harvadsteelsales.com Open in urlscan Pro
2606:4700:3033::6815:1ddc Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://iqconnect.lmhostediq.com/iqextranet/iqClickTrk.aspx?&cid=PA16LS&crop=0000.0000.0000.0000&report_id=&redirect=http%3A%2F%2...
Effective URL:
https://harvadsteelsales.com/life?email=SILENTCODERSEMAIL
Submission: On July 13 via manual (July 13th 2023, 3:20:40 pm UTC) from US — Scanned from DE

Summary HTTP 16 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 16 HTTP transactions. The main IP is 2606:4700:3033::6815:1ddc, located in United States and belongs to CLOUDFLARENET, US. The main domain is harvadsteelsales.com.
TLS certificate: Issued by E1 on July 8th 2023. Valid for: 3 months.

This is the only time harvadsteelsales.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	208.95.153.23 208.95.153.23	14492 (DATAPIPE) (DATAPIPE)
1	91.234.99.222 91.234.99.222	213058 (PIHL-AS) (PIHL-AS)
5	2606:4700:303... 2606:4700:3033::6815:1ddc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700::68... 2606:4700::6811:3b8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	4

1 208.95.153.23 (United States) 1 redirects

ASN14492 (DATAPIPE, US)
PTR: iqconnect.lmhostediq.com

iqconnect.lmhostediq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.234.99.222 (Belize)

ASN213058 (PIHL-AS, BZ)

silentcodersbanyakhuruf.hagencontractors.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3033::6815:1ddc (United States)

ASN13335 (CLOUDFLARENET, US)

harvadsteelsales.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6811:3b8 (United States)

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	cloudflare.com challenges.cloudflare.com — Cisco Umbrella Rank: 5263	139 KB
5	harvadsteelsales.com harvadsteelsales.com	78 KB
1	hagencontractors.com silentcodersbanyakhuruf.hagencontractors.com	261 B
1	lmhostediq.com 1 redirects iqconnect.lmhostediq.com — Cisco Umbrella Rank: 422708	733 B
16	4

	Domain	Requested by
7	challenges.cloudflare.com	harvadsteelsales.com challenges.cloudflare.com
5	harvadsteelsales.com	harvadsteelsales.com
1	silentcodersbanyakhuruf.hagencontractors.com
1	iqconnect.lmhostediq.com	1 redirects
16	4

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com

Subject Issuer	Validity	Valid
harvadsteelsales.com E1	`2023-07-08` - `2023-10-06`	3 months	crt.sh
challenges.cloudflare.com Cloudflare Inc ECC CA-3	`2022-09-18` - `2023-09-17`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://harvadsteelsales.com/life?email=SILENTCODERSEMAIL
Frame ID: E86F55102A26D2BC8A3157888F2A1D55
Requests: 9 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/bcmzv/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Frame ID: C58984495626055D3B2DAE9D6ECEEAF7
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Just a moment...

Page Statistics

16
Requests

75 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

218 kB
Transfer

490 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cloudflare.com/?utm_source=challenge&utm_campaign=l
Title: Cloudflare

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://iqconnect.lmhostediq.com/iqextranet/iqClickTrk.aspx?&cid=PA16LS&crop=0000.0000.0000.0000&report_id=&redirect=http%3A%2F%2FSILENTCODERSBANYAKHURUF.hagencontractors.com/K2intelligence/SILENTCODERSEMAIL HTTP 302
http://silentcodersbanyakhuruf.hagencontractors.com/K2intelligence/SILENTCODERSEMAIL

16 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

SILENTCODERSEMAIL Show response
silentcodersbanyakhuruf.hagencontractors.com/K2intelligence/
Redirect Chain

https://iqconnect.lmhostediq.com/iqextranet/iqClickTrk.aspx?&cid=PA16LS&crop=0000.0000.0000.0000&report_id=&redirect=http%3A%2F%2FSILENTCODERSBANYAKHURUF.hagencontractors.com/K2intelligence/SILENTC...
http://silentcodersbanyakhuruf.hagencontractors.com/K2intelligence/SILENTCODERSEMAIL

0
261 B

123ms
47ms

Document
text/html

91.234.99.222
PIHL-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://silentcodersbanyakhuruf.hagencontractors.com/K2intelligence/SILENTCODERSEMAIL
Protocol: HTTP/1.1
Server: 91.234.99.222 , Belize, ASN213058 (PIHL-AS, BZ),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Thu, 13 Jul 2023 15:20:35 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
refresh: 0;url=https://harvadsteelsales.com/life?email=SILENTCODERSEMAIL

Redirect headers

cache-control: private
content-length: 201
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://maps.googleapis.com/ https://maps.google.com/ https://www.google.com/ https://www.gstatic.com https://*.youtube.com https://*.google-analytics.com https://www.bing.com/ https://*.virtualearth.net/ https://js.arcgis.com/ https://*.lmhostediq.com/ https://*.lmhostediq.com:5000/ https://*.intranetquorum.com/ https://*.apps.leidos.com:9001 https://scontent.cdninstagram.com/ https://*.us.house.gov https://dap.digitalgov.gov
content-type: text/html; charset=utf-8
date: Thu, 13 Jul 2023 15:20:34 GMT
location: http://SILENTCODERSBANYAKHURUF.hagencontractors.com/K2intelligence/SILENTCODERSEMAIL
server: Microsoft-IIS/10.0
strict-transport-security: max-age=31536000; includeSubDomains; max-age=31536000
x-aspnet-version: 4.0.30319
x-content-type-options: nosniff
x-powered-by: ASP.NET
x-xss-protection: 1

GET
H2 403 Primary Request life Show response
harvadsteelsales.com/ 7 KB
5 KB 207ms
13ms Document
text/html 2606:4700:3033::6815:1ddc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://harvadsteelsales.com/life?email=SILENTCODERSEMAIL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:1ddc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6bdce3784a9929ca5d21a7857ad21d3f244ded039668ad39b6bc00d0631cf58

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://silentcodersbanyakhuruf.hagencontractors.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-bypass: 1
cf-mitigated: challenge
cf-ray: 7e6282c70d143668-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Thu, 13 Jul 2023 15:20:35 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oSeFQczWUfDF1LbUfazVJnFjlX%2F1PUa0QDoQuX%2FtnXwQpjXW6zBR1xyJ2VQUBeoPkdYnca3vg7%2FCL1ckqWM2Rd2DmQcZFCBJJQ3QzckgkXLulKfIfBWB64FTJCLJQSwdv8K7Si%2FIJz%2Fez2OVT5BoL0KTLg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 challenges.css
harvadsteelsales.com/cdn-cgi/styles/ 6 KB
3 KB 9ms
9ms Stylesheet
text/css 2606:4700:3033::6815:1ddc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://harvadsteelsales.com/cdn-cgi/styles/challenges.css

Requested by

Host: harvadsteelsales.com
URL: https://harvadsteelsales.com/life?email=SILENTCODERSEMAIL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:1ddc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://harvadsteelsales.com/life?email=SILENTCODERSEMAIL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 15:20:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 07 Jul 2023 15:32:00 GMT
server: cloudflare
etag: W/"64a82ff0-19c8"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 7e6282c74d543668-FRA
expires: Thu, 13 Jul 2023 17:20:35 GMT

GET
H3 200 v1 Show response
harvadsteelsales.com/cdn-cgi/challenge-platform/h/g/orchestrate/captcha/ 162 KB
57 KB 19ms
19ms Script
application/javascript 2606:4700:3033::6815:1ddc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://harvadsteelsales.com/cdn-cgi/challenge-platform/h/g/orchestrate/captcha/v1?ray=7e6282c70d143668
Requested by: Host: harvadsteelsales.com
URL: https://harvadsteelsales.com/life?email=SILENTCODERSEMAIL
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:1ddc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b99b99aa5b4f8731cbe7fe9bc5dfdff40171eab6ff2a308f1da02958170e15f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://harvadsteelsales.com/life?email=SILENTCODERSEMAIL&__cf_chl_rt_tk=mM4UC7_0vjRyB8NmunGXstmU6B5.2nBpmOjuLXzylCI-1689261635-0-gaNycGzNC1A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 15:20:35 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z0PDGEKofMUL6nkvQ%2FC2ZkbG9S%2BLzALyOcT6Pf9qMaJSRZYHlt2FgRS%2FwF1aHJNuyZtnet7gm3WfKIU57Sld11XJBSmJu%2Ft4ck0RLvma7JArt09g2hsh6TSSwQmT4tsjf4ZYO4CLXa7Z81VnyF0xY5HLFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
cf-ray: 7e6282c7690918d2-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 api.js Show response
challenges.cloudflare.com/turnstile/v0/g/f5fedcf7/ 21 KB
8 KB 64ms
26ms Script
application/javascript 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/g/f5fedcf7/api.js?onload=SP6&render=explicit
Requested by: Host: harvadsteelsales.com
URL: https://harvadsteelsales.com/cdn-cgi/challenge-platform/h/g/orchestrate/captcha/v1?ray=7e6282c70d143668
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 424e559af5e00bc52620121e3151801600218fbd7dcce105b5ed2838ae32758d

Request headers

Referer
Origin: https://harvadsteelsales.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 15:20:35 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7e6282c7fae237e8-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 403 favicon.ico
harvadsteelsales.com/ 6 KB
6 KB 13ms
13ms Image
text/html 2606:4700:3033::6815:1ddc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://harvadsteelsales.com/favicon.ico

Requested by

Host: harvadsteelsales.com
URL: https://harvadsteelsales.com/life?email=SILENTCODERSEMAIL

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:1ddc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ca7b9f215fc384df7a1ea33c635a823a44735997c4600e48812c414c99aa9b7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://harvadsteelsales.com/life?email=SILENTCODERSEMAIL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 15:20:35 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: same-origin
cf-mitigated: challenge
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ezay2xpKPd4%2Fxpb58DfZOPWHkC9bKByrZur%2FRzSNv%2Bk6JlzJWIT13n9oTOxLsaRu7MN9o6Xvf9oRImgBt7Fv0hQLqDaNNRuj00%2B4zfuNU6uqMpaRzByZEndOTqZXQBc5fAvqvOaja4zuzBBY9N15XmBlsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray: 7e6282c7b97818d2-FRA
cf-chl-bypass: 1
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
DATA 200
OK truncated
/ 586 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK d398a0b6-de5b-44f9-85f5-430db47b6f85
https://harvadsteelsales.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://harvadsteelsales.com/d398a0b6-de5b-44f9-85f5-430db47b6f85
Requested by: Host: harvadsteelsales.com
URL: https://harvadsteelsales.com/life?email=SILENTCODERSEMAIL
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://harvadsteelsales.com/life?email=SILENTCODERSEMAIL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

POST
H3 200 2124fe4c987d667 Show response
harvadsteelsales.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1069003978:1689257221:RpXVEkqZrFMC1DcpmMYFOKWgHjaOeznUl0LrxhhcjWk/7e6282c70d143668/ 9 KB
8 KB 28ms
27ms XHR
text/plain 2606:4700:3033::6815:1ddc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://harvadsteelsales.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1069003978:1689257221:RpXVEkqZrFMC1DcpmMYFOKWgHjaOeznUl0LrxhhcjWk/7e6282c70d143668/2124fe4c987d667
Requested by: Host: harvadsteelsales.com
URL: https://harvadsteelsales.com/cdn-cgi/challenge-platform/h/g/orchestrate/captcha/v1?ray=7e6282c70d143668
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:1ddc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80e61eec6a005113351266d44792b21d32afb1d2385a40ec007c13b1efc32b21

Request headers

Referer: https://harvadsteelsales.com/life?email=SILENTCODERSEMAIL
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
CF-Challenge: 2124fe4c987d667
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 13 Jul 2023 15:20:35 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z93r%2F%2BgekBOAx1Q4bb8M79toue9F6jd8WAMKhp9hEczvF8G2tjfaugBFmKhyIKHTMenAVHaZo5GFWKIQicUhELG%2B1N%2FzBKoAc0E%2BDaVFGm0axdNh0XcWp9itz06QJeMk96g4Yri0f6Su2A2i9xoPpiqmeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7e6282c86a8a18d2-FRA
alt-svc: h3=":443"; ma=86400
cf-chl-gen: IfvdVSAv+aou/daBiG12fR84x9ZHPWlSMeSvguyuGKYTjHUYRp3W5/7HzzqsZq3A$UWaAqMDMKuBkrbekjIUMkg==

GET
H3 200 normal Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/bcmzv/0x4AAAAAAAAjq6WYeRDKmebM/light/ Frame C589 24 KB
7 KB 34ms
18ms Document
text/html 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/bcmzv/0x4AAAAAAAAjq6WYeRDKmebM/light/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/f5fedcf7/api.js?onload=SP6&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b85cc7863fe337f99dcbc814673f762b66b4f30d8c44459e90463dc014b2c6

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, must-revalidate
cf-ray: 7e6282c8c82e4d44-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 15:20:35 GMT
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
H3 200 v1 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/ Frame C589 170 KB
59 KB 19ms
19ms Script
application/javascript 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7e6282c8c82e4d44
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/bcmzv/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 373e38e38c5fb9424cb3665a529d3ec42fd1c431b9c786dd13f4186739742491

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/bcmzv/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 15:20:36 GMT
cache-control: max-age=0, must-revalidate
content-encoding: br
server: cloudflare
cf-ray: 7e6282c918bc4d44-FRA
alt-svc: h3=":443"; ma=86400
content-type: application/javascript; charset=UTF-8

GET
BLOB 200
OK 1fb6239f-55b1-4438-8ea8-dc0a28f8af20
https://challenges.cloudflare.com/ Frame C589 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://challenges.cloudflare.com/1fb6239f-55b1-4438-8ea8-dc0a28f8af20
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/bcmzv/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

POST
H3 200 ef1ec7a7c2347e8 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/843266044:1689257295:3HWVaLMnmsb4v_Et4QGBQQxVbs2uFrVqWMitY5aItMc/7e6282c8c82e4d44/ Frame C589 69 KB
52 KB 51ms
50ms XHR
text/plain 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/843266044:1689257295:3HWVaLMnmsb4v_Et4QGBQQxVbs2uFrVqWMitY5aItMc/7e6282c8c82e4d44/ef1ec7a7c2347e8
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7e6282c8c82e4d44
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53a82246330028bff2cebb9bf10d70cbae3a31e5573b279319f73c32fd52daa2

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/bcmzv/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
CF-Challenge: ef1ec7a7c2347e8
Content-type: application/x-www-form-urlencoded

Response headers

cf-chl-gen: 9SHcnAnxgX7gxOarKUfGXw2kPkIAFftjP1PgMD3PQhlFkwvhuMs6RjrP54y8lG3tzSSrRAOGE/z/G7+D5WzhCEH70Gy8iBcST1VN9IUVLXkcfmOIhcOEBMok+0EOUsd8jY/xsYK8SW8XeJT2Eun5QuKMY6K25iu7eJzvgCoVEuA5NpvOQj1xf5UhAxXQo9GoUR1L6NydNxooocAf+lOh0ejMByx5s8j98Ejbd6h8j3y0//wTxUziZNwlZedHoJQK3Mf3NRgH62Gac+NL4poHziQuQcaFXshypMnVwmXlb8Hr0Qp66HRgisn2GVjQShnywubfEJJjAEBGUoVvdyITBw==$l9zqr2SGHStI1a7m+HCupA==
date: Thu, 13 Jul 2023 15:20:36 GMT
content-encoding: br
server: cloudflare
cf-ray: 7e6282ca19f54d44-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H3 200 OcdYdqFzjBhKVWw
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/7e6282c8c82e4d44/1689261636193/ Frame C589 61 B
147 B 15ms
15ms Image
image/png 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/7e6282c8c82e4d44/1689261636193/OcdYdqFzjBhKVWw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1dfedc8b3ca65cbc843b29e438adbd29161132c5bf3939229d3718453440de74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/bcmzv/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 15:20:36 GMT
server: cloudflare
cf-ray: 7e6282cc1c6e4d44-FRA
alt-svc: h3=":443"; ma=86400
content-type: image/png

GET
BLOB 200
OK 1ef61bd0-3fc6-4352-bfe0-aa933f70d185
https://challenges.cloudflare.com/ Frame C589 99 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://challenges.cloudflare.com/1ef61bd0-3fc6-4352-bfe0-aa933f70d185
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8da6995557d29a73fe50e281b1e09e241f0893b6b41ecf27702ba4f5c25c0194

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/bcmzv/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 99
Content-Type: text/javascript

GET
H3 401 qNvgBXX3aEOhIff Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7e6282c8c82e4d44/1689261636194/5bf59188303ce13abbc66a9ba0fd04e07b8ea63cf07556f9be6f46b6868bd0c2/ Frame C589 1 B
628 B 15ms
14ms Fetch
text/plain 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7e6282c8c82e4d44/1689261636194/5bf59188303ce13abbc66a9ba0fd04e07b8ea63cf07556f9be6f46b6868bd0c2/qNvgBXX3aEOhIff
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7e6282c8c82e4d44
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/bcmzv/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 15:20:36 GMT
www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gW_WRiDA84Tq7xmqboP0E4HuOpjzwdVb5vm9GtoaL0MIAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAud1722XPCRhYoOIgf36fG5iXSHxfxHUZKz73wnLpMfitU52MrdnNWcrUVkTbnKzyTm0Eu_xxsnRjrrlfx2IsTXnr-s9e4Pcc4HcvRmkMrw3XF39qe1KQIdVCNdNafkz1J0NrctkXi1FQqBHTVhXwGwC9x1OMaJtOuArK5reikVOEOgLbWuDDVKss9TLXqQd0QKZ3UYgzMOidVGZVWwLRZPtrpaduttH1XIUQsUYGRSQt1IHvLpdLLtAA_pm8eFdjSqYgDy2JHY6bJpQgMP2umteUDyWEme_zpnYdR3fNYKWlOYCDaqI0yUEt8n1t3xi5BDAJ6Negpkd6impWYjHWQQIDAQAB, max-age=20
server: cloudflare
cf-ray: 7e6282cdeeb94d44-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

POST
H3 200 ef1ec7a7c2347e8 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/843266044:1689257295:3HWVaLMnmsb4v_Et4QGBQQxVbs2uFrVqWMitY5aItMc/7e6282c8c82e4d44/ Frame C589 15 KB
11 KB 44ms
43ms XHR
text/plain 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/843266044:1689257295:3HWVaLMnmsb4v_Et4QGBQQxVbs2uFrVqWMitY5aItMc/7e6282c8c82e4d44/ef1ec7a7c2347e8
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7e6282c8c82e4d44
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff96bf1fb94666866d0cf192ef7dab9fb8bde44e50a1b718da484b122092aa1d

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/bcmzv/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
CF-Challenge: ef1ec7a7c2347e8
Content-type: application/x-www-form-urlencoded

Response headers

cf-chl-gen: DvCPWRib4vxtGBof6doae9uWMJWsrIs5V4B0C+FeWWo2c+gewnPuTPqIBDS4TIR0$1sWnckThNA5pwrwjbRXnkA==
date: Thu, 13 Jul 2023 15:20:36 GMT
content-encoding: br
server: cloudflare
cf-ray: 7e6282ce9f854d44-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			iqconnect.lmhostediq.com/	1969-12-31 23:59:59	Name: LMDSI_KSI Value: m4yqzb51uxvta0lo0timx0vr

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://harvadsteelsales.com/life?email=SILENTCODERSEMAIL Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://harvadsteelsales.com/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://challenges.cloudflare.com/turnstile/v0/g/f5fedcf7/api.js?onload=SP6&render=explicit Message: Unrecognized origin: 'fullscreen'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7e6282c8c82e4d44/1689261636194/5bf59188303ce13abbc66a9ba0fd04e07b8ea63cf07556f9be6f46b6868bd0c2/qNvgBXX3aEOhIff Message: Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
harvadsteelsales.com
iqconnect.lmhostediq.com
silentcodersbanyakhuruf.hagencontractors.com
208.95.153.23
2606:4700:3033::6815:1ddc
2606:4700::6811:3b8
91.234.99.222
0b99b99aa5b4f8731cbe7fe9bc5dfdff40171eab6ff2a308f1da02958170e15f
1ca7b9f215fc384df7a1ea33c635a823a44735997c4600e48812c414c99aa9b7
1dfedc8b3ca65cbc843b29e438adbd29161132c5bf3939229d3718453440de74
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
373e38e38c5fb9424cb3665a529d3ec42fd1c431b9c786dd13f4186739742491
424e559af5e00bc52620121e3151801600218fbd7dcce105b5ed2838ae32758d
53a82246330028bff2cebb9bf10d70cbae3a31e5573b279319f73c32fd52daa2
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
80e61eec6a005113351266d44792b21d32afb1d2385a40ec007c13b1efc32b21
8da6995557d29a73fe50e281b1e09e241f0893b6b41ecf27702ba4f5c25c0194
a6bdce3784a9929ca5d21a7857ad21d3f244ded039668ad39b6bc00d0631cf58
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b85cc7863fe337f99dcbc814673f762b66b4f30d8c44459e90463dc014b2c6
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa
ff96bf1fb94666866d0cf192ef7dab9fb8bde44e50a1b718da484b122092aa1d

harvadsteelsales.com Open in urlscan Pro 2606:4700:3033::6815:1ddc Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

16 Requests

75 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

218 kBTransfer

490 kBSize

1 Cookies

1 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

1 Cookies

6 Console Messages

Indicators

harvadsteelsales.com Open in urlscan Pro
2606:4700:3033::6815:1ddc Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

75 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

218 kB
Transfer

490 kB
Size

1
Cookies

16 HTTP transactions
1 data transactions