securedocfille.com Open in urlscan Pro
172.67.172.191 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://t.email.roccofortehotels.com/r/?id=hea11a2e,e54a0e3,e54a2c2&p1=joethorn.ru.com%2Fnew%2Fauth%2F4CHAR%2F%2F%2Fa2VycmkuaXJ2aW4tc...
Effective URL:
https://securedocfille.com/Mkerri.irvin-ross@mys.mb.ca
Submission: On August 28 via manual (August 28th 2023, 3:06:28 pm UTC) from CA — Scanned from CA

Summary HTTP 19 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 19 HTTP transactions. The main IP is 172.67.172.191, located in United States and belongs to CLOUDFLARENET, US. The main domain is securedocfille.com.
TLS certificate: Issued by GTS CA 1P5 on July 23rd 2023. Valid for: 3 months.

This is the only time securedocfille.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.154.222.161 54.154.222.161	16509 (AMAZON-02) (AMAZON-02)
1	69.49.230.170 69.49.230.170	19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING)
12	172.67.172.191 172.67.172.191	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	104.17.2.184 104.17.2.184	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	4

1 54.154.222.161 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-222-161.eu-west-1.compute.amazonaws.com

t.email.roccofortehotels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.49.230.170 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 69-49-230-170.webhostbox.net

joethorn.ru.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.67.172.191 (United States)

ASN13335 (CLOUDFLARENET, US)

securedocfille.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.17.2.184 (None, )

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	securedocfille.com securedocfille.com	158 KB
4	cloudflare.com challenges.cloudflare.com — Cisco Umbrella Rank: 6115	20 KB
1	ru.com joethorn.ru.com	258 B
1	roccofortehotels.com 1 redirects t.email.roccofortehotels.com	691 B
19	4

	Domain	Requested by
12	securedocfille.com	securedocfille.com
4	challenges.cloudflare.com	securedocfille.com challenges.cloudflare.com
1	joethorn.ru.com
1	t.email.roccofortehotels.com	1 redirects
19	4

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com

Subject Issuer	Validity	Valid
joethorn.ru.com R3	`2023-08-20` - `2023-11-18`	3 months	crt.sh
securedocfille.com GTS CA 1P5	`2023-07-23` - `2023-10-21`	3 months	crt.sh
challenges.cloudflare.com Cloudflare Inc ECC CA-3	`2023-08-18` - `2024-08-17`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://securedocfille.com/Mkerri.irvin-ross@mys.mb.ca
Frame ID: CB1963166E905F386921FF3D65C61A7E
Requests: 19 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/bd2g0/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Frame ID: 866485AEA3407D83B50CE89DD8F1883C
Requests: 1 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ngkgq/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Frame ID: CA6FCD708436254F34C8E8953B3734C7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Just a moment...

Page URL History Show full URLs

https://securedocfille.com/Mkerri.irvin-ross@mys.mb.ca Page URL
https://securedocfille.com/Mkerri.irvin-ross@mys.mb.ca Page URL

Page Statistics

19
Requests

89 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

179 kB
Transfer

443 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cloudflare.com/?utm_source=challenge&utm_campaign=m
Title: Cloudflare

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://securedocfille.com/Mkerri.irvin-ross@mys.mb.ca Page URL
https://securedocfille.com/Mkerri.irvin-ross@mys.mb.ca Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://t.email.roccofortehotels.com/r/?id=hea11a2e,e54a0e3,e54a2c2&p1=joethorn.ru.com%2Fnew%2Fauth%2F4CHAR%2F%2F%2Fa2VycmkuaXJ2aW4tcm9zc0BteXMubWIuY2E= HTTP 302
https://joethorn.ru.com/new/auth/4CHAR///a2VycmkuaXJ2aW4tcm9zc0BteXMubWIuY2E=

19 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

a2VycmkuaXJ2aW4tcm9zc0BteXMubWIuY2E=
joethorn.ru.com/new/auth/4CHAR///
Redirect Chain

http://t.email.roccofortehotels.com/r/?id=hea11a2e,e54a0e3,e54a2c2&p1=joethorn.ru.com%2Fnew%2Fauth%2F4CHAR%2F%2F%2Fa2VycmkuaXJ2aW4tcm9zc0BteXMubWIuY2E=
https://joethorn.ru.com/new/auth/4CHAR///a2VycmkuaXJ2aW4tcm9zc0BteXMubWIuY2E=

0
258 B

189ms
58ms

Document
text/html

69.49.230.170
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://joethorn.ru.com/new/auth/4CHAR///a2VycmkuaXJ2aW4tcm9zc0BteXMubWIuY2E=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 69.49.230.170 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 69-49-230-170.webhostbox.net
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Mon, 28 Aug 2023 15:06:23 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
refresh: 0;url=https://securedocfille.com/Mkerri.irvin-ross@mys.mb.ca

Redirect headers

Connection: keep-alive
Content-Length: 17
Content-Type: text/plain; charset=utf-8
Date: Mon, 28 Aug 2023 15:06:23 GMT
Location: https://joethorn.ru.com/new/auth/4CHAR///a2VycmkuaXJ2aW4tcm9zc0BteXMubWIuY2E=
P3P: CP="CAO DSP COR CURa DEVa TAIa OUR BUS IND UNI COM NAV"
Server: Apache
X-Robots-Tag: noindex

GET
H2 403 Mkerri.irvin-ross@mys.mb.ca Show response
securedocfille.com/ 6 KB
5 KB 103ms
31ms Document
text/html 172.67.172.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securedocfille.com/Mkerri.irvin-ross@mys.mb.ca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.172.191 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba6069c574f94c0eb8847c2b276b98bb3bf56a0ce6f8eed9d97200744cf1defc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://joethorn.ru.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated: challenge
cf-ray: 7fdd753c8a4339db-YYZ
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Mon, 28 Aug 2023 15:06:24 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EToKpuq9MiHUw7Kmzu%2BMzNK7bfDRgN31%2FIXA9SgeVH0MVxXgS5lj%2FUWMGZokNuLCiUnmbDkbRGK%2BiD4NqyYdJOFo6lYwp5rPg5zGM7r%2BPtLygBAl7olt696tvWlB05b2vJxjPYk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 challenges.css
securedocfille.com/cdn-cgi/styles/ 6 KB
3 KB 20ms
18ms Stylesheet
text/css 172.67.172.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securedocfille.com/cdn-cgi/styles/challenges.css

Requested by

Host: securedocfille.com
URL: https://securedocfille.com/Mkerri.irvin-ross@mys.mb.ca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.172.191 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://securedocfille.com/Mkerri.irvin-ross@mys.mb.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:06:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 23 Aug 2023 13:09:20 GMT
server: cloudflare
etag: W/"64e60500-19c8"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 7fdd753d0ade39db-YYZ
expires: Mon, 28 Aug 2023 17:06:24 GMT

GET
H2 200 v1 Show response
securedocfille.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ 158 KB
54 KB 28ms
27ms Script
application/javascript 172.67.172.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securedocfille.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7fdd753c8a4339db
Requested by: Host: securedocfille.com
URL: https://securedocfille.com/Mkerri.irvin-ross@mys.mb.ca
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.172.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2753b66daf2f4cdae4e00cffd2f39f1b2ef3da959a62c5d66f40a2cfea418d1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://securedocfille.com/Mkerri.irvin-ross@mys.mb.ca?__cf_chl_rt_tk=NHJu6z2CxH2pdod8TexXwZvQRZm2JBj_Ns187wrmt60-1693235184-0-gaNycGzNDBA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:06:24 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PKPuhcP1%2BFTZU6kdc8UMQqrkhx9A1WCIIRhgU8pZ0n9nUykLSXuWNE%2BzqIWUYlJTSPHhG6U4o0NfTGUNGFrp20rxzPjdMhvOVBXXQXAkl1N1JDVNgWXTD1A5qiaCp%2BhLA28zRdY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7fdd753d4b3639db-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 api.js Show response
challenges.cloudflare.com/turnstile/v0/g/313d8a27/ 29 KB
10 KB 146ms
44ms Script
application/javascript 104.17.2.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/g/313d8a27/api.js?onload=URXdVe4&render=explicit
Requested by: Host: securedocfille.com
URL: https://securedocfille.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7fdd753c8a4339db
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.2.184 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ae488283b6cebf52b5bd97cd3dbe44e84ab7e87234525258a07e59a1904c2ed

Request headers

Referer
Origin: https://securedocfille.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:06:24 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7fdd753e7a43a223-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 403 favicon.ico
securedocfille.com/ 6 KB
6 KB 56ms
54ms Image
text/html 172.67.172.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securedocfille.com/favicon.ico

Requested by

Host: securedocfille.com
URL: https://securedocfille.com/Mkerri.irvin-ross@mys.mb.ca

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.172.191 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7db729775d2789c38b091a161d0e8ce65ab985fb1d76949cc1e77c38eb1fcf6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://securedocfille.com/Mkerri.irvin-ross@mys.mb.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:06:24 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: same-origin
cf-mitigated: challenge
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gzZm6H07k759vDvsY9Darmtb%2BKTrwktoH7GjmDYQ1bAKHRcUqRLaKuLPdHvuGLCGNOyW4QgpJVoXsly6cJjjX%2BgzqZ%2BXPGTAVagAYrn8jWckq7anGLnqoHUZJ%2FKZ6k%2F4iJmAZpw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
origin-agent-cluster: ?1
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray: 7fdd753df80f39c6-YYZ
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
DATA 200
OK truncated
/ 586 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK 45156c8e-d560-44e2-a5f6-f9b16ecd289e
https://securedocfille.com/ 13 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://securedocfille.com/45156c8e-d560-44e2-a5f6-f9b16ecd289e
Requested by: Host: securedocfille.com
URL: https://securedocfille.com/Mkerri.irvin-ross@mys.mb.ca
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://securedocfille.com/Mkerri.irvin-ross@mys.mb.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length: 13
Content-Type: text/javascript

POST
H3 200 3e9887d37b5ab6e Show response
securedocfille.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1427228301:1693232547:bXTzQmYBrNcODeOQ_1y_R8Oui3ZXfcuH4tgCH-KGNb0/7fdd753c8a4339db/ 10 KB
8 KB 41ms
40ms XHR
text/plain 172.67.172.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securedocfille.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1427228301:1693232547:bXTzQmYBrNcODeOQ_1y_R8Oui3ZXfcuH4tgCH-KGNb0/7fdd753c8a4339db/3e9887d37b5ab6e
Requested by: Host: securedocfille.com
URL: https://securedocfille.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7fdd753c8a4339db
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.172.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 939fbdb4edcc99f3cdd5164feefaffb1a7c862f1a0cc1355bc49d93b144e8ee1

Request headers

Referer: https://securedocfille.com/Mkerri.irvin-ross@mys.mb.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
CF-Challenge: 3e9887d37b5ab6e
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 28 Aug 2023 15:06:24 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DcDQDA%2BNIWlhjP%2F1qsGY40j7czvwoMQoA8TVQ1RduC5O6njhwM0V5KryBHTv6%2BvbfrMxSNIY5vbC2uo5C6wT8kYR4S2X%2F4lsQc5rmb1Jr8mjrNWrJk26EXv3u4mipHTwHS3ehEE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7fdd753e78d439c6-YYZ
alt-svc: h3=":443"; ma=86400
cf-chl-gen: hxQohombOACPX8qxNTyDg7InMdw3bHo7+QlO0ftAB6NFYfczGz1bLtO0On59ExRg$x+h1LlodHoef1hwUGIkNzg==

GET
H3 200 normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/bd2g0/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame 8664 0
0 79ms
46ms Document
text/html 104.17.2.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/bd2g0/0x4AAAAAAADnPIDROrmt1Wwj/light/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/313d8a27/api.js?onload=URXdVe4&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.2.184 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7fdd753f3897a208-YYZ
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 15:06:24 GMT
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

POST
H3 200 3e9887d37b5ab6e Show response
securedocfille.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1427228301:1693232547:bXTzQmYBrNcODeOQ_1y_R8Oui3ZXfcuH4tgCH-KGNb0/7fdd753c8a4339db/ 2 KB
2 KB 38ms
37ms XHR
text/html 172.67.172.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securedocfille.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1427228301:1693232547:bXTzQmYBrNcODeOQ_1y_R8Oui3ZXfcuH4tgCH-KGNb0/7fdd753c8a4339db/3e9887d37b5ab6e
Requested by: Host: securedocfille.com
URL: https://securedocfille.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7fdd753c8a4339db
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.172.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74574e2d510df1eaa6ae55ed10d47c378193e495bcc57d4826f34e39e2d9644f

Request headers

Referer: https://securedocfille.com/Mkerri.irvin-ross@mys.mb.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
CF-Challenge: 3e9887d37b5ab6e
Content-type: application/x-www-form-urlencoded

Response headers

cf-chl-out: IrYOE2nQd4GBUCmb0Q/xwo+SZucoeSTZJNXW30iEY1c3SAXMrq+L6vXZWjK38QkId+SUlOxNe4AjCy5NhhDf3AFUHMLL5U+ezJggb0KxlRw=$o2OduQwYjg62U4jMbH3wbQ==
cf-chl-out-s: zDaJuJ0sDdOFxSRTtkpMEstMcpusgY2XpMbOffhgOMQPFYLfJDHmmRpmXGJNBFmwFOOkJi/2ADLzyiQ8AOu1LpNUY8mizYeqhBZ5i9VUJ99pe5vaHv/WGwTxOw5YaorczMwWB/BYnG74bvVIDzCNqfy6+njSrknGWkdjUJ5eReHCrXZMCxC/YtdBn9p3CKGU$eJ16PTQViEd5Eq0SNbcUYw==
date: Mon, 28 Aug 2023 15:06:24 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mfYEO0onsnJNkc0iz2UrXsbSn8PslrtiCM7724cYQP1O8ZiBChfipYiYxOCmro8ux3P1ajvX02K0Bc5fa9Op28iPxiLaDQzQnmYd7wFwmlc6ePUXYTwRGyrIzOjse10DSYbNWso%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 7fdd7541ce0539c6-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 403 Primary Request Mkerri.irvin-ross@mys.mb.ca Show response
securedocfille.com/ 6 KB
5 KB 23ms
23ms Document
text/html 172.67.172.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securedocfille.com/Mkerri.irvin-ross@mys.mb.ca

Requested by

Host: securedocfille.com
URL: https://securedocfille.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7fdd753c8a4339db

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.172.191 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59c3a75265210134a49002af57c37a52b0b7a8c1022b645a0fbe290ca6c33c5a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://securedocfille.com/Mkerri.irvin-ross@mys.mb.ca
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated: challenge
cf-ray: 7fdd75509c1e39c6-YYZ
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Mon, 28 Aug 2023 15:06:27 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1CytRPNSjaZ5L4vK40VERRTizFm9y0i2fs9MWC5O7v7gKh7pCI%2FAta7r7Y2zjE0TiUXB31lKvY0FOky3LiMKmyZK7TGvGzACTCn8AwHicSA9oKygJOPQ2uFQzUXgs3U7syScTbk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H3 200 challenges.css
securedocfille.com/cdn-cgi/styles/ 6 KB
3 KB 19ms
19ms Stylesheet
text/css 172.67.172.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securedocfille.com/cdn-cgi/styles/challenges.css

Requested by

Host: securedocfille.com
URL: https://securedocfille.com/Mkerri.irvin-ross@mys.mb.ca

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.172.191 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://securedocfille.com/Mkerri.irvin-ross@mys.mb.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:06:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 23 Aug 2023 13:09:20 GMT
server: cloudflare
etag: W/"64e60500-19c8"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 7fdd7550cc7739c6-YYZ
expires: Mon, 28 Aug 2023 17:06:27 GMT

GET
H3 200 v1 Show response
securedocfille.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/ 166 KB
57 KB 35ms
34ms Script
application/javascript 172.67.172.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securedocfille.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=7fdd75509c1e39c6
Requested by: Host: securedocfille.com
URL: https://securedocfille.com/Mkerri.irvin-ross@mys.mb.ca
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.172.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6e37950f9c76a551ff3103c5cb8f8f7a92bc8052e398320c131f6c358254c48

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://securedocfille.com/Mkerri.irvin-ross@mys.mb.ca?__cf_chl_rt_tk=Da9KmHZoXe2JLPtX7H.nku.vafduIej5OhfxZhRoVbU-1693235187-0-gaNycGzNClA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:06:27 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1WwMV9flXF%2BQpHO8d%2BhIDoReZ5k376fW%2B1K0XtXuTsmYaKEelgZcNQUg%2FpyahI11h33zEyMb4v97rcjizDrSuyRPoVtxPfYJBGQhty9SqNhToLRg8LZX1P%2BxpWjAaFjeuUMZyHU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7fdd7550eca539c6-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 api.js Show response
challenges.cloudflare.com/turnstile/v0/b/be88c2a1/ 29 KB
10 KB 61ms
60ms Script
application/javascript 104.17.2.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/b/be88c2a1/api.js?onload=GuZZHB3&render=explicit
Requested by: Host: securedocfille.com
URL: https://securedocfille.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=7fdd75509c1e39c6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.2.184 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92cefd873feda547496b569ec49cc16ea82c1c28959c46bc8b096b57afe04be7

Request headers

Referer
Origin: https://securedocfille.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:06:27 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7fdd75517a27a223-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 403 favicon.ico
securedocfille.com/ 6 KB
6 KB 25ms
25ms Image
text/html 172.67.172.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securedocfille.com/favicon.ico

Requested by

Host: securedocfille.com
URL: https://securedocfille.com/Mkerri.irvin-ross@mys.mb.ca

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.172.191 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3747eb088432c712d0fc540d3c670a44fb961f22d34332e77329efffdcb54a08

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://securedocfille.com/Mkerri.irvin-ross@mys.mb.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:06:27 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: same-origin
cf-mitigated: challenge
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MzIZQd4ExpAVI9r91mP%2Fgm%2Bdl55T1zWjbwfY1QLfVNOyRxB6NoXds6lKlIETv0ToAWrYwV2ULCH49zHwjsumi3ByaTl22EXQSTjHCtTzdTQBgv7oitK5PVnCUd3Wt087hlVZY7M%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
origin-agent-cluster: ?1
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray: 7fdd75517d6639c6-YYZ
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
DATA 200
OK truncated
/ 586 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK 2ea3819d-111e-47f9-90aa-ab6652a445ed
https://securedocfille.com/ 13 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://securedocfille.com/2ea3819d-111e-47f9-90aa-ab6652a445ed
Requested by: Host: securedocfille.com
URL: https://securedocfille.com/Mkerri.irvin-ross@mys.mb.ca
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://securedocfille.com/Mkerri.irvin-ross@mys.mb.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length: 13
Content-Type: text/javascript

POST
H3 200 06eb8cfd8c70558 Show response
securedocfille.com/cdn-cgi/challenge-platform/h/b/flow/ov1/719107267:1693231743:FUJ8Rl4HFZAAOaSGXjQMAYR2Vjc9_6zLnfN5l0Nr14g/7fdd75509c1e39c6/ 10 KB
8 KB 51ms
51ms XHR
text/plain 172.67.172.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securedocfille.com/cdn-cgi/challenge-platform/h/b/flow/ov1/719107267:1693231743:FUJ8Rl4HFZAAOaSGXjQMAYR2Vjc9_6zLnfN5l0Nr14g/7fdd75509c1e39c6/06eb8cfd8c70558
Requested by: Host: securedocfille.com
URL: https://securedocfille.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=7fdd75509c1e39c6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.172.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ab9da5bb78a10342efccd73e849b7b8d31be7c3e1c87cf924c2191be747f6b1

Request headers

Referer: https://securedocfille.com/Mkerri.irvin-ross@mys.mb.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
CF-Challenge: 06eb8cfd8c70558
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 28 Aug 2023 15:06:27 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uelMjEMXfS82GRbPWN2XT7YEqPLiNt6%2BnwrTV2pstnJIaeQQCVp%2FadOXn5kNzr98ksdZ67%2F0%2FxBaqdYuagEaUvebvr18wmMVj6JDGuF0XuGV6qvMCzbP6KikzurKnl5THXx3QXw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7fdd75523edc39c6-YYZ
alt-svc: h3=":443"; ma=86400
cf-chl-gen: nbShHgq6T6NBm/Z8JpVwevHgHuHUZKgCAhLrvEedkvD84drcZcGE/pASLawhsUFo$SPo+5Hh8AXkv5h0kq1cguw==

GET
H3 200 normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ngkgq/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame CA6F 0
0 30ms
29ms Document
text/html 104.17.2.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ngkgq/0x4AAAAAAADnPIDROrmt1Wwj/light/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/be88c2a1/api.js?onload=GuZZHB3&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.2.184 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7fdd7552a900a208-YYZ
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 15:06:27 GMT
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

POST
H3 200 06eb8cfd8c70558 Show response
securedocfille.com/cdn-cgi/challenge-platform/h/b/flow/ov1/719107267:1693231743:FUJ8Rl4HFZAAOaSGXjQMAYR2Vjc9_6zLnfN5l0Nr14g/7fdd75509c1e39c6/ 2 KB
2 KB 39ms
38ms XHR
text/html 172.67.172.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securedocfille.com/cdn-cgi/challenge-platform/h/b/flow/ov1/719107267:1693231743:FUJ8Rl4HFZAAOaSGXjQMAYR2Vjc9_6zLnfN5l0Nr14g/7fdd75509c1e39c6/06eb8cfd8c70558
Requested by: Host: securedocfille.com
URL: https://securedocfille.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=7fdd75509c1e39c6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.172.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d392b8a27fcc85b9358ad052f4838db81cc5722495a07fb082ff37b95fd3af44

Request headers

Referer: https://securedocfille.com/Mkerri.irvin-ross@mys.mb.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
CF-Challenge: 06eb8cfd8c70558
Content-type: application/x-www-form-urlencoded

Response headers

cf-chl-out: N/5eXX3Qn6GwMFOupvj0WRGiT82bONAv8iZY9mHMw4q9J5Yjy1fPUlcg0pDo3ZteUOUop593YOtfsIMgGup+uIZbVp+IuIWYjkLSQecffWc=$KmhizmO2rsAku/cQd7t/yQ==
cf-chl-out-s: X1DM0i4y13P1E8nYEo87u1ertHuAN6c1hujaG/Ubhu+yhbFN3JHU6p8iNPsJgtg1qaU69g5xM6SNThY8pcMhJCzuRpqA/L65MDmy450xsAitBBzQWiZv69NTdiBGcjJyHKQYXKNm9mJB6IgYsJ9DJb7ews9n2ft/m/wm9MwmmkGmsR0uOZX+XxiSVljjCUmjfLFF61pyDB2f+johCXUEys5WgiNdsrN0F9ADn+3atqFO/M6Byibj91HhgjuCsn2c$Z845aGrOi6ArFWisJgGYYQ==
date: Mon, 28 Aug 2023 15:06:27 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=03SEwOaHVvYK4vI16wDntAo%2F%2Fql9nU2XpoCEzTXnrhKu0Xm81%2FjXEKQNSgtTJuLebDh0FNLdj3aeLwXVvjFTHHOQMx8f4cbVm2kUTDrc%2F5fAQeDQSs6JayXAGM7bQriqWsbTbrw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 7fdd75547a4339c6-YYZ
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.roccofortehotels.com/	1970-01-20 23:42:11	Name: AMCV_A5A8284A5B59C7380A495EF8%40AdobeOrg Value: MCMID%7C04317826142741463032712767795887603711
.roccofortehotels.com/	1969-12-31 23:59:59	Name: nlid Value: ea11a2e\|e54a0e3
.roccofortehotels.com/	1970-01-20 23:42:11	Name: nllastdelid Value: e54a0e3
securedocfille.com/	1970-01-20 14:20:38	Name: cf_chl_rc_m Value: 1

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://securedocfille.com/Mkerri.irvin-ross@mys.mb.ca Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://securedocfille.com/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://securedocfille.com/Mkerri.irvin-ross@mys.mb.ca Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://securedocfille.com/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
joethorn.ru.com
securedocfille.com
t.email.roccofortehotels.com
104.17.2.184
172.67.172.191
54.154.222.161
69.49.230.170
1ae488283b6cebf52b5bd97cd3dbe44e84ab7e87234525258a07e59a1904c2ed
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
3747eb088432c712d0fc540d3c670a44fb961f22d34332e77329efffdcb54a08
59c3a75265210134a49002af57c37a52b0b7a8c1022b645a0fbe290ca6c33c5a
6ab9da5bb78a10342efccd73e849b7b8d31be7c3e1c87cf924c2191be747f6b1
74574e2d510df1eaa6ae55ed10d47c378193e495bcc57d4826f34e39e2d9644f
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04
92cefd873feda547496b569ec49cc16ea82c1c28959c46bc8b096b57afe04be7
939fbdb4edcc99f3cdd5164feefaffb1a7c862f1a0cc1355bc49d93b144e8ee1
a6e37950f9c76a551ff3103c5cb8f8f7a92bc8052e398320c131f6c358254c48
ba6069c574f94c0eb8847c2b276b98bb3bf56a0ce6f8eed9d97200744cf1defc
c7db729775d2789c38b091a161d0e8ce65ab985fb1d76949cc1e77c38eb1fcf6
d392b8a27fcc85b9358ad052f4838db81cc5722495a07fb082ff37b95fd3af44
e2753b66daf2f4cdae4e00cffd2f39f1b2ef3da959a62c5d66f40a2cfea418d1
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

securedocfille.com Open in urlscan Pro 172.67.172.191 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

19 Requests

89 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

4 IPs

3 Countries

179 kBTransfer

443 kBSize

4 Cookies

1 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

4 Cookies

6 Console Messages

Indicators

securedocfille.com Open in urlscan Pro
172.67.172.191 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

89 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

179 kB
Transfer

443 kB
Size

4
Cookies

19 HTTP transactions
2 data transactions