4a1/Hkp8e5peDyczNrr
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/pat/87ffabfbcea756a9/1715068779288/99dd4d99f9a83e0dc7293067824633be50e8580290eca79b5a0871fe8704f4a1/Hkp8e5peDyczNrr HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/mxdt4/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 401 Unauthorized
date: Tue, 07 May 2024 07:59:40 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gmd1NmfmoPg3HKTBngkYzvlDoWAKQ7KebWghx_ocE9KEAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAycESnW8nWijopFBbXs0ShsFXencIiaM4x8DmoYUMDVIj9LKs0W82Vt7SxGoLjV854ZLsONjPcD9gaNsV1U7ial-U1eHrh6bc6pi2_dUVK8NsyLnCLOtvOiP0SY8vabqRR4dPd6S61Y-diDWwToPoCSioJqJhohK4pCLZ5_YF-5VfEFiyMTtIeFQadCwQWCTWWHJgK8wlIzn3e6mBeQZJ1VsOf21BzIlCKUydJy4Pf1ah0N7KjgN2pp4S9j2sSUl0ZbfnPznB7zO130ijqjcDO7wydsvznYw_ApvEdn5mKTlOFBQM1jktH72KBkAGAS-M4Zko5MazCXVbKxK3oLAhkwIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIJndTZn5qD4NxykwZ4JGM75Q6FgCkOynm1oIcf6HBPShABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAi_Bv1vvWWnyuOfVJgRV-AQLxEJECUUmMRrMnYz-gJA-oMd79ajvP3atoTZqB_EsZIq7SMmpbCRFhPolqzIrtXh7AF1Q-ZWY2RoRVRgKr7d6iJMZ49iZUmbz837eqBZJrEMuXftZmY35str5sb0GjzklF8z_hcQJC9vancYXncsYoiMDaROW0tLwSQA9BGfbmA6GlbVj4XH8DH19cKifxmO6RlIPPKlL1KmZbrRakkpuqvJO2-x1Zc2S5GCpponuvQTqJQH8Ud9loZLI75e-Xa9KAUNtBTM0t9WSEsv8cSJLV1BPBVTy1lOnwghofw4fqmlYv6CXClzAUqWouSTJ7uwIDAQAB", max-age=20
server: cloudflare
cf-ray: 87ffac039c1256a9-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/87ffabfbcea756a9/1715068779292/JjmprupjVBRTVAI

104.17.3.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/87ffabfbcea756a9/1715068779292/JjmprupjVBRTVAI
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 86 x 57, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
3bb2a5e82b27ea922628b91acb95ad51
f973a8950d0fabab63ef59ee6a1dfe81784edf32
c9ab02b9b0f744555ce4fce9f12b411f33b247f77ee790e15547224696a3705e

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/i/87ffabfbcea756a9/1715068779292/JjmprupjVBRTVAI HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/mxdt4/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 07:59:40 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 87ffac048dcc56a9-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/b/ce7818f50e39/api.js

104.17.3.184

200 OK

18 kB

URL GET HTTP/3
challenges.cloudflare.com/turnstile/v0/b/ce7818f50e39/api.js
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://topgan.top/_rebelmoon_meta/zure/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=load&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (42565)
Size
18 kB (18492 bytes)
Hash
a5b92920e25651d2058f4982a108347b
caeeadd68d38fdb681c52006c68880abc2e8a1a6
49a5abedf03eb8ad9a66eca7c5ccb8e59a440e06958e1e7b71d078f494178dc5

HTTP Headers

GET /turnstile/v0/b/ce7818f50e39/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://topgan.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 07:59:38 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ffabfb6e1256a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1422075634:1715065837:MwNpJRiO5zI93duowQtwyGs2Ir5IcBvqoCfbrqYNlPY/87ffabfbcea756a9/56798e28992b109

104.17.3.184

200 OK

100 kB

URL POST HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1422075634:1715065837:MwNpJRiO5zI93duowQtwyGs2Ir5IcBvqoCfbrqYNlPY/87ffabfbcea756a9/56798e28992b109
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/mxdt4/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
100 kB (99493 bytes)
Hash
3c4815f90b2b114de9f27cb76786af19
aa06f54b2cec8638714c5e8d5df091fe154f3ba9
58ef1b5e1d9647d05deaa6b265ceac2e54a057ed8648805f70e962add02ea432

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1422075634:1715065837:MwNpJRiO5zI93duowQtwyGs2Ir5IcBvqoCfbrqYNlPY/87ffabfbcea756a9/56798e28992b109 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/mxdt4/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 56798e28992b109
Content-Length: 2889
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 07:59:39 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: myigpDbQDeNek/R+LVCfoH/j0W+JbcsJoB3qNFA5OG0O7Taq2lcZvRjt7oivAsRzrr3vhkg2cUPILO6SOANyXHh1VF99ABzIK1HbkNydGn2vZAsnFQyQ7TzDo/uZvVeMgjJh9bD+6/EppEUPn1q+tYbDWM0gNA0Y/zSK3MWRXzTTGaoZaoBy/WvIfS8cOcMCTI9lKTh8IEB1lMRYPm90z7Y0Z+Z2Elpk7rDhu1WvZZIxiI4k+nx4MaYnBOUOOSwtxXO2Q/BxBr3tdoediqSA62kn2iUj3lrZmqtgfa/0zCPnT5MszGG8IOzOw2TGAqtyzq8MEFQ5PoY5E3xOOn4kNRBjFvzZdH52kR8U+oUCRqT2jgyoIUPb4uUcpRs80+tY1ipCv86NnSco3c+Ml6gHJvK5w5+vuE/zMEmk3QO3mf8=$EkTJhGp8XUkyLaL/3NO9sQ==
vary: accept-encoding
server: cloudflare
cf-ray: 87ffabfe7bc056a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js

142.250.74.138

200 OK

31 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://topgan.top/_rebelmoon_meta/zure/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=load&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (31191 bytes)
Hash
cf2fbbf84281d9ecbffb4993203d543b
832a6a4e86daf38b1975d705c5de5d9e5f5844bc
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

HTTP Headers

GET /ajax/libs/jquery/3.6.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://topgan.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:01:09 GMT
expires: Fri, 02 May 2025 02:01:09 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Wed, 11 Jan 2023 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 453512
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D

104.17.3.184

200 OK

61 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/mxdt4/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/pmpxm/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 07:59:41 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 87ffac0f4ac356a9-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=87ffabfbcea756a9

104.17.3.184

200 OK

431 kB

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=87ffabfbcea756a9
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/mxdt4/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
431 kB (430649 bytes)
Hash
8e2b2c061354c8e284b10bfef08c680c
b77ac6d14991b916dc1e2e5e3d8726d5adf5b67c
597fd92a9b2a80a8d80c2f71efa161449c1258eddfb115f2c516ec7b00361876

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=87ffabfbcea756a9 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/mxdt4/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 07:59:39 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
server: cloudflare
cf-ray: 87ffabfc982b56a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

topgan.top/cdn-cgi/challenge-platform/h/b/rc/87ffabfbcea756a9

0.0.0.0

21 B

URL POST
topgan.top/cdn-cgi/challenge-platform/h/b/rc/87ffabfbcea756a9
IP
0.0.0.0:0
ASN
#0

Requested by
https://topgan.top/_rebelmoon_meta/zure/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=load&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Certificate
IssuerGoogle Trust Services LLC
Subjecttopgan.top
Fingerprint56:04:B4:58:65:97:1B:EC:AB:A4:8C:6B:9F:69:56:BF:39:F4:D1:23
ValiditySat, 13 Apr 2024 08:36:43 GMT - Fri, 12 Jul 2024 08:36:42 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
21 B (21 bytes)
Hash
c0d2dca2b5becefb4f548649b038a48a
b5b4731244b590edbd2c9aa56bcc8c83af85b969
7a508c70d16bed7c8fa58b4a25f1c06c3186c6c042d45fcd7afd4355078af1b3

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/rc/87ffabfbcea756a9 HTTP/1.1
Host: topgan.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://topgan.top/_rebelmoon_meta/zure/7d9a0d11cb36e12a68817aff945390de/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=load&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Content-Type: application/json
Content-Length: 596
Origin: https://topgan.top
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=_l12MuDdtFRxRMgVBd1LHCQ2W6gVX2dmtj7RstfBbnk-1715068778-1.0.1.1-f_ZCz0G8ss6UHKkJzNpCVXTy6j4sLa5ggLACDCl.O.Xmaw_dm8FeQT3vPu5yxEFhVYLf8wJ.1064aVNv7isoiw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 07:59:41 GMT
content-type: application/json
content-length: 21
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
set-cookie: cf_clearance=XhyrjQArkMsT9fKKulwIStFJeMrjyTPJ0ohF2XrEAh8-1715068781-1.0.1.1-a2VjiX901W86_QI0wXXoyX3AUAfjfSKFfRRvUkxdKJLY3C7duyJcrN8XVmc7hev6PltjbGvgqNFDxrm.UQpMZw; path=/; expires=Wed, 07-May-25 07:59:41 GMT; domain=.topgan.top; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u9rUdsdBL5DnWGgFb8VUgHANKtb4yQSTXj5s%2BPo6o511nUSIMRKK60Ib2REKK1zIpZwfR6s5mHlXrexV55z7yZS6UGeBqm%2FHeR5PbMIhHuBYfi5bnFHVkS%2FZCFAn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ffac0b3b910b02-OSL
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (34)

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash