harvadsteelsales.com Open in urlscan Pro
2606:4700:3033::6815:1ddc Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://iqconnect.lmhostediq.com/iqextranet/iqClickTrk.aspx?&cid=PA16LS&crop=0000.0000.0000.0000&report_id=&redirect=http%3A%2F%2...
Effective URL:
https://harvadsteelsales.com/life?email=SILENTCODERSEMAIL
Submission: On July 13 via manual (July 13th 2023, 4:33:12 pm UTC) from IN — Scanned from DE

Summary HTTP 16 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 16 HTTP transactions. The main IP is 2606:4700:3033::6815:1ddc, located in United States and belongs to CLOUDFLARENET, US. The main domain is harvadsteelsales.com.
TLS certificate: Issued by E1 on July 8th 2023. Valid for: 3 months.

This is the only time harvadsteelsales.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	208.95.153.23 208.95.153.23	14492 (DATAPIPE) (DATAPIPE)
1	91.234.99.222 91.234.99.222	213058 (PIHL-AS) (PIHL-AS)
5	2606:4700:303... 2606:4700:3033::6815:1ddc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700::68... 2606:4700::6811:2b8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	4

1 208.95.153.23 (United States) 1 redirects

ASN14492 (DATAPIPE, US)
PTR: iqconnect.lmhostediq.com

iqconnect.lmhostediq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.234.99.222 (Belize)

ASN213058 (PIHL-AS, BZ)

silentcodersbanyakhuruf.hagencontractors.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3033::6815:1ddc (United States)

ASN13335 (CLOUDFLARENET, US)

harvadsteelsales.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6811:2b8 (United States)

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	cloudflare.com challenges.cloudflare.com — Cisco Umbrella Rank: 5263	184 KB
5	harvadsteelsales.com harvadsteelsales.com	81 KB
1	hagencontractors.com silentcodersbanyakhuruf.hagencontractors.com	261 B
1	lmhostediq.com 1 redirects iqconnect.lmhostediq.com — Cisco Umbrella Rank: 422708	730 B
16	4

	Domain	Requested by
7	challenges.cloudflare.com	harvadsteelsales.com challenges.cloudflare.com
5	harvadsteelsales.com	harvadsteelsales.com
1	silentcodersbanyakhuruf.hagencontractors.com
1	iqconnect.lmhostediq.com	1 redirects
16	4

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com

Subject Issuer	Validity	Valid
harvadsteelsales.com E1	`2023-07-08` - `2023-10-06`	3 months	crt.sh
challenges.cloudflare.com Cloudflare Inc ECC CA-3	`2022-09-18` - `2023-09-17`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://harvadsteelsales.com/life?email=SILENTCODERSEMAIL
Frame ID: D4A213329A817B37A052BE716D34D6E7
Requests: 9 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/m25kc/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Frame ID: 4772BAFEE316438509C8EC8D5C88F1A8
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Just a moment...

Page Statistics

16
Requests

75 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

264 kB
Transfer

554 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cloudflare.com/?utm_source=challenge&utm_campaign=l
Title: Cloudflare

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://iqconnect.lmhostediq.com/iqextranet/iqClickTrk.aspx?&cid=PA16LS&crop=0000.0000.0000.0000&report_id=&redirect=http%3A%2F%2FSILENTCODERSBANYAKHURUF.hagencontractors.com/Chobani/SILENTCODERSEMAIL HTTP 302
http://silentcodersbanyakhuruf.hagencontractors.com/Chobani/SILENTCODERSEMAIL

16 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

SILENTCODERSEMAIL Show response
silentcodersbanyakhuruf.hagencontractors.com/Chobani/
Redirect Chain

https://iqconnect.lmhostediq.com/iqextranet/iqClickTrk.aspx?&cid=PA16LS&crop=0000.0000.0000.0000&report_id=&redirect=http%3A%2F%2FSILENTCODERSBANYAKHURUF.hagencontractors.com/Chobani/SILENTCODERSEMAIL
http://silentcodersbanyakhuruf.hagencontractors.com/Chobani/SILENTCODERSEMAIL

0
261 B

183ms
93ms

Document
text/html

91.234.99.222
PIHL-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://silentcodersbanyakhuruf.hagencontractors.com/Chobani/SILENTCODERSEMAIL
Protocol: HTTP/1.1
Server: 91.234.99.222 , Belize, ASN213058 (PIHL-AS, BZ),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Thu, 13 Jul 2023 16:33:08 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
refresh: 0;url=https://harvadsteelsales.com/life?email=SILENTCODERSEMAIL

Redirect headers

cache-control: private
content-length: 194
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://maps.googleapis.com/ https://maps.google.com/ https://www.google.com/ https://www.gstatic.com https://*.youtube.com https://*.google-analytics.com https://www.bing.com/ https://*.virtualearth.net/ https://js.arcgis.com/ https://*.lmhostediq.com/ https://*.lmhostediq.com:5000/ https://*.intranetquorum.com/ https://*.apps.leidos.com:9001 https://scontent.cdninstagram.com/ https://*.us.house.gov https://dap.digitalgov.gov
content-type: text/html; charset=utf-8
date: Thu, 13 Jul 2023 16:33:07 GMT
location: http://SILENTCODERSBANYAKHURUF.hagencontractors.com/Chobani/SILENTCODERSEMAIL
server: Microsoft-IIS/10.0
strict-transport-security: max-age=31536000; includeSubDomains; max-age=31536000
x-aspnet-version: 4.0.30319
x-content-type-options: nosniff
x-powered-by: ASP.NET
x-xss-protection: 1

GET
H2 403 Primary Request life Show response
harvadsteelsales.com/ 7 KB
5 KB 170ms
49ms Document
text/html 2606:4700:3033::6815:1ddc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://harvadsteelsales.com/life?email=SILENTCODERSEMAIL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:1ddc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6aa4f9987b24d0248ffe7484706febe1b1177edd85697c725e73221fb42eb4f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://silentcodersbanyakhuruf.hagencontractors.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-bypass: 1
cf-mitigated: challenge
cf-ray: 7e62ed0aede52bca-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Thu, 13 Jul 2023 16:33:08 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lRV%2F3vgi6kzsZvmcXWXj3CdueM0hVp5B7QPewn2e8XSlglTOzzaVskSJYxVorjmAannqyrQJxRfl1i2UHN3Hltc4aKjn0%2BRiulLIiXjtAD3e7hYBG54HL15x4gzXjFWu%2FPuWlEIA%2BNOnZUz8Q3bsrFTWYw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 challenges.css
harvadsteelsales.com/cdn-cgi/styles/ 6 KB
3 KB 42ms
41ms Stylesheet
text/css 2606:4700:3033::6815:1ddc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://harvadsteelsales.com/cdn-cgi/styles/challenges.css

Requested by

Host: harvadsteelsales.com
URL: https://harvadsteelsales.com/life?email=SILENTCODERSEMAIL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:1ddc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://harvadsteelsales.com/life?email=SILENTCODERSEMAIL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 16:33:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 11 Jul 2023 16:27:41 GMT
server: cloudflare
etag: W/"64ad82fd-19c8"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 7e62ed0b5e632bca-FRA
expires: Thu, 13 Jul 2023 18:33:08 GMT

GET
H2 200 v1 Show response
harvadsteelsales.com/cdn-cgi/challenge-platform/h/g/orchestrate/captcha/ 166 KB
59 KB 50ms
50ms Script
application/javascript 2606:4700:3033::6815:1ddc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://harvadsteelsales.com/cdn-cgi/challenge-platform/h/g/orchestrate/captcha/v1?ray=7e62ed0aede52bca
Requested by: Host: harvadsteelsales.com
URL: https://harvadsteelsales.com/life?email=SILENTCODERSEMAIL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:1ddc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e837d19f4da1a818089e3f9f50e3b486c5b13a560d46d65a8cbf26e7b36353f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://harvadsteelsales.com/life?email=SILENTCODERSEMAIL&__cf_chl_rt_tk=WzrKGBqwsmVnl6Opr9CtQHed1gPL9KgvAodV0QGf9gU-1689265988-0-gaNycGzNCzs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 16:33:08 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IeHBKaFWNzEpTrEgvPhFWciWoWJ7uLA7Ly5iMzRC30P5cQ8NI4EEd2em3yRWyJjvxFsXY1C%2FBxNhxGSdVcnTia8GtjuaDtXlrDX3trOTt%2Blpy%2FDgOqz5Su2r0FgIrm3fvxKYguiB5B5OmNRRIYXiDytxug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
cf-ray: 7e62ed0b9ee52bca-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 api.js Show response
challenges.cloudflare.com/turnstile/v0/g/f5fedcf7/ 21 KB
8 KB 198ms
103ms Script
application/javascript 2606:4700::6811:2b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/g/f5fedcf7/api.js?onload=SP6&render=explicit
Requested by: Host: harvadsteelsales.com
URL: https://harvadsteelsales.com/cdn-cgi/challenge-platform/h/g/orchestrate/captcha/v1?ray=7e62ed0aede52bca
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 424e559af5e00bc52620121e3151801600218fbd7dcce105b5ed2838ae32758d

Request headers

Referer
Origin: https://harvadsteelsales.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 16:33:08 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7e62ed0cded0383e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 403 favicon.ico
harvadsteelsales.com/ 7 KB
7 KB 45ms
45ms Image
text/html 2606:4700:3033::6815:1ddc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://harvadsteelsales.com/favicon.ico

Requested by

Host: harvadsteelsales.com
URL: https://harvadsteelsales.com/life?email=SILENTCODERSEMAIL

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:1ddc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eae68f86d174bf65e197266797d4def7581da2ce934b79e4013fee10198f21b4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://harvadsteelsales.com/life?email=SILENTCODERSEMAIL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 16:33:08 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: same-origin
cf-mitigated: challenge
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pLIG%2F6nFkClkkBIKdMZeGbMqppNwOewk3uopfySSnbq7T96ZiR8z%2BId9WoIhgXgbaVq4uWstlw%2FmeHVBncutm7U2OnTw4VbqPxoWngNTD74s35GdWLk1i5uGjDrXMKZ2jwMe8%2FNJ1fDjjXa6JxViIhhtBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray: 7e62ed0c393e18f3-FRA
cf-chl-bypass: 1
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
DATA 200
OK truncated
/ 586 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK bbde8cfd-3074-4b21-8014-36bb027620d4
https://harvadsteelsales.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://harvadsteelsales.com/bbde8cfd-3074-4b21-8014-36bb027620d4
Requested by: Host: harvadsteelsales.com
URL: https://harvadsteelsales.com/life?email=SILENTCODERSEMAIL
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://harvadsteelsales.com/life?email=SILENTCODERSEMAIL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

POST
H3 200 8c737191eaa71b0 Show response
harvadsteelsales.com/cdn-cgi/challenge-platform/h/g/flow/ov1/2019780897:1689264411:PqyOiELh2k8QNpWOGKwVQjnYrJM7jsconGesOXssNXA/7e62ed0aede52bca/ 9 KB
8 KB 55ms
55ms XHR
text/plain 2606:4700:3033::6815:1ddc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://harvadsteelsales.com/cdn-cgi/challenge-platform/h/g/flow/ov1/2019780897:1689264411:PqyOiELh2k8QNpWOGKwVQjnYrJM7jsconGesOXssNXA/7e62ed0aede52bca/8c737191eaa71b0
Requested by: Host: harvadsteelsales.com
URL: https://harvadsteelsales.com/cdn-cgi/challenge-platform/h/g/orchestrate/captcha/v1?ray=7e62ed0aede52bca
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:1ddc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4138774e0fb90a31682ddafe9d871532688e540d96bd905d5804f10d9c48c4c

Request headers

Referer: https://harvadsteelsales.com/life?email=SILENTCODERSEMAIL
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
CF-Challenge: 8c737191eaa71b0
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 13 Jul 2023 16:33:08 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ic%2BZ6Bxh%2Fx6gaWfB1oeD9rzgE72gNrZU%2FLjKTqPtmMoD55%2B6FgDpdg%2B3Sl73xj0JrSTMBUveUJ1RCwbOX6sF1cNZ5Po2INWw3%2F5h1WIQwfiwvBcQvSvzS2bD3opcgwdtD97Bo1DF2UCd%2BgqZLnvAprTwCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7e62ed0cea1918f3-FRA
alt-svc: h3=":443"; ma=86400
cf-chl-gen: y5eON5CxTHJpZf13HC1Lc4VtLDcEbU4lIHV2t4ewfZnc/bG67D0LVlMykQgysZ6B$TWNr6o0IcdDnSphxBV+fnA==

GET
H3 200 normal Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/m25kc/0x4AAAAAAAAjq6WYeRDKmebM/light/ Frame 4772 24 KB
7 KB 116ms
63ms Document
text/html 2606:4700::6811:2b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/m25kc/0x4AAAAAAAAjq6WYeRDKmebM/light/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/f5fedcf7/api.js?onload=SP6&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cefd83e321793158ff145faa075be70fad712ba09563a0328a2f058a76c16a7e

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, must-revalidate
cf-ray: 7e62ed0de9959bd0-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 16:33:08 GMT
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
H3 200 v1 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/ Frame 4772 167 KB
58 KB 50ms
50ms Script
application/javascript 2606:4700::6811:2b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7e62ed0de9959bd0
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/m25kc/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4846ae70dc53eaa83819b1143631594b96e81b5a8b79c63cc71f403716d6b6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/m25kc/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 16:33:08 GMT
cache-control: max-age=0, must-revalidate
content-encoding: br
server: cloudflare
cf-ray: 7e62ed0e8ab89bd0-FRA
alt-svc: h3=":443"; ma=86400
content-type: application/javascript; charset=UTF-8

GET
BLOB 200
OK 1739b2c1-a1ba-4282-910c-3aeb62454aab
https://challenges.cloudflare.com/ Frame 4772 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://challenges.cloudflare.com/1739b2c1-a1ba-4282-910c-3aeb62454aab
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/m25kc/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

POST
H3 200 4d86c84dbcd1da2 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1417537675:1689264600:o8W4H9jg8RU2TnuKgxk2_GmFXoaXZhKLWGz1ZBoS1UU/7e62ed0de9959bd0/ Frame 4772 131 KB
99 KB 112ms
111ms XHR
text/plain 2606:4700::6811:2b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1417537675:1689264600:o8W4H9jg8RU2TnuKgxk2_GmFXoaXZhKLWGz1ZBoS1UU/7e62ed0de9959bd0/4d86c84dbcd1da2
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7e62ed0de9959bd0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d1d9c27d1cf1e5f9e547c9a6a8781903f0cba78d75de6bf7905724c0b981e48

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/m25kc/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
CF-Challenge: 4d86c84dbcd1da2
Content-type: application/x-www-form-urlencoded

Response headers

cf-chl-gen: foj2uRtKJWfMde6CvjUYl2wQNZz6R3tw6ORulBpIdN9AmZPRVryk+HdFssmbvDMQwQdLVO4PHA64TEXKd9NqdZPArU0xb6SGCybtqwqio4w7a8EQboMLUvInijJarvRQHjQ5Ed1hkv4Cjj7IjxEfq0h/WOB0P7nXLsGqL1IdfqnFqXXRg7MKmUw6PlFHH6lJaXaMvMzFCyMXhG0E/FUHIK46a8q5w7yvEd8rD9fTrixYNtb7p7WeghkMiAt7h1+reTV3R7Od17fL36edNd/U3Y/mKhwuWYz+349NpXlJlBI+c045o0NhAXnX299dxX2PfD1lK6n3hy2W2Z12EjTH8cX69jPu/kZ29nlQ2NsT+0X9AvJS9xqVn8UasqHuQ6HcunkwLJw/CHLWGLYffZ0PHDQ7ec1kf4VXApAyROJL7V6cprm674b701kiwQSaZZ3elDpSIpUEqT55UKycjJXe+A==$qb7SM0bpXSVPo2S8EvJpDA==
date: Thu, 13 Jul 2023 16:33:09 GMT
content-encoding: br
server: cloudflare
cf-ray: 7e62ed101ca79bd0-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
BLOB 200
OK fad9000b-5027-45fb-a558-e8b3d34f350f
https://challenges.cloudflare.com/ Frame 4772 99 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://challenges.cloudflare.com/fad9000b-5027-45fb-a558-e8b3d34f350f
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8da6995557d29a73fe50e281b1e09e241f0893b6b41ecf27702ba4f5c25c0194

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/m25kc/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 99
Content-Type: text/javascript

GET
H3 200 lQz025KX-blBTbq
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/7e62ed0de9959bd0/1689265989154/ Frame 4772 61 B
148 B 48ms
47ms Image
image/png 2606:4700::6811:2b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/7e62ed0de9959bd0/1689265989154/lQz025KX-blBTbq
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5406604c441fe554f0543440a0a3d0bf385bdc286ac4879e82592598afaa9087

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/m25kc/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 16:33:09 GMT
server: cloudflare
cf-ray: 7e62ed153ad89bd0-FRA
alt-svc: h3=":443"; ma=86400
content-type: image/png

GET
H3 401 BvHDHZKwIIfMq0A Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7e62ed0de9959bd0/1689265989157/5d341dae0faab5a84d7f36211ef3cda4d295c7a14ba7519006fd1f6c1cf4b194/ Frame 4772 1 B
629 B 48ms
47ms Fetch
text/plain 2606:4700::6811:2b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7e62ed0de9959bd0/1689265989157/5d341dae0faab5a84d7f36211ef3cda4d295c7a14ba7519006fd1f6c1cf4b194/BvHDHZKwIIfMq0A
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7e62ed0de9959bd0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/m25kc/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 16:33:10 GMT
www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gXTQdrg-qtahNfzYhHvPNpNKVx6FLp1GQBv0fbBz0sZQAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAud1722XPCRhYoOIgf36fG5iXSHxfxHUZKz73wnLpMfitU52MrdnNWcrUVkTbnKzyTm0Eu_xxsnRjrrlfx2IsTXnr-s9e4Pcc4HcvRmkMrw3XF39qe1KQIdVCNdNafkz1J0NrctkXi1FQqBHTVhXwGwC9x1OMaJtOuArK5reikVOEOgLbWuDDVKss9TLXqQd0QKZ3UYgzMOidVGZVWwLRZPtrpaduttH1XIUQsUYGRSQt1IHvLpdLLtAA_pm8eFdjSqYgDy2JHY6bJpQgMP2umteUDyWEme_zpnYdR3fNYKWlOYCDaqI0yUEt8n1t3xi5BDAJ6Negpkd6impWYjHWQQIDAQAB, max-age=20
server: cloudflare
cf-ray: 7e62ed16ccfd9bd0-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

POST
H3 200 4d86c84dbcd1da2 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1417537675:1689264600:o8W4H9jg8RU2TnuKgxk2_GmFXoaXZhKLWGz1ZBoS1UU/7e62ed0de9959bd0/ Frame 4772 15 KB
11 KB 66ms
60ms XHR
text/plain 2606:4700::6811:2b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1417537675:1689264600:o8W4H9jg8RU2TnuKgxk2_GmFXoaXZhKLWGz1ZBoS1UU/7e62ed0de9959bd0/4d86c84dbcd1da2
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7e62ed0de9959bd0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fbc83b340849749454a6284a08bdf30b6d23642aba5f64cd907eaec56f032bf

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/m25kc/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
CF-Challenge: 4d86c84dbcd1da2
Content-type: application/x-www-form-urlencoded

Response headers

cf-chl-gen: 2xWchj3G/n4ojEBrvK1xUjtCP7/YNEyvf/TLk4ms5u60jYSk3NK4SrH66zRHDMwu$0VrHYdmI1FdSr+kXxs2fHA==
date: Thu, 13 Jul 2023 16:33:10 GMT
content-encoding: br
server: cloudflare
cf-ray: 7e62ed177db89bd0-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			iqconnect.lmhostediq.com/	1969-12-31 23:59:59	Name: LMDSI_KSI Value: yyhj2mnycg1nw2rkdvzce33c

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://harvadsteelsales.com/life?email=SILENTCODERSEMAIL Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://harvadsteelsales.com/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://challenges.cloudflare.com/turnstile/v0/g/f5fedcf7/api.js?onload=SP6&render=explicit Message: Unrecognized origin: 'fullscreen'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7e62ed0de9959bd0/1689265989157/5d341dae0faab5a84d7f36211ef3cda4d295c7a14ba7519006fd1f6c1cf4b194/BvHDHZKwIIfMq0A Message: Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
harvadsteelsales.com
iqconnect.lmhostediq.com
silentcodersbanyakhuruf.hagencontractors.com
208.95.153.23
2606:4700:3033::6815:1ddc
2606:4700::6811:2b8
91.234.99.222
0fbc83b340849749454a6284a08bdf30b6d23642aba5f64cd907eaec56f032bf
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
424e559af5e00bc52620121e3151801600218fbd7dcce105b5ed2838ae32758d
4d1d9c27d1cf1e5f9e547c9a6a8781903f0cba78d75de6bf7905724c0b981e48
5406604c441fe554f0543440a0a3d0bf385bdc286ac4879e82592598afaa9087
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
8da6995557d29a73fe50e281b1e09e241f0893b6b41ecf27702ba4f5c25c0194
cefd83e321793158ff145faa075be70fad712ba09563a0328a2f058a76c16a7e
d6aa4f9987b24d0248ffe7484706febe1b1177edd85697c725e73221fb42eb4f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e837d19f4da1a818089e3f9f50e3b486c5b13a560d46d65a8cbf26e7b36353f3
eae68f86d174bf65e197266797d4def7581da2ce934b79e4013fee10198f21b4
f4138774e0fb90a31682ddafe9d871532688e540d96bd905d5804f10d9c48c4c
f4846ae70dc53eaa83819b1143631594b96e81b5a8b79c63cc71f403716d6b6b
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

harvadsteelsales.com Open in urlscan Pro 2606:4700:3033::6815:1ddc Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

16 Requests

75 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

264 kBTransfer

554 kBSize

1 Cookies

1 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

1 Cookies

6 Console Messages

Indicators

harvadsteelsales.com Open in urlscan Pro
2606:4700:3033::6815:1ddc Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

75 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

264 kB
Transfer

554 kB
Size

1
Cookies

16 HTTP transactions
1 data transactions