| clickserve.dartsearch.net/link/click?&ds_a_cid=78645631&ds_a_caid=16864403479&ds_a_agid=136213635060&ds_a_fiid=&ds_a_lid=kwd-337954311970&&ds_e_adid=592415145315&ds_e_matchtype=search&ds_e_device=c&ds_e_network=g&&ds_url_v=2&dc_eps=AHas8cAWcSu2CE2UYpbAoywAbKsEzKsO3mL4IRHbDY7Tz6XLPlOxJw498iUtYEqldt3XQQ07ptEfeYomK1W7&acs_info=ZmluYWxfdXJsOiAiaHR0cHM6Ly93d3cuc2VjdW1kLm9yZy9wZXJzb25hbC9iYW5raW5nL3RvdGFsLWNoZWNraW5nLXJld2FyZHMvIgo&ds_dest_url=https://shoppybu.com/.tmp/jtnrml/qzi/___EZ6Y___/YnJhZC5oYW5uYUBtY21pbGxhbi5jYQ== | 216.58.207.238 | | 565 B |
URL clickserve.dartsearch.net/link/click?&ds_a_cid=78645631&ds_a_caid=16864403479&ds_a_agid=136213635060&ds_a_fiid=&ds_a_lid=kwd-337954311970&&ds_e_adid=592415145315&ds_e_matchtype=search&ds_e_device=c&ds_e_network=g&&ds_url_v=2&dc_eps=AHas8cAWcSu2CE2UYpbAoywAbKsEzKsO3mL4IRHbDY7Tz6XLPlOxJw498iUtYEqldt3XQQ07ptEfeYomK1W7&acs_info=ZmluYWxfdXJsOiAiaHR0cHM6Ly93d3cuc2VjdW1kLm9yZy9wZXJzb25hbC9iYW5raW5nL3RvdGFsLWNoZWNraW5nLXJld2FyZHMvIgo&ds_dest_url=https://shoppybu.com/.tmp/jtnrml/qzi/___EZ6Y___/YnJhZC5oYW5uYUBtY21pbGxhbi5jYQ== IP216.58.207.238:0
File typeHTML document, ASCII text, with very long lines (636) Hash09d5ade9253ef2791154f9d0ef4cbbad 868e297fd726ae60367f86a7933960a5293c1dce 975b2fc71b2455da6afbc912ba3807f2735a63e55961b47f56bd633d7862c71c
GET /link/click?&ds_a_cid=78645631&ds_a_caid=16864403479&ds_a_agid=136213635060&ds_a_fiid=&ds_a_lid=kwd-337954311970&&ds_e_adid=592415145315&ds_e_matchtype=search&ds_e_device=c&ds_e_network=g&&ds_url_v=2&dc_eps=AHas8cAWcSu2CE2UYpbAoywAbKsEzKsO3mL4IRHbDY7Tz6XLPlOxJw498iUtYEqldt3XQQ07ptEfeYomK1W7&acs_info=ZmluYWxfdXJsOiAiaHR0cHM6Ly93d3cuc2VjdW1kLm9yZy9wZXJzb25hbC9iYW5raW5nL3RvdGFsLWNoZWNraW5nLXJld2FyZHMvIgo&ds_dest_url=https://shoppybu.com/.tmp/jtnrml/qzi/___EZ6Y___/YnJhZC5oYW5uYUBtY21pbGxhbi5jYQ== HTTP/1.1
Host: clickserve.dartsearch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
location: https://ad.doubleclick.net/searchads/link/click?&ds_a_cid=78645631&ds_a_caid=16864403479&ds_a_agid=136213635060&ds_a_fiid=&ds_a_lid=kwd-337954311970&&ds_e_adid=592415145315&ds_e_matchtype=search&ds_e_device=c&ds_e_network=g&&ds_url_v=2&dc_eps=AHas8cAWcSu2CE2UYpbAoywAbKsEzKsO3mL4IRHbDY7Tz6XLPlOxJw498iUtYEqldt3XQQ07ptEfeYomK1W7&acs_info=ZmluYWxfdXJsOiAiaHR0cHM6Ly93d3cuc2VjdW1kLm9yZy9wZXJzb25hbC9iYW5raW5nL3RvdGFsLWNoZWNraW5nLXJld2FyZHMvIgo&ds_dest_url=https://shoppybu.com/.tmp/jtnrml/qzi/___EZ6Y___/YnJhZC5oYW5uYUBtY21pbGxhbi5jYQ==
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Thu, 25 Apr 2024 15:27:42 GMT
expires: Thu, 25 Apr 2024 15:27:42 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 565
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ad.doubleclick.net/searchads/link/click?&ds_a_cid=78645631&ds_a_caid=16864403479&ds_a_agid=136213635060&ds_a_fiid=&ds_a_lid=kwd-337954311970&&ds_e_adid=592415145315&ds_e_matchtype=search&ds_e_device=c&ds_e_network=g&&ds_url_v=2&dc_eps=AHas8cAWcSu2CE2UYpbAoywAbKsEzKsO3mL4IRHbDY7Tz6XLPlOxJw498iUtYEqldt3XQQ07ptEfeYomK1W7&acs_info=ZmluYWxfdXJsOiAiaHR0cHM6Ly93d3cuc2VjdW1kLm9yZy9wZXJzb25hbC9iYW5raW5nL3RvdGFsLWNoZWNraW5nLXJld2FyZHMvIgo&ds_dest_url=https://shoppybu.com/.tmp/jtnrml/qzi/___EZ6Y___/YnJhZC5oYW5uYUBtY21pbGxhbi5jYQ== | 142.250.74.166 | | 0 B |
URL ad.doubleclick.net/searchads/link/click?&ds_a_cid=78645631&ds_a_caid=16864403479&ds_a_agid=136213635060&ds_a_fiid=&ds_a_lid=kwd-337954311970&&ds_e_adid=592415145315&ds_e_matchtype=search&ds_e_device=c&ds_e_network=g&&ds_url_v=2&dc_eps=AHas8cAWcSu2CE2UYpbAoywAbKsEzKsO3mL4IRHbDY7Tz6XLPlOxJw498iUtYEqldt3XQQ07ptEfeYomK1W7&acs_info=ZmluYWxfdXJsOiAiaHR0cHM6Ly93d3cuc2VjdW1kLm9yZy9wZXJzb25hbC9iYW5raW5nL3RvdGFsLWNoZWNraW5nLXJld2FyZHMvIgo&ds_dest_url=https://shoppybu.com/.tmp/jtnrml/qzi/___EZ6Y___/YnJhZC5oYW5uYUBtY21pbGxhbi5jYQ== IP142.250.74.166:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /searchads/link/click?&ds_a_cid=78645631&ds_a_caid=16864403479&ds_a_agid=136213635060&ds_a_fiid=&ds_a_lid=kwd-337954311970&&ds_e_adid=592415145315&ds_e_matchtype=search&ds_e_device=c&ds_e_network=g&&ds_url_v=2&dc_eps=AHas8cAWcSu2CE2UYpbAoywAbKsEzKsO3mL4IRHbDY7Tz6XLPlOxJw498iUtYEqldt3XQQ07ptEfeYomK1W7&acs_info=ZmluYWxfdXJsOiAiaHR0cHM6Ly93d3cuc2VjdW1kLm9yZy9wZXJzb25hbC9iYW5raW5nL3RvdGFsLWNoZWNraW5nLXJld2FyZHMvIgo&ds_dest_url=https://shoppybu.com/.tmp/jtnrml/qzi/___EZ6Y___/YnJhZC5oYW5uYUBtY21pbGxhbi5jYQ== HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://shoppybu.com/.tmp/jtnrml/qzi/___EZ6Y___/YnJhZC5oYW5uYUBtY21pbGxhbi5jYQ==
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 25 Apr 2024 15:27:42 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: IDE=AHWqTUkk2mxQ_x1ji5ysyiOfEWkIvv01RWBGUhbvnQ7ZE75RSgqmGdHm4ZOxrsOgpg4; expires=Sat, 25-Apr-2026 15:27:42 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
FLC=CPelNRCHpcI9GKn7-o8BKLH8xAIw7uypsQZwANq4BBoyGDoWChQoMJgX0ezzKpobBgjwspqxBqAbAQ; expires=Thu, 25-Apr-2024 15:27:52 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| shoppybu.com/.tmp/jtnrml/qzi/___EZ6Y___/YnJhZC5oYW5uYUBtY21pbGxhbi5jYQ== | 162.144.4.79 | | 0 B |
URL shoppybu.com/.tmp/jtnrml/qzi/___EZ6Y___/YnJhZC5oYW5uYUBtY21pbGxhbi5jYQ== IP162.144.4.79:0 ASN#46606 UNIFIEDLAYER-AS-1
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft Outlook |
GET /.tmp/jtnrml/qzi/___EZ6Y___/YnJhZC5oYW5uYUBtY21pbGxhbi5jYQ== HTTP/1.1
Host: shoppybu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 15:27:43 GMT
server: nginx/1.21.6
content-type: text/html; charset=UTF-8
content-length: 0
refresh: 0;url=https://nutarcom.us/Mbrad.hanna@mcmillan.ca
cache-control: max-age=7200
expires: Thu, 25 Apr 2024 17:27:43 GMT
vary: User-Agent
x-generated: t=1714058863023652
x-endurance-cache-level: 2
x-nginx-cache: WordPress
x-server-cache: false
X-Firefox-Spdy: h2
|
|
| nutarcom.us/Mbrad.hanna@mcmillan.ca | 188.114.97.1 | 403 Forbidden | 16 kB |
URL User Request GET HTTP/3nutarcom.us/Mbrad.hanna@mcmillan.ca IP188.114.97.1:443
CertificateIssuerLet's Encrypt Subjectnutarcom.us FingerprintB8:DF:C4:3D:D6:67:7A:4B:4E:4F:BF:9F:BC:54:1B:65:37:38:8C:F2 ValidityTue, 23 Apr 2024 22:24:07 GMT - Mon, 22 Jul 2024 22:24:06 GMT
File typeHTML document, ASCII text, with very long lines (16811), with no line terminators Hash10d5d1c98c249b9634000f1b43ca73ba ead31eea97ddb2aee2e8e950333780d2e533fed8 1e2e50376209f5ab1ab8f3c1aea231770e75050d9675f3fbe3c69dde3e71b2cf
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft Outlook |
GET /Mbrad.hanna@mcmillan.ca HTTP/1.1
Host: nutarcom.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Thu, 25 Apr 2024 15:27:43 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: XS9kOd27NevMq6jCam1U5p64FCvs52m7ToXef3cHiKPrs6lT+NP7v2rdACUHqiEkYfe94kr83+Q0sFnxRASrVo5Wg8FDStZ9MzHxvtyyswxwb6wdGVCP8af5wUzjgqa7Z7wTXZALOXz5zZ1mFwDlbg==$ftlr1noFJ2kUCgQcViYC8A==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hu9h9hMENvhUs%2BZVeeCsv%2BUgJk4xyCdfZ7TlugV5G7trO6E6FV8OiTb6XuTfIENSLk%2FNDhlBNE3LEtJAVKWpPDbZdLlTdAy6x862NPL5T6%2FD6Bmg2gBhKucRKg321w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879f5bd988dc56c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D | 104.17.3.184 | 200 OK | 61 B |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D IP104.17.3.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/pzifq/0x4AAAAAAADnPIDROrmt1Wwj/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hash9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ykf0h/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:27:44 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 879f5bdd2fe80b59-OSL
alt-svc: h3=":443"; ma=86400
|
|
| nutarcom.us/cdn-cgi/challenge-platform/h/b/flow/ov1/458709135:1714055059:A65yJLmGtfTNjT48fvKbNMIjrQfei3uaRsw52JUaSWg/879f5bd988dc56c9/0e8b6326d773747 | 188.114.97.1 | | 15 kB |
URL nutarcom.us/cdn-cgi/challenge-platform/h/b/flow/ov1/458709135:1714055059:A65yJLmGtfTNjT48fvKbNMIjrQfei3uaRsw52JUaSWg/879f5bd988dc56c9/0e8b6326d773747 IP188.114.97.1:0
CertificateIssuerLet's Encrypt Subjectnutarcom.us FingerprintB8:DF:C4:3D:D6:67:7A:4B:4E:4F:BF:9F:BC:54:1B:65:37:38:8C:F2 ValidityTue, 23 Apr 2024 22:24:07 GMT - Mon, 22 Jul 2024 22:24:06 GMT
File typeASCII text, with very long lines (15916), with no line terminators Hash67485c6a1c0f23551cbcebc469353f45 894fd8428531d513e7ad25175a9fb7e40adedff7 2e7760bb7c5d64132c26b04cb316366c546fe2ab392b8a698dcf6d036bf57d9e
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/458709135:1714055059:A65yJLmGtfTNjT48fvKbNMIjrQfei3uaRsw52JUaSWg/879f5bd988dc56c9/0e8b6326d773747 HTTP/1.1
Host: nutarcom.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nutarcom.us/Mbrad.hanna@mcmillan.ca
Content-type: application/x-www-form-urlencoded
CF-Challenge: 0e8b6326d773747
Content-Length: 1923
Origin: https://nutarcom.us
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:27:43 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: G0N5mC9KpS1JhBC1nSxLlPd2nIp9tGibkI54mxkWEe5P18J3UBTm0IVfzK/DVkm6$wgjwFTayep6EXSUK+ORltA==
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RRiPsKHjE6FJLTkFjJqpxfza%2F%2B7s8H1mXGfaUwzDDqzQUcs0dD%2BdDM%2BVGQkz0MoksKB8Utg8MmoepcHQrr3cKgAtkS%2Bqc6Hxmm0p%2BptwJNmnamFM6qIZHbF9rIY4ew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879f5bdbd99f569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/879f5bdc9f9c0b59/1714058864557/5149d9efe8a2c5454e7abf5db6d10957f4249d810d990ffef95ebca5a6786fb9/pPQ1sgybKVVsoi3 | 104.17.3.184 | | 1 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/879f5bdc9f9c0b59/1714058864557/5149d9efe8a2c5454e7abf5db6d10957f4249d810d990ffef95ebca5a6786fb9/pPQ1sgybKVVsoi3 IP104.17.3.184:0
CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typevery short file (no magic) Hashff44570aca8241914870afbc310cdb85 58668e7669fd564d99db5d581fcdb6a5618440b5 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
GET /cdn-cgi/challenge-platform/h/b/pat/879f5bdc9f9c0b59/1714058864557/5149d9efe8a2c5454e7abf5db6d10957f4249d810d990ffef95ebca5a6786fb9/pPQ1sgybKVVsoi3 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ykf0h/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 401 Unauthorized
date: Thu, 25 Apr 2024 15:27:45 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gUUnZ7-iixUVOer9dttEJV_QknYENmQ_--V68paZ4b7kAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEApc5PUXcXSrXwpeNe3kT6EaAJPDsPBMfFZc7M608yW3JV6YSHiGBLoFiLtNHD3Yj8UsOtWbQeFa2uvS_dYz5MBsoSW4-RbOY-WCB2aGEB-eoRbXl4lJRl0UNGi00lNBgNTil_mTTSNV3ssSkmSY8kwM-5GqBNfJ2kmJPKo02MWiXn1pwc4YXbeATUrYDRvvXUXYZrgaarjDyvHFhnYpD3mqr5qOj_TS_1SCUZ0HIp8ywDX06Xc59cKjzFHEUzD3gWutoK4apMxNt9bWWxcH3D_UL1a1llCxh-knMwTxgvRXS-XHap_ymO2zCuAPNgo1SDCTl4lTQZbVX7VvpDZwMaiQIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIFFJ2e_oosVFTnq_XbbRCVf0JJ2BDZkP_vlevKWmeG-5ABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA1FEYykHcK8H9rb_u0aFz3CmWgYloQw4YhedoEOAjJ0vy2Axa4f9UG9Dzs4uXS34_h8l6MDo2nRCvLI9lvebilMnTjCn-6D77bewqYxJKUFZW1z2jBIdu03TrETczfEg7kxgKtJE9NXGDjYJcF_iMgzgNA0PEAVM89tUYXXlFy4cUAGlqU2mPpIEOxm5ARsXC-zlLK60fkJ4cOsZRkZa6EExdhmgdwQ0fEJuSOHrBO_-zJn4hUP8q9g4yqkxW2UrfJgD07F4HaHGBEiei06sGDvH2NEPvswEl5dTGxutNrxlU7W24iYhNa2nhjlc53nNb0mKtszv-czVE9UhXyJ7-RQIDAQAB", max-age=20
server: cloudflare
cf-ray: 879f5be4fde10b59-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D | 104.17.3.184 | 200 OK | 61 B |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D IP104.17.3.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/pzifq/0x4AAAAAAADnPIDROrmt1Wwj/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hash9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/gpot0/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:27:52 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 879f5c0e8cac0b59-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/966977281:1714055076:x44xfvObIIVpaVEqKkEry54dPrXq0MzJJqsRyzCQRe0/879f5c0dec380b59/48e1f5687751a9a | 104.17.3.184 | | 97 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/966977281:1714055076:x44xfvObIIVpaVEqKkEry54dPrXq0MzJJqsRyzCQRe0/879f5c0dec380b59/48e1f5687751a9a IP104.17.3.184:0
CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hash880749cf4a803c7a0499d7a10e4ca707 627cdf79b0cb2e3d275a603b0013ec5c018a7e46 4275a0eb9c853e7859387880457ac3bfbc0948929cf2b59e7c68e0b2977b2e52
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/966977281:1714055076:x44xfvObIIVpaVEqKkEry54dPrXq0MzJJqsRyzCQRe0/879f5c0dec380b59/48e1f5687751a9a HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/gpot0/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 48e1f5687751a9a
Content-Length: 3381
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:27:52 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: YSyKYdYKyw0g+nNgfdDFTkg87P61+UJfXA5vbHnb4Zeh4Mut4/pTYoVtJx3wNQgiiTKOM2Ib4LumNWXN2RgyKwchNH25zSDfLLCD2YfioQxdl1TviQY/r1jv10YdtdKLCKtySXHbjOJUW/K2gN91rniRk3K3P7qyj75swLwTL1FJXAT42QIu9roQs2mIjUOtKd3pTtRR8yceFjMLXbmsFez+JQ3H+44mDDKyq+qIpe8F+w3UJCgDw4igCnvvrM+wKKNcEJTjlQKOX7GnII+hiCyOUioVX3CydCBNaCoWcqRlS/WnR6kWQ1XI+NF7cQz3ayW226qk5XlPG3av82P4ix9dsURxK0bHYwTYZ9Zx5vADbI3EJmvFRwQ4bHBheZxl$cGuTU6/xkSOsnncXzO2JmA==
vary: accept-encoding
server: cloudflare
cf-ray: 879f5c106db80b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ykf0h/0x4AAAAAAADnPIDROrmt1Wwj/light/normal | 104.17.3.184 | | 49 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ykf0h/0x4AAAAAAADnPIDROrmt1Wwj/light/normal IP104.17.3.184:0
CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (41702) Hash2e4153098fea01387768868e930ad768 1ea686e3abc7e13d781384657b6d72f4a91a79e4 94d30c840355256e285439fc51c29bcffce3b0d992e49864f74c5f2405520905
GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ykf0h/0x4AAAAAAADnPIDROrmt1Wwj/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:27:44 GMT
content-type: text/html; charset=UTF-8
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster: ?1
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
document-policy: js-profiling
referrer-policy: same-origin
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
vary: accept-encoding
server: cloudflare
cf-ray: 879f5bdc9f9c0b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| nutarcom.us/favicon.ico | 188.114.97.1 | 403 Forbidden | 13 kB |
IP188.114.97.1:443
Requested byhttps://nutarcom.us/Mbrad.hanna@mcmillan.ca CertificateIssuerLet's Encrypt Subjectnutarcom.us FingerprintB8:DF:C4:3D:D6:67:7A:4B:4E:4F:BF:9F:BC:54:1B:65:37:38:8C:F2 ValidityTue, 23 Apr 2024 22:24:07 GMT - Mon, 22 Jul 2024 22:24:06 GMT
File typeHTML document, ASCII text, with very long lines (15758), with no line terminators Hash230be44061ba4be18fceeb77edaacc0b 2f8dafa019c16a0eb08bd11aafcdb59ddfcd9116 b9c6c4e3ac75f20ef7ac85a85adca05417bdce24c19b857cd52eaf1d85b898c3
GET /favicon.ico HTTP/1.1
Host: nutarcom.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nutarcom.us/Mbrad.hanna@mcmillan.ca
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_m=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
date: Thu, 25 Apr 2024 15:27:51 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: XA6XaDzs1vGQABV3IPzhEay8OP1E2N9y3KrbFVQCM49WFmGNt/X0oeLeMT1/UV7x8n/olgDBBzTBO5BX268uOao0QmO1CRjs6PN6JJUe3cWoGFONzD8fqR2CFA9WKBIq2MKYNDwlWxaQkCJ1op+bWQ==$OIKhd+a/B/zW+X9nx/SV3A==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FXnEQowEQpljNvpo9n8lmALIj9ecBGXwUhNMb%2FV8JegAIBP5yiLz5xRm6a4BQ2cu9noeDaakBk9EJUrPogQDkShlbR3JADUIBfLwIfv5lyxg01I2VwnoJ43l8k2IYg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879f5c0c4d49569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/879f5c0dec380b59/1714058872400/9GTovMPGS6BQb8X | 104.17.3.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/879f5c0dec380b59/1714058872400/9GTovMPGS6BQb8X IP104.17.3.184:0
CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typePNG image data, 97 x 68, 8-bit/color RGB, non-interlaced Hash03ae6ca572b540246f4fcf31908d03c8 c74e909b08092a7ff8f4ceb8277d9aa1acc93cac d687de76bf4034f3773bf8580e7d31dbcfd8fab109ea93969f7cd65728a58d98
GET /cdn-cgi/challenge-platform/h/b/i/879f5c0dec380b59/1714058872400/9GTovMPGS6BQb8X HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/gpot0/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:27:53 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 879f5c17ba690b59-OSL
alt-svc: h3=":443"; ma=86400
|
|
| nutarcom.us/cdn-cgi/challenge-platform/h/b/flow/ov1/1677134461:1714055132:8MMgcJ6YtxVp7H2YEzbmX7n3DyzWedlRoXK9LDNrMnU/879f5c0afc04569f/d6fea734207b0e9 | 188.114.97.1 | | 18 kB |
URL nutarcom.us/cdn-cgi/challenge-platform/h/b/flow/ov1/1677134461:1714055132:8MMgcJ6YtxVp7H2YEzbmX7n3DyzWedlRoXK9LDNrMnU/879f5c0afc04569f/d6fea734207b0e9 IP188.114.97.1:0
CertificateIssuerLet's Encrypt Subjectnutarcom.us FingerprintB8:DF:C4:3D:D6:67:7A:4B:4E:4F:BF:9F:BC:54:1B:65:37:38:8C:F2 ValidityTue, 23 Apr 2024 22:24:07 GMT - Mon, 22 Jul 2024 22:24:06 GMT
File typeASCII text, with very long lines (15948), with no line terminators Hashaba57c2d67968282be73c441f1702ed7 98e4e058a66402766ab486798a18ab8962d619a7 9e37af897cf58e503990eaff7a15d3dce89d935bc7b9c79cf1e1e1391ae86123
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1677134461:1714055132:8MMgcJ6YtxVp7H2YEzbmX7n3DyzWedlRoXK9LDNrMnU/879f5c0afc04569f/d6fea734207b0e9 HTTP/1.1
Host: nutarcom.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nutarcom.us/Mbrad.hanna@mcmillan.ca
Content-type: application/x-www-form-urlencoded
CF-Challenge: d6fea734207b0e9
Content-Length: 1908
Origin: https://nutarcom.us
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_m=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:27:51 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: K5VqzGOw0CE9ooRkj17Hu9fm8F2vllRVXFBX2fadOOCq5X6Hl2gjix7bEtHQupn8$bnVMXen1Jmh4UidL1EkVYw==
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5y7kAU0cP5DZ2NPw%2Fyy8Uwfw0sZnTo6QHgxuIYYUDybjRT9eZZn6wv8jyPMt6HWeFenzbk6Gt099BV4fFcPBglBiWiJiG4W7vg7jpRxSnPtrCR18MszXpT2hUNqfZA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879f5c0d1df4569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| nutarcom.us/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=879f5c478cff569f | 188.114.97.1 | 200 OK | 168 kB |
URL GET HTTP/3nutarcom.us/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=879f5c478cff569f IP188.114.97.1:443
Requested byhttps://nutarcom.us/Mbrad.hanna@mcmillan.ca CertificateIssuerLet's Encrypt Subjectnutarcom.us FingerprintB8:DF:C4:3D:D6:67:7A:4B:4E:4F:BF:9F:BC:54:1B:65:37:38:8C:F2 ValidityTue, 23 Apr 2024 22:24:07 GMT - Mon, 22 Jul 2024 22:24:06 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size168 kB (167634 bytes) Hashca8246b2245326a0f04ce3d0b6fdd9a6 b91027051a347bc6927f1654f326e24e0dad5010 7612e0ba693b75ffda1b2d5c1d921347b29c23e562d14b16b61f391afc29ad89
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=879f5c478cff569f HTTP/1.1
Host: nutarcom.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nutarcom.us/Mbrad.hanna@mcmillan.ca?__cf_chl_rt_tk=lr4wZnvgRuDYcMWtoS_JYdWwZ8GOVSlS71aR2VVSeVo-1714058881-0.0.1.1-1621
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_m=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:28:01 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kuu6Ud0WEdPEQoIm4Lb%2BXKrFV2HdB9RwhOE2VuqzhBYA8ksdL%2BDWtQwXr7KA8kpHf%2FOraJCGP91VYY8MB8QOcGEOk%2BBluT1Z2PIV3%2F3%2BQhsrNrdJdOi8rxlo6p9Duw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879f5c47dd6d569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=879f5bdc9f9c0b59 | 104.17.3.184 | | 301 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=879f5bdc9f9c0b59 IP104.17.3.184:0
CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size301 kB (301343 bytes) Hash44aaf12eec07d0eda494a35bb6406439 ea2deb24dc343452e7b3c40c9a3a5c3127cd36f1 8ff314940683d504be3fd6e819ace4f8e1f2a240e9d9091187d45e8ec95f82b0
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=879f5bdc9f9c0b59 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ykf0h/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:27:44 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
server: cloudflare
cf-ray: 879f5bdd3fe90b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| nutarcom.us/cdn-cgi/challenge-platform/h/b/flow/ov1/1677134461:1714055132:8MMgcJ6YtxVp7H2YEzbmX7n3DyzWedlRoXK9LDNrMnU/879f5c0afc04569f/d6fea734207b0e9 | 188.114.97.1 | | 2.2 kB |
URL nutarcom.us/cdn-cgi/challenge-platform/h/b/flow/ov1/1677134461:1714055132:8MMgcJ6YtxVp7H2YEzbmX7n3DyzWedlRoXK9LDNrMnU/879f5c0afc04569f/d6fea734207b0e9 IP188.114.97.1:0
CertificateIssuerLet's Encrypt Subjectnutarcom.us FingerprintB8:DF:C4:3D:D6:67:7A:4B:4E:4F:BF:9F:BC:54:1B:65:37:38:8C:F2 ValidityTue, 23 Apr 2024 22:24:07 GMT - Mon, 22 Jul 2024 22:24:06 GMT
File typeASCII text, with very long lines (2332), with no line terminators Hash33b2724fdc989677ab6b0e81fff99b8a 1864a5b4d48fe79731fa81e276988913b0bda47d b581b5167cd91ada7bfd8d5136c3a2c3e8ba34019fd065101b387ecceccb1f00
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1677134461:1714055132:8MMgcJ6YtxVp7H2YEzbmX7n3DyzWedlRoXK9LDNrMnU/879f5c0afc04569f/d6fea734207b0e9 HTTP/1.1
Host: nutarcom.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nutarcom.us/Mbrad.hanna@mcmillan.ca
Content-type: application/x-www-form-urlencoded
CF-Challenge: d6fea734207b0e9
Content-Length: 2540
Origin: https://nutarcom.us
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_m=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:27:57 GMT
content-type: text/html; charset=UTF-8
cf-chl-out: 0QgdHtVf0cJWpgtBt3U7OBuFff3lQya/F8sBPTEN/Ry5iJt4L9p0NgBgAhKMamNIAkzOw0DthqHgFRnmFsr8I2bnKQ3IPi8DwsOqCkfBixE=$iyHGy8yQn+h3rdSyBACiCw==
cf-chl-out-s: NrQqbETQpKnbScSVE1mZpdfLBsXStCjm3zzR+1nOsCcoXmvvZ2s7HS6s5hgy46nJB4f+46MzG7apcnHbn9ezFjLMHscmi1NswddtDiEGxGI=$ihFyFH2Ub8E8vmZqgDS0bA==
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HguRZblgSphQpWOmeBS2YCwB0TAdZdvivV6tdPuRk%2B14XAWuOZUQIOX8tNzqULzm5bF%2FGNJVQx2EpAsrGO%2FpLdwkowwlEVCkZFnVett8VH45yNhPvbgIMYTyPM1WNA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879f5c2e2967569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1901469419:1714055218:6CnEoAlgg4mgYwNLJMZYP2UBEWR1tjHwrAdxiIbsM7I/879f5c4a780d0b59/132366b768ebc82 | 104.17.3.184 | 200 OK | 134 kB |
URL POST HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1901469419:1714055218:6CnEoAlgg4mgYwNLJMZYP2UBEWR1tjHwrAdxiIbsM7I/879f5c4a780d0b59/132366b768ebc82 IP104.17.3.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/pzifq/0x4AAAAAAADnPIDROrmt1Wwj/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size134 kB (134208 bytes) Hashb04f9b06e7d066a59a7b650bf2d60aa8 520ae83be53f06c7a4462ddaea88c6869626d405 8e729ae6410425ea412c1032dd9b7471dcbf6f224faec3525f2f5feeffc37db3
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1901469419:1714055218:6CnEoAlgg4mgYwNLJMZYP2UBEWR1tjHwrAdxiIbsM7I/879f5c4a780d0b59/132366b768ebc82 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/pzifq/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 132366b768ebc82
Content-Length: 3345
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:28:02 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: I4u0wosSe1GZKzJpYGAS7RS/6mEFr6jAFTNOHhSaFuU5otai46x21Sr4SIImP/av8Kic5vTcEou31I+/tBz5a97nDuddy4o4EWWx5tl9NC6lChbtGTPkuAKp8BgkiOhqOUbNCoMGm9fPDiy+QyJm5zv7rP7CLOklly2RxbP930IhRLW0bE6wUQOTrls4cSf5N3b+97CpXcLc9uMRKq+UDQIVJbnMjubNLb1glcPBYtQ8Gh88tMBNEof0vljPxAjl1esyP8wSHB/yqDRxv6EBmtY3dm0Ku6u06pIMaxMPzpSw7kZbJ/wFGPWpCSuXRa76DntgmnVpDmXujljpqPCDF8fEie4Ej/96yGXpTvXMxBS/GmU3vqD/BHKCJZbY9jogedo7dTaL43EuduwQL0YVRMT+ZiMKKhKouAVKJLkNqFzZZ2cwM9eqVp+yKbIwTIda$LA5KBPLZNtpadeGJyYLwOQ==
vary: accept-encoding
server: cloudflare
cf-ray: 879f5c4ce9b40b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/879f5c4a780d0b59/1714058882086/734a020aa6c19b9fe3d02484736aac9b95b7fe9c3b01dd7f027aabb7530fa97d/iDxguSQZkDt2CJH | 104.17.3.184 | 401 Unauthorized | 1 B |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/879f5c4a780d0b59/1714058882086/734a020aa6c19b9fe3d02484736aac9b95b7fe9c3b01dd7f027aabb7530fa97d/iDxguSQZkDt2CJH IP104.17.3.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/pzifq/0x4AAAAAAADnPIDROrmt1Wwj/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typevery short file (no magic) Hashff44570aca8241914870afbc310cdb85 58668e7669fd564d99db5d581fcdb6a5618440b5 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
GET /cdn-cgi/challenge-platform/h/b/pat/879f5c4a780d0b59/1714058882086/734a020aa6c19b9fe3d02484736aac9b95b7fe9c3b01dd7f027aabb7530fa97d/iDxguSQZkDt2CJH HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/pzifq/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 401 Unauthorized
date: Thu, 25 Apr 2024 15:28:03 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gc0oCCqbBm5_j0CSEc2qsm5W3_pw7Ad1_Anqrt1MPqX0AGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEApc5PUXcXSrXwpeNe3kT6EaAJPDsPBMfFZc7M608yW3JV6YSHiGBLoFiLtNHD3Yj8UsOtWbQeFa2uvS_dYz5MBsoSW4-RbOY-WCB2aGEB-eoRbXl4lJRl0UNGi00lNBgNTil_mTTSNV3ssSkmSY8kwM-5GqBNfJ2kmJPKo02MWiXn1pwc4YXbeATUrYDRvvXUXYZrgaarjDyvHFhnYpD3mqr5qOj_TS_1SCUZ0HIp8ywDX06Xc59cKjzFHEUzD3gWutoK4apMxNt9bWWxcH3D_UL1a1llCxh-knMwTxgvRXS-XHap_ymO2zCuAPNgo1SDCTl4lTQZbVX7VvpDZwMaiQIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIHNKAgqmwZuf49AkhHNqrJuVt_6cOwHdfwJ6q7dTD6l9ABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA1FEYykHcK8H9rb_u0aFz3CmWgYloQw4YhedoEOAjJ0vy2Axa4f9UG9Dzs4uXS34_h8l6MDo2nRCvLI9lvebilMnTjCn-6D77bewqYxJKUFZW1z2jBIdu03TrETczfEg7kxgKtJE9NXGDjYJcF_iMgzgNA0PEAVM89tUYXXlFy4cUAGlqU2mPpIEOxm5ARsXC-zlLK60fkJ4cOsZRkZa6EExdhmgdwQ0fEJuSOHrBO_-zJn4hUP8q9g4yqkxW2UrfJgD07F4HaHGBEiei06sGDvH2NEPvswEl5dTGxutNrxlU7W24iYhNa2nhjlc53nNb0mKtszv-czVE9UhXyJ7-RQIDAQAB", max-age=20
server: cloudflare
cf-ray: 879f5c56389a0b59-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1901469419:1714055218:6CnEoAlgg4mgYwNLJMZYP2UBEWR1tjHwrAdxiIbsM7I/879f5c4a780d0b59/132366b768ebc82 | 104.17.3.184 | 200 OK | 23 kB |
URL POST HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1901469419:1714055218:6CnEoAlgg4mgYwNLJMZYP2UBEWR1tjHwrAdxiIbsM7I/879f5c4a780d0b59/132366b768ebc82 IP104.17.3.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/pzifq/0x4AAAAAAADnPIDROrmt1Wwj/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (22568), with no line terminators Hash8deeb1b59b018a75d6bda4fce43196d3 219de43edd084c2e0b6c223abaef79aaee066953 37f2a680a9821f33ab5e585924d234c8f229aeeb6e41d9929df0d34dc43fe839
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1901469419:1714055218:6CnEoAlgg4mgYwNLJMZYP2UBEWR1tjHwrAdxiIbsM7I/879f5c4a780d0b59/132366b768ebc82 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/pzifq/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 132366b768ebc82
Content-Length: 26638
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:28:03 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: dTLWrpn2KAoyRbRO2zwNqEdM8bx2DhZzVHhHPy7G2vfcvPk5+m1i0rOcu1YpZY4g$tgZKMLtjfiVxlfeF+By5IA==
vary: accept-encoding
server: cloudflare
cf-ray: 879f5c5759c60b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/turnstile/v0/b/471dc2adc340/api.js?onload=ZbqNq8&render=explicit | 104.17.3.184 | 200 OK | 42 kB |
URL GET HTTP/3challenges.cloudflare.com/turnstile/v0/b/471dc2adc340/api.js?onload=ZbqNq8&render=explicit IP104.17.3.184:443
Requested byhttps://nutarcom.us/Mbrad.hanna@mcmillan.ca CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (42414) Hashf94a2211ce789a95a7c67e8c660d63e8 f1fc19b6bcb96d0a905bf3192aaff0885ff9f36f 926dc3302f99ec05e4206e965ddeb7250f5910a8c38e82c7beafb724bbaaf37b
GET /turnstile/v0/b/471dc2adc340/api.js?onload=ZbqNq8&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nutarcom.us
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:28:01 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 879f5c48bec20b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=879f5c4a780d0b59 | 104.17.3.184 | 200 OK | 428 kB |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=879f5c4a780d0b59 IP104.17.3.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/pzifq/0x4AAAAAAADnPIDROrmt1Wwj/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size428 kB (428058 bytes) Hash7cb4a48a36635f3a174a12d840a6751f 3176dcae96c8a9016b4adfe9d0fd668f6ff3429a 2945981eb2173d4fde160f925894d4d7fa24219fccb2c694bd15ec160a05a960
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=879f5c4a780d0b59 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/pzifq/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:28:01 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
server: cloudflare
cf-ray: 879f5c4b086b0b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| nutarcom.us/cdn-cgi/challenge-platform/h/b/flow/ov1/509385715:1714055247:niSqGngLmomGOF-GlOjDB1ufxcQAG01aVTK-l9wO31k/879f5c478cff569f/50aade35a014390 | 188.114.97.1 | 200 OK | 16 kB |
URL POST HTTP/3nutarcom.us/cdn-cgi/challenge-platform/h/b/flow/ov1/509385715:1714055247:niSqGngLmomGOF-GlOjDB1ufxcQAG01aVTK-l9wO31k/879f5c478cff569f/50aade35a014390 IP188.114.97.1:443
Requested byhttps://nutarcom.us/Mbrad.hanna@mcmillan.ca CertificateIssuerLet's Encrypt Subjectnutarcom.us FingerprintB8:DF:C4:3D:D6:67:7A:4B:4E:4F:BF:9F:BC:54:1B:65:37:38:8C:F2 ValidityTue, 23 Apr 2024 22:24:07 GMT - Mon, 22 Jul 2024 22:24:06 GMT
File typeASCII text, with very long lines (15928), with no line terminators Hashb7eb445a1b76c4f05a1f9ebd1727ad9a 6d7f4f67e833784750f288767c87625595d7d8be 3ef8e91b6ffb612033d0593e8c6503084025bea306517dc0e70c407d85b76904
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/509385715:1714055247:niSqGngLmomGOF-GlOjDB1ufxcQAG01aVTK-l9wO31k/879f5c478cff569f/50aade35a014390 HTTP/1.1
Host: nutarcom.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nutarcom.us/Mbrad.hanna@mcmillan.ca
Content-type: application/x-www-form-urlencoded
CF-Challenge: 50aade35a014390
Content-Length: 1922
Origin: https://nutarcom.us
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_m=2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:28:01 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: CasJsTVCCCopHZH0WLVvCXH3marW0mvda2lCbSDeX6xYoL5m03JSCA/Y1LOTMdoH$t1MfB//9Q0y5j0hYoR8FNQ==
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WMPr%2Fb6o6LN5NWMW8z0p45G8n84WrYQMlc%2FOWxwnvVvmjrtzS8xk9%2F1ho195ZSwEoH3CpvISKndAv%2FnSKpXqbY1%2FNzzej5mZY2YYZYRb5Wnui%2F6tpZLsVarESla4sA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879f5c497f4b569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/pzifq/0x4AAAAAAADnPIDROrmt1Wwj/light/normal | 104.17.3.184 | 200 OK | 80 kB |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/pzifq/0x4AAAAAAADnPIDROrmt1Wwj/light/normal IP104.17.3.184:443
Requested byhttps://nutarcom.us/Mbrad.hanna@mcmillan.ca CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (41702) Hasha4b6f629007b2b1a2cde12b6acbe8894 da4d5b21753ede3fc7e750a3acc78056efa39547 69cf902cfdc1e6fe5a1f4d09fcf0451e26242ce7140b0c1b97a2696316b49d4a
GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/pzifq/0x4AAAAAAADnPIDROrmt1Wwj/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:28:01 GMT
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp
document-policy: js-profiling
origin-agent-cluster: ?1
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
referrer-policy: same-origin
vary: accept-encoding
server: cloudflare
cf-ray: 879f5c4a780d0b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/879f5c4a780d0b59/1714058882084/IIzW1qfXcD_cfDq | 104.17.3.184 | 200 OK | 61 B |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/879f5c4a780d0b59/1714058882084/IIzW1qfXcD_cfDq IP104.17.3.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/pzifq/0x4AAAAAAADnPIDROrmt1Wwj/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typePNG image data, 81 x 28, 8-bit/color RGB, non-interlaced Hash5d10ebe4ca4b2daae2a5ca8079b21bba eb1c5e979190b740f3fcad632052a116b75af5de f9e578e144bedb831044ce08e3bb80bb1b36a37e4053a7f2e4e803a86bfa776d
GET /cdn-cgi/challenge-platform/h/b/i/879f5c4a780d0b59/1714058882084/IIzW1qfXcD_cfDq HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/pzifq/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:28:02 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 879f5c526d770b59-OSL
alt-svc: h3=":443"; ma=86400
|
|