| clickproxy.retailrocket.net/?url=https://starlandspromoters.com/ajax/index/ZGF2aWQuaG9kZ3NvbkBhc2FsZW9jYXJlLmNvbQ== |  193.17.93.93 | | 0 B |
URL clickproxy.retailrocket.net/?url=https://starlandspromoters.com/ajax/index/ZGF2aWQuaG9kZ3NvbkBhc2FsZW9jYXJlLmNvbQ== IP193.17.93.93:0 ASN#210756 EdgeCenter LLC
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?url=https://starlandspromoters.com/ajax/index/ZGF2aWQuaG9kZ3NvbkBhc2FsZW9jYXJlLmNvbQ== HTTP/1.1
Host: clickproxy.retailrocket.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Tue, 23 Apr 2024 23:34:07 GMT
content-type: application/json
content-length: 0
location: https://starlandspromoters.com/ajax/index/ZGF2aWQuaG9kZ3NvbkBhc2FsZW9jYXJlLmNvbQ==?rr_mailid_proxy=test_tracking_id
x-amzn-requestid: 7b6e3e73-7f27-495e-b638-b2ec80be67a6
x-amz-apigw-id: Ws_JaHg4DoEETZw=
cache-control: no-cache, no-store, must-revalidate
x-amzn-trace-id: Root=1-6628456f-638a824d2c7a89c67b0e4e68;Parent=1111595d9f1ca5ab;Sampled=0;lineage=a0613a6b:0
pragma: no-cache
x-node: dt-up-gc33
X-Firefox-Spdy: h2
|
|
| starlandspromoters.com/ajax/index/ZGF2aWQuaG9kZ3NvbkBhc2FsZW9jYXJlLmNvbQ==?rr_mailid_proxy=test_tracking_id |  162.241.85.246 | | 0 B |
URL starlandspromoters.com/ajax/index/ZGF2aWQuaG9kZ3NvbkBhc2FsZW9jYXJlLmNvbQ==?rr_mailid_proxy=test_tracking_id IP162.241.85.246:0 ASN#46606 UNIFIEDLAYER-AS-1
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Microsoft Outlook |
GET /ajax/index/ZGF2aWQuaG9kZ3NvbkBhc2FsZW9jYXJlLmNvbQ==?rr_mailid_proxy=test_tracking_id HTTP/1.1
Host: starlandspromoters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
refresh: 0;url=https://investmentadvisorsdocucloudstreams.com/Mdavid.hodgson@asaleocare.com
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 23 Apr 2024 23:34:07 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/turnstile/v0/b/471dc2adc340/api.js?onload=ZbqNq8&render=explicit |  104.17.3.184 | 200 OK | 40 kB |
URL GET HTTP/3challenges.cloudflare.com/turnstile/v0/b/471dc2adc340/api.js?onload=ZbqNq8&render=explicit IP104.17.3.184:443
Requested byhttps://investmentadvisorsdocucloudstreams.com/Mdavid.hodgson@asaleocare.com CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (42414) Hashf94a2211ce789a95a7c67e8c660d63e8 f1fc19b6bcb96d0a905bf3192aaff0885ff9f36f 926dc3302f99ec05e4206e965ddeb7250f5910a8c38e82c7beafb724bbaaf37b
GET /turnstile/v0/b/471dc2adc340/api.js?onload=ZbqNq8&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://investmentadvisorsdocucloudstreams.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Apr 2024 23:34:08 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 8791a9a05b77b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/8791a9a1c89bb51b/1713915249361/61ae6e099a408c2799304bfcca839e44e5461a8c0e1850517b9120b02170cd35/zNaFRGeWjzpgwcB | 104.17.3.184 | | 1 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/8791a9a1c89bb51b/1713915249361/61ae6e099a408c2799304bfcca839e44e5461a8c0e1850517b9120b02170cd35/zNaFRGeWjzpgwcB IP104.17.3.184:0
CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typevery short file (no magic) Hashff44570aca8241914870afbc310cdb85 58668e7669fd564d99db5d581fcdb6a5618440b5 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
GET /cdn-cgi/challenge-platform/h/b/pat/8791a9a1c89bb51b/1713915249361/61ae6e099a408c2799304bfcca839e44e5461a8c0e1850517b9120b02170cd35/zNaFRGeWjzpgwcB HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/rb33v/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 401 Unauthorized
date: Tue, 23 Apr 2024 23:34:09 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gYa5uCZpAjCeZMEv8yoOeROVGGowOGFBRe5EgsCFwzTUAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEApc5PUXcXSrXwpeNe3kT6EaAJPDsPBMfFZc7M608yW3JV6YSHiGBLoFiLtNHD3Yj8UsOtWbQeFa2uvS_dYz5MBsoSW4-RbOY-WCB2aGEB-eoRbXl4lJRl0UNGi00lNBgNTil_mTTSNV3ssSkmSY8kwM-5GqBNfJ2kmJPKo02MWiXn1pwc4YXbeATUrYDRvvXUXYZrgaarjDyvHFhnYpD3mqr5qOj_TS_1SCUZ0HIp8ywDX06Xc59cKjzFHEUzD3gWutoK4apMxNt9bWWxcH3D_UL1a1llCxh-knMwTxgvRXS-XHap_ymO2zCuAPNgo1SDCTl4lTQZbVX7VvpDZwMaiQIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIGGubgmaQIwnmTBL_MqDnkTlRhqMDhhQUXuRILAhcM01ABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA1FEYykHcK8H9rb_u0aFz3CmWgYloQw4YhedoEOAjJ0vy2Axa4f9UG9Dzs4uXS34_h8l6MDo2nRCvLI9lvebilMnTjCn-6D77bewqYxJKUFZW1z2jBIdu03TrETczfEg7kxgKtJE9NXGDjYJcF_iMgzgNA0PEAVM89tUYXXlFy4cUAGlqU2mPpIEOxm5ARsXC-zlLK60fkJ4cOsZRkZa6EExdhmgdwQ0fEJuSOHrBO_-zJn4hUP8q9g4yqkxW2UrfJgD07F4HaHGBEiei06sGDvH2NEPvswEl5dTGxutNrxlU7W24iYhNa2nhjlc53nNb0mKtszv-czVE9UhXyJ7-RQIDAQAB", max-age=20
server: cloudflare
cf-ray: 8791a9a6cb2ab51b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8791a9a1c89bb51b/1713915249369/PGq7tYM1D7gXto- | 104.17.3.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8791a9a1c89bb51b/1713915249369/PGq7tYM1D7gXto- IP104.17.3.184:0
CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typePNG image data, 41 x 80, 8-bit/color RGB, non-interlaced Hashe3313f32704d23d58ac85081be644632 a8bcfbafc15a458c1ca5c04170ae9fa99042c72d 38cf32cce3c3a97d3f78ccede7431b6df23bece524a912b3e04dd91313a6bcd4
GET /cdn-cgi/challenge-platform/h/b/i/8791a9a1c89bb51b/1713915249369/PGq7tYM1D7gXto- HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/rb33v/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 23:34:10 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 8791a9ac0cf5b51b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/pziyw/0x4AAAAAAADnPIDROrmt1Wwj/light/normal | 104.17.3.184 | | 26 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/pziyw/0x4AAAAAAADnPIDROrmt1Wwj/light/normal IP104.17.3.184:0
CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (41702) Hash5b49dd7ff9cbdfd373ab61e527ac451c b13853c9d6cec9dfe5652c00297bc426343a7969 b519954a71f8e37e310de9302f82d7cce5d6aa271f007c26e2f59d7d02f4a1d5
GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/pziyw/0x4AAAAAAADnPIDROrmt1Wwj/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 23:34:16 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
document-policy: js-profiling
vary: accept-encoding
server: cloudflare
cf-ray: 8791a9cfdc40b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8791a9cfdc40b51b/1713915256722/5YuiLBlt1dxLkPw | 104.17.3.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8791a9cfdc40b51b/1713915256722/5YuiLBlt1dxLkPw IP104.17.3.184:0
CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typePNG image data, 81 x 52, 8-bit/color RGB, non-interlaced Hashe6a46a08faab002e60f03b78afe09520 51036b8c441eedb9c649809b9dd041ea7a05a3e5 e14ce216186546ae677a2b749642b76ea3aef50a99244b6b2763e4f2bba3235f
GET /cdn-cgi/challenge-platform/h/b/i/8791a9cfdc40b51b/1713915256722/5YuiLBlt1dxLkPw HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/pziyw/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 23:34:17 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 8791a9d4df0db51b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/8791a9cfdc40b51b/1713915256727/522492a46417342728788760163a50c60e2cb22772f9348b1edbeff8e4d9fee8/wgpT1MAjzGk2XUw | 104.17.3.184 | | 1 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/8791a9cfdc40b51b/1713915256727/522492a46417342728788760163a50c60e2cb22772f9348b1edbeff8e4d9fee8/wgpT1MAjzGk2XUw IP104.17.3.184:0
CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typevery short file (no magic) Hashff44570aca8241914870afbc310cdb85 58668e7669fd564d99db5d581fcdb6a5618440b5 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
GET /cdn-cgi/challenge-platform/h/b/pat/8791a9cfdc40b51b/1713915256727/522492a46417342728788760163a50c60e2cb22772f9348b1edbeff8e4d9fee8/wgpT1MAjzGk2XUw HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/pziyw/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 401 Unauthorized
date: Tue, 23 Apr 2024 23:34:17 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gUiSSpGQXNCcoeIdgFjpQxg4ssidy-TSLHtvv-OTZ_ugAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEApc5PUXcXSrXwpeNe3kT6EaAJPDsPBMfFZc7M608yW3JV6YSHiGBLoFiLtNHD3Yj8UsOtWbQeFa2uvS_dYz5MBsoSW4-RbOY-WCB2aGEB-eoRbXl4lJRl0UNGi00lNBgNTil_mTTSNV3ssSkmSY8kwM-5GqBNfJ2kmJPKo02MWiXn1pwc4YXbeATUrYDRvvXUXYZrgaarjDyvHFhnYpD3mqr5qOj_TS_1SCUZ0HIp8ywDX06Xc59cKjzFHEUzD3gWutoK4apMxNt9bWWxcH3D_UL1a1llCxh-knMwTxgvRXS-XHap_ymO2zCuAPNgo1SDCTl4lTQZbVX7VvpDZwMaiQIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIFIkkqRkFzQnKHiHYBY6UMYOLLIncvk0ix7b7_jk2f7oABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA1FEYykHcK8H9rb_u0aFz3CmWgYloQw4YhedoEOAjJ0vy2Axa4f9UG9Dzs4uXS34_h8l6MDo2nRCvLI9lvebilMnTjCn-6D77bewqYxJKUFZW1z2jBIdu03TrETczfEg7kxgKtJE9NXGDjYJcF_iMgzgNA0PEAVM89tUYXXlFy4cUAGlqU2mPpIEOxm5ARsXC-zlLK60fkJ4cOsZRkZa6EExdhmgdwQ0fEJuSOHrBO_-zJn4hUP8q9g4yqkxW2UrfJgD07F4HaHGBEiei06sGDvH2NEPvswEl5dTGxutNrxlU7W24iYhNa2nhjlc53nNb0mKtszv-czVE9UhXyJ7-RQIDAQAB", max-age=20
server: cloudflare
cf-ray: 8791a9d9b965b51b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| investmentadvisorsdocucloudstreams.com/cdn-cgi/challenge-platform/h/b/flow/ov1/773693763:1713913899:A7-dHc3rA6nHeWFdlvkbIU1fyFz_0VZE3Hl0RCN6bqA/8791a9cd0e5e0afa/887763a48d5a3f4 | 104.21.22.150 | | 27 kB |
URL investmentadvisorsdocucloudstreams.com/cdn-cgi/challenge-platform/h/b/flow/ov1/773693763:1713913899:A7-dHc3rA6nHeWFdlvkbIU1fyFz_0VZE3Hl0RCN6bqA/8791a9cd0e5e0afa/887763a48d5a3f4 IP104.21.22.150:0
File typeASCII text, with very long lines (15944), with no line terminators Hash12d708f54474f51207aead8fa5d9b42f 6022b23b1ca9366d560d3aa958c2bdc227d68424 bda7f6562cff96491ef3d65d4ae159e16840b8c3b7bdefa29381096f443168ad
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/773693763:1713913899:A7-dHc3rA6nHeWFdlvkbIU1fyFz_0VZE3Hl0RCN6bqA/8791a9cd0e5e0afa/887763a48d5a3f4 HTTP/1.1
Host: investmentadvisorsdocucloudstreams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investmentadvisorsdocucloudstreams.com/Mdavid.hodgson@asaleocare.com
Content-type: application/x-www-form-urlencoded
CF-Challenge: 887763a48d5a3f4
Content-Length: 1818
Origin: https://investmentadvisorsdocucloudstreams.com
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_m=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 23:34:16 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: yI/3qzNArUg0nNaAulNivwmH60H9R8mNjJeI/rNG1JB+ZJVcWLeQxm0qk7xEGXQZ$9UzZ7r/Zxv5P9qAli20OMw==
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r%2BHbqG9qfAm1m0aQkCJEp0T6%2Ba%2BpAiywV1foiFvE1FSuS0xHpw170QGeQodqpTQJ%2FM%2FrXHOC61SW8ciaSLJMDBh0eqXoQqjoUoxqaZu3owKeWQvZjYh2b%2Big1WdymEPvBift2Fd1Nax7kcyIBMnzaSMnEVnO%2BOQLfA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8791a9cf1f610afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/496124961:1713913959:K0wTC2SdqDqwcTS0p9ECnBGRdL1YH4jF4x8ET5JaL24/8791a9cfdc40b51b/f455ec4b6db8088 | 104.17.3.184 | | 29 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/496124961:1713913959:K0wTC2SdqDqwcTS0p9ECnBGRdL1YH4jF4x8ET5JaL24/8791a9cfdc40b51b/f455ec4b6db8088 IP104.17.3.184:0
CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (22536), with no line terminators Hash38095d891871bb89c5bdff0c06141c0e a70c0039fce9a333ddae25c6af82626935819f71 a0b85e728c0d782c4c2481efaa101afc4e164c3a7fa36b22f6ca07675c3b0b2f
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/496124961:1713913959:K0wTC2SdqDqwcTS0p9ECnBGRdL1YH4jF4x8ET5JaL24/8791a9cfdc40b51b/f455ec4b6db8088 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/pziyw/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: f455ec4b6db8088
Content-Length: 26184
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 23:34:18 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: j07sWKJo9JoE2p8+0/skuYe+zWOdbeFnm5XRjKFMDNWEh1FN4s3aXwtqj4vflpwZ$/G5touQK38M4B95Pt5dRhA==
vary: accept-encoding
server: cloudflare
cf-ray: 8791a9da99b5b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| investmentadvisorsdocucloudstreams.com/favicon.ico | 104.21.22.150 | 404 Not Found | 493 B |
URL GET HTTP/3investmentadvisorsdocucloudstreams.com/favicon.ico IP104.21.22.150:443
Requested byhttps://investmentadvisorsdocucloudstreams.com/Mdavid.hodgson@asaleocare.com CertificateIssuerGoogle Trust Services LLC Subjectinvestmentadvisorsdocucloudstreams.com FingerprintB4:AA:C0:89:DA:6D:35:E7:21:97:A4:1A:02:AD:44:1D:66:51:D0:CF ValidityThu, 18 Apr 2024 22:53:40 GMT - Wed, 17 Jul 2024 22:53:39 GMT
File typeHTML document, ASCII text Hasha34ac19f4afae63adc5d2f7bc970c07f a82190fc530c265aa40a045c21770d967f4767b8 d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
GET /favicon.ico HTTP/1.1
Host: investmentadvisorsdocucloudstreams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investmentadvisorsdocucloudstreams.com/Mdavid.hodgson@asaleocare.com?__cf_chl_rt_tk=yWyUmnPTc5szvgkko0uR2.hNh9UFRhVc2oHu1hsdjbY-1713915248-0.0.1.1-1578
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Tue, 23 Apr 2024 23:34:08 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T7wQS60q%2FcURPRaB1AMTzHEMTSnhaw0Lg2bYUOg1j19k4VlmIiuRVIcc1st00BkHJ0Xc4guErQc8%2BLJej0x84WhNPwfv9nfXMz%2FXvHSuKnGY1zZe4vPeax0378IDB50i5lqlzrRRYtyDatgRP7R8DlRha0p4mzBZew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8791a99fdf470afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| investmentadvisorsdocucloudstreams.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1850895988:1713913841:Hrnsfmla-YUwcc71SS7ati0qpfs8udYvw7SMLhE-FL8/8791a99e49020b61/2055b20458363ab | 104.21.22.150 | | 184 kB |
URL investmentadvisorsdocucloudstreams.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1850895988:1713913841:Hrnsfmla-YUwcc71SS7ati0qpfs8udYvw7SMLhE-FL8/8791a99e49020b61/2055b20458363ab IP104.21.22.150:0
File typeASCII text, with very long lines (2332), with no line terminators Size184 kB (184284 bytes) Hash26cda4554708bf48fb77ae12bed5d6d4 c458d01dd67d7166e26767cb00fe5c3c8f635821 5ea6c7fedab404f61685b97127d6e2b9c32cb838971be5483ef68bf432f24dcc
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1850895988:1713913841:Hrnsfmla-YUwcc71SS7ati0qpfs8udYvw7SMLhE-FL8/8791a99e49020b61/2055b20458363ab HTTP/1.1
Host: investmentadvisorsdocucloudstreams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investmentadvisorsdocucloudstreams.com/Mdavid.hodgson@asaleocare.com
Content-type: application/x-www-form-urlencoded
CF-Challenge: 2055b20458363ab
Content-Length: 2492
Origin: https://investmentadvisorsdocucloudstreams.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 23:34:13 GMT
content-type: text/html; charset=UTF-8
cf-chl-out: CpPxVLqh3vwbp76O9GRiMUYOyCI4t8M+qZKtWiK4YoPljQHnFYKvIiqfWCQ37TYnVtmVKS6U4t7x9dEg328JH4UaGacgQsbJ2SuQyFPzBww=$DenMz/2uzV7gVf/NR89Z8g==
cf-chl-out-s: Rk2WyTd0QqABJBDtk5SAKhVGwKeYeM5SDA65z5TynXCqjjudurifRojrsdCM8/TWClpeq90v68nwpleOhTvm0G8o+C/kTlCCzeTF7e5UPag=$xPMUkoMoUQjM6Bu4Qo5R7Q==
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9%2FYS7rdKq6ZlFOAuCs2WZkcVkVWfw3f1tkdJTt1nrGO1fwgGPSRO5nAX5cTXvqTSHiwwLtOFvfVgtcX8w3tQ3KqnPEpXE01cn173tdDWSCYxxebQyH5OdXVZq8z2iWtTrK1fbAp1uHRrt88e1k6RFlcsH4U7DTJG4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8791a9c05ac00afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8791aa09bdabb51b/1713915266015/lzwT6VibvCwcj2u | 104.17.3.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8791aa09bdabb51b/1713915266015/lzwT6VibvCwcj2u IP104.17.3.184:0
CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typePNG image data, 58 x 85, 8-bit/color RGB, non-interlaced Hash4c96e9bb33dcbf002f16f623df5b09d5 0c2e02b82233954bad9695430aa0f02deb31314f e054fdaee45042743f08915749921d51b153dae682a1aeddd6128166a252f5a0
GET /cdn-cgi/challenge-platform/h/b/i/8791aa09bdabb51b/1713915266015/lzwT6VibvCwcj2u HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/x0n9y/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 23:34:27 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 8791aa1359a3b51b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/x0n9y/0x4AAAAAAADnPIDROrmt1Wwj/light/normal | 104.17.3.184 | 200 OK | 80 kB |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/x0n9y/0x4AAAAAAADnPIDROrmt1Wwj/light/normal IP104.17.3.184:443
Requested byhttps://investmentadvisorsdocucloudstreams.com/Mdavid.hodgson@asaleocare.com CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (41702) Hashf3d0a8c86dad59079f605e47a6c9c212 38bab6dd0db4a3045500ebaafe0b06ef5bea9e2e 93046d454310b07c9278daf0e49d6cb75fb5ace8700b56f2788bcae362cc36a6
GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/x0n9y/0x4AAAAAAADnPIDROrmt1Wwj/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 23:34:25 GMT
content-type: text/html; charset=UTF-8
document-policy: js-profiling
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
referrer-policy: same-origin
cross-origin-opener-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-resource-policy: cross-origin
origin-agent-cluster: ?1
vary: accept-encoding
server: cloudflare
cf-ray: 8791aa09bdabb51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/683624897:1713914093:PpHMkb5YaX7f1QtpR1HQNRZ6gFc0aUFBLliSumHyV3o/8791aa09bdabb51b/12c306c767663e1 | 104.17.3.184 | 200 OK | 120 kB |
URL POST HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/683624897:1713914093:PpHMkb5YaX7f1QtpR1HQNRZ6gFc0aUFBLliSumHyV3o/8791aa09bdabb51b/12c306c767663e1 IP104.17.3.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/x0n9y/0x4AAAAAAADnPIDROrmt1Wwj/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size120 kB (119644 bytes) Hashdbd7ff0017913488f01e50f50d7f9bc0 4a4ca1649b4a544e186c5983c51001f5f0ebc176 f2ca11fcf72bdf12a5502faf3cfff2c815386af5fb55e860a76e868f00769bde
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/683624897:1713914093:PpHMkb5YaX7f1QtpR1HQNRZ6gFc0aUFBLliSumHyV3o/8791aa09bdabb51b/12c306c767663e1 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/x0n9y/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 12c306c767663e1
Content-Length: 3444
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 23:34:26 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: PNDoEZP3dV5YIDioxBJAAZr0HCUFBLIbsIWFGoLkXgSOEsgb0ZiUHIJ/ekVBnSe+wMFo9Q/b7YEnkozU3Ocg/HUFshhec9zDhECICSHSEI3rV20wvmx56y2y50sMzV4c1gE5GKmaP4FVjYK7seLtsHv6cI/ggXMTyYZMl8aQ8PPxj4nBDR4NCLwyfOD12T/ONZRagMbUqprclD1Gftm6qZDBQ8l8V7KpjDkf9czNi3ZNES0KaaMHGg4a3La3brHCnAXjK0KbZ+k/ncin+BFw4s99zQE4jbh/c64cOt61u4f521UMkPktl1lWVZ/lC9cyeBEty+kvc4kj8XOEAJpCqliLB8pXfK2Fo18Gnbzp8bSTuDVUCOAf1p6Zeiw2sDTvFL5J19IFg6b0L0IZWrCLgyiiZ+TTWGe4U0d0YpBYgnpAxzj1DbKvOSuUEoX/it8u$htKczi5O6PwJIrB/ilJKqA==
vary: accept-encoding
server: cloudflare
cf-ray: 8791aa0c7ed9b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| investmentadvisorsdocucloudstreams.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8791aa0718f60afa | 104.21.22.150 | 200 OK | 391 kB |
URL GET HTTP/3investmentadvisorsdocucloudstreams.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8791aa0718f60afa IP104.21.22.150:443
Requested byhttps://investmentadvisorsdocucloudstreams.com/Mdavid.hodgson@asaleocare.com CertificateIssuerGoogle Trust Services LLC Subjectinvestmentadvisorsdocucloudstreams.com FingerprintB4:AA:C0:89:DA:6D:35:E7:21:97:A4:1A:02:AD:44:1D:66:51:D0:CF ValidityThu, 18 Apr 2024 22:53:40 GMT - Wed, 17 Jul 2024 22:53:39 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size391 kB (390884 bytes) Hash91a77296b399f2dac387ec76fc414500 4e2e1ef29f29081d6f2c59f437153e435d11a329 2ec8b21678422702a824f9b476801cbdac52b2cfd55d0a23b3b2c05090e379c2
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8791aa0718f60afa HTTP/1.1
Host: investmentadvisorsdocucloudstreams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investmentadvisorsdocucloudstreams.com/Mdavid.hodgson@asaleocare.com?__cf_chl_rt_tk=enPkuZ6CP9.rPeZ2leut61hJTmvqTo0KP8oe86hmtNk-1713915265-0.0.1.1-1578
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_m=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 23:34:25 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kBpOSzr3HgkxzseRMotUpAo4hHdSl6z8l4BYTyKyjbeqg%2Ft%2BvycGKEKh445ltyDtR0ka2P0ziEYbICRsrjVp9KVgYzTKAAV29F96ZH5EuIEoViz8LSH%2BWW%2F8SSb4a52xsUiIBDWxPbVtTxSj3oWmI4E5%2FX7TDHgHAg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8791aa0759050afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| investmentadvisorsdocucloudstreams.com/cdn-cgi/challenge-platform/h/b/flow/ov1/890323978:1713913871:JYtCBA93sGZ_h_NokqB-m2jaXjIUga-3cVujfu7GC-Q/8791aa0718f60afa/d9e71b914abc144 | 104.21.22.150 | 200 OK | 16 kB |
URL POST HTTP/3investmentadvisorsdocucloudstreams.com/cdn-cgi/challenge-platform/h/b/flow/ov1/890323978:1713913871:JYtCBA93sGZ_h_NokqB-m2jaXjIUga-3cVujfu7GC-Q/8791aa0718f60afa/d9e71b914abc144 IP104.21.22.150:443
Requested byhttps://investmentadvisorsdocucloudstreams.com/Mdavid.hodgson@asaleocare.com CertificateIssuerGoogle Trust Services LLC Subjectinvestmentadvisorsdocucloudstreams.com FingerprintB4:AA:C0:89:DA:6D:35:E7:21:97:A4:1A:02:AD:44:1D:66:51:D0:CF ValidityThu, 18 Apr 2024 22:53:40 GMT - Wed, 17 Jul 2024 22:53:39 GMT
File typeASCII text, with very long lines (15936), with no line terminators Hash7e8b95384c501253742b3569d73e5d3c ee53354da16bfab7713a3e45eab9b04b38d97de9 edf6284fc9ab310dcb426be3ad951caf39afcfc9b2e5066db35f09271b77aedd
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/890323978:1713913871:JYtCBA93sGZ_h_NokqB-m2jaXjIUga-3cVujfu7GC-Q/8791aa0718f60afa/d9e71b914abc144 HTTP/1.1
Host: investmentadvisorsdocucloudstreams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investmentadvisorsdocucloudstreams.com/Mdavid.hodgson@asaleocare.com
Content-type: application/x-www-form-urlencoded
CF-Challenge: d9e71b914abc144
Content-Length: 1827
Origin: https://investmentadvisorsdocucloudstreams.com
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_m=2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 23:34:25 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: vhVFnRIFnAGJIEktSpBYZ5u/7AEAfG2To42kO5qllyETu2KyF9rOqsDodA6h19aW$q2AR58ozXtU4Ldu3/R1npQ==
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XqWrf0j0Ay4BQzKmmOXWS37ISz3v9GQefz72oActlvO5qyRhgLXKvE4msv30H9p0j4D1JGj1m0u4KZr2wPD%2BANjzPOlzg64KbXvJWBqtKPi%2Fl534U4Nnpg9HqrjWVYlhvlxTpsIkZALu5dBF2vPYUYRHv8rs9jw4Ng%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8791aa08e9900afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8791aa09bdabb51b | 104.17.3.184 | 200 OK | 437 kB |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8791aa09bdabb51b IP104.17.3.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/x0n9y/0x4AAAAAAADnPIDROrmt1Wwj/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size437 kB (437158 bytes) Hashe25f08a9434b4d7564ec4368c6c4cfb5 f2163c3a34c143430e9969da1f41c04ad17f8860 a3993d3fc43dfd4a80ae16939ae111b95a157075fd87e6c22b04f423ed0fc7a4
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8791aa09bdabb51b HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/x0n9y/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 23:34:25 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
server: cloudflare
cf-ray: 8791aa0a7df0b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/683624897:1713914093:PpHMkb5YaX7f1QtpR1HQNRZ6gFc0aUFBLliSumHyV3o/8791aa09bdabb51b/12c306c767663e1 | 104.17.3.184 | 200 OK | 23 kB |
URL POST HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/683624897:1713914093:PpHMkb5YaX7f1QtpR1HQNRZ6gFc0aUFBLliSumHyV3o/8791aa09bdabb51b/12c306c767663e1 IP104.17.3.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/x0n9y/0x4AAAAAAADnPIDROrmt1Wwj/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (22568), with no line terminators Hash6e77610f8ed62a8962d5501346569d7a f68be3b63d44134070faedd6955f7e188e622b48 4252f738def2ef2a06ee5c0b698a6d678d5b8b17aae089411fc86b8d42f440bf
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/683624897:1713914093:PpHMkb5YaX7f1QtpR1HQNRZ6gFc0aUFBLliSumHyV3o/8791aa09bdabb51b/12c306c767663e1 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/x0n9y/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 12c306c767663e1
Content-Length: 26682
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 23:34:27 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: KCydSAPbwSgY6VpAeEOq1/9Jtzfos+Qj4DqPZLy+9+k7pENmOBQAexG55vBwVB36$0FkLBAPH1vGQRIUvbuV5DQ==
vary: accept-encoding
server: cloudflare
cf-ray: 8791aa14aa44b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
0.0.0.0