urlscan.io logo urlscan.io
SecurityTrails logo

secureheartland.org Open in urlscan Pro
2606:4700:3037::6815:4441  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://secureheartland.org/
Effective URL: https://secureheartland.org/
Submission: On October 04 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 16 HTTP transactions. The main IP is 2606:4700:3037::6815:4441, located in United States and belongs to CLOUDFLARENET, US. The main domain is secureheartland.org.
TLS certificate: Issued by WE1 on October 4th 2024. Valid for: 3 months.
This is the only time secureheartland.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

IP Address AS Autonomous System
2 17 2606:4700:303... 13335 (CLOUDFLAR...)
16 2
Apex Domain
Subdomains		 Transfer
17 secureheartland.org
secureheartland.org
51 KB
16 1
Domain Requested by
17 secureheartland.org 2 redirects secureheartland.org
16 1

This site contains no links.

Subject Issuer Validity Valid
secureheartland.org
WE1		 2024-10-04 -
2025-01-02		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://secureheartland.org/
Frame ID: 8B6A5A10A1C1DFE836044EDBA18F80DF
Requests: 12 HTTP requests in this frame

Frame: https://secureheartland.org/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js
Frame ID: 72AF889E08FF51F483FCE3990EB3D93B
Requests: 2 HTTP requests in this frame

Frame: https://secureheartland.org/cdn-cgi/challenge-platform/scripts/jsd/main.js
Frame ID: E2AF396A806CEFA8A12BA30503A5ED4A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

403 Forbidden

Page URL History Show full URLs

  1. http://secureheartland.org/ HTTP 307
    https://secureheartland.org/ Page URL
  2. https://secureheartland.org/cdn-cgi/phish-bypass?atok=l_4A_3O933tuKkgEF_h.BWHOs7k0xoJnrNWe.7JxkDs-172805... HTTP 301
    https://secureheartland.org/ Page URL
  3. https://secureheartland.org/ Page URL

Page Statistics

16
Requests

81 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

50 kB
Transfer

77 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://secureheartland.org/ HTTP 307
    https://secureheartland.org/ Page URL
  2. https://secureheartland.org/cdn-cgi/phish-bypass?atok=l_4A_3O933tuKkgEF_h.BWHOs7k0xoJnrNWe.7JxkDs-1728055637-0.0.1.1-%2F HTTP 301
    https://secureheartland.org/ Page URL
  3. https://secureheartland.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://secureheartland.org/ HTTP 307
  • https://secureheartland.org/
Request Chain 5
  • https://secureheartland.org/cdn-cgi/phish-bypass?atok=l_4A_3O933tuKkgEF_h.BWHOs7k0xoJnrNWe.7JxkDs-1728055637-0.0.1.1-%2F HTTP 301
  • https://secureheartland.org/
Request Chain 8
  • https://secureheartland.org/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://secureheartland.org/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
secureheartland.org/
Redirect Chain
  • http://secureheartland.org/
  • https://secureheartland.org/
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secureheartland.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4441 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
351cd188bf1a3d1130a661c1b832abcc9479fbc2a6c5aca9b87e5b531120258f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cf-ray
8cd631f6c9fc196c-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 04 Oct 2024 15:27:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8bnYVgELRecMRoIc4KUHJBbjnv0UpgO%2Fop3bl7OwDNnK18f7wnnQo%2FI3Cbc%2FeQNZ6PVUg3rK4I6kJAia7rVT1WsiEjS0dNGq4fA5IYZjhsuAFCEIs%2BsFsnRBJP7Kvr8SyXoUoDhcCEWvLQnBb%2BeH2yUT"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

Location
https://secureheartland.org/
Non-Authoritative-Reason
HttpsUpgrades
speculation
secureheartland.org/cdn-cgi/ 		128 B
580 B 		Other
General
Check archive.org
Download Go to
Full URL
https://secureheartland.org/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4441 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://secureheartland.org
Referer
https://secureheartland.org/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZviYdVpql7wf4UIypIy%2FLw5EXI9RhG5rgBmBGkPIRzL6%2Fn2zP3%2BdJSpnpf67ysKrOUuiEZtGFvFyd%2F8U%2F2kab3nVTNwF1ctZBMupfcFa9Z9wd3q%2BRy7cJZbX8yCdnppJ0itb6986ks6wUOCJd%2BoF4Yjh"}],"group":"cf-nel","max_age":604800}
cf-ray
8cd631f9ecc9196c-EWR
access-control-allow-origin
https://secureheartland.org
alt-svc
h3=":443"; ma=86400
content-length
128
date
Fri, 04 Oct 2024 15:27:18 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
cf.errors.css
secureheartland.org/cdn-cgi/styles/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secureheartland.org/cdn-cgi/styles/cf.errors.css
Requested by
Host: secureheartland.org
URL: https://secureheartland.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4441 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secureheartland.org/

Response headers

vary
Accept-Encoding
cache-control
max-age=7200, public
content-encoding
gzip
etag
W/"66fc0c07-5df3"
x-content-type-options
nosniff
cf-ray
8cd631f9ecca196c-EWR
expires
Fri, 04 Oct 2024 17:27:18 GMT
date
Fri, 04 Oct 2024 15:27:18 GMT
content-type
text/css
last-modified
Tue, 01 Oct 2024 14:49:43 GMT
server
cloudflare
x-frame-options
DENY
icon-exclamation.png
secureheartland.org/cdn-cgi/images/ 		452 B
634 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secureheartland.org/cdn-cgi/images/icon-exclamation.png?1376755637
Requested by
Host: secureheartland.org
URL: https://secureheartland.org/cdn-cgi/styles/cf.errors.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4441 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secureheartland.org/cdn-cgi/styles/cf.errors.css

Response headers

vary
Accept-Encoding
cache-control
max-age=7200, public
etag
"66fc0c07-1c4"
x-content-type-options
nosniff
cf-ray
8cd631fdb857196c-EWR
expires
Fri, 04 Oct 2024 17:27:18 GMT
accept-ranges
bytes
content-length
452
date
Fri, 04 Oct 2024 15:27:18 GMT
content-type
image/png
last-modified
Tue, 01 Oct 2024 14:49:43 GMT
server
cloudflare
x-frame-options
DENY
favicon.ico
secureheartland.org/ 		6 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://secureheartland.org/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4441 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e66c6c25e7518b244703ec3e55ceabda413bac788e521685d73fc336ae7d78d
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secureheartland.org/

Response headers

cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k0RhB%2BBXCcVQmM0kLy93wBESYqrQl%2BD5XEJ3DUThfGER2gVMz8U3EdCsklbUl9QiUMI725e0AsRP7AhzS%2FxOgznl2wNBuKRrh4JI9q2eAMmvpTqYmqWVNF2DLVcq9K9p9DmmZb5vOiDyPIB%2Bl%2BNp7FRt"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff, nosniff
expires
0
alt-svc
h3=":443"; ma=86400
date
Fri, 04 Oct 2024 15:27:19 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
speculation-rules
"/cdn-cgi/speculation"
cf-ray
8cd63200cb68196c-EWR
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
/
secureheartland.org/
Redirect Chain
  • https://secureheartland.org/cdn-cgi/phish-bypass?atok=l_4A_3O933tuKkgEF_h.BWHOs7k0xoJnrNWe.7JxkDs-1728055637-0.0.1.1-%2F
  • https://secureheartland.org/
7 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secureheartland.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4441 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
062fe106970906a5d2ba22e9a1686f99372926e7c8c24b3bea4bcc9a3d07a5b1
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Referer
https://secureheartland.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
8cd632149e8c196c-EWR
content-type
text/html; charset=utf-8
date
Fri, 04 Oct 2024 15:27:22 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cWWiHwnOMtMPk8SRyxDELjhAhij1ogyytUQPs7evs4dm3h5iMd47%2BJX8QSitbH8OZyXFd%2B7jbWHxwXqipK0HNxy4ng1pIuSfBqbKEiHiqcaEqZTijrUIlbi7BSj72OapSqJSRsPK8pLfZqdA82JzfJ42"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block 1; mode=block

Redirect headers

cache-control
private, no-cache
cf-ray
8cd63213cdb4196c-EWR
content-length
167
content-type
text/html
date
Fri, 04 Oct 2024 15:27:22 GMT
location
https://secureheartland.org/
server
cloudflare
x-content-type-options
nosniff
x-frame-options
DENY
speculation
secureheartland.org/cdn-cgi/ 		128 B
553 B 		Other
General
Check archive.org
Download Go to
Full URL
https://secureheartland.org/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4441 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://secureheartland.org
Referer
https://secureheartland.org/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HnNKrq6KpGn4tpJVjOzADOtaMMdDb%2FlWx2aCcO4zOoXKqaCtjgPWb6VJXQwKKrqgjV68NJAXdNAQbClrLZeFGoCRcF1tFi1s%2Fc9iJ1AUXG1BaNt1xIO31dFi%2BuKiRAZ4hidD0a7Ntlix6DpLDttb9sId"}],"group":"cf-nel","max_age":604800}
cf-ray
8cd63217895d196c-EWR
access-control-allow-origin
https://secureheartland.org
content-length
128
date
Fri, 04 Oct 2024 15:27:22 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
/
secureheartland.org/ 		0
905 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secureheartland.org/
Requested by
Host: secureheartland.org
URL: https://secureheartland.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4441 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

X-Requested-TimeStamp-Combination
W3iur6QvvANStG7FC0MM57PH0o
iI6dyskjTBMOXM1qP6wMlByIIEc
Referer
https://secureheartland.org/
X-Requested-TimeStamp
X-Requested-Type-Combination
GET
X6EPGxj2Yv-avjtGOkonqUjl8g
23343027
X-Requested-with
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
X-Requested-Type
GET
Content-type
application/x-www-form-urlencoded
X-Requested-TimeStamp-Expire

Response headers

cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BWayPym8bZvIsYrP6dNYIxeL%2BJmtkpDMCWgfD1u%2Bz5E%2BXg3uQGpxFk3V%2B7hgj%2FkZu0pWIOuuL3X68VKaiEw6mnaR4tYSrA3U2Ii2SQzk39UtNrEA67G7GW9%2FXLmSB3P0wDxD2e8vktA1SqC7rQfJ5Z%2Bl"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff, nosniff
cf-ray
8cd63218ba69196c-EWR
expires
0
date
Fri, 04 Oct 2024 15:27:23 GMT
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN
main.js
secureheartland.org/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/ Frame 72AF
Redirect Chain
  • https://secureheartland.org/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://secureheartland.org/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secureheartland.org/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?
Protocol
H3
Server
2606:4700:3037::6815:4441 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xeb1N6JADNpBezLuLqS9ZyD%2B0K6j%2FK2fpZnlODuVWSAaa1HYd4kDtLSFl8PVdXoFjVglAVgzf7FSqPld1ltpj49zjyu81pRlU7YeqhQs1A%2FonE1cafVKkwP5izFE2wig9fGDqKx36OkR9jvkZGUUbjVp"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8cd6321a0bcb196c-EWR
date
Fri, 04 Oct 2024 15:27:23 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8O%2BfcoM1rX2MvnrbpeNvfChqUQ2KDnkgJgh6SJL5TEAqJrflbZs7vQfyXIVqDk7hHP2YRAPFz5OOed4TlUim3pWeIZoUtbS%2B9eydNNSoC7ewNr6jRNRLLKQTXfoPQNrS3alNJ3Xwe%2Fsp4NLgKNlxiNXE"}],"group":"cf-nel","max_age":604800}
cf-ray
8cd63218ba6b196c-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 04 Oct 2024 15:27:23 GMT
vary
Accept-Encoding
server
cloudflare
favicon.ico
secureheartland.org/ 		18 KB
19 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://secureheartland.org/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4441 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secureheartland.org/

Response headers

cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
pragma
no-cache
speculation-rules
"/cdn-cgi/speculation"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7HBRY15j2xxtMads54J52nc5%2F42EZ43%2BUZH3C5t0ivOm7ik40SXBWP3ZetsA%2F5HFyRpaFnk2omYnXu%2FrLQRnEudW%2FKg5nqNQ1ga08hzIinloxS8EFnrLJdsShGaGB32N9V%2FRksLdeS53eQG41XrK%2F6L8"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff, nosniff
cf-ray
8cd632193af3196c-EWR
expires
0
date
Fri, 04 Oct 2024 15:27:23 GMT
x-xss-protection
1; mode=block, 1; mode=block
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
Primary Request /
secureheartland.org/ 		1 KB
972 B 		Document
General
Check archive.org
Download Go to
Full URL
https://secureheartland.org/
Requested by
Host: secureheartland.org
URL: https://secureheartland.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4441 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae7e373d4f7a2928ae5d44bdd8c0ee52b98ef551527f79e24ff610908e24799f
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Referer
https://secureheartland.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8cd6321adcd5196c-EWR
content-encoding
br
content-type
text/html
date
Fri, 04 Oct 2024 15:27:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xp5kVtr%2ByEFuEjilm7VwfkguQAoVogHkSyLARGvOuDghEl3WdQBdKNFrwFyb63dGHgADJNpyAEfhr%2BXJXL3uRD0rFgcJDUM9RXQ0N7Sqe%2BFPpzO4C5JRgox22fvXHEo%2FffEU5J2WtE4O%2FbAE%2BkoYsKwP"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-xss-protection
1; mode=block 1; mode=block
8cd632149e8c196c
secureheartland.org/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 72AF 		0
0
speculation
secureheartland.org/cdn-cgi/ 		128 B
558 B 		Other
General
Check archive.org
Download Go to
Full URL
https://secureheartland.org/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4441 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://secureheartland.org
Referer
https://secureheartland.org/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rE%2Fa8dtK4dWXhTdoRMEkxcmFVvsjL51d8g63Nx4forKfFNw%2BxaNkYQ5mOeiWKm7Rfo%2F9psil7efNOmfNdK2zrKUqBk2pt6YRYDpf5O2VNr4GXZkiILL%2ByKiGDpkjSMcwJfN57YzFs0UxgQJI%2BaaXwCCJ"}],"group":"cf-nel","max_age":604800}
cf-ray
8cd6321d1f45196c-EWR
access-control-allow-origin
https://secureheartland.org
content-length
128
date
Fri, 04 Oct 2024 15:27:23 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
main.js
secureheartland.org/cdn-cgi/challenge-platform/scripts/jsd/ Frame E2AF 		8 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://secureheartland.org/cdn-cgi/challenge-platform/scripts/jsd/main.js
Requested by
Host: secureheartland.org
URL: https://secureheartland.org/
Protocol
H3
Server
2606:4700:3037::6815:4441 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae9195a3c64685df26fc7dd2624a858f1643218e4a5ab279ee09e6dfbfd32ec8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xeb1N6JADNpBezLuLqS9ZyD%2B0K6j%2FK2fpZnlODuVWSAaa1HYd4kDtLSFl8PVdXoFjVglAVgzf7FSqPld1ltpj49zjyu81pRlU7YeqhQs1A%2FonE1cafVKkwP5izFE2wig9fGDqKx36OkR9jvkZGUUbjVp"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8cd6321a0bcb196c-EWR
date
Fri, 04 Oct 2024 15:27:23 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
8cd6321adcd5196c
secureheartland.org/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame E2AF 		0
925 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secureheartland.org/cdn-cgi/challenge-platform/h/g/jsd/r/8cd6321adcd5196c
Requested by
Host: secureheartland.org
URL: https://secureheartland.org/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4441 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

cf-ray
8cd6321e3855196c-EWR
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
0
date
Fri, 04 Oct 2024 15:27:23 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UM6Mh0DE8xWZPLOGAmOv1MgavYc5oMXH6%2BMsiLA2Ot7O9mBu7gUEgXkVA%2BeJ9b6N8HV%2Boky3iqF73exptaWBWfuozMQ2E8Sp3%2Bmu3f43n5JlG%2BoZNHIJRVtHDG0h1JVKvNBsHUtRG%2FNv7WNZTKywlKxv"}],"group":"cf-nel","max_age":604800}
favicon.ico
secureheartland.org/ 		548 B
660 B 		Other
General
Check archive.org
Download Go to
Full URL
https://secureheartland.org/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4441 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25fb23868ebf48348f9e438e00cb9b9d9b3a054f32482a781c762cc4f9cc6393
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secureheartland.org/

Response headers

cache-control
public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
pragma
public
speculation-rules
"/cdn-cgi/speculation"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yzSw4%2FENXQiJI%2Fkt%2BC4vR8xc6fkMZVuqG8AfkSKvu4ZV4AmZ9VKW9MiLaXTudLo2%2BWSrjRcmnhBFlCpNHfC6pY5PBUNZ3o%2BdxGwUrbwTVLelLSj5chlQngc9okwq3pLJRWAfyEhaV8GQBN%2FlOaFUAzN7"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff, nosniff
cf-ray
8cd6321e385c196c-EWR
date
Fri, 04 Oct 2024 15:27:24 GMT
x-xss-protection
1; mode=block, 1; mode=block
content-type
text/html
vary
Accept-Encoding
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
secureheartland.org
URL
https://secureheartland.org/cdn-cgi/challenge-platform/h/g/jsd/r/8cd632149e8c196c

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

17 Cookies

Domain/Path Name / Value
secureheartland.org/ Name: Tcgq1XZRrDAyBySH5qLKD_S6YRw
Value: qhOSHwj_kn1l9aEC4VrB8jYQYhQ
secureheartland.org/ Name: HGKUlQkNA-YaC9NYNLTGFv7fkv0
Value: 1728055630
secureheartland.org/ Name: ECL4G4qB-3ACUurWEYiJE4nHU7w
Value: 1728142030
secureheartland.org/ Name: wkNtxd1Lfg5zl_1jfwizlYmvfQ0
Value: baQEELaVtbXMCEelBAhyrNzhkGk
secureheartland.org/ Name: yZVuC2sOQnLKFbdVsdG_SOdNoIc
Value: G9CK_iTtBhejTLRoBeoVQVhrUkc
.secureheartland.org/ Name: __cf_mw_byp
Value: l_4A_3O933tuKkgEF_h.BWHOs7k0xoJnrNWe.7JxkDs-1728055637-0.0.1.1-/
secureheartland.org/ Name: -obfPTwO1Fg82KE9D_prLS4GKpk
Value: Hzio8F6hJBUXfba5JmoyWnWwx5c
secureheartland.org/ Name: pbt_yHdc3skEWxY6mMeYX9uofFI
Value: 1728055641
secureheartland.org/ Name: DYNMekeIb3_6du4K-31HAtohuRc
Value: 1728142041
secureheartland.org/ Name: O3iPKctu4pISE8eLWYeRFJ85BCs
Value: thlsAxiE9ve-edm7v6-a-iQqbPI
secureheartland.org/ Name: fkTegzxp-gGPi7nuNF5V4fMkCY4
Value: z0YXQOlAZKh57FFMlsgbxhdP23I
secureheartland.org/ Name: 09PrcvfaP7br9QnSFph7bFnC9-o
Value: cHtpQMiy4f2v1WctU8IOVvooiBI
secureheartland.org/ Name: MBVC6wsyYE4XiwP_LOGtkuliZpE
Value: 1728055643
secureheartland.org/ Name: 76oZWflenxF8skCingxtXLbMrzs
Value: 1728142043
secureheartland.org/ Name: UpBnBGrDSHemRa6wKBMFXcO2TY8
Value: TYZBd3NhvwR0STIQvdVxsgXk9Xg
secureheartland.org/ Name: ZqEv2-YKQbKsejr3REj3Eu1sXaU
Value: kfiIwBc4IGESzVyv-PwdXDsKy_E
.secureheartland.org/ Name: cf_clearance
Value: TuRU.xwb9jGmWzNa9ud6DnjFyGI00syW4LRzGXXnXjk-1728055643-1.2.1.1-q5NlWMHmCq3Y1P0tUli6Bmo7_TBeHMPTeoJNYswddIRkGd_9fHo8V2i7HsozK_pakF4SfX_mtHalGaklEj39BzA_oLCFKV6xX690eoqFWLWGdeuc.pI1MV8ZodHnM0IigaYZC12kMC.VNySThcgKKUT9QV1mYFn3HxdeccbRUXgmtljdgokc8Z.555PMYdVLqMfOOzXfskJzIOiyrLfO0T2A_gONpYJBMnAvJ8j7hZnZ0WJE5fb82N5pWhWapOx5Y5FWOeBoeV3JdS0H.tBSy6zMfPMS6reJvScMsxZjjojb8i3fRkb9EYXtBHslM.6lCQuRPwoLpnnBLEqXu8Zh1Oe1tY4o4cXvH6drrTz5U9r9DP5zG61cBT97GJ1sdw_b

5 Console Messages

Source Level URL
Text
network error URL: https://secureheartland.org/favicon.ico
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://secureheartland.org/
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://secureheartland.org/favicon.ico
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://secureheartland.org/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://secureheartland.org/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN