Report - donclion.top/_duraguard_oxy/zure/b3b32a2d422265cd25c3323ed0157f81/_we_transfer2/login.php?_x_tr_hl=null&_x_tr_pto=wapp&_x_tr_sl=auto&_x_tr

Report Overview

Submitted URL
donclion.top/_duraguard_oxy/zure/b3b32a2d422265cd25c3323ed0157f81/_we_transfer2/login.php?_x_tr_hl=null&_x_tr_pto=wapp&_x_tr_sl=auto&_x_tr_tl=null&pcnt=null&pmax=pmax
IP
104.21.13.108
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-10 04:46:16
Access
public
Website Title
Final URL
donclion.top/_duraguard_oxy/zure/b3b32a2d422265cd25c3323ed0157f81/_we_transfer2/login.php?_x_tr_hl=null&_x_tr_pto=wapp&_x_tr_sl=auto&_x_tr_tl=null&pcnt=null&pmax=pmax
Tags
phishing microsoft outlook
urlquery detections
Phishing - Microsoft Outlook

Detections

urlquery
2
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2024-05-10	19 kB	921 kB	104.17.2.184
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-05-09	1.3 kB	96 kB	142.250.74.170
donclion.top	unknown	2024-02-10	2024-02-12	2024-03-27	8.3 kB	198 kB	172.67.199.215

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (35)

	URL	Size	First Seen	Last Seen
	challenges.cloudflare.com/turnstile/v0/api.js	43 kB	2024-05-08	2024-05-17
Pretty URL challenges.cloudflare.com/turnstile/v0/api.js IP 104.17.2.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 21:17:22 Last Seen2024-05-17 15:34:59 Times Seen1392 Hash 86183dd14ee10d1dee92b37b5069d716 9ec32d650ece484bbe624ca734a0a65e22d35dd6 ae0e2e45f84d7d3d06526aafc20d4a95b486e8747bf80895f3aeb8c4aebee7f4 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js	90 kB	2023-03-10	2024-05-20
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 04:24:46 Last Seen2024-05-20 14:35:31 Times Seen17987 Hash cf2fbbf84281d9ecbffb4993203d543b 832a6a4e86daf38b1975d705c5de5d9e5f5844bc a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575 Loading...

	donclion.top/_duraguard_oxy/zure/b3b32a2d422265cd25c3323ed0157f81/_we_transfer2/login.php?_x_tr_hl=null&_x_tr_pto=wapp&_x_tr_sl=auto&_x_tr_tl=null&pcnt=null&pmax=pmax	202 B	2023-05-05	2024-05-20
Pretty URL donclion.top/_duraguard_oxy/zure/b3b32a2d422265cd25c3323ed0157f81/_we_transfer2/login.php?_x_tr_hl=null&_x_tr_pto=wapp&_x_tr_sl=auto&_x_tr_tl=null&pcnt=null&pmax=pmax IP 172.67.199.215 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-05 20:07:55 Last Seen2024-05-20 02:02:55 Times Seen513 Hash 8cb487d4459c7a6cd9d6f2d45900c628 d35cc3c00025613a8772575e3daa962b633ea2ec 977d0b37baf294b277f8469a4178563b7b21bd289d9df105b5a37a025bfd4d87 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 9630a63d06a666efd267b7885ef11e58	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 06:46:17 Last Seen2024-05-10 06:46:17 Times Seen1 Hash 9630a63d06a666efd267b7885ef11e58 b1d1787de8a9b48fed23bf6d734ff30c1209e93f a867e8e9db4c922cb32319915acf60dca93285307792ff73f277c5155f9307fa Loading...

	#2 Eval - 82a1623b41b05e01a939746c3e2282c8	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 06:46:17 Last Seen2024-05-10 06:46:17 Times Seen1 Hash 82a1623b41b05e01a939746c3e2282c8 7064b5eac9af68ef099f0c3b166e17376e07fb28 fb0c6e99e9a169778dd137b0634032aa1585fd54c54cf60060e0eb0138bab3d9 Loading...

	#3 Eval - 658c12995d7dc3949c20ae7a56f7cbcb	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 06:46:17 Last Seen2024-05-10 06:46:17 Times Seen1 Hash 658c12995d7dc3949c20ae7a56f7cbcb 85bede010ede60e23fdb09e5ed3eb1064994e3ca 4a2bbe4b9544960870fc59a211be9e5761947ab98d88749b4ab8ffab8fef9a4b Loading...

	#4 Eval - 5a5c408b50055250b06b573427cb9976	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 06:46:17 Last Seen2024-05-10 06:46:17 Times Seen1 Hash 5a5c408b50055250b06b573427cb9976 6c3599f67cb5adc6808a80e0d148e45e4cc9bb4c 5f2c97199bb45fd465abc67bb90c852e5bd1000b90096708433d4edf3cbdee64 Loading...

	#5 Eval - 5586b948d30246b389357acaf9466747	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 06:46:17 Last Seen2024-05-10 06:46:17 Times Seen1 Hash 5586b948d30246b389357acaf9466747 650c4cd75fae6b919eacd42d6a896cd553225efb f93268b9f0c58d1596cebde6861d7fc0b855cf732b9eb831771bfa6c11bb636d Loading...

	#6 Eval - 3af8f1bd2158b3b55b9463490d5e4238	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 06:46:17 Last Seen2024-05-10 06:46:17 Times Seen1 Hash 3af8f1bd2158b3b55b9463490d5e4238 848765fca6fa1923efae407ec853cd82ff148470 c1ac303ab16cc6070c6f144bc24b76f20331d4895e29854f3fcb6f658465c602 Loading...

	#7 Eval - 031f2f29c03685b2179e51a5a5442f4a	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 06:46:17 Last Seen2024-05-10 06:46:17 Times Seen1 Hash 031f2f29c03685b2179e51a5a5442f4a 008c3896862572f47139f8f346e1c2dd3ea20b70 a9fd93dde0849ad40d77ae1d890a671fb8e99f9c3f4611449491165b8f27fac9 Loading...

	#8 Eval - 4a6a3d195a52768e46338a1e9f444801	2.8 kB	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 06:46:17 Last Seen2024-05-10 06:46:17 Times Seen1 Hash 4a6a3d195a52768e46338a1e9f444801 abbf3efc8691399896e3d019aed331a3475c6ddf b7e69dc43558cc9017a4bf20203e2f6c595dee8e2d500d1800c388f7fb1abd01 Loading...

	#9 Eval - fdd309d644fdd2f0d5c956df6e57d43c	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 06:46:17 Last Seen2024-05-10 06:46:17 Times Seen1 Hash fdd309d644fdd2f0d5c956df6e57d43c f47cd592a59c48e8ceca60cb0193cb17e703a440 d02ccd59baab7914fde5b9296e9df8a53996dc227a1d995a3cde6162e16ce114 Loading...

	#10 Eval - 26c1480a24db1331606857a2f13bcdeb	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 06:46:17 Last Seen2024-05-10 06:46:17 Times Seen1 Hash 26c1480a24db1331606857a2f13bcdeb 1122b7dc63a3d2d0d87acf0addf35492a01b4eea f9d7d4fcf4c3fbf2f9b0e87a55420e30d64d36b4fa7f11bf70f0d8ef255288a7 Loading...

	#11 Eval - 5c99f62756834d2f3bbc8f0caf574b50	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 06:46:17 Last Seen2024-05-10 06:46:17 Times Seen1 Hash 5c99f62756834d2f3bbc8f0caf574b50 cc7292e4704cf580a8773a2e403ee4025b231996 7873756c58161f4e69f48cf64b1e6797f67510c77c850ffc5623b841af424595 Loading...

	#12 Eval - d5cefa8f4ddbcda7c854141d4c50b741	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 06:46:17 Last Seen2024-05-10 06:46:17 Times Seen1 Hash d5cefa8f4ddbcda7c854141d4c50b741 89e962d0dc2063d9cf3da3b8897ebecc09fcdece 322ba36175095c7b3fa5ff6713900d346f77c0de14400a6d4c903ffdf42489a0 Loading...

	#13 Eval - 2a565cb2a31d2f1126edb734bef37f42	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 06:46:17 Last Seen2024-05-10 06:46:17 Times Seen1 Hash 2a565cb2a31d2f1126edb734bef37f42 b3c98f9c9333076881cba34435e583dcdd30cca9 8c2a15cc2021fdfdacadac1efb5c515ec1717d8076ee20b95bf6b696f0a57cc6 Loading...

	#14 Eval - 39a17350de19d82eaebe46f43a1b0766	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 06:46:17 Last Seen2024-05-10 06:46:17 Times Seen1 Hash 39a17350de19d82eaebe46f43a1b0766 cc4d5871f1513b3919906cd6914424979c887744 28b3cbdc5dbdb6af4495da7ffa77331ce76b6cfe45bc2af15bb3d93304707986 Loading...

	#15 Eval - 61d8f63d05af9d859454726f19c758bd	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 06:46:17 Last Seen2024-05-10 06:46:17 Times Seen1 Hash 61d8f63d05af9d859454726f19c758bd d79628b98bde4618cdab4c82d7169e2a0f510988 35d565972f002c5a27cd3371ac455e2e6c961e909d4ef93e895c2b8ed5b295e1 Loading...

	#16 Eval - e31d0c3b9972d786a5177330f0d0ae13	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 06:46:17 Last Seen2024-05-10 06:46:17 Times Seen1 Hash e31d0c3b9972d786a5177330f0d0ae13 d6174bd32b0fcfb08617ce4546b2fa43a45083d1 4387362e02f333b98b830e6950b5c6045b40e008eb4a5c9f780b141f10ad885f Loading...

	#17 Eval - e806472634b909cb2789174b521cd1b5	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 06:46:17 Last Seen2024-05-10 06:46:18 Times Seen1 Hash e806472634b909cb2789174b521cd1b5 08b007f534f05a1cdc7912c22eb066d87c6f8bce a60dee7fdb6b9fd645a83b6f60a8097afe7be3dabc251befc62965facef322ec Loading...

	#18 Eval - 50e50aadc7e76979fbaf6133e11aaf35	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 06:46:18 Last Seen2024-05-10 06:46:18 Times Seen1 Hash 50e50aadc7e76979fbaf6133e11aaf35 df8a272c2c48392cbaeef24df00df3c7b5dc9bf6 ef5ac14a6545a2fc3040ec3a1ce8e3cae70c425208f391b82a9cbf4ee77ca6e7 Loading...

	#19 Eval - a618c91e1ef762f5c616b254022daf6f	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 06:46:18 Last Seen2024-05-10 06:46:18 Times Seen1 Hash a618c91e1ef762f5c616b254022daf6f 2ac7a3aa33ff711a52ac59e32454747e368fa71c 194d354f53a7cef796160dc8d8e52a985fc76f6dd7f18a3fdca9b5dd8ba5bafb Loading...

	#20 Eval - 93028e2d56937f41b1f95adc36a17074	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 06:46:18 Last Seen2024-05-10 06:46:18 Times Seen1 Hash 93028e2d56937f41b1f95adc36a17074 908e69c22ff504858632e02cd51007da7008602f e6100b7187f9a0df3166a0595fba72257e99f3fd7727227168b59dfa8e789158 Loading...

	#21 Eval - 7c3c04c288a57faeeb78b9eef3ea6e61	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 06:46:18 Last Seen2024-05-10 06:46:18 Times Seen1 Hash 7c3c04c288a57faeeb78b9eef3ea6e61 acd462e31f4188b42dac2cd15ba115cd28d25b85 8dd45cfc7eda01418d471d1d720da334c03ff5d8df72d94f1f9427fe170be3ad Loading...

	#22 Eval - 4740bcb7e40c0eb433fd269054eb1735	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 06:46:18 Last Seen2024-05-10 06:46:18 Times Seen1 Hash 4740bcb7e40c0eb433fd269054eb1735 b5c6fbd5c8163d44bfc5a53d7b458da72107a2d5 2a4bc878d449f8ad61a8702f5e810b2831e07b6e5779d456c6b61ac90695055b Loading...

	#23 Eval - 1e489f983b2174e5da72b00751c94e4c	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 06:46:18 Last Seen2024-05-10 06:46:18 Times Seen1 Hash 1e489f983b2174e5da72b00751c94e4c 44fa644f2cce12e90c09c64f62593de4c237cf3a 63cf8dcf29db2ffe97b00b650d68f7a74933c74204e8d1fe1eb827021540e6c3 Loading...

	#24 Eval - 9f8e576db9e4b7e2af6f0a667c00a7d6	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 06:46:18 Last Seen2024-05-10 06:46:18 Times Seen1 Hash 9f8e576db9e4b7e2af6f0a667c00a7d6 0d54aebcf91c87e4a340765ac3c400c3bf228e13 1b1c1fa7ffc3d755849d8a598906b3114a863f2cb30a677315610d3766c8ebb5 Loading...

	#25 Eval - bd8d3f2bb1209e5615fc5f20b7d08634	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 06:46:18 Last Seen2024-05-10 06:46:18 Times Seen1 Hash bd8d3f2bb1209e5615fc5f20b7d08634 6a49137eff92266df2292650dd19651cbf973d2c 48ee4d240c6fbf4c8d088ae15e83f6d9196c73836694a5be97631fd6f596a3d1 Loading...

	#26 Eval - c032e95354e7400ace3a50294a51daac	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 06:46:18 Last Seen2024-05-10 06:46:18 Times Seen1 Hash c032e95354e7400ace3a50294a51daac 44c079b5a0fb3ae0d180a938bc389f4b62e069c0 d10522da6d3037490251b183735ca982df2e8bdf5e74d23f4b2ccdfcc15fe1ee Loading...

	#27 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07	2024-05-20
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-05-20 16:18:08 Times Seen353332 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	#28 Eval - 2104e51b45819fb48be29bd684a7a765	62 B	2024-05-08	2024-05-17
Pretty Observations First Seen2024-05-08 21:17:23 Last Seen2024-05-17 15:34:57 Times Seen967 Hash 2104e51b45819fb48be29bd684a7a765 4c63e1a706403ae3b72fd6bd15bb42ba662b456c 409852cd2d9ad570bc66e5cc8c403b729033ebacfadc90fd9548df7f494a5869 Loading...

	#29 Eval - 7ce29fec5cb6d6d92d638671f0524da1	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 06:46:18 Last Seen2024-05-10 06:46:18 Times Seen1 Hash 7ce29fec5cb6d6d92d638671f0524da1 6505865bfa798338cb2111cfb07305da73404f90 1b80b4c0822901ce7ab1d7b3007b912fbb5380bc0238696e6d1f7e09e2b3d41f Loading...

	#30 Eval - 567e3a12311fd5a8a32cc3dfb96a16c7	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 06:46:18 Last Seen2024-05-10 06:46:18 Times Seen1 Hash 567e3a12311fd5a8a32cc3dfb96a16c7 46b088ffa184d545766d9ddeb04de77dbd8d8a05 be983ed982d535fec260f2e2ce0c5168e607faf4784be42c25acf0f273f18a91 Loading...

	#31 Eval - 3f09ff4e770fd93bd9db9b61986ab1b0	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 06:46:18 Last Seen2024-05-10 06:46:18 Times Seen1 Hash 3f09ff4e770fd93bd9db9b61986ab1b0 fadc56f2bc84a266bd16197c6f144a987fc643f9 00544890cbd6300997f0c5c3f84154c51f3ee47a7e44b50ab3cb4b0021f35db1 Loading...

	#32 Eval - 4a00df83254e84995047ff0207ce2a55	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 06:46:18 Last Seen2024-05-10 06:46:18 Times Seen1 Hash 4a00df83254e84995047ff0207ce2a55 5e0d80820f0158c655a4abc977fe6f61f11668e8 f8307507a7d86d8375cd9d0ab20a51ff03e7de5bc69f68bb815b3e15ed13ac72 Loading...

HTTP Transactions (46)

URL IP Response Size

challenges.cloudflare.com/turnstile/v0/api.js

104.17.2.184

0 B

URL GET
challenges.cloudflare.com/turnstile/v0/api.js
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

Requested by
https://donclion.top/_duraguard_oxy/zure/b3b32a2d422265cd25c3323ed0157f81/_we_transfer2/login.php?_x_tr_hl=null&_x_tr_pto=wapp&_x_tr_sl=auto&_x_tr_tl=null&pcnt=null&pmax=pmax
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://donclion.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 10 May 2024 04:45:48 GMT
content-length: 0
cross-origin-resource-policy: cross-origin
cache-control: max-age=300, public
location: /turnstile/v0/g/1b3559406bc8/api.js
access-control-allow-origin: *
vary: Accept-Encoding
server: cloudflare
cf-ray: 8817482d3ab5b518-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js

142.250.74.170

200 OK

31 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://donclion.top/_duraguard_oxy/zure/b3b32a2d422265cd25c3323ed0157f81/_we_transfer2/login.php?_x_tr_hl=null&_x_tr_pto=wapp&_x_tr_sl=auto&_x_tr_tl=null&pcnt=null&pmax=pmax
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (31191 bytes)
Hash
cf2fbbf84281d9ecbffb4993203d543b
832a6a4e86daf38b1975d705c5de5d9e5f5844bc
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

HTTP Headers

GET /ajax/libs/jquery/3.6.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://donclion.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:33:17 GMT
expires: Fri, 09 May 2025 01:33:17 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Wed, 11 Jan 2023 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 97952
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

donclion.top/cdn-cgi/challenge-platform/scripts/jsd/main.js

172.67.199.215

0 B

URL
donclion.top/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
172.67.199.215:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: donclion.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Fri, 10 May 2024 04:45:49 GMT
content-length: 0
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js
cache-control: max-age=300, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=axNlvuobEC0T9VH8%2FVovSGnJn5mu0oERwwNWpbg0%2FwQ2QpIe7VPTabSh3dx8iD9wICtfht%2BiWFjOy39bd0JI1DZcf0FAMPOsFPzyZybNJKuwSElr28kAn%2FMk9KqNqsc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8817482e98af56c0-OSL
alt-svc: h3=":443"; ma=86400

donclion.top/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js

172.67.199.215

3.7 kB

URL
donclion.top/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js
IP
172.67.199.215:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (7837), with no line terminators
Size
3.7 kB (3677 bytes)
Hash
a89861de1787a4950d37b8f855848820
548432cadd5c621a7dbf892294f647e3fba1016e
86b4d8d3d86b7b79c2c18230a5699bde717a508a2c2272ce822083e654cd00e2

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js HTTP/1.1
Host: donclion.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 04:45:49 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7WVGGjnASAS0g%2FsnBlap4lx%2BKXV7t2e7EydiJfVUjUSX48XUsV3Z45rDyyU5tItzhfsykPXPb2a32HPlvcw6LBx1TNtSy3QcZJfyyrz2%2FocmAYEzRP%2BI5a%2BlQiB1wb0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8817482eb8c356c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8817482eae8b56c1

104.17.2.184

124 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8817482eae8b56c1
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
124 kB (123938 bytes)
Hash
3c878c89f0d0001a7a6cb3bda58a1288
935f8b611809f05cb7b1f3cb78b7ca0bfd7d534e
3ce05ea2652dcdff42532ca03daf9ccfdd6ae530c47e968092679b62143ce27b

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8817482eae8b56c1 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/fsleh/0x4AAAAAAADzWzgyzZH-kqvo/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 04:45:49 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 8817482f6ee956c1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/8817482eae8b56c1/1715316349615/81199fb0525305655a457569c682a14d2600093eddd9bfbb7b5bd2ec6268ae43/DR4XrpNAwLE6_F1

104.17.2.184

1 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/8817482eae8b56c1/1715316349615/81199fb0525305655a457569c682a14d2600093eddd9bfbb7b5bd2ec6268ae43/DR4XrpNAwLE6_F1
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/pat/8817482eae8b56c1/1715316349615/81199fb0525305655a457569c682a14d2600093eddd9bfbb7b5bd2ec6268ae43/DR4XrpNAwLE6_F1 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/fsleh/0x4AAAAAAADzWzgyzZH-kqvo/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 401 Unauthorized
date: Fri, 10 May 2024 04:45:50 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20ggRmfsFJTBWVaRXVpxoKhTSYACT7d2b-7e1vS7GJorkMAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAwJNLx-F--HQ4G6w81Lqhm55Wqle9iE4E64E37YL7QkK_ylJ-Dsmf1v3knq_MpBi8JncpUaWMssdL2Aha6xVtTuit-n3zEDZCW0VR_73N-Mc6DxdptQ_jsmIxis7apwux2f5L0gN0Z4K9C36tRcIL-chm-gijHvxrbhcCYusNwrgAlFaiqNWBqxKTiuPduHX4CNzNb7BAiNPz7ppY7Xn1WjmxSB-BaqSVLCYtDy-Mw41UBzE3QEcVUcRH9er-MksFvohzvhlnTTonFaMyAUYx3d_uCdDannmVQhRsm-aJs_P_GGe1TX3e9g5Sy-NmhGrro0kncbPlfTwFxa8SwJ5-8QIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIIEZn7BSUwVlWkV1acaCoU0mAAk-3dm_u3tb0uxiaK5DABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAi_Bv1vvWWnyuOfVJgRV-AQLxEJECUUmMRrMnYz-gJA-oMd79ajvP3atoTZqB_EsZIq7SMmpbCRFhPolqzIrtXh7AF1Q-ZWY2RoRVRgKr7d6iJMZ49iZUmbz837eqBZJrEMuXftZmY35str5sb0GjzklF8z_hcQJC9vancYXncsYoiMDaROW0tLwSQA9BGfbmA6GlbVj4XH8DH19cKifxmO6RlIPPKlL1KmZbrRakkpuqvJO2-x1Zc2S5GCpponuvQTqJQH8Ud9loZLI75e-Xa9KAUNtBTM0t9WSEsv8cSJLV1BPBVTy1lOnwghofw4fqmlYv6CXClzAUqWouSTJ7uwIDAQAB", max-age=20
server: cloudflare
cf-ray: 8817483469df56c1-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/8817482eae8b56c1/1715316349622/m7coIfBTT_QlNN6

104.17.2.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/8817482eae8b56c1/1715316349622/m7coIfBTT_QlNN6
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 54 x 17, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
680d5a9d81f90133fe967f0948009734
c2381bc66c3daa70b87f96408ffaa362cda0fd04
49a5c82f2d54c4b4b41aac614b7786146b7906c53f6fdde311bb9eb73b47ae60

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/i/8817482eae8b56c1/1715316349622/m7coIfBTT_QlNN6 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/fsleh/0x4AAAAAAADzWzgyzZH-kqvo/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 04:45:51 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 8817483c3ed056c1-OSL
alt-svc: h3=":443"; ma=86400

donclion.top/_duraguard_oxy/functions/validate.php

172.67.199.215

1 B

URL
donclion.top/_duraguard_oxy/functions/validate.php
IP
172.67.199.215:0
ASN
#13335 CLOUDFLARENET

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
eccbc87e4b5ce2fe28308fd9f2a7baf3
77de68daecd823babbb58edb1c8e14d7106e83bb
4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce

HTTP Headers

POST /_duraguard_oxy/functions/validate.php HTTP/1.1
Host: donclion.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 560
Origin: https://donclion.top
DNT: 1
Connection: keep-alive
Referer: https://donclion.top/_duraguard_oxy/zure/b3b32a2d422265cd25c3323ed0157f81/_we_transfer2/login.php?_x_tr_hl=null&_x_tr_pto=wapp&_x_tr_sl=auto&_x_tr_tl=null&pcnt=null&pmax=pmax
Cookie: cf_clearance=NKRzt8dgLhAoam38jsCc8nWafIx7EtFD1MaTAbtyfQU-1715316349-1.0.1.1-ZMWaeNqw41b.vFz5z4gbJICB1.8WvPULXVOk90NvLeD3T0K5LWLGPDEbXX6P0D5pX7ngrPJ4o9C06WgzaKjD5w
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 04:45:51 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.30
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YkGU%2B5rE0IM%2FZbSPFtO9msBEaJYnPuj5Beydzr%2B7oigR91qMHqFys%2FD9W1blIkP4wXk8LLnh3sXHLfM8W%2FD5A3Goq3XUMeZ0RmJJBarRJ7x4F7xkNuof2GEP3%2FNZ1N8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8817483e6bf256c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js

142.250.74.170

200 OK

31 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://donclion.top/_duraguard_oxy/zure/b3b32a2d422265cd25c3323ed0157f81/_we_transfer2/login.php?_x_tr_hl=null&_x_tr_pto=wapp&_x_tr_sl=auto&_x_tr_tl=null&pcnt=null&pmax=pmax
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (31191 bytes)
Hash
cf2fbbf84281d9ecbffb4993203d543b
832a6a4e86daf38b1975d705c5de5d9e5f5844bc
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

HTTP Headers

GET /ajax/libs/jquery/3.6.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://donclion.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:33:17 GMT
expires: Fri, 09 May 2025 01:33:17 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Wed, 11 Jan 2023 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 97955
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/vu6jm/0x4AAAAAAADzWzgyzZH-kqvo/auto/normal

104.17.2.184

18 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/vu6jm/0x4AAAAAAADzWzgyzZH-kqvo/auto/normal
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (42150)
Size
18 kB (18462 bytes)
Hash
7b04c36c93f58404238543b8fcf2cd74
f7e87060788ef73459a6ce4b3eab3e0ec29245e2
7b7546ccdb2cf0b522aaa8d8117d2e091ff47a4c098967019ea4329f392c5711

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/vu6jm/0x4AAAAAAADzWzgyzZH-kqvo/auto/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://donclion.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 04:45:52 GMT
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
origin-agent-cluster: ?1
cross-origin-embedder-policy: require-corp
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cross-origin-opener-policy: same-origin
referrer-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
document-policy: js-profiling
cross-origin-resource-policy: cross-origin
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
server: cloudflare
cf-ray: 881748415a8456c1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/881748415a8456c1/1715316352628/2c965580a6b9f740276809a105746c783d97da9b21df81823d02f24df7214263/CkgTdY_D8soZx4A

104.17.2.184

1 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/881748415a8456c1/1715316352628/2c965580a6b9f740276809a105746c783d97da9b21df81823d02f24df7214263/CkgTdY_D8soZx4A
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/pat/881748415a8456c1/1715316352628/2c965580a6b9f740276809a105746c783d97da9b21df81823d02f24df7214263/CkgTdY_D8soZx4A HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/vu6jm/0x4AAAAAAADzWzgyzZH-kqvo/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 401 Unauthorized
date: Fri, 10 May 2024 04:45:53 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gLJZVgKa590AnaAmhBXRseD2X2psh34GCPQLyTfchQmMAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAwJNLx-F--HQ4G6w81Lqhm55Wqle9iE4E64E37YL7QkK_ylJ-Dsmf1v3knq_MpBi8JncpUaWMssdL2Aha6xVtTuit-n3zEDZCW0VR_73N-Mc6DxdptQ_jsmIxis7apwux2f5L0gN0Z4K9C36tRcIL-chm-gijHvxrbhcCYusNwrgAlFaiqNWBqxKTiuPduHX4CNzNb7BAiNPz7ppY7Xn1WjmxSB-BaqSVLCYtDy-Mw41UBzE3QEcVUcRH9er-MksFvohzvhlnTTonFaMyAUYx3d_uCdDannmVQhRsm-aJs_P_GGe1TX3e9g5Sy-NmhGrro0kncbPlfTwFxa8SwJ5-8QIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tICyWVYCmufdAJ2gJoQV0bHg9l9qbId-Bgj0C8k33IUJjABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAi_Bv1vvWWnyuOfVJgRV-AQLxEJECUUmMRrMnYz-gJA-oMd79ajvP3atoTZqB_EsZIq7SMmpbCRFhPolqzIrtXh7AF1Q-ZWY2RoRVRgKr7d6iJMZ49iZUmbz837eqBZJrEMuXftZmY35str5sb0GjzklF8z_hcQJC9vancYXncsYoiMDaROW0tLwSQA9BGfbmA6GlbVj4XH8DH19cKifxmO6RlIPPKlL1KmZbrRakkpuqvJO2-x1Zc2S5GCpponuvQTqJQH8Ud9loZLI75e-Xa9KAUNtBTM0t9WSEsv8cSJLV1BPBVTy1lOnwghofw4fqmlYv6CXClzAUqWouSTJ7uwIDAQAB", max-age=20
server: cloudflare
cf-ray: 88174847ee6156c1-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/881748415a8456c1/1715316352630/xISY4QfXEfdyAzw

104.17.2.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/881748415a8456c1/1715316352630/xISY4QfXEfdyAzw
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 88 x 71, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
ea0ddf99711d245417402367d2d426a6
59245252a2b4b7e57794081a0f988ddaa9ddb729
16135fcbf9708d2bd183cff746990040dd744e89314ea1eb4878534b4fb66bd0

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/i/881748415a8456c1/1715316352630/xISY4QfXEfdyAzw HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/vu6jm/0x4AAAAAAADzWzgyzZH-kqvo/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 04:45:53 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 88174848df1056c1-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/api.js

104.17.2.184

0 B

URL GET
challenges.cloudflare.com/turnstile/v0/api.js
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

Requested by
https://donclion.top/_duraguard_oxy/zure/b3b32a2d422265cd25c3323ed0157f81/_we_transfer2/login.php?_x_tr_hl=null&_x_tr_pto=wapp&_x_tr_sl=auto&_x_tr_tl=null&pcnt=null&pmax=pmax
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://donclion.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Fri, 10 May 2024 04:45:55 GMT
content-length: 0
access-control-allow-origin: *
cache-control: max-age=300, public
location: /turnstile/v0/g/1b3559406bc8/api.js
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 881748539db856c1-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1392280030:1715314119:hIZ_WBEVdvjr7EvwwcyhBgq_vL08Ty_wDY3BqrnlOa0/881748415a8456c1/9cbbe776d87aea2

104.17.2.184

34 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1392280030:1715314119:hIZ_WBEVdvjr7EvwwcyhBgq_vL08Ty_wDY3BqrnlOa0/881748415a8456c1/9cbbe776d87aea2
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (3448), with no line terminators
Size
34 kB (33809 bytes)
Hash
d2b71b6298720e04b42cc92251b65b07
db480ecc2c5ff889a11f08a2c0cf18565b37f3ab
d2edcf422439af67119a6bb03a0c82de23ce045c60c7aaa63383489c50b581ea

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1392280030:1715314119:hIZ_WBEVdvjr7EvwwcyhBgq_vL08Ty_wDY3BqrnlOa0/881748415a8456c1/9cbbe776d87aea2 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/vu6jm/0x4AAAAAAADzWzgyzZH-kqvo/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 9cbbe776d87aea2
Content-Length: 28337
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 04:45:54 GMT
content-type: text/html; charset=UTF-8
cf-chl-out-s: XqRsm8pyUbDDD5Ar9ir4CA==$+D/nlydsy/pAoAkXg88AhQ==
cf-chl-out: 8WHAdhAjXd+PETyYw6Y4ZUms/UsZ0LZdYpJ7NealdjkI7pQjgiyriuPyDpJoym1BElBYOQMrA1kZcro76VF813B+2Har7CZ3KX58T1oukczgeYHDVLCEgJd/cRTNSlz7$ukyRSXEn7SVmu+lQ1rKmhw==
server: cloudflare
cf-ray: 881748516c3156c1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D

104.17.2.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/5o3v1/0x4AAAAAAADzWzgyzZH-kqvo/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 04:45:55 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 881748553edd56c1-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/2098443268:1715314301:xkkSCPOsleU7ChbSmIymjOlC3xdIVMdNPwLwNTJN4kE/881748544e3c56c1/721febb01bd70ca

104.17.2.184

86 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/2098443268:1715314301:xkkSCPOsleU7ChbSmIymjOlC3xdIVMdNPwLwNTJN4kE/881748544e3c56c1/721febb01bd70ca
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
86 kB (85962 bytes)
Hash
ce616025a3838bc9630354c3454bfcf2
2825f46b6d55ce3d52e1db0cac94c697c9ae8c78
4012c842e1b5a9cb1f45f08126ffeaf2248302ed20a5e96058a69ec33c454a7f

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/2098443268:1715314301:xkkSCPOsleU7ChbSmIymjOlC3xdIVMdNPwLwNTJN4kE/881748544e3c56c1/721febb01bd70ca HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/5o3v1/0x4AAAAAAADzWzgyzZH-kqvo/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 721febb01bd70ca
Content-Length: 2814
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 04:45:55 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: 0sZlsmwEpfySyuD8CmXpo1klhfr0b3Elo7hrAYMHkn0JOMgpBrJhxsKzYX7Sn6Of50UrNDdvSmUxvClcZKfyaeM+zYZhfNivWsDkk+Ow7dfs1AciuYXshUicEz5ydofG4rzGnn6WMfQqkz2JnGJ8JJaqjErOGU3gciS6TeFqe/RNQWy2gaf4TMgMk0ZES7A14K2WRA2DjamIzxlUOXsvEyvuLjwXPpTSEZaeTfZNaFh7s/Os02FBVwhaMCbamRmeOzVtuTnw+Pm6tJbkTK4dHcbBrb+TG8ins3KpqEGuJAewwRoFrEhjMe0jOxVxBCw6FUaOF4PlhsifJ83Nr3tF07IvgvwPiXTeA49uhTYyT619oTIRk6B1uUNpcIfMwIsYkp7Fkf7cKPt/Z+0kwS2HOVlD604JfaSe1Y74TBOraEHekhoimox5zZtzQXNwOJ1Q$1ARw5gRJ4w566uKeh1isXg==
server: cloudflare
cf-ray: 88174856dfe656c1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/881748544e3c56c1/1715316355667/ac7c47411e3e9496f851625689d9779784efa619398568243760063883629740/YxHKY1v1iRSlETj

104.17.2.184

1 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/881748544e3c56c1/1715316355667/ac7c47411e3e9496f851625689d9779784efa619398568243760063883629740/YxHKY1v1iRSlETj
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/pat/881748544e3c56c1/1715316355667/ac7c47411e3e9496f851625689d9779784efa619398568243760063883629740/YxHKY1v1iRSlETj HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/5o3v1/0x4AAAAAAADzWzgyzZH-kqvo/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 401 Unauthorized
date: Fri, 10 May 2024 04:45:56 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20grHxHQR4-lJb4UWJWidl3l4Tvphk5hWgkN2AGOINil0AAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAwJNLx-F--HQ4G6w81Lqhm55Wqle9iE4E64E37YL7QkK_ylJ-Dsmf1v3knq_MpBi8JncpUaWMssdL2Aha6xVtTuit-n3zEDZCW0VR_73N-Mc6DxdptQ_jsmIxis7apwux2f5L0gN0Z4K9C36tRcIL-chm-gijHvxrbhcCYusNwrgAlFaiqNWBqxKTiuPduHX4CNzNb7BAiNPz7ppY7Xn1WjmxSB-BaqSVLCYtDy-Mw41UBzE3QEcVUcRH9er-MksFvohzvhlnTTonFaMyAUYx3d_uCdDannmVQhRsm-aJs_P_GGe1TX3e9g5Sy-NmhGrro0kncbPlfTwFxa8SwJ5-8QIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIKx8R0EePpSW-FFiVonZd5eE76YZOYVoJDdgBjiDYpdAABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAi_Bv1vvWWnyuOfVJgRV-AQLxEJECUUmMRrMnYz-gJA-oMd79ajvP3atoTZqB_EsZIq7SMmpbCRFhPolqzIrtXh7AF1Q-ZWY2RoRVRgKr7d6iJMZ49iZUmbz837eqBZJrEMuXftZmY35str5sb0GjzklF8z_hcQJC9vancYXncsYoiMDaROW0tLwSQA9BGfbmA6GlbVj4XH8DH19cKifxmO6RlIPPKlL1KmZbrRakkpuqvJO2-x1Zc2S5GCpponuvQTqJQH8Ud9loZLI75e-Xa9KAUNtBTM0t9WSEsv8cSJLV1BPBVTy1lOnwghofw4fqmlYv6CXClzAUqWouSTJ7uwIDAQAB", max-age=20
server: cloudflare
cf-ray: 8817485a7abb56c1-OSL
alt-svc: h3=":443"; ma=86400

donclion.top/_duraguard_oxy/functions/validate.php

172.67.199.215

6.6 kB

URL
donclion.top/_duraguard_oxy/functions/validate.php
IP
172.67.199.215:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
6.6 kB (6614 bytes)
Hash
173a1d255f82312973a9c97037a2a44d
30818728060624891f8f9ad408269c52dfeca522
9ee790ee53595f841bbf1d671a2592fceb33cfeb2f5ef0e7e1eaf9bbbdc6a504

HTTP Headers

POST /_duraguard_oxy/functions/validate.php HTTP/1.1
Host: donclion.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 560
Origin: https://donclion.top
DNT: 1
Connection: keep-alive
Referer: https://donclion.top/_duraguard_oxy/zure/b3b32a2d422265cd25c3323ed0157f81/_we_transfer2/login.php?_x_tr_hl=null&_x_tr_pto=wapp&_x_tr_sl=auto&_x_tr_tl=null&pcnt=null&pmax=pmax
Cookie: cf_clearance=NKRzt8dgLhAoam38jsCc8nWafIx7EtFD1MaTAbtyfQU-1715316349-1.0.1.1-ZMWaeNqw41b.vFz5z4gbJICB1.8WvPULXVOk90NvLeD3T0K5LWLGPDEbXX6P0D5pX7ngrPJ4o9C06WgzaKjD5w
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 04:45:54 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.30
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8foavKZpo9fltjDy9N9SyhOutcRhjLbxTfL%2BXKbz07lH2dePsIp1twy3pwSYXh43YxE%2FxioP4RIpJVCFRJAEHJaMlzbgIl4rpUSurQbA15XA21qZq9hztoaV9yyUyU0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88174851c98156c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/g/1b3559406bc8/api.js

104.17.2.184

21 kB

URL
challenges.cloudflare.com/turnstile/v0/g/1b3559406bc8/api.js
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (42616)
Size
21 kB (21327 bytes)
Hash
86183dd14ee10d1dee92b37b5069d716
9ec32d650ece484bbe624ca734a0a65e22d35dd6
ae0e2e45f84d7d3d06526aafc20d4a95b486e8747bf80895f3aeb8c4aebee7f4

HTTP Headers

GET /turnstile/v0/g/1b3559406bc8/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://donclion.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 04:45:55 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800, public
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 88174853cddc56c1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/api.js

104.17.2.184

0 B

URL GET
challenges.cloudflare.com/turnstile/v0/api.js
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

Requested by
https://donclion.top/_duraguard_oxy/zure/b3b32a2d422265cd25c3323ed0157f81/_we_transfer2/login.php?_x_tr_hl=null&_x_tr_pto=wapp&_x_tr_sl=auto&_x_tr_tl=null&pcnt=null&pmax=pmax
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://donclion.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Fri, 10 May 2024 04:45:58 GMT
content-length: 0
access-control-allow-origin: *
cache-control: max-age=300, public
location: /turnstile/v0/g/1b3559406bc8/api.js
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 8817486609d356c1-OSL
alt-svc: h3=":443"; ma=86400

donclion.top/_duraguard_oxy/zure/b3b32a2d422265cd25c3323ed0157f81/_we_transfer2/login.php?_x_tr_hl=null&_x_tr_pto=wapp&_x_tr_sl=auto&_x_tr_tl=null&pcnt=null&pmax=pmax

172.67.199.215

200 OK

50 kB

URL User Request GET HTTP/3
donclion.top/_duraguard_oxy/zure/b3b32a2d422265cd25c3323ed0157f81/_we_transfer2/login.php?_x_tr_hl=null&_x_tr_pto=wapp&_x_tr_sl=auto&_x_tr_tl=null&pcnt=null&pmax=pmax
IP
172.67.199.215:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectdonclion.top
Fingerprint6A:DB:BB:36:1E:73:2D:C2:C5:1E:1A:EF:92:4B:9C:EE:8A:EF:BF:38
ValidityThu, 09 May 2024 12:26:34 GMT - Wed, 07 Aug 2024 12:26:33 GMT

File type
HTML document, ASCII text, with very long lines (805), with no line terminators
Size
50 kB (50011 bytes)
Hash
a412a44b531d03b2b158e4a230c2f69b
b6f5efcb07ebe0f23b6bb1305707e846e5db8c36
885b7c2ecb65a525e36f26734e497a88f82e3f9cc9dfc101bd6d5c0698a500e1

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /_duraguard_oxy/zure/b3b32a2d422265cd25c3323ed0157f81/_we_transfer2/login.php?_x_tr_hl=null&_x_tr_pto=wapp&_x_tr_sl=auto&_x_tr_tl=null&pcnt=null&pmax=pmax HTTP/1.1
Host: donclion.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=NKRzt8dgLhAoam38jsCc8nWafIx7EtFD1MaTAbtyfQU-1715316349-1.0.1.1-ZMWaeNqw41b.vFz5z4gbJICB1.8WvPULXVOk90NvLeD3T0K5LWLGPDEbXX6P0D5pX7ngrPJ4o9C06WgzaKjD5w
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 04:45:55 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.30
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iONUwmhlBW%2BhYVuBhonlMiBIXZ03IKD58C1tkabzJtb3tunDsgvT6XFrrPGHCGb%2FMR8xugMNXjlWkc5hvjGSahZ%2BQ3jU7jC4YFegpb%2F3jZfNK6sTcJyyGGTeOFoW4H0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881748529a1d56c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

donclion.top/_duraguard_oxy/functions/validate.php

172.67.199.215

33 kB

URL
donclion.top/_duraguard_oxy/functions/validate.php
IP
172.67.199.215:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
33 kB (33428 bytes)
Hash
acba7cad05f78a2ccaf961d8ff42737d
e8180c249102dce59cac3fbe3774fe70139bbf25
d14ccd72a1f8e99d1363d02c2cf04a2ab68ced5320b14684fe8864cf7676637c

HTTP Headers

POST /_duraguard_oxy/functions/validate.php HTTP/1.1
Host: donclion.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 560
Origin: https://donclion.top
DNT: 1
Connection: keep-alive
Referer: https://donclion.top/_duraguard_oxy/zure/b3b32a2d422265cd25c3323ed0157f81/_we_transfer2/login.php?_x_tr_hl=null&_x_tr_pto=wapp&_x_tr_sl=auto&_x_tr_tl=null&pcnt=null&pmax=pmax
Cookie: cf_clearance=NKRzt8dgLhAoam38jsCc8nWafIx7EtFD1MaTAbtyfQU-1715316349-1.0.1.1-ZMWaeNqw41b.vFz5z4gbJICB1.8WvPULXVOk90NvLeD3T0K5LWLGPDEbXX6P0D5pX7ngrPJ4o9C06WgzaKjD5w
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 04:45:57 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.30
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B3DORPYfFxFUM9rsv0Cy%2BSrA6Hii22%2FAx8kii4hECjkOPxqdc5Zqu%2FcWStmC0XWkS6poc0nfNymIXgiYexinnb8GN8jc5MVvQr21bJhkyWMVrVDBHydqQaW%2BnjhyPzE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881748643d7e56c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1316650424:1715314051:gcSy5v-XuW8Ce3SEO53OgHCVj7tbKfKCPH7Q7-6QP6o/881748669a2e56c1/c1b50edabe6dccb

104.17.2.184

89 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1316650424:1715314051:gcSy5v-XuW8Ce3SEO53OgHCVj7tbKfKCPH7Q7-6QP6o/881748669a2e56c1/c1b50edabe6dccb
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
89 kB (89440 bytes)
Hash
9949bffc79cc75075d84c7e29b2e0738
f14fe99bd361174afd2161419ff47631501575ea
6334645d8ec81dc10067130047eae44689c6d508d9c2b0901f258cf3fb45c5d3

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1316650424:1715314051:gcSy5v-XuW8Ce3SEO53OgHCVj7tbKfKCPH7Q7-6QP6o/881748669a2e56c1/c1b50edabe6dccb HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/kdoij/0x4AAAAAAADzWzgyzZH-kqvo/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: c1b50edabe6dccb
Content-Length: 2775
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 04:45:58 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: xbclN8/G8/YcDpeD6BStZKk3JsqcqcLq8bvRbQHTOGHEGbBLX3Nf/Rip2e4DZTWcoRqk172YJw8jt2/klDzlZbJj+CTSnIYIWTkAl17dZQbTxy/kcteTUdlVMYrzFhKL5vUFqt6kSZm8G9lx4cI6VTWKNdigKgAKr4Ejipwm4Ez07HjawwBx94aULjzOHXylcw1G9smGAWrv87Kik8Aezi+/gpmuuffAAVf+mhUiwJydEjEITVC10BF1XHLhXKknKQ5OV9VSRG5ELmXY7rKqD6EaxkQW+kpaU/BVj7Ne8waFG+W3QXoNgrLW3EZFqHlqg37l4jnrkfpdRg043IURT3ztJv5Vhw+Bg7xRMCRSObuuLxn15ei3+D1eBI6Uxbxg+f1NzrGSCfZ/dGSrby9x9QkU7qTBV22qOTnXkOfq2cagUHceMrcAb2jFu8DYH3Gj$7/r2TK4zEyhaNzl7FBQzTw==
server: cloudflare
cf-ray: 881748697c3456c1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/881748669a2e56c1/1715316358649/e7db4f070d133cfb66b8c51905ac9d4fce67d9ca24e765f0f8d8096dd61d9d4e/ty6zE_e2qFefr-C

104.17.2.184

1 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/881748669a2e56c1/1715316358649/e7db4f070d133cfb66b8c51905ac9d4fce67d9ca24e765f0f8d8096dd61d9d4e/ty6zE_e2qFefr-C
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/pat/881748669a2e56c1/1715316358649/e7db4f070d133cfb66b8c51905ac9d4fce67d9ca24e765f0f8d8096dd61d9d4e/ty6zE_e2qFefr-C HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/kdoij/0x4AAAAAAADzWzgyzZH-kqvo/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 401 Unauthorized
date: Fri, 10 May 2024 04:45:59 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20g59tPBw0TPPtmuMUZBaydT85n2cok52Xw-NgJbdYdnU4AGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAwJNLx-F--HQ4G6w81Lqhm55Wqle9iE4E64E37YL7QkK_ylJ-Dsmf1v3knq_MpBi8JncpUaWMssdL2Aha6xVtTuit-n3zEDZCW0VR_73N-Mc6DxdptQ_jsmIxis7apwux2f5L0gN0Z4K9C36tRcIL-chm-gijHvxrbhcCYusNwrgAlFaiqNWBqxKTiuPduHX4CNzNb7BAiNPz7ppY7Xn1WjmxSB-BaqSVLCYtDy-Mw41UBzE3QEcVUcRH9er-MksFvohzvhlnTTonFaMyAUYx3d_uCdDannmVQhRsm-aJs_P_GGe1TX3e9g5Sy-NmhGrro0kncbPlfTwFxa8SwJ5-8QIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIOfbTwcNEzz7ZrjFGQWsnU_OZ9nKJOdl8PjYCW3WHZ1OABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAi_Bv1vvWWnyuOfVJgRV-AQLxEJECUUmMRrMnYz-gJA-oMd79ajvP3atoTZqB_EsZIq7SMmpbCRFhPolqzIrtXh7AF1Q-ZWY2RoRVRgKr7d6iJMZ49iZUmbz837eqBZJrEMuXftZmY35str5sb0GjzklF8z_hcQJC9vancYXncsYoiMDaROW0tLwSQA9BGfbmA6GlbVj4XH8DH19cKifxmO6RlIPPKlL1KmZbrRakkpuqvJO2-x1Zc2S5GCpponuvQTqJQH8Ud9loZLI75e-Xa9KAUNtBTM0t9WSEsv8cSJLV1BPBVTy1lOnwghofw4fqmlYv6CXClzAUqWouSTJ7uwIDAQAB", max-age=20
server: cloudflare
cf-ray: 8817486cce8056c1-OSL
alt-svc: h3=":443"; ma=86400

donclion.top/favicon.ico

172.67.199.215

289 B

URL
donclion.top/favicon.ico
IP
172.67.199.215:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text
Size
289 B (289 bytes)
Hash
067f9234d63c75eff3fb973e5dbdc85a
7a2007d62d760aae7085b0fe50e6e21dbd84acac
bc3649a6a5a489b8b2d63204e091312c407c0642a10d81e5a58515ab88b752d1

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: donclion.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://donclion.top/_duraguard_oxy/zure/b3b32a2d422265cd25c3323ed0157f81/_we_transfer2/login.php?_x_tr_hl=null&_x_tr_pto=wapp&_x_tr_sl=auto&_x_tr_tl=null&pcnt=null&pmax=pmax
Cookie: cf_clearance=NKRzt8dgLhAoam38jsCc8nWafIx7EtFD1MaTAbtyfQU-1715316349-1.0.1.1-ZMWaeNqw41b.vFz5z4gbJICB1.8WvPULXVOk90NvLeD3T0K5LWLGPDEbXX6P0D5pX7ngrPJ4o9C06WgzaKjD5w
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Fri, 10 May 2024 04:45:52 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: HIT
age: 33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=THfhttpDotW8fxKFdyVv2IEB3BDTWfr8WAyzk5CWsbeOfaojic39VKKjpL2D0NXArWEFfSKgX0T5m19kNFqEChPjfgqMn9XEk334JJoPdtb5AWJk225pwcWkThEFaRo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881748412dc256c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/g/1b3559406bc8/api.js

104.17.2.184

24 kB

URL
challenges.cloudflare.com/turnstile/v0/g/1b3559406bc8/api.js
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (42616)
Size
24 kB (24178 bytes)
Hash
86183dd14ee10d1dee92b37b5069d716
9ec32d650ece484bbe624ca734a0a65e22d35dd6
ae0e2e45f84d7d3d06526aafc20d4a95b486e8747bf80895f3aeb8c4aebee7f4

HTTP Headers

GET /turnstile/v0/g/1b3559406bc8/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://donclion.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 04:45:52 GMT
content-type: application/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
cache-control: max-age=604800, public
access-control-allow-origin: *
vary: Accept-Encoding
server: cloudflare
cf-ray: 88174840ea4256c1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/api.js

104.17.2.184

0 B

URL GET
challenges.cloudflare.com/turnstile/v0/api.js
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

Requested by
https://donclion.top/_duraguard_oxy/zure/b3b32a2d422265cd25c3323ed0157f81/_we_transfer2/login.php?_x_tr_hl=null&_x_tr_pto=wapp&_x_tr_sl=auto&_x_tr_tl=null&pcnt=null&pmax=pmax
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://donclion.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Fri, 10 May 2024 04:46:01 GMT
content-length: 0
cross-origin-resource-policy: cross-origin
location: /turnstile/v0/g/1b3559406bc8/api.js
cache-control: max-age=300, public
access-control-allow-origin: *
vary: Accept-Encoding
server: cloudflare
cf-ray: 881748796ea156c1-OSL
alt-svc: h3=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js

142.250.74.170

200 OK

31 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://donclion.top/_duraguard_oxy/zure/b3b32a2d422265cd25c3323ed0157f81/_we_transfer2/login.php?_x_tr_hl=null&_x_tr_pto=wapp&_x_tr_sl=auto&_x_tr_tl=null&pcnt=null&pmax=pmax
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (31191 bytes)
Hash
cf2fbbf84281d9ecbffb4993203d543b
832a6a4e86daf38b1975d705c5de5d9e5f5844bc
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

HTTP Headers

GET /ajax/libs/jquery/3.6.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://donclion.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:33:17 GMT
expires: Fri, 09 May 2025 01:33:17 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Wed, 11 Jan 2023 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 97964
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

challenges.cloudflare.com/turnstile/v0/g/1b3559406bc8/api.js

104.17.2.184

33 kB

URL
challenges.cloudflare.com/turnstile/v0/g/1b3559406bc8/api.js
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (42616)
Size
33 kB (32993 bytes)
Hash
86183dd14ee10d1dee92b37b5069d716
9ec32d650ece484bbe624ca734a0a65e22d35dd6
ae0e2e45f84d7d3d06526aafc20d4a95b486e8747bf80895f3aeb8c4aebee7f4

HTTP Headers

GET /turnstile/v0/g/1b3559406bc8/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://donclion.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 04:46:01 GMT
content-type: application/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
cache-control: max-age=604800, public
access-control-allow-origin: *
vary: Accept-Encoding
server: cloudflare
cf-ray: 881748799eaf56c1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1482715438:1715314219:4usS2a2veVJgd01MqK32Wmj8qIyiu8qPqD-eK5k6-q0/8817487a0eef56c1/3073baf6f57a8c2

104.17.2.184

86 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1482715438:1715314219:4usS2a2veVJgd01MqK32Wmj8qIyiu8qPqD-eK5k6-q0/8817487a0eef56c1/3073baf6f57a8c2
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
86 kB (85930 bytes)
Hash
8f6c882da471fe70e9148f1691e9e49a
b0a84597a688edf0d5fee9dcb9527d113980b3ec
0aaca7381cd8a40a6fdc1e8f00a60b0e7462dede7e09c8957a6b5a081a9b763a

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1482715438:1715314219:4usS2a2veVJgd01MqK32Wmj8qIyiu8qPqD-eK5k6-q0/8817487a0eef56c1/3073baf6f57a8c2 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/5fhbj/0x4AAAAAAADzWzgyzZH-kqvo/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 3073baf6f57a8c2
Content-Length: 2810
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 04:46:01 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: 9BSc707hNUjaMEOqE8I7rGKzYejpFW2IEV+25Two4IjrL+SgR8QBPn3zs7ISHIDOzCfGIAzKKGiW7MZBdGbpTsvkI3pswyqNp1dY2QlCPoclzFtxON5A8ee5/MVfuJpM+Icjg98Eb60fEt2O91mYRv0e7rU+3IGZlBlE8unOhD5kT4bNody4tPQL0wVnd337pqCcKYKGQiiMOeVtXFtkf3agJMdN4elLOeTfQUO0RsghFLv3jYV2ThGfHhMPZQBil29M8mhR4LlcUg+BIG/QRTk+b1UPZJpzZh8conoNyErdSyX3+u+B/BUqjohPY9R2HtAKdB/e712FR6L5F4xAPnZQF+e1Z5nymBUAR3mopTuuEffPdGSDt3JGjxyQmSZK1nfeSaHpQg/K9hJoBpduA+8K4NKL6q92Fs4vUVJGzFx2F/9/ytYTnkRbSnWpvrff$KsAHeaehwvI1CCOciDduLA==
server: cloudflare
cf-ray: 8817487cc8a656c1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/8817487a0eef56c1/1715316361736/fC7pxO6RabMUS3u

104.17.2.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/8817487a0eef56c1/1715316361736/fC7pxO6RabMUS3u
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 53 x 80, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
1aaa952e0676ecd439f1f33ef75ec882
04bef4e13d29e79e33e1e0a570c5e0fbc2271d7f
1b17ed1e7f7ab68f889c5c3badcc5050c6c8746b5d2b69528c73f3747055931f

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/i/8817487a0eef56c1/1715316361736/fC7pxO6RabMUS3u HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/5fhbj/0x4AAAAAAADzWzgyzZH-kqvo/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 04:46:03 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 8817488898d856c1-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/api.js

104.17.2.184

0 B

URL GET
challenges.cloudflare.com/turnstile/v0/api.js
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

Requested by
https://donclion.top/_duraguard_oxy/zure/b3b32a2d422265cd25c3323ed0157f81/_we_transfer2/login.php?_x_tr_hl=null&_x_tr_pto=wapp&_x_tr_sl=auto&_x_tr_tl=null&pcnt=null&pmax=pmax
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://donclion.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Fri, 10 May 2024 04:46:04 GMT
content-length: 0
cross-origin-resource-policy: cross-origin
location: /turnstile/v0/g/1b3559406bc8/api.js
cache-control: max-age=300, public
access-control-allow-origin: *
vary: Accept-Encoding
server: cloudflare
cf-ray: 8817488dbc0156c1-OSL
alt-svc: h3=":443"; ma=86400

donclion.top/favicon.ico

172.67.199.215

31 kB

URL
donclion.top/favicon.ico
IP
172.67.199.215:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text
Size
31 kB (31419 bytes)
Hash
067f9234d63c75eff3fb973e5dbdc85a
7a2007d62d760aae7085b0fe50e6e21dbd84acac
bc3649a6a5a489b8b2d63204e091312c407c0642a10d81e5a58515ab88b752d1

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: donclion.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://donclion.top/_duraguard_oxy/zure/b3b32a2d422265cd25c3323ed0157f81/_we_transfer2/login.php?_x_tr_hl=null&_x_tr_pto=wapp&_x_tr_sl=auto&_x_tr_tl=null&pcnt=null&pmax=pmax
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Fri, 10 May 2024 04:45:49 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: HIT
age: 30
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7TjPl5E1r3bQ2neNzjOmO3Lxg9lTdp9WV28P1apITSdVabJnGiuJx4i5x6A2Sz7BUbGQRPS44ulUadRvZkYiZNuVcVPRJZhrNfCJAFnGvMM8%2FRG7X8cbH%2FCJw9cseCM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8817482e88a956c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1482715438:1715314219:4usS2a2veVJgd01MqK32Wmj8qIyiu8qPqD-eK5k6-q0/8817487a0eef56c1/3073baf6f57a8c2

104.17.2.184

21 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1482715438:1715314219:4usS2a2veVJgd01MqK32Wmj8qIyiu8qPqD-eK5k6-q0/8817487a0eef56c1/3073baf6f57a8c2
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (3448), with no line terminators
Size
21 kB (21075 bytes)
Hash
4376de731a5e9e154608d7c7cebfd446
28200b97e936355fd67ed2c8ddee006ad06afe30
08a70ed1afba1d4303cf27e74c237590fd4903887b178ac005fe47a2b3a56ecf

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1482715438:1715314219:4usS2a2veVJgd01MqK32Wmj8qIyiu8qPqD-eK5k6-q0/8817487a0eef56c1/3073baf6f57a8c2 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/5fhbj/0x4AAAAAAADzWzgyzZH-kqvo/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 3073baf6f57a8c2
Content-Length: 27915
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 04:46:04 GMT
content-type: text/html; charset=UTF-8
cf-chl-out: i4GTkPQmXeZNnhSx1Ycn35Sd/wht0AoVqLaLR1LsND6PjWGYykSg1BlE7S0LGB/7GIjCwOyXmnLO70Zq1XaJ73xtP1XZV9HTrEUovu9mWdo6/ntYEtz/JqbJ1HQLTPnj$m1bwyTwQRwHI/hRI5yp6xQ==
cf-chl-out-s: rVBtnPZJTje581T9Qz2CeQ==$HhwWCnml79GunaivHBsPdQ==
server: cloudflare
cf-ray: 8817488b2a7856c1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=881748415a8456c1

104.17.2.184

124 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=881748415a8456c1
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
124 kB (123750 bytes)
Hash
abda375934b631fcf35aad88f6f212af
9fde8fa0686d163010769599afd7a9696e114007
c46c4bddbbf0038e9be29a1b816911faf4dcd73c10e12ff436b20ed825138202

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=881748415a8456c1 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/vu6jm/0x4AAAAAAADzWzgyzZH-kqvo/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 04:45:52 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 881748423b0656c1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

donclion.top/favicon.ico

172.67.199.215

229 B

URL
donclion.top/favicon.ico
IP
172.67.199.215:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text
Size
229 B (229 bytes)
Hash
067f9234d63c75eff3fb973e5dbdc85a
7a2007d62d760aae7085b0fe50e6e21dbd84acac
bc3649a6a5a489b8b2d63204e091312c407c0642a10d81e5a58515ab88b752d1

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: donclion.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://donclion.top/_duraguard_oxy/zure/b3b32a2d422265cd25c3323ed0157f81/_we_transfer2/login.php?_x_tr_hl=null&_x_tr_pto=wapp&_x_tr_sl=auto&_x_tr_tl=null&pcnt=null&pmax=pmax
Cookie: cf_clearance=NKRzt8dgLhAoam38jsCc8nWafIx7EtFD1MaTAbtyfQU-1715316349-1.0.1.1-ZMWaeNqw41b.vFz5z4gbJICB1.8WvPULXVOk90NvLeD3T0K5LWLGPDEbXX6P0D5pX7ngrPJ4o9C06WgzaKjD5w
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Fri, 10 May 2024 04:45:55 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: HIT
age: 36
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zMXln9V269m9xURcrUPRTZeHCRlyLvjjpg4gxXh7jzjwPxaEMatmVl18Z2GJwQTP8XRYr5gAQpEHZSOfLPKszheFMGCLbr3OcLSV2bo5T9HH8eJMw1b5Aoc1lJ8AjXk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881748541b1456c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/api.js

104.17.2.184

0 B

URL GET
challenges.cloudflare.com/turnstile/v0/api.js
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

Requested by
https://donclion.top/_duraguard_oxy/zure/b3b32a2d422265cd25c3323ed0157f81/_we_transfer2/login.php?_x_tr_hl=null&_x_tr_pto=wapp&_x_tr_sl=auto&_x_tr_tl=null&pcnt=null&pmax=pmax
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://donclion.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Fri, 10 May 2024 04:46:07 GMT
content-length: 0
cross-origin-resource-policy: cross-origin
location: /turnstile/v0/g/1b3559406bc8/api.js
cache-control: max-age=300, public
access-control-allow-origin: *
vary: Accept-Encoding
server: cloudflare
cf-ray: 881748a229dd56c1-OSL
alt-svc: h3=":443"; ma=86400

donclion.top/_duraguard_oxy/functions/validate.php

172.67.199.215

31 kB

URL
donclion.top/_duraguard_oxy/functions/validate.php
IP
172.67.199.215:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
31 kB (31192 bytes)
Hash
cd7bc652307ad520366f441f280c3841
6793c65d772047d2f94cae30b74e5e99266731a4
76fac969d2b0e07d21bf7f1c395d0a855abbf6559edb1cc13415db1811ec6187

HTTP Headers

POST /_duraguard_oxy/functions/validate.php HTTP/1.1
Host: donclion.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 560
Origin: https://donclion.top
DNT: 1
Connection: keep-alive
Referer: https://donclion.top/_duraguard_oxy/zure/b3b32a2d422265cd25c3323ed0157f81/_we_transfer2/login.php?_x_tr_hl=null&_x_tr_pto=wapp&_x_tr_sl=auto&_x_tr_tl=null&pcnt=null&pmax=pmax
Cookie: cf_clearance=NKRzt8dgLhAoam38jsCc8nWafIx7EtFD1MaTAbtyfQU-1715316349-1.0.1.1-ZMWaeNqw41b.vFz5z4gbJICB1.8WvPULXVOk90NvLeD3T0K5LWLGPDEbXX6P0D5pX7ngrPJ4o9C06WgzaKjD5w
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 04:46:07 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.30
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N1LoLSE1s4R%2Fta9lwAQtG3FVUWvH2%2B60i%2Bj4cJ6R46PTiq4EIqlh3qrn4XzLuB9u%2Ba2NQAzK5oaiLO30PBaADX%2FDwc49dQbA4xgMiEbNUfZmtffObdh4299uXQBf61A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881748a069de56c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/c3p9t/0x4AAAAAAADzWzgyzZH-kqvo/auto/normal

104.17.2.184

18 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/c3p9t/0x4AAAAAAADzWzgyzZH-kqvo/auto/normal
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (42150)
Size
18 kB (18464 bytes)
Hash
3980f7bf986f0fe831ec85acf08914a4
130ff2be266f52289d720427542c1c09fb244ad8
2d66fff29222230a69a54ea062143bcb5f67012685016752a4569518fac4f127

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/c3p9t/0x4AAAAAAADzWzgyzZH-kqvo/auto/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://donclion.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 04:46:07 GMT
content-type: text/html; charset=UTF-8
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cross-origin-resource-policy: cross-origin
referrer-policy: same-origin
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
origin-agent-cluster: ?1
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
server: cloudflare
cf-ray: 881748a2ba2a56c1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/881748a2ba2a56c1/1715316368232/ba96bd66e88bf817cec74f82b3be4b307ddc34b85d1bc10ac786d1e4ecac207e/Y8raFBYuC9g0c84

104.17.2.184

1 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/881748a2ba2a56c1/1715316368232/ba96bd66e88bf817cec74f82b3be4b307ddc34b85d1bc10ac786d1e4ecac207e/Y8raFBYuC9g0c84
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/pat/881748a2ba2a56c1/1715316368232/ba96bd66e88bf817cec74f82b3be4b307ddc34b85d1bc10ac786d1e4ecac207e/Y8raFBYuC9g0c84 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/c3p9t/0x4AAAAAAADzWzgyzZH-kqvo/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 401 Unauthorized
date: Fri, 10 May 2024 04:46:09 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gupa9ZuiL-BfOx0-Cs75LMH3cNLhdG8EKx4bR5OysIH4AGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAwJNLx-F--HQ4G6w81Lqhm55Wqle9iE4E64E37YL7QkK_ylJ-Dsmf1v3knq_MpBi8JncpUaWMssdL2Aha6xVtTuit-n3zEDZCW0VR_73N-Mc6DxdptQ_jsmIxis7apwux2f5L0gN0Z4K9C36tRcIL-chm-gijHvxrbhcCYusNwrgAlFaiqNWBqxKTiuPduHX4CNzNb7BAiNPz7ppY7Xn1WjmxSB-BaqSVLCYtDy-Mw41UBzE3QEcVUcRH9er-MksFvohzvhlnTTonFaMyAUYx3d_uCdDannmVQhRsm-aJs_P_GGe1TX3e9g5Sy-NmhGrro0kncbPlfTwFxa8SwJ5-8QIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tILqWvWboi_gXzsdPgrO-SzB93DS4XRvBCseG0eTsrCB-ABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAi_Bv1vvWWnyuOfVJgRV-AQLxEJECUUmMRrMnYz-gJA-oMd79ajvP3atoTZqB_EsZIq7SMmpbCRFhPolqzIrtXh7AF1Q-ZWY2RoRVRgKr7d6iJMZ49iZUmbz837eqBZJrEMuXftZmY35str5sb0GjzklF8z_hcQJC9vancYXncsYoiMDaROW0tLwSQA9BGfbmA6GlbVj4XH8DH19cKifxmO6RlIPPKlL1KmZbrRakkpuqvJO2-x1Zc2S5GCpponuvQTqJQH8Ud9loZLI75e-Xa9KAUNtBTM0t9WSEsv8cSJLV1BPBVTy1lOnwghofw4fqmlYv6CXClzAUqWouSTJ7uwIDAQAB", max-age=20
server: cloudflare
cf-ray: 881748aa9faf56c1-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/881748a2ba2a56c1/1715316368236/QWacZWduB3eYUdi

104.17.2.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/881748a2ba2a56c1/1715316368236/QWacZWduB3eYUdi
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 69 x 88, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
51538d818e28b729e123052a55b06e77
f4c7a8e661fcd4033a530724089d35fcee99d593
d5d77e64214576064d417dd7ff52c6b3503a01cf2e48e3ff216affdcd05e33ff

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/i/881748a2ba2a56c1/1715316368236/QWacZWduB3eYUdi HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/c3p9t/0x4AAAAAAADzWzgyzZH-kqvo/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 04:46:09 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 881748aadfeb56c1-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/api.js

104.17.2.184

0 B

URL GET
challenges.cloudflare.com/turnstile/v0/api.js
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

Requested by
https://donclion.top/_duraguard_oxy/zure/b3b32a2d422265cd25c3323ed0157f81/_we_transfer2/login.php?_x_tr_hl=null&_x_tr_pto=wapp&_x_tr_sl=auto&_x_tr_tl=null&pcnt=null&pmax=pmax
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://donclion.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Fri, 10 May 2024 04:46:10 GMT
content-length: 0
cross-origin-resource-policy: cross-origin
cache-control: max-age=300, public
access-control-allow-origin: *
location: /turnstile/v0/g/1b3559406bc8/api.js
vary: Accept-Encoding
server: cloudflare
cf-ray: 881748b6882056c1-OSL
alt-svc: h3=":443"; ma=86400

donclion.top/_duraguard_oxy/functions/validate.php

172.67.199.215

34 kB

URL
donclion.top/_duraguard_oxy/functions/validate.php
IP
172.67.199.215:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
34 kB (34228 bytes)
Hash
b611ca8961d9af4a365512c6ab49ac82
579f43f89edefafbb46042fa6b0307dabe66bc35
261e1a0329bce0c8b76f64f4cce520f3072463d20bf5c21928704ffffe488e79

HTTP Headers

POST /_duraguard_oxy/functions/validate.php HTTP/1.1
Host: donclion.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 560
Origin: https://donclion.top
DNT: 1
Connection: keep-alive
Referer: https://donclion.top/_duraguard_oxy/zure/b3b32a2d422265cd25c3323ed0157f81/_we_transfer2/login.php?_x_tr_hl=null&_x_tr_pto=wapp&_x_tr_sl=auto&_x_tr_tl=null&pcnt=null&pmax=pmax
Cookie: cf_clearance=NKRzt8dgLhAoam38jsCc8nWafIx7EtFD1MaTAbtyfQU-1715316349-1.0.1.1-ZMWaeNqw41b.vFz5z4gbJICB1.8WvPULXVOk90NvLeD3T0K5LWLGPDEbXX6P0D5pX7ngrPJ4o9C06WgzaKjD5w
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 04:46:04 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.30
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SpWwVF8iBJkQXM5Pi6hD9YBPzhG9br6XBF%2BLphI4qovomsW%2Bn0s6fIC4pv%2FWyrZCo%2FL%2BKh5Oo2DI2wfMoImVjKvLJpQJ0fvlUP7N6y%2FIdf%2BSM3rTk6z85r0VT7FMNns%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8817488bbaa656c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/g/1b3559406bc8/api.js

104.17.2.184

33 kB

URL
challenges.cloudflare.com/turnstile/v0/g/1b3559406bc8/api.js
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (42616)
Size
33 kB (32989 bytes)
Hash
86183dd14ee10d1dee92b37b5069d716
9ec32d650ece484bbe624ca734a0a65e22d35dd6
ae0e2e45f84d7d3d06526aafc20d4a95b486e8747bf80895f3aeb8c4aebee7f4

HTTP Headers

GET /turnstile/v0/g/1b3559406bc8/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://donclion.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 04:46:10 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800, public
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 881748b6a83056c1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1398429185:1715314064:_1GDhmoICuBHhxzuaZOt1o75Wx_hM91Qz0tZsv2obik/8817482eae8b56c1/6ff58b97653ace1

104.17.2.184

86 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1398429185:1715314064:_1GDhmoICuBHhxzuaZOt1o75Wx_hM91Qz0tZsv2obik/8817482eae8b56c1/6ff58b97653ace1
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
86 kB (86410 bytes)
Hash
038387ac8892cb573a609b4e98421a59
809e53500920ff4d2efd98df184b967861cff3c9
ed60812c618b56ef1534df95ce8043feb17fa903c2b5e52c88046e813dba0908

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1398429185:1715314064:_1GDhmoICuBHhxzuaZOt1o75Wx_hM91Qz0tZsv2obik/8817482eae8b56c1/6ff58b97653ace1 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/fsleh/0x4AAAAAAADzWzgyzZH-kqvo/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 6ff58b97653ace1
Content-Length: 2801
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 04:45:49 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: yhAiwiVdmQLBw4wbSwExHqgjeVP/ZVW4e8A8Os3gl1WRl64jwYNM7Hf/JXm1vZSX/pEf5/ywgdX4M2l+M6IoUGvIAZKQ1KX4PhnpNSBzSaRHLfyZuDQrbvxmidtEqZBBVTktriQA7bSsujrU3OGiEmVb8PakB/Tj6NDRx5oND6zBCdaSa48+hVG6OAzYGgux3/nURb9pVaCM89VcZzChGuGjr3d+ztyTsrVRi0/ttviwgN4xXZtenaGv1PTQfrlyn2rXF5YzKFixvma9OC2UIeG8dpwLmu6brWnSU/XNUxVc7fTekNh774rQhIdJU6zyl4gL18kNH1+ihdt9SImYWMt+zxix733l1aWifYowgDe2mhXb+pzCFuBZ9v0iEtvQBtIP15FmZ7saDihPW2aOkoxCiKUgIYzVgualTK70l6dbP6aL07yQL5BD7pKn2+w4$BYwRJySt/KSdtFXylw0gwg==
server: cloudflare
cf-ray: 881748310fdd56c1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1392280030:1715314119:hIZ_WBEVdvjr7EvwwcyhBgq_vL08Ty_wDY3BqrnlOa0/881748415a8456c1/9cbbe776d87aea2

104.17.2.184

102 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1392280030:1715314119:hIZ_WBEVdvjr7EvwwcyhBgq_vL08Ty_wDY3BqrnlOa0/881748415a8456c1/9cbbe776d87aea2
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
102 kB (102275 bytes)
Hash
9e2af85bf2e67fd719660321035f0ec6
cfb749e86c0985f24bccffcf1ae8b6e1a1fbcf4c
0e8b9893e4ce95193fcc03e98daa4a87bb6301ebf3b455915515001bdcaa74af

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1392280030:1715314119:hIZ_WBEVdvjr7EvwwcyhBgq_vL08Ty_wDY3BqrnlOa0/881748415a8456c1/9cbbe776d87aea2 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/vu6jm/0x4AAAAAAADzWzgyzZH-kqvo/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 9cbbe776d87aea2
Content-Length: 2805
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 04:45:52 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: BY0JuoumRhQA3PeOqjh9KmdmQNTi5K0jECLz9+puIsjJWRzCXSgg6KiT8hCqc31F61iLSGNNYAPTVD2UguxrvaJoiB0pK7MdIAEHp1WJMm5yxP6wuETEmW/EWryCAxrayo8uu0zkGXF2ISsufsTTaCoXaM/PxH0g9XdGo2tKi/wqWIs2s4mdQ/wlU5nwMmFN3ZKX/eGUP7FvxT4AdaLpy0T2IJ2o4P+2IIlHGxtAJL8FO6HNndqTew/QxMqA47HklVVreZdw7yIwfF6C2Fr30TxaKibzXzJg/ORN8gDqRsONGaMSE+CYPLNtZpl/XoKqop6H/VnBWs6QV6ngPc/QohhDXUwyBko6mL5HMnFXWOGo62LY8kZvu2d5v+hHsnhdbvo3EQRZ1OWH7Vs8tRfMJHADIoqruoLv6fwwC5l3JvX4EplTmIAMTPKpa8ksbiilwWkMxvO7L2SoxIeCFEfY8lp8pTr/yCrmBaMB53FXbu4=$wWLskZKREjiMVriBZ3Uiqw==
server: cloudflare
cf-ray: 88174843dbe756c1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (35)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations