www.safehaven.se Open in urlscan Pro
31.15.10.30 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.safehaven.se/
Submission: On October 11 via automatic, source certstream-suspicious (October 11th 2021, 12:47:05 pm UTC) — Scanned from DE

Summary HTTP 42 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 8 domains to perform 42 HTTP transactions. The main IP is 31.15.10.30, located in Czech Republic and belongs to GLOBE-AS www.active24.cz, CZ. The main domain is www.safehaven.se.
TLS certificate: Issued by R3 on August 13th 2021. Valid for: 3 months.

This is the only time www.safehaven.se was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	31.15.10.30 31.15.10.30	25234 (GLOBE-AS ...) (GLOBE-AS www.active24.cz)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:cd5f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:7f59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:1f18:243... 2600:1f18:243f:2d00:a874:dd37:27b9:63ad	14618 (AMAZON-AES) (AMAZON-AES)
1	52.54.184.202 52.54.184.202	14618 (AMAZON-AES) (AMAZON-AES)
42	12

10 31.15.10.30 (Czech Republic)

ASN25234 (GLOBE-AS www.active24.cz, CZ)
PTR: yono1.active24.cz

www.safehaven.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:cd5f (United States)

ASN13335 (CLOUDFLARENET, US)

analytics.yolacdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7f59 (United States)

ASN13335 (CLOUDFLARENET, US)

pixel.yola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:243f:2d00:a874:dd37:27b9:63ad (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

analytics.sitewit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.54.184.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-184-202.compute-1.amazonaws.com

connect.sitewit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	gstatic.com fonts.gstatic.com www.gstatic.com	654 KB
10	safehaven.se www.safehaven.se	1 MB
4	google.com www.google.com	24 KB
3	sitewit.com analytics.sitewit.com connect.sitewit.com	21 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	8 KB
1	yola.com pixel.yola.com	483 B
1	yolacdn.net analytics.yolacdn.net	6 KB
1	unpkg.com unpkg.com	34 KB
42	8

	Domain	Requested by
14	fonts.gstatic.com	fonts.googleapis.com www.google.com
10	www.safehaven.se	www.safehaven.se
6	www.gstatic.com	www.google.com www.gstatic.com
4	www.google.com	www.safehaven.se www.gstatic.com
2	analytics.sitewit.com	analytics.yolacdn.net www.safehaven.se
1	connect.sitewit.com	analytics.sitewit.com
1	pixel.yola.com	analytics.yolacdn.net
1	analytics.yolacdn.net	www.safehaven.se
1	fonts.googleapis.com	ajax.googleapis.com
1	unpkg.com	www.safehaven.se
1	ajax.googleapis.com	www.safehaven.se
42	11

This site contains no links.

Subject Issuer	Validity	Valid
safehaven.se R3	`2021-08-13` - `2021-11-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-02` - `2022-07-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
analytics.sitewit.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2020-10-05` - `2021-11-04`	a year	crt.sh
*.sitewit.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-12` - `2022-08-12`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.safehaven.se/
Frame ID: 20D7B2B04D6CC9EEF97F9953AF3F9AE1
Requests: 37 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcEthAUAAAAANLeILVZiZpPDbVwyoQuQ7c3qlsy&co=aHR0cHM6Ly93d3cuc2FmZWhhdmVuLnNlOjQ0Mw..&hl=de&v=qljbK_DTcvY1PzbR7IG69z1r&size=normal&cb=shpheoywiazw
Frame ID: 455082FA5E2836A0478F82A42E206E44
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=qljbK_DTcvY1PzbR7IG69z1r&k=6LcEthAUAAAAANLeILVZiZpPDbVwyoQuQ7c3qlsy
Frame ID: 9A5AEBDC07F83C39116695FB980BF715
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hem

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

42
Requests

100 %
HTTPS

82 %
IPv6

8
Domains

11
Subdomains

12
IPs

3
Countries

2132 kB
Transfer

3272 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.safehaven.se/ 113 KB
17 KB 53ms
15ms Document
text/html 31.15.10.30
GLOBE-AS www.acti...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.safehaven.se/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 31.15.10.30 , Czech Republic, ASN25234 (GLOBE-AS www.active24.cz, CZ),
Reverse DNS: yono1.active24.cz
Software: nginx /
Resource Hash: 0c87b170b0c9212fad76dd23ce26ecda7fd3c3c2fdb9700d6b1bbbdb6fb6f72d

Request headers

:method: GET
:authority: www.safehaven.se
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Mon, 11 Oct 2021 12:46:59 GMT
content-type: text/html
last-modified: Tue, 17 Nov 2020 06:27:36 GMT
etag: W/"5fb36d58-1c5ca"
content-encoding: gzip

GET
H2 200 648929eabae9f2451ea653b7231edf48.css
www.safehaven.se/ws/bundles/css/ 248 KB
40 KB 26ms
25ms Stylesheet
text/css 31.15.10.30
GLOBE-AS www.acti...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.safehaven.se/ws/bundles/css/648929eabae9f2451ea653b7231edf48.css
Requested by: Host: www.safehaven.se
URL: https://www.safehaven.se/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 31.15.10.30 , Czech Republic, ASN25234 (GLOBE-AS www.active24.cz, CZ),
Reverse DNS: yono1.active24.cz
Software: nginx /
Resource Hash: aefe67ad63b5f7768ea7c59d6a92d259f2c640f8864c52d4e3caf7fca84e1d11

Request headers

:path: /ws/bundles/css/648929eabae9f2451ea653b7231edf48.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.safehaven.se
referer: https://www.safehaven.se/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.safehaven.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 12:46:59 GMT
content-encoding: gzip
last-modified: Tue, 17 Nov 2020 06:27:36 GMT
server: nginx
etag: W/"5fb36d58-3e095"
content-type: text/css

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: www.safehaven.se
URL: https://www.safehaven.se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.safehaven.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 16:47:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71988
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Mon, 10 Oct 2022 16:47:11 GMT

GET
H2 200 safehavenstor.png
www.safehaven.se/ws/resized-images/6f79e8a66c794950b30711117f8dac8b/ 135 KB
136 KB 46ms
46ms Image
image/png 31.15.10.30
GLOBE-AS www.acti...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.safehaven.se/ws/resized-images/6f79e8a66c794950b30711117f8dac8b/safehavenstor.png
Requested by: Host: www.safehaven.se
URL: https://www.safehaven.se/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 31.15.10.30 , Czech Republic, ASN25234 (GLOBE-AS www.active24.cz, CZ),
Reverse DNS: yono1.active24.cz
Software: nginx /
Resource Hash: 70bab97b231a949fab8acb0b7f7cf3b1caa2e295b644f6d3eaf4c1df5ec5c58d

Request headers

:path: /ws/resized-images/6f79e8a66c794950b30711117f8dac8b/safehavenstor.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.safehaven.se
referer: https://www.safehaven.se/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.safehaven.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 12:46:59 GMT
last-modified: Fri, 23 Oct 2020 06:54:01 GMT
server: nginx
accept-ranges: bytes
etag: "5f927e09-21dd5"
content-length: 138709
content-type: image/png

GET
H2 200 webcomponents-bundle.js Show response
unpkg.com/@webcomponents/webcomponentsjs@2.2.10/ 109 KB
34 KB 35ms
18ms Script
application/javascript 2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@webcomponents/webcomponentsjs@2.2.10/webcomponents-bundle.js

Requested by

Host: www.safehaven.se
URL: https://www.safehaven.se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

695046c5e4f10b710a74a13166979d6bac1a4a5c4845ea95e298b49db9583bba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.safehaven.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 12:46:59 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2455505
fly-request-id: 01FFEGGJVJCP8JKTVKKJ4RBDS2
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"1b2b5-zMYJPjAi3UJGO/nMF+QQyogwa0k"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 69c831c44ce74aa3-FRA

GET
H2 200 9b247d87107eeaacf2ee028e48e70f22.js Show response
www.safehaven.se/ws/bundles/js/ 469 KB
469 KB 61ms
61ms Script
application/javascript 31.15.10.30
GLOBE-AS www.acti...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.safehaven.se/ws/bundles/js/9b247d87107eeaacf2ee028e48e70f22.js
Requested by: Host: www.safehaven.se
URL: https://www.safehaven.se/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 31.15.10.30 , Czech Republic, ASN25234 (GLOBE-AS www.active24.cz, CZ),
Reverse DNS: yono1.active24.cz
Software: nginx /
Resource Hash: 14441205a18dfc8657e00ec48e2d1b5e09b2bc595a593b6217d6497dc2f2ebbb

Request headers

:path: /ws/bundles/js/9b247d87107eeaacf2ee028e48e70f22.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.safehaven.se
referer: https://www.safehaven.se/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.safehaven.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 12:46:59 GMT
last-modified: Tue, 17 Nov 2020 06:27:36 GMT
server: nginx
accept-ranges: bytes
etag: "5fb36d58-7526a"
content-length: 479850
content-type: application/javascript

GET
H2 200 css
fonts.googleapis.com/ 29 KB
2 KB 75ms
45ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i%7CPoppins:400,400i,500,500i,600,600i,700,700i,800,800i,900,900i&display=swap

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ac1dce9119bfb167c6fe26acd26286ba6eb27e517804ac0499729ecf4ef8826a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.safehaven.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 12:46:59 GMT
server: ESF
date: Mon, 11 Oct 2021 12:46:59 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Mon, 11 Oct 2021 12:46:59 GMT

GET
DATA 200
OK truncated
/ 323 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dd95df2423c81b86f1e0be5b99e82adbe06256857273754c5bb477023f23e587

Request headers

Referer
Origin: https://www.safehaven.se
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 246 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 38d315b0ef4270d032b8c77a67074cfdb0ea3b19d0d783f59e7c318f084c52de

Request headers

Referer
Origin: https://www.safehaven.se
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 186 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 85d5d2abc807c98fcb497b31be2eaaa3ad98a2434cc81d7ebdaa5d49266cbccb

Request headers

Referer
Origin: https://www.safehaven.se
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 324 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50c5d94445650b30f5d3a2359cdd95ac5fab8e85505e4e2f97cb92837776c53b

Request headers

Referer
Origin: https://www.safehaven.se
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 r2njpbeyusq
www.safehaven.se/ws/media-library/948f4371a1c640988427b7c8d144158d/ 143 KB
144 KB 96ms
95ms Image
application/octet-stream 31.15.10.30
GLOBE-AS www.acti...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.safehaven.se/ws/media-library/948f4371a1c640988427b7c8d144158d/r2njpbeyusq
Requested by: Host: www.safehaven.se
URL: https://www.safehaven.se/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 31.15.10.30 , Czech Republic, ASN25234 (GLOBE-AS www.active24.cz, CZ),
Reverse DNS: yono1.active24.cz
Software: nginx /
Resource Hash: 7ffb22bf0388bf1581ee2f7846dd78b5aa59c5fa71ee819f8a07360b61f86e13

Request headers

:path: /ws/media-library/948f4371a1c640988427b7c8d144158d/r2njpbeyusq
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.safehaven.se
referer: https://www.safehaven.se/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.safehaven.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 12:46:59 GMT
last-modified: Wed, 21 Oct 2020 17:36:11 GMT
server: nginx
accept-ranges: bytes
etag: "5f90718b-23dfe"
content-length: 146942
content-type: application/octet-stream

GET
H2 200 hjckknwcxxq
www.safehaven.se/ws/media-library/2f08b12b867349719cf0ca61a45fba8f/ 240 KB
240 KB 96ms
96ms Image
application/octet-stream 31.15.10.30
GLOBE-AS www.acti...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.safehaven.se/ws/media-library/2f08b12b867349719cf0ca61a45fba8f/hjckknwcxxq
Requested by: Host: www.safehaven.se
URL: https://www.safehaven.se/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 31.15.10.30 , Czech Republic, ASN25234 (GLOBE-AS www.active24.cz, CZ),
Reverse DNS: yono1.active24.cz
Software: nginx /
Resource Hash: 26a91a2cfa5bc55a4c731433ac0e9b8a1a46c09afa180cf6c180babbca4f6c97

Request headers

:path: /ws/media-library/2f08b12b867349719cf0ca61a45fba8f/hjckknwcxxq
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.safehaven.se
referer: https://www.safehaven.se/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.safehaven.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 12:46:59 GMT
last-modified: Wed, 21 Oct 2020 17:36:11 GMT
server: nginx
accept-ranges: bytes
etag: "5f90718b-3c025"
content-length: 245797
content-type: application/octet-stream

GET
H2 200 5i0gnottjse
www.safehaven.se/ws/media-library/b2df7656f13549bbb3f9c0821a041675/ 94 KB
94 KB 96ms
96ms Image
application/octet-stream 31.15.10.30
GLOBE-AS www.acti...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.safehaven.se/ws/media-library/b2df7656f13549bbb3f9c0821a041675/5i0gnottjse
Requested by: Host: www.safehaven.se
URL: https://www.safehaven.se/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 31.15.10.30 , Czech Republic, ASN25234 (GLOBE-AS www.active24.cz, CZ),
Reverse DNS: yono1.active24.cz
Software: nginx /
Resource Hash: 0738a3517c54d73ab4a6fef1815a16619792ef6d15c2b43ce1a07fa7b35b19d5

Request headers

:path: /ws/media-library/b2df7656f13549bbb3f9c0821a041675/5i0gnottjse
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.safehaven.se
referer: https://www.safehaven.se/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.safehaven.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 12:46:59 GMT
last-modified: Wed, 21 Oct 2020 17:36:12 GMT
server: nginx
accept-ranges: bytes
etag: "5f90718c-176b0"
content-length: 95920
content-type: application/octet-stream

GET
H2 200 fh2zluv4_fk
www.safehaven.se/ws/media-library/2600feb597ee430ab097d250e5b5dab6/ 167 KB
167 KB 96ms
96ms Image
application/octet-stream 31.15.10.30
GLOBE-AS www.acti...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.safehaven.se/ws/media-library/2600feb597ee430ab097d250e5b5dab6/fh2zluv4_fk
Requested by: Host: www.safehaven.se
URL: https://www.safehaven.se/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 31.15.10.30 , Czech Republic, ASN25234 (GLOBE-AS www.active24.cz, CZ),
Reverse DNS: yono1.active24.cz
Software: nginx /
Resource Hash: 814cb3866a72bd540da7267f5ceb469b1034aabc1c4b302a6249531340e7096e

Request headers

:path: /ws/media-library/2600feb597ee430ab097d250e5b5dab6/fh2zluv4_fk
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.safehaven.se
referer: https://www.safehaven.se/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.safehaven.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 12:46:59 GMT
last-modified: Wed, 28 Oct 2020 16:29:52 GMT
server: nginx
accept-ranges: bytes
etag: "5f999c80-29b40"
content-length: 170816
content-type: application/octet-stream

GET
H2 200 pxiDyp8kv8JHgFVrJJLmg1hVF9eO.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 119ms
32ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiDyp8kv8JHgFVrJJLmg1hVF9eO.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i%7CPoppins:400,400i,500,500i,600,600i,700,700i,800,800i,900,900i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a77d294c68601de11ee6eeb15b7beed162ba2b70763ef412d0816a8187b4cd5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.safehaven.se
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 13:47:02 GMT
x-content-type-options: nosniff
age: 255597
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8548
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:01:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 08 Oct 2022 13:47:02 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 116ms
31ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i%7CPoppins:400,400i,500,500i,600,600i,700,700i,800,800i,900,900i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.safehaven.se
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 17:53:46 GMT
x-content-type-options: nosniff
age: 499993
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7776
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:01:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 05 Oct 2022 17:53:46 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 113ms
30ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i%7CPoppins:400,400i,500,500i,600,600i,700,700i,800,800i,900,900i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.safehaven.se
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 12:19:14 GMT
x-content-type-options: nosniff
age: 260865
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7832
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:01:48 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 08 Oct 2022 12:19:14 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 121ms
40ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i%7CPoppins:400,400i,500,500i,600,600i,700,700i,800,800i,900,900i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.safehaven.se
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 22:04:31 GMT
x-content-type-options: nosniff
age: 398548
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7988
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:02:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 06 Oct 2022 22:04:31 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ 44 KB
44 KB 88ms
10ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i%7CPoppins:400,400i,500,500i,600,600i,700,700i,800,800i,900,900i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.safehaven.se
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 17:04:31 GMT
x-content-type-options: nosniff
age: 330148
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44760
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 16:50:17 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 07 Oct 2022 17:04:31 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 116ms
38ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i%7CPoppins:400,400i,500,500i,600,600i,700,700i,800,800i,900,900i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.safehaven.se
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 04:13:09 GMT
x-content-type-options: nosniff
age: 549230
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7900
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:02:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Oct 2022 04:13:09 GMT

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v26/ 47 KB
47 KB 111ms
40ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v26/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i%7CPoppins:400,400i,500,500i,600,600i,700,700i,800,800i,900,900i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8dee5bb67e8a759f73dfbaeadba9220ad478a8187f58a59a50f906b0e51f65b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.safehaven.se
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 20:32:05 GMT
x-content-type-options: nosniff
age: 404094
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47804
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 16:51:13 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 06 Oct 2022 20:32:05 GMT

GET
H2 200 pxiGyp8kv8JHgFVrJJLucHtA.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
9 KB 105ms
35ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiGyp8kv8JHgFVrJJLucHtA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i%7CPoppins:400,400i,500,500i,600,600i,700,700i,800,800i,900,900i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f41bc54bcb1241a706432b6ca646835b27140a2eca0f50595ac4fbdd9eeef0f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.safehaven.se
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:57:29 GMT
x-content-type-options: nosniff
age: 532170
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8656
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:02:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Oct 2022 08:57:29 GMT

GET
H2 200 pxiDyp8kv8JHgFVrJJLmr19VF9eO.woff2
fonts.gstatic.com/s/poppins/v15/ 9 KB
9 KB 103ms
33ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiDyp8kv8JHgFVrJJLmr19VF9eO.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i%7CPoppins:400,400i,500,500i,600,600i,700,700i,800,800i,900,900i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7191461cdce27076c663a98ad5dbad2e23da0fd57b9cd936d4e37d4ed2b417d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.safehaven.se
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:52:14 GMT
x-content-type-options: nosniff
age: 442485
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8716
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:01:54 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 06 Oct 2022 09:52:14 GMT

GET
H2 200 pxiDyp8kv8JHgFVrJJLmy15VF9eO.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
9 KB 106ms
36ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiDyp8kv8JHgFVrJJLmy15VF9eO.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i%7CPoppins:400,400i,500,500i,600,600i,700,700i,800,800i,900,900i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

184c0882dc2b60d68c74decd65e23ea257d2de9ad374d1f3d92f271c4ab1205e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.safehaven.se
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 18:20:39 GMT
x-content-type-options: nosniff
age: 498380
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8612
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:01:42 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 05 Oct 2022 18:20:39 GMT

GET
H2 200 pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 108ms
39ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i%7CPoppins:400,400i,500,500i,600,600i,700,700i,800,800i,900,900i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e28d860a51754d183f6f97432fd94046cd31afb7ce65c8ea179b0ff63b3d84fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.safehaven.se
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:58:33 GMT
x-content-type-options: nosniff
age: 413306
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7844
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:02:45 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 06 Oct 2022 17:58:33 GMT

GET
H2 200 pxiDyp8kv8JHgFVrJJLm111VF9eO.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
9 KB 106ms
37ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiDyp8kv8JHgFVrJJLm111VF9eO.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i%7CPoppins:400,400i,500,500i,600,600i,700,700i,800,800i,900,900i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62bb3f107072f11d355a712df661efa9fb4714fe1be36a51be9809b64c9f8c7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.safehaven.se
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 17:46:21 GMT
x-content-type-options: nosniff
age: 68438
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8680
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:01:22 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 10 Oct 2022 17:46:21 GMT

GET
H2 200 pxiByp8kv8JHgFVrLBT5Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 7 KB
8 KB 113ms
43ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLBT5Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i%7CPoppins:400,400i,500,500i,600,600i,700,700i,800,800i,900,900i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de60204842daf5531d76ca6a7104d8def25ab425a0b32e8d7b42f610699abf9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.safehaven.se
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 07:34:15 GMT
x-content-type-options: nosniff
age: 105164
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7616
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:01:27 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Mon, 10 Oct 2022 07:34:15 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 852 B
990 B 75ms
21ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit&

Requested by

Host: www.safehaven.se
URL: https://www.safehaven.se/ws/bundles/js/9b247d87107eeaacf2ee028e48e70f22.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0c027be70b8c721c5c5d9ec38f4cb5c83541ec0d2afc2fd93bd33b1f96a25863

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.safehaven.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 12:46:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 556
x-xss-protection: 1; mode=block
expires: Mon, 11 Oct 2021 12:46:59 GMT

GET
H2 200 tracking.js Show response
analytics.yolacdn.net/ 13 KB
6 KB 80ms
25ms Script
application/javascript 2606:4700::6812:cd5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.yolacdn.net/tracking.js
Requested by: Host: www.safehaven.se
URL: https://www.safehaven.se/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:cd5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39a5619dffb53b13c2715fcd25f3828e264f332ed72127b77e7f1a750373d8c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.safehaven.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 12:46:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 08 Sep 2021 10:29:12 GMT
server: cloudflare
age: 5269
etag: W/"61389078-342e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 69c831c6af6b1762-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5571

GET
H2 404 ecruhtxirei.webp
www.safehaven.se/ws/media-library/e2e8db1aec9147719c36acde5fda3129/ 564 B
564 B 46ms
46ms Image
text/html 31.15.10.30
GLOBE-AS www.acti...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.safehaven.se/ws/media-library/e2e8db1aec9147719c36acde5fda3129/ecruhtxirei.webp
Requested by: Host: www.safehaven.se
URL: https://www.safehaven.se/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 31.15.10.30 , Czech Republic, ASN25234 (GLOBE-AS www.active24.cz, CZ),
Reverse DNS: yono1.active24.cz
Software: nginx /
Resource Hash: 0b52c5338af355699530a47683420e48c7344e779d3e815ff9943cbfdc153cf2

Request headers

:path: /ws/media-library/e2e8db1aec9147719c36acde5fda3129/ecruhtxirei.webp
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.safehaven.se
referer: https://www.safehaven.se/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.safehaven.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 12:46:59 GMT
content-encoding: gzip
server: nginx
content-type: text/html

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/qljbK_DTcvY1PzbR7IG69z1r/ 346 KB
135 KB 32ms
6ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/qljbK_DTcvY1PzbR7IG69z1r/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24888ff57c1714336f283a67e22f1207ef9826694a9078e1cda9d581ff148407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.safehaven.se/
Origin: https://www.safehaven.se
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 12:36:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 641
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137921
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 04:21:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Tue, 11 Oct 2022 12:36:18 GMT

GET
H2 200 ecruhtxirei
www.safehaven.se/ws/media-library/e2e8db1aec9147719c36acde5fda3129/ 77 KB
77 KB 16ms
15ms Image
application/octet-stream 31.15.10.30
GLOBE-AS www.acti...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.safehaven.se/ws/media-library/e2e8db1aec9147719c36acde5fda3129/ecruhtxirei
Requested by: Host: www.safehaven.se
URL: https://www.safehaven.se/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 31.15.10.30 , Czech Republic, ASN25234 (GLOBE-AS www.active24.cz, CZ),
Reverse DNS: yono1.active24.cz
Software: nginx /
Resource Hash: 04854f98a7a5c95b334333c597c55c31e009b5f25226d54823cf318ddf443413

Request headers

:path: /ws/media-library/e2e8db1aec9147719c36acde5fda3129/ecruhtxirei
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.safehaven.se
referer: https://www.safehaven.se/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.safehaven.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 12:46:59 GMT
last-modified: Wed, 21 Oct 2020 17:36:11 GMT
server: nginx
accept-ranges: bytes
etag: "5f90718b-13447"
content-length: 78919
content-type: application/octet-stream

GET
H2 200 LoggingAgent Show response
pixel.yola.com/LoggingAgent/ 12 B
483 B 423ms
381ms Script
application/x-javascript 2606:4700::6812:7f59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yola.com/LoggingAgent/LoggingAgent?url=//www.safehaven.se/&pagename=index&siteid=11eb13a34da76cc889b40026b952c5b1&resolution=1600x1200&colorDepth=24&flash=0&java=0&sitereferer=&visitorId=C98D65A8-8440-0001-F817-18D61D8013C5&visitId=C98D65A8-8450-0001-4CD3-669640231C5A&user_id=3095fedf786145d7989ba5cb76d831cb&partner_id=WL_LOOPIA&LoggingAgentReturnType=script
Requested by: Host: analytics.yolacdn.net
URL: https://analytics.yolacdn.net/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:7f59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cca325e1db08583f7d7c9ff4012d2fd9ee24a62ac3a54dccc71673f137a6244

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.safehaven.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Oct 2021 12:47:00 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cf-ray: 69c831c72e255cb0-FRA
content-length: 32
expires: -1

GET
H2 200 sw.js Show response
analytics.sitewit.com/partner/yola/11eb13a34da76cc889b40026b952c5b1/ 19 KB
20 KB 340ms
106ms Script
text/javascript 2600:1f18:243f:2d00:a874:dd37:27b9:63ad
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.sitewit.com/partner/yola/11eb13a34da76cc889b40026b952c5b1/sw.js
Requested by: Host: analytics.yolacdn.net
URL: https://analytics.yolacdn.net/tracking.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:243f:2d00:a874:dd37:27b9:63ad Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: d35b5f4c00476420535c8b0bb7ca43d20327815017d00532193fb520261175c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.safehaven.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 12:46:59 GMT
cache-control: private,no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
content-type: text/javascript; charset=utf-8
content-length: 19424
p3p: CP="DSP CAO CUR DEVo PSAo PSDo ADMo OUR STP NAV COM INT STA UNI PHY DEM", policyref="/w3c/p3p.xml"

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 4550 40 KB
21 KB 25ms
25ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcEthAUAAAAANLeILVZiZpPDbVwyoQuQ7c3qlsy&co=aHR0cHM6Ly93d3cuc2FmZWhhdmVuLnNlOjQ0Mw..&hl=de&v=qljbK_DTcvY1PzbR7IG69z1r&size=normal&cb=shpheoywiazw

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/qljbK_DTcvY1PzbR7IG69z1r/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bbc45ab969d7fbe9b02e8007484450eff62219f110265bef2b6a7410bb663b7d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MA6IOdb4RXuEMM4S+fMzkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LcEthAUAAAAANLeILVZiZpPDbVwyoQuQ7c3qlsy&co=aHR0cHM6Ly93d3cuc2FmZWhhdmVuLnNlOjQ0Mw..&hl=de&v=qljbK_DTcvY1PzbR7IG69z1r&size=normal&cb=shpheoywiazw
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.safehaven.se/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.safehaven.se/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 11 Oct 2021 12:46:59 GMT
content-security-policy: script-src 'report-sample' 'nonce-MA6IOdb4RXuEMM4S+fMzkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 21238
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/qljbK_DTcvY1PzbR7IG69z1r/ Frame 4550 52 KB
26 KB 27ms
7ms Stylesheet
text/css 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/qljbK_DTcvY1PzbR7IG69z1r/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcEthAUAAAAANLeILVZiZpPDbVwyoQuQ7c3qlsy&co=aHR0cHM6Ly93d3cuc2FmZWhhdmVuLnNlOjQ0Mw..&hl=de&v=qljbK_DTcvY1PzbR7IG69z1r&size=normal&cb=shpheoywiazw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 09:02:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 04:21:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Tue, 11 Oct 2022 09:02:20 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/qljbK_DTcvY1PzbR7IG69z1r/ Frame 4550 346 KB
135 KB 33ms
13ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/qljbK_DTcvY1PzbR7IG69z1r/recaptcha__de.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24888ff57c1714336f283a67e22f1207ef9826694a9078e1cda9d581ff148407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 12:36:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 641
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137921
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 04:21:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Tue, 11 Oct 2022 12:36:18 GMT

GET
DATA 200
OK truncated
/ Frame 4550 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4550 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 4550 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/qljbK_DTcvY1PzbR7IG69z1r/styles__ltr.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/qljbK_DTcvY1PzbR7IG69z1r/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 11:16:19 GMT
x-content-type-options: nosniff
age: 91840
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Sun, 17 Oct 2021 11:16:19 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4550 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 09:07:47 GMT
x-content-type-options: nosniff
age: 531552
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Oct 2022 09:07:47 GMT

GET
H2 200 webworker.js
www.google.com/recaptcha/api2/ Frame 4550 102 B
212 B 16ms
15ms Other
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=qljbK_DTcvY1PzbR7IG69z1r

Requested by

Host: www.safehaven.se
URL: https://www.safehaven.se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b09b62ea3362a0e9cdf0a6362e6f0c478744254a9d080b0a0e6c943a05376919

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcEthAUAAAAANLeILVZiZpPDbVwyoQuQ7c3qlsy&co=aHR0cHM6Ly93d3cuc2FmZWhhdmVuLnNlOjQ0Mw..&hl=de&v=qljbK_DTcvY1PzbR7IG69z1r&size=normal&cb=shpheoywiazw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 12:46:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 11 Oct 2021 12:46:59 GMT

GET
H2 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 9A5A 7 KB
1 KB 19ms
18ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=qljbK_DTcvY1PzbR7IG69z1r&k=6LcEthAUAAAAANLeILVZiZpPDbVwyoQuQ7c3qlsy

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/qljbK_DTcvY1PzbR7IG69z1r/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8eb721c85eda4e9a19acb2c9ece1fb182ce8e72d5dbf1d14491a4cf091afd67a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MIPl07RuhPZBNP6JWFQQKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=de&v=qljbK_DTcvY1PzbR7IG69z1r&k=6LcEthAUAAAAANLeILVZiZpPDbVwyoQuQ7c3qlsy
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.safehaven.se/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.safehaven.se/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 11 Oct 2021 12:46:59 GMT
content-security-policy: script-src 'report-sample' 'nonce-MIPl07RuhPZBNP6JWFQQKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1114
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/qljbK_DTcvY1PzbR7IG69z1r/ Frame 9A5A 52 KB
25 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/qljbK_DTcvY1PzbR7IG69z1r/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=qljbK_DTcvY1PzbR7IG69z1r&k=6LcEthAUAAAAANLeILVZiZpPDbVwyoQuQ7c3qlsy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 09:02:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 04:21:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Tue, 11 Oct 2022 09:02:20 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/qljbK_DTcvY1PzbR7IG69z1r/ Frame 9A5A 346 KB
135 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/qljbK_DTcvY1PzbR7IG69z1r/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=qljbK_DTcvY1PzbR7IG69z1r&k=6LcEthAUAAAAANLeILVZiZpPDbVwyoQuQ7c3qlsy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24888ff57c1714336f283a67e22f1207ef9826694a9078e1cda9d581ff148407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 12:36:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 641
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137921
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 04:21:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Tue, 11 Oct 2022 12:36:18 GMT

GET
H2 200 sw_connect.js Show response
connect.sitewit.com/js/11EB13A34DA76CC889B40026B952C5B1/ 32 B
654 B 554ms
179ms Script
text/javascript 52.54.184.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.sitewit.com/js/11EB13A34DA76CC889B40026B952C5B1/sw_connect.js?ispartner=yola&ns=sw
Requested by: Host: analytics.sitewit.com
URL: https://analytics.sitewit.com/partner/yola/11eb13a34da76cc889b40026b952c5b1/sw.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.184.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-184-202.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 7ba60db4e4c1bf698247d9873e3bf61ebe517f299773270d4d40789be29d0d4e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.safehaven.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 12:47:00 GMT
cache-control: private
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
content-type: text/javascript; charset=utf-8
content-length: 32
p3p: CP="DSP CAO CUR DEVo PSAo PSDo ADMo OUR STP NAV COM INT STA UNI PHY DEM", policyref="/w3c/p3p.xml"

GET
H2 200 cq_blank.gif
analytics.sitewit.com/images/ 35 B
614 B 106ms
106ms Image
image/gif 2600:1f18:243f:2d00:a874:dd37:27b9:63ad
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.sitewit.com/images/cq_blank.gif?_sw_yolaid=11EB13A34DA76CC889B40026B952C5B1&_sw_uid=00e5617b-4f78-4441-87f6-181b95138a7c&_sw_fp=6d32c03ff2b4ad0bfafc80da5f42b9142661a552&_sw_pl=306&_sw_pc=3&_sw_dat=MXx3d3cuc2FmZWhhdmVuLnNlfGh0dHBzOi8vd3d3LnNhZmVoYXZlbi5zZS98ZW4tVVN8MTYwMHwxMjAwfDI0fENocm9tZS85My4wLjQ1NzcuNjN8eDY0fDF8MHwxfDB8LXx8LXwtfC18MmEwZjo5NDQxOjU6MDplYTo6MXww&to=101
Requested by: Host: www.safehaven.se
URL: https://www.safehaven.se/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:243f:2d00:a874:dd37:27b9:63ad Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.safehaven.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 12:47:00 GMT
last-modified: Thu, 24 Jun 2010 20:21:15 GMT
server: Microsoft-IIS/10.0
etag: "9f8deacbda13cb1:0"
p3p: CP="DSP CAO CUR DEVo PSAo PSDo ADMo OUR STP NAV COM INT STA UNI PHY DEM", policyref="/w3c/p3p.xml"
cache-control: no-cache
accept-ranges: bytes
content-type: image/gif
content-length: 35

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.safehaven.se/	1970-01-20 06:38:12	Name: synthasiteVisitorId Value: C98D65A8-8440-0001-F817-18D61D8013C5
www.safehaven.se/	1970-01-19 21:52:36	Name: synthasiteVisitId Value: C98D65A8-8450-0001-4CD3-669640231C5A
.yola.com/	1970-01-19 21:52:38	Name: __cf_bm Value: XIkEfMGze3Oqu77x7y40FUgHNRFIykcNLHd2gTDMhN8-1633956420-0-Af00fgO+pFlptaiyy5kvtyihCOhgreyMWGn+lekjB7rFTuRC/2h9Os4cmtVg9p6t+xCLBLAInyVFZzIbgEBQd9lb0f5Ed6U9ImVbLSYfMxO4
.safehaven.se/	1970-01-20 21:52:36	Name: _swa_u Value: 00e5617b-4f78-4441-87f6-181b95138a7c
analytics.sitewit.com/	1970-01-19 22:02:41	Name: AWSALBCORS Value: efbe5uI26rKTciEZe0c7lPjdbqDFpvAlrT0CvE0Sr7Hkurv3Co7T/0sOYb5s1il7d0aUM4Y2whbtuGROdWe3Oejf4fiPRg265h9XRWU/pxPZ6eW2p4+t8ph4Em2H
connect.sitewit.com/	1970-01-19 22:02:41	Name: AWSALBCORS Value: ksKPxv6EapLhbX6R0IPmCpgLxzVLFZtYt5VKYnTSLCqK4UnR/jW2y5AZhOpn7rWQIzs9Ss8WVg54pky8ajh8dGETdUVC8Oz8eMsurXF/rW1CylPEHXphGoGLzOFA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.safehaven.se/ws/media-library/e2e8db1aec9147719c36acde5fda3129/ecruhtxirei.webp Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.sitewit.com
analytics.yolacdn.net
connect.sitewit.com
fonts.googleapis.com
fonts.gstatic.com
pixel.yola.com
unpkg.com
www.google.com
www.gstatic.com
www.safehaven.se
2600:1f18:243f:2d00:a874:dd37:27b9:63ad
2606:4700::6810:7eaf
2606:4700::6812:7f59
2606:4700::6812:cd5f
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2004
2a00:1450:4001:827::2003
2a00:1450:4001:827::200a
2a00:1450:4001:831::200a
31.15.10.30
52.54.184.202
04854f98a7a5c95b334333c597c55c31e009b5f25226d54823cf318ddf443413
0738a3517c54d73ab4a6fef1815a16619792ef6d15c2b43ce1a07fa7b35b19d5
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0b52c5338af355699530a47683420e48c7344e779d3e815ff9943cbfdc153cf2
0c027be70b8c721c5c5d9ec38f4cb5c83541ec0d2afc2fd93bd33b1f96a25863
0c87b170b0c9212fad76dd23ce26ecda7fd3c3c2fdb9700d6b1bbbdb6fb6f72d
14441205a18dfc8657e00ec48e2d1b5e09b2bc595a593b6217d6497dc2f2ebbb
184c0882dc2b60d68c74decd65e23ea257d2de9ad374d1f3d92f271c4ab1205e
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
24888ff57c1714336f283a67e22f1207ef9826694a9078e1cda9d581ff148407
26a91a2cfa5bc55a4c731433ac0e9b8a1a46c09afa180cf6c180babbca4f6c97
38d315b0ef4270d032b8c77a67074cfdb0ea3b19d0d783f59e7c318f084c52de
39a5619dffb53b13c2715fcd25f3828e264f332ed72127b77e7f1a750373d8c2
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
50c5d94445650b30f5d3a2359cdd95ac5fab8e85505e4e2f97cb92837776c53b
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
62bb3f107072f11d355a712df661efa9fb4714fe1be36a51be9809b64c9f8c7c
695046c5e4f10b710a74a13166979d6bac1a4a5c4845ea95e298b49db9583bba
70bab97b231a949fab8acb0b7f7cf3b1caa2e295b644f6d3eaf4c1df5ec5c58d
7191461cdce27076c663a98ad5dbad2e23da0fd57b9cd936d4e37d4ed2b417d5
7ba60db4e4c1bf698247d9873e3bf61ebe517f299773270d4d40789be29d0d4e
7ffb22bf0388bf1581ee2f7846dd78b5aa59c5fa71ee819f8a07360b61f86e13
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
814cb3866a72bd540da7267f5ceb469b1034aabc1c4b302a6249531340e7096e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85d5d2abc807c98fcb497b31be2eaaa3ad98a2434cc81d7ebdaa5d49266cbccb
8eb721c85eda4e9a19acb2c9ece1fb182ce8e72d5dbf1d14491a4cf091afd67a
9cca325e1db08583f7d7c9ff4012d2fd9ee24a62ac3a54dccc71673f137a6244
a77d294c68601de11ee6eeb15b7beed162ba2b70763ef412d0816a8187b4cd5f
ac1dce9119bfb167c6fe26acd26286ba6eb27e517804ac0499729ecf4ef8826a
aefe67ad63b5f7768ea7c59d6a92d259f2c640f8864c52d4e3caf7fca84e1d11
b09b62ea3362a0e9cdf0a6362e6f0c478744254a9d080b0a0e6c943a05376919
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
bbc45ab969d7fbe9b02e8007484450eff62219f110265bef2b6a7410bb663b7d
d35b5f4c00476420535c8b0bb7ca43d20327815017d00532193fb520261175c4
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
d8dee5bb67e8a759f73dfbaeadba9220ad478a8187f58a59a50f906b0e51f65b
dd95df2423c81b86f1e0be5b99e82adbe06256857273754c5bb477023f23e587
de60204842daf5531d76ca6a7104d8def25ab425a0b32e8d7b42f610699abf9e
e28d860a51754d183f6f97432fd94046cd31afb7ce65c8ea179b0ff63b3d84fa
f41bc54bcb1241a706432b6ca646835b27140a2eca0f50595ac4fbdd9eeef0f5

www.safehaven.se Open in urlscan Pro 31.15.10.30 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

42 Requests

100 %HTTPS

82 %IPv6

8 Domains

11 Subdomains

12 IPs

3 Countries

2132 kBTransfer

3272 kBSize

6 Cookies

0 Outgoing links

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.safehaven.se Open in urlscan Pro
31.15.10.30 Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

100 %
HTTPS

82 %
IPv6

8
Domains

11
Subdomains

12
IPs

3
Countries

2132 kB
Transfer

3272 kB
Size

6
Cookies

42 HTTP transactions
6 data transactions