| clickserve.dartsearch.net/link/click?&ds_a_cid=78645631&ds_a_caid=16864403479&ds_a_agid=136213635060&ds_a_fiid=&ds_a_lid=kwd-337954311970&&ds_e_adid=592415145315&ds_e_matchtype=search&ds_e_device=c&ds_e_network=g&&ds_url_v=2&dc_eps=AHas8cAWcSu2CE2UYpbAoywAbKsEzKsO3mL4IRHbDY7Tz6XLPlOxJw498iUtYEqldt3XQQ07ptEfeYomK1W7&acs_info=ZmluYWxfdXJsOiAiaHR0cHM6Ly93d3cuc2VjdW1kLm9yZy9wZXJzb25hbC9iYW5raW5nL3RvdGFsLWNoZWNraW5nLXJld2FyZHMvIgo&ds_dest_url=https://shoppybu.com/.tmp/jtnrml/mce/___10LC___/cGF1bC5hdmlzQG1jbWlsbGFuLmNh | 216.58.207.238 | | 562 B |
URL clickserve.dartsearch.net/link/click?&ds_a_cid=78645631&ds_a_caid=16864403479&ds_a_agid=136213635060&ds_a_fiid=&ds_a_lid=kwd-337954311970&&ds_e_adid=592415145315&ds_e_matchtype=search&ds_e_device=c&ds_e_network=g&&ds_url_v=2&dc_eps=AHas8cAWcSu2CE2UYpbAoywAbKsEzKsO3mL4IRHbDY7Tz6XLPlOxJw498iUtYEqldt3XQQ07ptEfeYomK1W7&acs_info=ZmluYWxfdXJsOiAiaHR0cHM6Ly93d3cuc2VjdW1kLm9yZy9wZXJzb25hbC9iYW5raW5nL3RvdGFsLWNoZWNraW5nLXJld2FyZHMvIgo&ds_dest_url=https://shoppybu.com/.tmp/jtnrml/mce/___10LC___/cGF1bC5hdmlzQG1jbWlsbGFuLmNh IP216.58.207.238:0
File typeHTML document, ASCII text, with very long lines (632) Hashcd0a18c8b0c62c6846993e4e353374ea f0bedd6a443607c7dd07b00951714ab1508a3f60 c04f6b80bdd53231acc67c26dd83798a5ad0df40586e87fd544d72d0b71e017f
GET /link/click?&ds_a_cid=78645631&ds_a_caid=16864403479&ds_a_agid=136213635060&ds_a_fiid=&ds_a_lid=kwd-337954311970&&ds_e_adid=592415145315&ds_e_matchtype=search&ds_e_device=c&ds_e_network=g&&ds_url_v=2&dc_eps=AHas8cAWcSu2CE2UYpbAoywAbKsEzKsO3mL4IRHbDY7Tz6XLPlOxJw498iUtYEqldt3XQQ07ptEfeYomK1W7&acs_info=ZmluYWxfdXJsOiAiaHR0cHM6Ly93d3cuc2VjdW1kLm9yZy9wZXJzb25hbC9iYW5raW5nL3RvdGFsLWNoZWNraW5nLXJld2FyZHMvIgo&ds_dest_url=https://shoppybu.com/.tmp/jtnrml/mce/___10LC___/cGF1bC5hdmlzQG1jbWlsbGFuLmNh HTTP/1.1
Host: clickserve.dartsearch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
location: https://ad.doubleclick.net/searchads/link/click?&ds_a_cid=78645631&ds_a_caid=16864403479&ds_a_agid=136213635060&ds_a_fiid=&ds_a_lid=kwd-337954311970&&ds_e_adid=592415145315&ds_e_matchtype=search&ds_e_device=c&ds_e_network=g&&ds_url_v=2&dc_eps=AHas8cAWcSu2CE2UYpbAoywAbKsEzKsO3mL4IRHbDY7Tz6XLPlOxJw498iUtYEqldt3XQQ07ptEfeYomK1W7&acs_info=ZmluYWxfdXJsOiAiaHR0cHM6Ly93d3cuc2VjdW1kLm9yZy9wZXJzb25hbC9iYW5raW5nL3RvdGFsLWNoZWNraW5nLXJld2FyZHMvIgo&ds_dest_url=https://shoppybu.com/.tmp/jtnrml/mce/___10LC___/cGF1bC5hdmlzQG1jbWlsbGFuLmNh
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Thu, 25 Apr 2024 15:19:31 GMT
expires: Thu, 25 Apr 2024 15:19:31 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 562
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ad.doubleclick.net/searchads/link/click?&ds_a_cid=78645631&ds_a_caid=16864403479&ds_a_agid=136213635060&ds_a_fiid=&ds_a_lid=kwd-337954311970&&ds_e_adid=592415145315&ds_e_matchtype=search&ds_e_device=c&ds_e_network=g&&ds_url_v=2&dc_eps=AHas8cAWcSu2CE2UYpbAoywAbKsEzKsO3mL4IRHbDY7Tz6XLPlOxJw498iUtYEqldt3XQQ07ptEfeYomK1W7&acs_info=ZmluYWxfdXJsOiAiaHR0cHM6Ly93d3cuc2VjdW1kLm9yZy9wZXJzb25hbC9iYW5raW5nL3RvdGFsLWNoZWNraW5nLXJld2FyZHMvIgo&ds_dest_url=https://shoppybu.com/.tmp/jtnrml/mce/___10LC___/cGF1bC5hdmlzQG1jbWlsbGFuLmNh | 142.250.74.166 | | 0 B |
URL ad.doubleclick.net/searchads/link/click?&ds_a_cid=78645631&ds_a_caid=16864403479&ds_a_agid=136213635060&ds_a_fiid=&ds_a_lid=kwd-337954311970&&ds_e_adid=592415145315&ds_e_matchtype=search&ds_e_device=c&ds_e_network=g&&ds_url_v=2&dc_eps=AHas8cAWcSu2CE2UYpbAoywAbKsEzKsO3mL4IRHbDY7Tz6XLPlOxJw498iUtYEqldt3XQQ07ptEfeYomK1W7&acs_info=ZmluYWxfdXJsOiAiaHR0cHM6Ly93d3cuc2VjdW1kLm9yZy9wZXJzb25hbC9iYW5raW5nL3RvdGFsLWNoZWNraW5nLXJld2FyZHMvIgo&ds_dest_url=https://shoppybu.com/.tmp/jtnrml/mce/___10LC___/cGF1bC5hdmlzQG1jbWlsbGFuLmNh IP142.250.74.166:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /searchads/link/click?&ds_a_cid=78645631&ds_a_caid=16864403479&ds_a_agid=136213635060&ds_a_fiid=&ds_a_lid=kwd-337954311970&&ds_e_adid=592415145315&ds_e_matchtype=search&ds_e_device=c&ds_e_network=g&&ds_url_v=2&dc_eps=AHas8cAWcSu2CE2UYpbAoywAbKsEzKsO3mL4IRHbDY7Tz6XLPlOxJw498iUtYEqldt3XQQ07ptEfeYomK1W7&acs_info=ZmluYWxfdXJsOiAiaHR0cHM6Ly93d3cuc2VjdW1kLm9yZy9wZXJzb25hbC9iYW5raW5nL3RvdGFsLWNoZWNraW5nLXJld2FyZHMvIgo&ds_dest_url=https://shoppybu.com/.tmp/jtnrml/mce/___10LC___/cGF1bC5hdmlzQG1jbWlsbGFuLmNh HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://shoppybu.com/.tmp/jtnrml/mce/___10LC___/cGF1bC5hdmlzQG1jbWlsbGFuLmNh
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 25 Apr 2024 15:19:32 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: IDE=AHWqTUk5Oeuoe_LAkr7dh2HChvmUPXlStZRzqSNK8U8IlrCZgmr06h9mNbhXUfZIVbI; expires=Sat, 25-Apr-2026 15:19:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
FLC=CPelNRCHpcI9GKn7-o8BKLH8xAIwhOmpsQZwANq4BBoyGDoWChQoMJgX0ezzKpobBgjwspqxBqAbAQ; expires=Thu, 25-Apr-2024 15:19:42 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| shoppybu.com/.tmp/jtnrml/mce/___10LC___/cGF1bC5hdmlzQG1jbWlsbGFuLmNh | 162.144.4.79 | | 0 B |
URL shoppybu.com/.tmp/jtnrml/mce/___10LC___/cGF1bC5hdmlzQG1jbWlsbGFuLmNh IP162.144.4.79:0 ASN#46606 UNIFIEDLAYER-AS-1
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft Outlook |
GET /.tmp/jtnrml/mce/___10LC___/cGF1bC5hdmlzQG1jbWlsbGFuLmNh HTTP/1.1
Host: shoppybu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 15:19:32 GMT
server: nginx/1.21.6
content-type: text/html; charset=UTF-8
content-length: 0
refresh: 0;url=https://nutarcom.us/Mpaul.avis@mcmillan.ca
cache-control: max-age=7200
expires: Thu, 25 Apr 2024 17:19:32 GMT
vary: User-Agent
x-generated: t=1714058372613358
x-endurance-cache-level: 2
x-nginx-cache: WordPress
x-server-cache: false
X-Firefox-Spdy: h2
|
|
| nutarcom.us/favicon.ico | 104.21.35.239 | 403 Forbidden | 6.7 kB |
IP104.21.35.239:443
Requested byhttps://nutarcom.us/Mpaul.avis@mcmillan.ca CertificateIssuerLet's Encrypt Subjectnutarcom.us FingerprintB8:DF:C4:3D:D6:67:7A:4B:4E:4F:BF:9F:BC:54:1B:65:37:38:8C:F2 ValidityTue, 23 Apr 2024 22:24:07 GMT - Mon, 22 Jul 2024 22:24:06 GMT
File typeHTML document, ASCII text, with very long lines (15715), with no line terminators Hash39bdcd7780a25c78503b222ca3c59c03 cc153103601897c0d07ce6b69998802d052fa3b6 b8754c723a2268fe1042076933a22d8f33ddc75727613e70fc236d12a9877799
GET /favicon.ico HTTP/1.1
Host: nutarcom.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nutarcom.us/Mpaul.avis@mcmillan.ca
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
date: Thu, 25 Apr 2024 15:19:33 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: B9qyhwA65Cjf/wLX0LG/WdMsSmx1gakXvp7F+1/tZZFzHVcmPfACUChXoAqWPR4gEFx8vO1/Y830HDPeO/rLCiFv9Bwjf2X7avwubz8d+gcXr/9bUjRqwTO0BQN3saemux94IeA6pot3OOnNVqvdDA==$UpzP4SzTsbHeUtdQ1AX/tw==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HZw%2Fm5WDv%2B2w0NGsbf2onUcPQQM1NGsiVis%2FyTtceSb2wcqHIOtVq4vtshoL8XaEG8NUFJ9trYk%2Fz0Rj0sX9jF0ROZIUk0hr7IyFLY4aGVkY%2Bxh6zwqdYir4reaGgw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879f4fe2a9d75689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/879f4fe429157131/1714058374187/33231e828a7eb246d76096f35e80cc7f49eca9d99d96ad0d94a3ee4acf5886f2/uW51RwFFrOKyQYK | 104.17.3.184 | | 1 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/879f4fe429157131/1714058374187/33231e828a7eb246d76096f35e80cc7f49eca9d99d96ad0d94a3ee4acf5886f2/uW51RwFFrOKyQYK IP104.17.3.184:0
File typevery short file (no magic) Hashff44570aca8241914870afbc310cdb85 58668e7669fd564d99db5d581fcdb6a5618440b5 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
GET /cdn-cgi/challenge-platform/h/b/pat/879f4fe429157131/1714058374187/33231e828a7eb246d76096f35e80cc7f49eca9d99d96ad0d94a3ee4acf5886f2/uW51RwFFrOKyQYK HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/wiq5w/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 401 Unauthorized
date: Thu, 25 Apr 2024 15:19:34 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gMyMegop-skbXYJbzXoDMf0nsqdmdlq0NlKPuSs9YhvIAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEApc5PUXcXSrXwpeNe3kT6EaAJPDsPBMfFZc7M608yW3JV6YSHiGBLoFiLtNHD3Yj8UsOtWbQeFa2uvS_dYz5MBsoSW4-RbOY-WCB2aGEB-eoRbXl4lJRl0UNGi00lNBgNTil_mTTSNV3ssSkmSY8kwM-5GqBNfJ2kmJPKo02MWiXn1pwc4YXbeATUrYDRvvXUXYZrgaarjDyvHFhnYpD3mqr5qOj_TS_1SCUZ0HIp8ywDX06Xc59cKjzFHEUzD3gWutoK4apMxNt9bWWxcH3D_UL1a1llCxh-knMwTxgvRXS-XHap_ymO2zCuAPNgo1SDCTl4lTQZbVX7VvpDZwMaiQIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIDMjHoKKfrJG12CW816AzH9J7KnZnZatDZSj7krPWIbyABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA1FEYykHcK8H9rb_u0aFz3CmWgYloQw4YhedoEOAjJ0vy2Axa4f9UG9Dzs4uXS34_h8l6MDo2nRCvLI9lvebilMnTjCn-6D77bewqYxJKUFZW1z2jBIdu03TrETczfEg7kxgKtJE9NXGDjYJcF_iMgzgNA0PEAVM89tUYXXlFy4cUAGlqU2mPpIEOxm5ARsXC-zlLK60fkJ4cOsZRkZa6EExdhmgdwQ0fEJuSOHrBO_-zJn4hUP8q9g4yqkxW2UrfJgD07F4HaHGBEiei06sGDvH2NEPvswEl5dTGxutNrxlU7W24iYhNa2nhjlc53nNb0mKtszv-czVE9UhXyJ7-RQIDAQAB", max-age=20
server: cloudflare
cf-ray: 879f4fe92ee67131-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/879f4fe429157131/1714058374193/2GNAykx6AmlK7Sb | 104.17.3.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/879f4fe429157131/1714058374193/2GNAykx6AmlK7Sb IP104.17.3.184:0
File typePNG image data, 65 x 100, 8-bit/color RGB, non-interlaced Hash95adb7eeaa43bb662d2640784c0265b0 b49acf7c5d752f70efce570688d218cd9e6c9c8a 83c71c006032d48d77d5d8644c9c533ececeed933f5fa96d285b8ad274d38149
GET /cdn-cgi/challenge-platform/h/b/i/879f4fe429157131/1714058374193/2GNAykx6AmlK7Sb HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/wiq5w/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:19:35 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 879f4fef2c857131-OSL
alt-svc: h3=":443"; ma=86400
|
|
| nutarcom.us/favicon.ico | 104.21.35.239 | 403 Forbidden | 6.8 kB |
IP104.21.35.239:443
Requested byhttps://nutarcom.us/Mpaul.avis@mcmillan.ca CertificateIssuerLet's Encrypt Subjectnutarcom.us FingerprintB8:DF:C4:3D:D6:67:7A:4B:4E:4F:BF:9F:BC:54:1B:65:37:38:8C:F2 ValidityTue, 23 Apr 2024 22:24:07 GMT - Mon, 22 Jul 2024 22:24:06 GMT
File typeHTML document, ASCII text, with very long lines (15757), with no line terminators Hashdaf2782860c8e187453ed34f9f068273 d81cd1c966c8aa15dce2fef40f3c38b7dd11a582 e44edfb0334e1c745ad2b0726edab2674371f171d3a5b22a83a74cb72298cbf0
GET /favicon.ico HTTP/1.1
Host: nutarcom.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nutarcom.us/Mpaul.avis@mcmillan.ca
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_m=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
date: Thu, 25 Apr 2024 15:19:40 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: aQmfm/4/docDGq+eba9ttY1H/wN7Kd0jyBXeu0IFyqKR5QvyS+gfoSu477U7CD3EuiX1A7LgSd0hk+WLGHjCC2swTkFMfF10FF5Y7Lka5GYH0f5Rc338xtyRnCJdm28PYb4MLqJDufBYOPS91be3jA==$as6+V2m+ZqJu52ts3i9VLA==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UHx154SoSbPUYhIxkLVjf1owhXbAqqzgkFRV%2FrB%2BsJrDvOxiOucuUmzCZ4RxAVep9gAQ9hwONcjIgS9c6KH8xrUXhmmtKvnKHDsrwYBjhL%2BKkvxjXhTHFogQeBEO7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879f50106be75689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| nutarcom.us/Mpaul.avis@mcmillan.ca | 104.21.35.239 | 403 Forbidden | 10 kB |
URL User Request GET HTTP/3nutarcom.us/Mpaul.avis@mcmillan.ca IP104.21.35.239:443
CertificateIssuerLet's Encrypt Subjectnutarcom.us FingerprintB8:DF:C4:3D:D6:67:7A:4B:4E:4F:BF:9F:BC:54:1B:65:37:38:8C:F2 ValidityTue, 23 Apr 2024 22:24:07 GMT - Mon, 22 Jul 2024 22:24:06 GMT
File typeHTML document, ASCII text, with very long lines (15846), with no line terminators Hash495748f1592c12da59f66823c92ff705 fbfc8ca4e195bb23f0f32d19bfdf185ed643af7b e002c6cfffaf69a4baf69b3b16479b37f5a7cd703bbd2434b400de74fc67ff98
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft Outlook |
GET /Mpaul.avis@mcmillan.ca HTTP/1.1
Host: nutarcom.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_m=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
date: Thu, 25 Apr 2024 15:19:40 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: lYhrJTBrHWUNZqZIIBZTtZHvOu8QfXLJPW61863b3ClKz6SxUyWYneKFCTGv3p+0vNlgc4xeSl6wQduIsfJUylUqKFEDbM3zU9gnCsWGGT/iKaEEq9+xPcDTlMfv96Ix2cmQHA4FVHxcennSrlTA8Q==$IH/IJv5tuij5MWaP9KHfaw==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lyizUHflXYbQ17ETjALYdbMJ3ezOBgj%2FfP%2Fh%2FDLHqT1NTYqNrUBc8L88cR065SyxP0%2FKBgCOob2LKIR0IkaG3p3ebY7tr%2FlEPGfa9NAwrd3h9YTEzBXd0TsBBxhiGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879f500f6a955689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| nutarcom.us/cdn-cgi/challenge-platform/h/b/flow/ov1/651624420:1714055098:oJ6o-Fn90zQ9ar6pClYvCp7SpZCp_NpDhXNCgow-yrc/879f4fe0dabb56b5/ce44bab8e5b3889 | 104.21.35.239 | | 12 kB |
URL nutarcom.us/cdn-cgi/challenge-platform/h/b/flow/ov1/651624420:1714055098:oJ6o-Fn90zQ9ar6pClYvCp7SpZCp_NpDhXNCgow-yrc/879f4fe0dabb56b5/ce44bab8e5b3889 IP104.21.35.239:0
CertificateIssuerLet's Encrypt Subjectnutarcom.us FingerprintB8:DF:C4:3D:D6:67:7A:4B:4E:4F:BF:9F:BC:54:1B:65:37:38:8C:F2 ValidityTue, 23 Apr 2024 22:24:07 GMT - Mon, 22 Jul 2024 22:24:06 GMT
File typeASCII text, with very long lines (2332), with no line terminators Hashc298c90302ca49dd5209aa1af4b5b065 1b14378d42eceeee82598b0f1f24bba7ff1895ed 3010daa0472ced0279326ac6d86de2f29018a1004f3d2c5b2c67fd87d0f88934
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/651624420:1714055098:oJ6o-Fn90zQ9ar6pClYvCp7SpZCp_NpDhXNCgow-yrc/879f4fe0dabb56b5/ce44bab8e5b3889 HTTP/1.1
Host: nutarcom.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nutarcom.us/Mpaul.avis@mcmillan.ca
Content-type: application/x-www-form-urlencoded
CF-Challenge: ce44bab8e5b3889
Content-Length: 2563
Origin: https://nutarcom.us
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:19:38 GMT
content-type: text/html; charset=UTF-8
cf-chl-out: hNN0eKoqZ7Z5oWKDrHB1Wk6JaqrHW9LyNFs4dNsGg4PTKuUau6R47hf8pZYGl0Cm90vWJKFnwZQ/w3GQBPJ6xr1+kq5/t/G3VBaVx+2Mbuo=$5zM6k15GESybH64nERSf7g==
cf-chl-out-s: NCayzaP9uyloHAFDbQQIpFjgSp06FrZL0zWegyT7qcQhBk1T72pjYHOM1PChId+UzMLdRF1KCzF38Wl8zMnIqKCsREZR07tuiUD0k9XlHpc=$GqC5CPkiEdrpdFzQjPEUyA==
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bdy4vd0wJqSxa1zysPwPwf%2B%2ByijyQb%2FjskMn9cco8ZLVf8tZ4NgZox4FqPkQnQj7UAqFZ1PFdrLm3mr5IefXEUUjb%2BofRXc8CxanmYHDrhWH57%2F1ijc1k1g3qjLvcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879f50028de45689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1251115019:1714055096:TsjRobX-5tDXhNwg0XycCBCpe_fS2eFg-hAbF-Ady7s/879f4fe429157131/741fe9aca8f650c | 104.17.3.184 | | 929 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1251115019:1714055096:TsjRobX-5tDXhNwg0XycCBCpe_fS2eFg-hAbF-Ady7s/879f4fe429157131/741fe9aca8f650c IP104.17.3.184:0
File typeASCII text, with very long lines (968), with no line terminators Hash4197c4e7574e3d5831e9c152ee49b438 183bdde3a504e9ba51d1c5173c12d0fbda72b19f 36726d472eec3db71e82882c4b3eb88912a168e491611e61f2bacaadf561fd6b
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1251115019:1714055096:TsjRobX-5tDXhNwg0XycCBCpe_fS2eFg-hAbF-Ady7s/879f4fe429157131/741fe9aca8f650c HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/wiq5w/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 741fe9aca8f650c
Content-Length: 39099
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:19:38 GMT
content-type: text/html; charset=UTF-8
cf-chl-out-s: CGoPF9fId6VKDPKJ610Ui/2sEUdAsKn14Z4KC2mRIfZXQZYbtVbgDhnX/S+qyExloHKVKBd2GOMMCNuNart54sdy+PsHeI1CWx2wWALyBRCOaVuFWLDII1FshnkyyE9PUFR2oiLBi/Qb6XQxxa5YOA==$NMN+tIb6G8tll57dxii7ug==
cf-chl-out: MUvim2zEP9XWG5ZR4oHx/PKhCCm2BL+YMEnaRJcqPUsjMDZauElgfJdAP1eruEYMynRtsCoKPC6aPZJPIsyC770Ql5RSGqEBn/t//goJmeg=$aMj3DjtkeLAfeNjVWsaYKQ==
vary: accept-encoding
server: cloudflare
cf-ray: 879f500209817131-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/turnstile/v0/b/471dc2adc340/api.js?onload=ZbqNq8&render=explicit | 104.17.3.184 | 200 OK | 14 kB |
URL GET HTTP/3challenges.cloudflare.com/turnstile/v0/b/471dc2adc340/api.js?onload=ZbqNq8&render=explicit IP104.17.3.184:443
Requested byhttps://nutarcom.us/Mpaul.avis@mcmillan.ca CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (42414) Hashf94a2211ce789a95a7c67e8c660d63e8 f1fc19b6bcb96d0a905bf3192aaff0885ff9f36f 926dc3302f99ec05e4206e965ddeb7250f5910a8c38e82c7beafb724bbaaf37b
GET /turnstile/v0/b/471dc2adc340/api.js?onload=ZbqNq8&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nutarcom.us
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:19:40 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 879f501079557131-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| normandy.cdn.mozilla.net/api/v1/ | 35.201.103.21 | | 598 B |
URL normandy.cdn.mozilla.net/api/v1/ IP35.201.103.21:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
Hash3076f9a5cb273105528b893ff7111e41 b8990c145fe71b9a2410eea41a60a712b43b82bf 69c578fb0c03a28141a975833f660f4571e7991dc28ae7f9cead37672ee2c9b3
GET /api/v1/ HTTP/1.1
Host: normandy.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 598
allow: GET, HEAD, OPTIONS
content-security-policy: default-src 'self' https://normandy.cdn.mozilla.net/; block-all-mixed-content; object-src 'none'; frame-src 'none'; form-action 'self'; base-uri 'none'; worker-src 'none'; report-uri /__cspreport__
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
via: 1.1 google
date: Wed, 24 Apr 2024 23:22:35 GMT
cache-control: public, max-age=86400
content-type: application/json
vary: Accept, Origin
age: 57432
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| nutarcom.us/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=879f4fe0dabb56b5 | 104.21.35.239 | | 154 kB |
URL nutarcom.us/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=879f4fe0dabb56b5 IP104.21.35.239:0
CertificateIssuerLet's Encrypt Subjectnutarcom.us FingerprintB8:DF:C4:3D:D6:67:7A:4B:4E:4F:BF:9F:BC:54:1B:65:37:38:8C:F2 ValidityTue, 23 Apr 2024 22:24:07 GMT - Mon, 22 Jul 2024 22:24:06 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size154 kB (154213 bytes) Hash0b9535abfc864606910d233f65c77a69 0342f4170dd8b5ea4e010833381f638c4ba671f5 1c04863cbb3b297b0216e56fcc80d478dd7c04cdddce94ad9e3336a58577c09d
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=879f4fe0dabb56b5 HTTP/1.1
Host: nutarcom.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nutarcom.us/Mpaul.avis@mcmillan.ca?__cf_chl_rt_tk=35AogffBH0pBYlmNKC4HCATH9zYKP8bssA2izTSavNg-1714058373-0.0.1.1-1621
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:19:33 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A3jLWTJPTqQ2zhKZPR3s0cXZGq9KMZInvDUvgRnXtCTgqkseVivo%2BxrXChkkjEbBCMRiQHXpURVLEzRzkpkSVJ1HKeBNNvVOGzvXBOkocU3O6c1yKg0Vu%2BcEx%2FMVLw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879f4fe1f9265689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| nutarcom.us/cdn-cgi/challenge-platform/h/b/flow/ov1/651624420:1714055098:oJ6o-Fn90zQ9ar6pClYvCp7SpZCp_NpDhXNCgow-yrc/879f4fe0dabb56b5/ce44bab8e5b3889 | 104.21.35.239 | | 21 kB |
URL nutarcom.us/cdn-cgi/challenge-platform/h/b/flow/ov1/651624420:1714055098:oJ6o-Fn90zQ9ar6pClYvCp7SpZCp_NpDhXNCgow-yrc/879f4fe0dabb56b5/ce44bab8e5b3889 IP104.21.35.239:0
CertificateIssuerLet's Encrypt Subjectnutarcom.us FingerprintB8:DF:C4:3D:D6:67:7A:4B:4E:4F:BF:9F:BC:54:1B:65:37:38:8C:F2 ValidityTue, 23 Apr 2024 22:24:07 GMT - Mon, 22 Jul 2024 22:24:06 GMT
File typeASCII text, with very long lines (15948), with no line terminators Hashdf55b2b728ce43a662d234c24281c591 cb556ec7afc77e5df4a3206a83b079932c703a9b 4f32a3cd757ae79c42c27609dec4221609fe6db59ab716c451ebadf40f399a26
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/651624420:1714055098:oJ6o-Fn90zQ9ar6pClYvCp7SpZCp_NpDhXNCgow-yrc/879f4fe0dabb56b5/ce44bab8e5b3889 HTTP/1.1
Host: nutarcom.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nutarcom.us/Mpaul.avis@mcmillan.ca
Content-type: application/x-www-form-urlencoded
CF-Challenge: ce44bab8e5b3889
Content-Length: 1898
Origin: https://nutarcom.us
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:19:33 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: IxUS8NXK6dXgFB1k8jIfRbjOMZPunziDMaW+5SEHIyamLoViiklCX0Ng3QQWqK7/$4NbrOXa5plnhLA7QDadSLw==
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ve6d5TzFQHz1zNgqEySWSl8U03xZ%2Bkplz4SVp%2BRCdXU4ybPqRzZVTkG7P%2BW0M82z3oxkekjS0LORwvldJgu%2BWhgOGjstQMmBK9j3p17rSG357wxMR0WoFQvIEYwnIw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879f4fe37aa05689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| nutarcom.us/favicon.ico | 104.21.35.239 | 403 Forbidden | 39 kB |
IP104.21.35.239:443
Requested byhttps://nutarcom.us/Mpaul.avis@mcmillan.ca CertificateIssuerLet's Encrypt Subjectnutarcom.us FingerprintB8:DF:C4:3D:D6:67:7A:4B:4E:4F:BF:9F:BC:54:1B:65:37:38:8C:F2 ValidityTue, 23 Apr 2024 22:24:07 GMT - Mon, 22 Jul 2024 22:24:06 GMT
File typeHTML document, ASCII text, with very long lines (15843), with no line terminators Hash126fc6180056654fc2225231315cfdb3 3ae54200bcbacb8feb73b5f29c90fa086ff98e3b b723344c15ee562ba7ef96dc9f822ddb8356b0edde25d741a8e5effe6d89ee00
GET /favicon.ico HTTP/1.1
Host: nutarcom.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nutarcom.us/Mpaul.avis@mcmillan.ca?__cf_chl_rt_tk=wD6RDCBBLx9m5FEDCNoPPNr8YCSzOZ5lbFDgc6riktc-1714058390-0.0.1.1-1621
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_m=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
date: Thu, 25 Apr 2024 15:19:50 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: ZbQ89dBC2YfygSO4Im3Y5vTal1XVQaDZDzuWbvlhZ/j674c54+rjsmNq9ta9V9oFfgaHc7kul9lJHig1X8ZvrFlA0OGiEgeF10Y+yLt10dg9JwcoPIraUfA/15wnTxkL1twzfCYRQYJFbjZ7vJrmQQ==$L3zifebtz6ILWuy1f3OPHg==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZIKuYaZVcIcx6mr30fFgmjPnWtfaT6wOlYtmktBjnJjtWB9rF6zhoVAm%2B%2Fm8WAJFSUohZ9ptQB83tUfo7Y6x0A2AVdSFy4uhL7cX0GG6%2BUeMU256cQTAb4%2BGMs4jhA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879f504bef915689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=879f504d9ba17131 | 104.17.3.184 | 200 OK | 172 kB |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=879f504d9ba17131 IP104.17.3.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/m2sdh/0x4AAAAAAADnPIDROrmt1Wwj/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size172 kB (171904 bytes) Hash38321f09846f2952173fcebb278a63ec ca6b550767b5034b0b5650fc0eb428582a4123e3 f21383d0a831b0e2170518ba72cfaaeffe08d1054bd033ab1ee6f83e159d18ce
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=879f504d9ba17131 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/m2sdh/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:19:50 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
server: cloudflare
cf-ray: 879f504e5cbf7131-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| nutarcom.us/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=879f504b3ef45689 | 104.21.35.239 | 200 OK | 164 kB |
URL GET HTTP/3nutarcom.us/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=879f504b3ef45689 IP104.21.35.239:443
Requested byhttps://nutarcom.us/Mpaul.avis@mcmillan.ca CertificateIssuerLet's Encrypt Subjectnutarcom.us FingerprintB8:DF:C4:3D:D6:67:7A:4B:4E:4F:BF:9F:BC:54:1B:65:37:38:8C:F2 ValidityTue, 23 Apr 2024 22:24:07 GMT - Mon, 22 Jul 2024 22:24:06 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size164 kB (164433 bytes) Hash585111f94466defcc35ab91f4879b616 e6e6dee3ecaa581df3670edc57b7b7d1d821808c f6c2ee1aa38cb3320836549109f8ac349c42e6140541789179b88bd520a0150b
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=879f504b3ef45689 HTTP/1.1
Host: nutarcom.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nutarcom.us/Mpaul.avis@mcmillan.ca?__cf_chl_rt_tk=wD6RDCBBLx9m5FEDCNoPPNr8YCSzOZ5lbFDgc6riktc-1714058390-0.0.1.1-1621
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_m=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:19:50 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t3CSRZ1zzE10D4FTesQepnWas8dvLNbTJmb6F4FDClOOzQruWCMqXY60Xr1DB0QLG303Hi3MnuZ4ptJSFwp2JygzhUVDfKyJOFZsHAgApM3Fv2BatA1nu0CjzQ2p6w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879f504b7f2b5689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/879f504d9ba17131/1714058391063/57lkH0Ok39yipbF | 104.17.3.184 | 200 OK | 61 B |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/879f504d9ba17131/1714058391063/57lkH0Ok39yipbF IP104.17.3.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/m2sdh/0x4AAAAAAADnPIDROrmt1Wwj/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typePNG image data, 65 x 80, 8-bit/color RGB, non-interlaced Hashb333d9e098401cb13324e83824a5f9e8 7d8772e946316f4a2f3c4f54fff0636c2e8bb516 bea3363f58ea1b99b6d3e0c03088ae274a2876dd341fd867d9db9ba767584692
GET /cdn-cgi/challenge-platform/h/b/i/879f504d9ba17131/1714058391063/57lkH0Ok39yipbF HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/m2sdh/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:19:51 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 879f50555bcb7131-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D | 104.17.3.184 | 200 OK | 61 B |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D IP104.17.3.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/m2sdh/0x4AAAAAAADnPIDROrmt1Wwj/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hash9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/m2sdh/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:19:50 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 879f504e5cbd7131-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/480084333:1714055088:GhjaBQu4xJ9K6BAP0ALiHzjV38VRjAclZglbOlT31ac/879f504d9ba17131/a42a772d8788d52 | 104.17.3.184 | 200 OK | 91 kB |
URL POST HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/480084333:1714055088:GhjaBQu4xJ9K6BAP0ALiHzjV38VRjAclZglbOlT31ac/879f504d9ba17131/a42a772d8788d52 IP104.17.3.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/m2sdh/0x4AAAAAAADnPIDROrmt1Wwj/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hash58539f369103fbfa672fa40fee1103cb 76440384636f1c90eda3f4b51bd4bda4bc5d8403 8dbc90504a4102da4db31709e86b3454807fc154328522131fff8ca58ea8c8a4
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/480084333:1714055088:GhjaBQu4xJ9K6BAP0ALiHzjV38VRjAclZglbOlT31ac/879f504d9ba17131/a42a772d8788d52 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/m2sdh/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: a42a772d8788d52
Content-Length: 3365
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:19:51 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: zZoTH9e1bJ4ao6y0jYpjxCZgi2AWdno/p1aIcQ8uEM4LTROpG2QzRYtv8rST5rBxuQ0pVecrZEnuM4QiTupjRD+1fGyhlZ5HTBqnGp96ZBzLbO+o68yx+mtVcaGzAUMEjF5SN/mPuwTZxjRzyZ9edPPrIA3cO/bDmuG7HZFX1Ydo6Mt2HVPoejIkclJaRz2JBpjx/N0xZxdu1GXwBN4B8wCT5CLgc43BN1aspKFJgbcOpjsF8yC9xDVl5SX083di2SRFdb0OkldpKXsPKHyiGfrkDYWFU74GhloVTFtITrtVaK63OfKixDV2ou5B1oqcdpiV6+ttUHkbRi1KSZiTyDARBoBSdDZ0CmQO9C5BETPXVdoJTOtJOcQVzY0HXeIx$C+hlwP1xcniKNz23Vie5pQ==
vary: accept-encoding
server: cloudflare
cf-ray: 879f50500e887131-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/879f504d9ba17131/1714058391065/7b515d821afbe4580cb9d37dcec998947b3c79cb2fa6ee9746b7b7c461fde248/AAk3yMQfcKSZQGk | 104.17.3.184 | 401 Unauthorized | 1 B |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/879f504d9ba17131/1714058391065/7b515d821afbe4580cb9d37dcec998947b3c79cb2fa6ee9746b7b7c461fde248/AAk3yMQfcKSZQGk IP104.17.3.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/m2sdh/0x4AAAAAAADnPIDROrmt1Wwj/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typevery short file (no magic) Hashff44570aca8241914870afbc310cdb85 58668e7669fd564d99db5d581fcdb6a5618440b5 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
GET /cdn-cgi/challenge-platform/h/b/pat/879f504d9ba17131/1714058391065/7b515d821afbe4580cb9d37dcec998947b3c79cb2fa6ee9746b7b7c461fde248/AAk3yMQfcKSZQGk HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/m2sdh/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 401 Unauthorized
date: Thu, 25 Apr 2024 15:19:51 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20ge1Fdghr75FgMudN9zsmYlHs8ecsvpu6XRre3xGH94kgAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEApc5PUXcXSrXwpeNe3kT6EaAJPDsPBMfFZc7M608yW3JV6YSHiGBLoFiLtNHD3Yj8UsOtWbQeFa2uvS_dYz5MBsoSW4-RbOY-WCB2aGEB-eoRbXl4lJRl0UNGi00lNBgNTil_mTTSNV3ssSkmSY8kwM-5GqBNfJ2kmJPKo02MWiXn1pwc4YXbeATUrYDRvvXUXYZrgaarjDyvHFhnYpD3mqr5qOj_TS_1SCUZ0HIp8ywDX06Xc59cKjzFHEUzD3gWutoK4apMxNt9bWWxcH3D_UL1a1llCxh-knMwTxgvRXS-XHap_ymO2zCuAPNgo1SDCTl4lTQZbVX7VvpDZwMaiQIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIHtRXYIa--RYDLnTfc7JmJR7PHnLL6bul0a3t8Rh_eJIABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA1FEYykHcK8H9rb_u0aFz3CmWgYloQw4YhedoEOAjJ0vy2Axa4f9UG9Dzs4uXS34_h8l6MDo2nRCvLI9lvebilMnTjCn-6D77bewqYxJKUFZW1z2jBIdu03TrETczfEg7kxgKtJE9NXGDjYJcF_iMgzgNA0PEAVM89tUYXXlFy4cUAGlqU2mPpIEOxm5ARsXC-zlLK60fkJ4cOsZRkZa6EExdhmgdwQ0fEJuSOHrBO_-zJn4hUP8q9g4yqkxW2UrfJgD07F4HaHGBEiei06sGDvH2NEPvswEl5dTGxutNrxlU7W24iYhNa2nhjlc53nNb0mKtszv-czVE9UhXyJ7-RQIDAQAB", max-age=20
server: cloudflare
cf-ray: 879f5055ec9b7131-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/480084333:1714055088:GhjaBQu4xJ9K6BAP0ALiHzjV38VRjAclZglbOlT31ac/879f504d9ba17131/a42a772d8788d52 | 104.17.3.184 | 200 OK | 23 kB |
URL POST HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/480084333:1714055088:GhjaBQu4xJ9K6BAP0ALiHzjV38VRjAclZglbOlT31ac/879f504d9ba17131/a42a772d8788d52 IP104.17.3.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/m2sdh/0x4AAAAAAADnPIDROrmt1Wwj/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (22560), with no line terminators Hash389784a1d2dd094e412fcf98feb07024 a64a5fac72b30488402d703c461346cca0f1ec17 74899a48ff084d766633d942e6c4d0fe87913b9aaf1852d54c993cf245eafed4
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/480084333:1714055088:GhjaBQu4xJ9K6BAP0ALiHzjV38VRjAclZglbOlT31ac/879f504d9ba17131/a42a772d8788d52 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/m2sdh/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: a42a772d8788d52
Content-Length: 26106
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:19:52 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: TEwOhVXlk7q9VbDcMcW9qmhf1FNxdKajEta1FggkMgJOqyeDaCOY0x7++399xpbt$V3YGDAxE+oDyMXuMUWh58Q==
vary: accept-encoding
server: cloudflare
cf-ray: 879f50580f427131-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/m2sdh/0x4AAAAAAADnPIDROrmt1Wwj/light/normal | 104.17.3.184 | 200 OK | 80 kB |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/m2sdh/0x4AAAAAAADnPIDROrmt1Wwj/light/normal IP104.17.3.184:443
Requested byhttps://nutarcom.us/Mpaul.avis@mcmillan.ca CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (41702) Hash5b4b389ff78e3df0f91ceb427e58f180 277bb146406dab818f13ce5351300a9f474e3727 590e3d2d1a04b81a4b5cc45be25a4304ced6a594234e89cd1bddc89c1be374ac
GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/m2sdh/0x4AAAAAAADnPIDROrmt1Wwj/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:19:50 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
document-policy: js-profiling
cross-origin-embedder-policy: require-corp
vary: accept-encoding
server: cloudflare
cf-ray: 879f504d9ba17131-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| nutarcom.us/cdn-cgi/challenge-platform/h/b/flow/ov1/458709135:1714055059:A65yJLmGtfTNjT48fvKbNMIjrQfei3uaRsw52JUaSWg/879f504b3ef45689/0bdca275619a42e | 104.21.35.239 | 200 OK | 16 kB |
URL POST HTTP/3nutarcom.us/cdn-cgi/challenge-platform/h/b/flow/ov1/458709135:1714055059:A65yJLmGtfTNjT48fvKbNMIjrQfei3uaRsw52JUaSWg/879f504b3ef45689/0bdca275619a42e IP104.21.35.239:443
Requested byhttps://nutarcom.us/Mpaul.avis@mcmillan.ca CertificateIssuerLet's Encrypt Subjectnutarcom.us FingerprintB8:DF:C4:3D:D6:67:7A:4B:4E:4F:BF:9F:BC:54:1B:65:37:38:8C:F2 ValidityTue, 23 Apr 2024 22:24:07 GMT - Mon, 22 Jul 2024 22:24:06 GMT
File typeASCII text, with very long lines (15936), with no line terminators Hashb2ae1579d93437c4b5f021a1385de06e 4e0d9b54fd0681f2f939be8800f013f878a4299f a1201d18a517fb44a9fbd3e966495290db4bd5628adbe2bac868ed91669da36f
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/458709135:1714055059:A65yJLmGtfTNjT48fvKbNMIjrQfei3uaRsw52JUaSWg/879f504b3ef45689/0bdca275619a42e HTTP/1.1
Host: nutarcom.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nutarcom.us/Mpaul.avis@mcmillan.ca
Content-type: application/x-www-form-urlencoded
CF-Challenge: 0bdca275619a42e
Content-Length: 1904
Origin: https://nutarcom.us
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_m=2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:19:50 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: vJTKLU9ssp3EG0hBN+80OJTo3CHUhlwaMsg5yswD4gumKpj6c1MleeR49WkjaJoE$ZlxqJ85Z5Et2IrabpgD1vw==
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=38WTxXX9w%2BzVkl%2BKijKtBq7GmYIEpuTIfcxv3dkOLi0PyRqOyAkdr6PFTqH84MXvM3uLB1yXHiYRe2167b5rkf2TXxx9aP8k9mgCB2WEumKDHZxujQbZ0A8GYjny8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879f504ce8ff5689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|