URL: https://posthaven.com/emails/opt_out/dTs0VY4776OpC_9bldbpzJOEpxNpmi2E84O81HZ3
Submission: On April 14 via api from BE

Summary

This website contacted 12 IPs in 2 countries across 9 domains to perform 18 HTTP transactions. The main IP is 50.31.246.1, located in United States and belongs to FLY, US. The main domain is posthaven.com.
TLS certificate: Issued by R3 on March 10th 2021. Valid for: 3 months.
This is the only time posthaven.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
4 posthaven-assets.s3.amazonaws.com posthaven.com
3 cdn.jsdelivr.net posthaven.com
2 ssl.google-analytics.com posthaven.com
2 fonts.gstatic.com fonts.googleapis.com
1 heapanalytics.com
1 www.gstatic.com www.google.com
1 cdn.heapanalytics.com posthaven.com
1 fonts.googleapis.com posthaven-assets.s3.amazonaws.com
1 stackpath.bootstrapcdn.com posthaven.com
1 www.google.com posthaven.com
1 posthaven.com
18 11

This site contains no links.

Subject Issuer Validity Valid
posthaven.com
R3
2021-03-10 -
2021-06-08
3 months crt.sh
*.s3.amazonaws.com
DigiCert Baltimore CA-2 G2
2021-01-11 -
2022-02-11
a year crt.sh
www.google.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2021-04-13 -
2022-03-26
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-03-01 -
2022-02-28
a year crt.sh
upload.video.google.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
cdn.heapanalytics.com
Amazon
2020-09-24 -
2021-10-26
a year crt.sh
*.gstatic.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
heapanalytics.com
Amazon
2020-12-24 -
2022-01-22
a year crt.sh

This page contains 1 frames:

Primary Page: https://posthaven.com/emails/opt_out/dTs0VY4776OpC_9bldbpzJOEpxNpmi2E84O81HZ3
Frame ID: 2742BA0268D0ADF1F756C4162929AEBF
Requests: 18 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 50%
Detected patterns
  • meta csrf-param /^authenticity_token$/i

Overall confidence: 50%
Detected patterns
  • meta csrf-param /^authenticity_token$/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • script /heap-\d+\.js/i

Overall confidence: 100%
Detected patterns
  • script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /\/recaptcha\/api\.js/i

Page Statistics

18
Requests

100 %
HTTPS

67 %
IPv6

9
Domains

11
Subdomains

12
IPs

2
Countries

1622 kB
Transfer

1956 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request dTs0VY4776OpC_9bldbpzJOEpxNpmi2E84O81HZ3
posthaven.com/emails/opt_out/
6 KB
3 KB
Document
General
Full URL
https://posthaven.com/emails/opt_out/dTs0VY4776OpC_9bldbpzJOEpxNpmi2E84O81HZ3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.31.246.1 , United States, ASN40509 (FLY, US),
Reverse DNS
flyio.shw.io
Software
Fly/86dfcb7 (2021-04-12) / Phusion Passenger 5.1.8
Resource Hash
f412dea65decf1ea001764e5078edbca4ffea9b9a739d8105c527a8ebd2458bd

Request headers

:method
GET
:authority
posthaven.com
:scheme
https
:path
/emails/opt_out/dTs0VY4776OpC_9bldbpzJOEpxNpmi2E84O81HZ3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
Fly/86dfcb7 (2021-04-12)
fly-request-id
01F375SV19JRMW95AK9PGF11ZE
content-type
text/html; charset=utf-8
status
200 OK
cache-control
max-age=0, private, must-revalidate
x-ua-compatible
IE=Edge,chrome=1
etag
W/"c39bce3f7d72911ec0b4c89c5b5938c3"
x-runtime
0.040752
x-request-id
b046ec6e004062947fdfd9ce0b464446
date
Wed, 14 Apr 2021 03:11:39 GMT
set-cookie
_posthaven_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJWIyZDhhMDRkMjVmMDI4NmU1ZmY3ODMxYjEzMjBkNzc2BjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMU9WZGpIa3lwYkdEbkRVSE1sQWFjNGlYd2pFTjViSlFuNm5wS3lHQTFrODA9BjsARg%3D%3D--dac33d61ea6ee9aa6f0cac59770d5e1b150b8248; path=/; HttpOnly
x-powered-by
Phusion Passenger 5.1.8
content-encoding
gzip
via
2 fly.io
modernizr.foundation-07cdd846d9479141366fe100b09eb45c.js
posthaven-assets.s3.amazonaws.com/assets/foundation/
9 KB
9 KB
Script
General
Full URL
https://posthaven-assets.s3.amazonaws.com/assets/foundation/modernizr.foundation-07cdd846d9479141366fe100b09eb45c.js
Requested by
Host: posthaven.com
URL: https://posthaven.com/emails/opt_out/dTs0VY4776OpC_9bldbpzJOEpxNpmi2E84O81HZ3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.141.244 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
5f1f197aa35c0d654f8fd2cf7f0993476e8f324f5dea63ccae9a4804bf905d6c

Request headers

Referer
https://posthaven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Apr 2021 03:11:40 GMT
Last-Modified
Mon, 31 Oct 2016 20:06:31 GMT
Server
AmazonS3
x-amz-request-id
D61Y61YFPTWRT4QH
ETag
"ee251d067ba75e1e712d7ed3de418411"
Content-Type
text/javascript
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Content-Length
8875
x-amz-id-2
8ARpvBtMNdfeHaWzD4MDznf8wOLtXfzqwuCd0t3vvzZAykFea5TzOmNhuR8qBKovnMvRu9h5Nfo=
Expires
Wed, 01 Nov 2017 02:06:29 GMT
application-7c6a708796a133167212a0ad5715e64d.css
posthaven-assets.s3.amazonaws.com/assets/
358 KB
359 KB
Stylesheet
General
Full URL
https://posthaven-assets.s3.amazonaws.com/assets/application-7c6a708796a133167212a0ad5715e64d.css
Requested by
Host: posthaven.com
URL: https://posthaven.com/emails/opt_out/dTs0VY4776OpC_9bldbpzJOEpxNpmi2E84O81HZ3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.141.244 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
b5be3d0b28ca0ae1afb66265ffea130bcce90c44fc78893ba99f90ee697bea0d

Request headers

Referer
https://posthaven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Apr 2021 03:11:40 GMT
Last-Modified
Wed, 10 Mar 2021 18:20:05 GMT
Server
AmazonS3
x-amz-request-id
D61PCQ13ADBVG4E1
ETag
"0af462a4a549fb71fa9a91c508c1b418"
Content-Type
text/css
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Content-Length
367078
x-amz-id-2
SHNVpntIaMtjCOvCubnRq1K8AVk79Rk/mmppu54wl0WLKGf7KsmmozLre0iVArzv38Lwyc7H3vQ=
Expires
Fri, 11 Mar 2022 00:20:02 GMT
api.js
www.google.com/recaptcha/
850 B
643 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: posthaven.com
URL: https://posthaven.com/emails/opt_out/dTs0VY4776OpC_9bldbpzJOEpxNpmi2E84O81HZ3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
260bebdb07a9a925d59a7c266ffcc5cb73966a20096ac5a8c1e544c802bcc6fb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://posthaven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 03:11:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
555
x-xss-protection
1; mode=block
expires
Wed, 14 Apr 2021 03:11:40 GMT
jssocials.css
cdn.jsdelivr.net/jquery.jssocials/1.4.0/
1 KB
484 B
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/jquery.jssocials/1.4.0/jssocials.css
Requested by
Host: posthaven.com
URL: https://posthaven.com/emails/opt_out/dTs0VY4776OpC_9bldbpzJOEpxNpmi2E84O81HZ3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8b0883d8e254cd86fc46665e6c17048e92904284fba02bdb94536267bf264f83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://posthaven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
4141176
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
384
etag
W/"51b-yj9O6q8jhNkh2l6UUvEAM75M8Tk"
x-served-by
cache-fra19180-FRA
date
Wed, 14 Apr 2021 03:11:39 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
jssocials-theme-minima.css
cdn.jsdelivr.net/jquery.jssocials/1.4.0/
9 KB
1 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/jquery.jssocials/1.4.0/jssocials-theme-minima.css
Requested by
Host: posthaven.com
URL: https://posthaven.com/emails/opt_out/dTs0VY4776OpC_9bldbpzJOEpxNpmi2E84O81HZ3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
31d5ecdab7ca70e756d2c6992135a68a3f678c6aec2cce12ac77a495e7213ae1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://posthaven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
1135429
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
995
etag
W/"2444-tWAM5G9B2s+EHVC3v4GGynH4zIg"
x-served-by
cache-fra19180-FRA
date
Wed, 14 Apr 2021 03:11:39 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: posthaven.com
URL: https://posthaven.com/emails/opt_out/dTs0VY4776OpC_9bldbpzJOEpxNpmi2E84O81HZ3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://posthaven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 03:11:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
722, 617
age
2965448
cdn-cachedat
2021-03-10 20:26:20
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
096ff6044300004e44d71cf000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
0e158483888a4ecabe6958fc28c56bca
cf-ray
63f9bf806e204e44-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
posthaven-bar-8e1f35a60730493cddf7aafb8a2afabc.png
posthaven-assets.s3.amazonaws.com/assets/
3 KB
4 KB
Image
General
Full URL
https://posthaven-assets.s3.amazonaws.com/assets/posthaven-bar-8e1f35a60730493cddf7aafb8a2afabc.png
Requested by
Host: posthaven.com
URL: https://posthaven.com/emails/opt_out/dTs0VY4776OpC_9bldbpzJOEpxNpmi2E84O81HZ3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.141.244 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
5983e58acbac6562fd32f3f70644a7f7251d63135aac02d64dc6d5cc8654a0e1

Request headers

Referer
https://posthaven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Apr 2021 03:11:41 GMT
Last-Modified
Thu, 30 Oct 2014 22:43:57 GMT
Server
AmazonS3
x-amz-request-id
7TE2067ZMD6R292J
ETag
"403b09124bfaea1b1d1d321a5ded3608"
Content-Type
image/png
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Content-Length
3361
x-amz-id-2
LJ6a8+Q2dJN7CGuFs/nGRFSiRi/StkNCf041jtZhZbZFjANs3zrrzaYobh7XspvX+dlAuZ6BxoM=
Expires
Sat, 31 Oct 2015 04:43:56 GMT
application-bc414bac07db3203e5e658f847df8510.js
posthaven-assets.s3.amazonaws.com/assets/
1016 KB
1017 KB
Script
General
Full URL
https://posthaven-assets.s3.amazonaws.com/assets/application-bc414bac07db3203e5e658f847df8510.js
Requested by
Host: posthaven.com
URL: https://posthaven.com/emails/opt_out/dTs0VY4776OpC_9bldbpzJOEpxNpmi2E84O81HZ3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.141.244 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
4be0e745e2f254a3897197041c6a525c6d794178b4eef6105457680a39c11731

Request headers

Referer
https://posthaven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Apr 2021 03:11:41 GMT
Last-Modified
Tue, 30 Mar 2021 00:22:49 GMT
Server
AmazonS3
x-amz-request-id
7TECRFMQX0FBDZ9Y
ETag
"1cf844061800446924fabdc8e815804f"
Content-Type
text/javascript
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Content-Length
1040530
x-amz-id-2
OWVZ0TnW165dOmfD+5UAfwUtqF7fonnMf32L9URAU9mpG9Uv9gSZ1U+5ZClYM+Lwvx6I0tW2drU=
Expires
Wed, 30 Mar 2022 06:22:45 GMT
jssocials.min.js
cdn.jsdelivr.net/jquery.jssocials/1.4.0/
9 KB
3 KB
Script
General
Full URL
https://cdn.jsdelivr.net/jquery.jssocials/1.4.0/jssocials.min.js
Requested by
Host: posthaven.com
URL: https://posthaven.com/emails/opt_out/dTs0VY4776OpC_9bldbpzJOEpxNpmi2E84O81HZ3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e8d46dfb4ca0d270a4789461c199b3a7c7ce9ba6a733d6a4abc59ccdafa71170
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://posthaven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
5458350
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
3013
etag
W/"2264-9KbQsXoVEpJWjJIdjufmbZ4QTDU"
x-served-by
cache-fra19180-FRA
date
Wed, 14 Apr 2021 03:11:40 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
css
fonts.googleapis.com/
3 KB
592 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Oxygen:400,700,300|Crimson+Text:400,400italic&subset=latin,latin-ext
Requested by
Host: posthaven-assets.s3.amazonaws.com
URL: https://posthaven-assets.s3.amazonaws.com/assets/application-7c6a708796a133167212a0ad5715e64d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
39a386a71abf66bab089a93fdfe990faa87b292152404713f6ff3a4775a000ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://posthaven-assets.s3.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 14 Apr 2021 03:11:40 GMT
server
ESF
date
Wed, 14 Apr 2021 03:11:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 14 Apr 2021 03:11:40 GMT
heap-1361953651.js
cdn.heapanalytics.com/js/
102 KB
40 KB
Script
General
Full URL
https://cdn.heapanalytics.com/js/heap-1361953651.js
Requested by
Host: posthaven.com
URL: https://posthaven.com/emails/opt_out/dTs0VY4776OpC_9bldbpzJOEpxNpmi2E84O81HZ3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.156.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-156-56.txl52.r.cloudfront.net
Software
nginx /
Resource Hash
2cff4639912f38d64eb5496a6c235f270a00537d7ab9cd72ca131e69e2db9ad7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://posthaven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 03:11:40 GMT
content-encoding
gzip
server
nginx
x-amz-cf-pop
TXL52-C1
etag
W/"19639-VL9VT9umRzNqUZKbG/mfOA"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 fa133af2508a341e1ff6bfff526ba095.cloudfront.net (CloudFront)
cache-control
public, max-age=120
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-id
kB4_mlu5kTEz4RYTFGE0aM4LNk1LPHHQkUD_GALNmrIRKCp3e619rQ==
wlp2gwHKFkZgtmSR3NB0oRJfbwhT.woff2
fonts.gstatic.com/s/crimsontext/v11/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/crimsontext/v11/wlp2gwHKFkZgtmSR3NB0oRJfbwhT.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oxygen:400,700,300|Crimson+Text:400,400italic&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f6fb4a5ed73890ce881e4b94a3e971684a44fdead6c1c2a45b31e96ab32de4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://posthaven.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:04:48 GMT
server
sffe
age
234482
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14888
x-xss-protection
0
expires
Mon, 11 Apr 2022 10:03:38 GMT
2sDfZG1Wl4LcnbuKjk0m.woff2
fonts.gstatic.com/s/oxygen/v10/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/oxygen/v10/2sDfZG1Wl4LcnbuKjk0m.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oxygen:400,700,300|Crimson+Text:400,400italic&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78ccfa0fba5ab2cfef812fff3452cfdc73b6573900a9613b2828dfa691535b57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://posthaven.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:02:44 GMT
server
sffe
age
234482
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16344
x-xss-protection
0
expires
Mon, 11 Apr 2022 10:03:38 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/
334 KB
130 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
030235ab6fc1739381df015b815a93e2ed3921f09832954dbacde9991708e27a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://posthaven.com
Referer
https://posthaven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 16:24:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38813
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133125
x-xss-protection
0
last-modified
Mon, 12 Apr 2021 21:07:37 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 13 Apr 2022 16:24:47 GMT
ga.js
ssl.google-analytics.com/
45 KB
17 KB
Script
General
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: posthaven.com
URL: https://posthaven.com/emails/opt_out/dTs0VY4776OpC_9bldbpzJOEpxNpmi2E84O81HZ3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://posthaven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 19:22:18 GMT
server
Golfe2
age
176
date
Wed, 14 Apr 2021 03:08:44 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Wed, 14 Apr 2021 05:08:44 GMT
__utm.gif
ssl.google-analytics.com/r/
35 B
378 B
Image
General
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=972601419&utmhn=posthaven.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmhid=412090265&utmr=-&utmp=%2Femails%2Fopt_out%2FdTs0VY4776OpC_9bldbpzJOEpxNpmi2E84O81HZ3&utmht=1618369900713&utmac=UA-38525690-1&utmcc=__utma%3D143353780.1199847744.1618369901.1618369901.1618369901.1%3B%2B__utmz%3D143353780.1618369901.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=82311347&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: posthaven.com
URL: https://posthaven.com/emails/opt_out/dTs0VY4776OpC_9bldbpzJOEpxNpmi2E84O81HZ3
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://posthaven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Apr 2021 03:11:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
h
heapanalytics.com/
37 B
259 B
Image
General
Full URL
https://heapanalytics.com/h?a=1361953651&u=8610825132843034&v=5189006409915808&s=6271522152138220&b=web&tv=4.0&z=0&h=%2Femails%2Fopt_out%2FdTs0VY4776OpC_9bldbpzJOEpxNpmi2E84O81HZ3&d=posthaven.com&ts=1618369900918&st=1618369900919&ei=135&et=variation
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.101.164.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-164-61.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://posthaven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Apr 2021 03:11:41 GMT
server
nginx
etag
W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| html5 object| Modernizr function| yepnope number| _heapid object| heap object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| wysihtml5 function| Base function| mobiledocPrettyJSONRenderer boolean| windowIsTurbolinked object| cookiesEu function| $ function| jQuery function| _ object| Backbone object| Support function| HAML object| rangy function| loadImage function| dataURLtoBlob function| tmpl object| locale object| jstz object| Mobiledoc function| moment function| Cookies object| Posthaven object| PH object| JST object| jQuery11000947829391455131 object| jsSocials object| _gaq object| _gat object| gaGlobal

8 Cookies

Domain/Path Name / Value
.posthaven.com/ Name: _hp2_id.1361953651
Value: %7B%22userId%22%3A%228610825132843034%22%2C%22pageviewId%22%3A%225189006409915808%22%2C%22sessionId%22%3A%226271522152138220%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.posthaven.com/ Name: __utmb
Value: 143353780.1.10.1618369901
.posthaven.com/ Name: __utmt
Value: 1
.posthaven.com/ Name: _hp2_ses_props.1361953651
Value: %7B%22z%22%3A0%2C%22ts%22%3A1618369900918%2C%22d%22%3A%22posthaven.com%22%2C%22h%22%3A%22%2Femails%2Fopt_out%2FdTs0VY4776OpC_9bldbpzJOEpxNpmi2E84O81HZ3%22%7D
.posthaven.com/ Name: __utmz
Value: 143353780.1618369901.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.posthaven.com/ Name: __utma
Value: 143353780.1199847744.1618369901.1618369901.1618369901.1
.posthaven.com/ Name: __utmc
Value: 143353780
posthaven.com/ Name: _posthaven_session
Value: BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJWIyZDhhMDRkMjVmMDI4NmU1ZmY3ODMxYjEzMjBkNzc2BjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMU9WZGpIa3lwYkdEbkRVSE1sQWFjNGlYd2pFTjViSlFuNm5wS3lHQTFrODA9BjsARg%3D%3D--dac33d61ea6ee9aa6f0cac59770d5e1b150b8248

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.heapanalytics.com
cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
heapanalytics.com
posthaven-assets.s3.amazonaws.com
posthaven.com
ssl.google-analytics.com
stackpath.bootstrapcdn.com
www.google.com
www.gstatic.com
2606:4700::6812:acf
2a00:1450:4001:800::200a
2a00:1450:4001:803::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:813::2008
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2008
2a04:4e42:3::621
50.31.246.1
52.216.141.244
75.101.164.61
99.84.156.56
030235ab6fc1739381df015b815a93e2ed3921f09832954dbacde9991708e27a
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
260bebdb07a9a925d59a7c266ffcc5cb73966a20096ac5a8c1e544c802bcc6fb
2cff4639912f38d64eb5496a6c235f270a00537d7ab9cd72ca131e69e2db9ad7
31d5ecdab7ca70e756d2c6992135a68a3f678c6aec2cce12ac77a495e7213ae1
39a386a71abf66bab089a93fdfe990faa87b292152404713f6ff3a4775a000ed
4be0e745e2f254a3897197041c6a525c6d794178b4eef6105457680a39c11731
5983e58acbac6562fd32f3f70644a7f7251d63135aac02d64dc6d5cc8654a0e1
5f1f197aa35c0d654f8fd2cf7f0993476e8f324f5dea63ccae9a4804bf905d6c
6f6fb4a5ed73890ce881e4b94a3e971684a44fdead6c1c2a45b31e96ab32de4a
78ccfa0fba5ab2cfef812fff3452cfdc73b6573900a9613b2828dfa691535b57
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8b0883d8e254cd86fc46665e6c17048e92904284fba02bdb94536267bf264f83
b5be3d0b28ca0ae1afb66265ffea130bcce90c44fc78893ba99f90ee697bea0d
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
e8d46dfb4ca0d270a4789461c199b3a7c7ce9ba6a733d6a4abc59ccdafa71170
f412dea65decf1ea001764e5078edbca4ffea9b9a739d8105c527a8ebd2458bd