havensproject.online Open in urlscan Pro
172.67.166.27 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://havensproject.online/
Effective URL:
https://havensproject.online/
Submission: On May 23 via api (May 23rd 2024, 4:59:15 am UTC) from US — Scanned from DE

Summary HTTP 40 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 10 domains to perform 40 HTTP transactions. The main IP is 172.67.166.27, located in United States and belongs to CLOUDFLARENET, US. The main domain is havensproject.online.
TLS certificate: Issued by E1 on May 22nd 2024. Valid for: 3 months.

This is the only time havensproject.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	172.67.166.27 172.67.166.27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42::649 2a04:4e42::649	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
2	199.232.196.193 199.232.196.193	54113 (FASTLY) (FASTLY)
1	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
1 1	157.240.252.10 157.240.252.10	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
40	11

14 172.67.166.27 (United States)

ASN13335 (CLOUDFLARENET, US)

havensproject.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

www.adnetworkperformance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.196.193 (United States)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.252.10 (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)
PTR: edge-star-shv-01-fra3.facebook.com

web.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	havensproject.online havensproject.online	827 KB
12	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 103 tpc.googlesyndication.com — Cisco Umbrella Rank: 164	220 KB
2	facebook.com 1 redirects web.facebook.com — Cisco Umbrella Rank: 230 www.facebook.com — Cisco Umbrella Rank: 101	106 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	89 KB
2	imgur.com i.imgur.com — Cisco Umbrella Rank: 7840	913 KB
1	adnetworkperformance.com www.adnetworkperformance.com	471 B
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 380	4 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 776	29 KB
0	akamaihd.net Failed fbcdn-sphotos-e-a.akamaihd.net Failed fbcdn-photos-a-a.akamaihd.net Failed
0	aqguardians.com Failed www.aqguardians.com Failed
40	10

	Domain	Requested by
14	havensproject.online	havensproject.online
10	pagead2.googlesyndication.com	havensproject.online pagead2.googlesyndication.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	connect.facebook.net	havensproject.online connect.facebook.net
2	i.imgur.com	havensproject.online
1	www.facebook.com	connect.facebook.net
1	web.facebook.com	1 redirects
1	www.adnetworkperformance.com	havensproject.online
1	ajax.googleapis.com	havensproject.online
1	code.jquery.com	havensproject.online
0	fbcdn-photos-a-a.akamaihd.net Failed	havensproject.online
0	fbcdn-sphotos-e-a.akamaihd.net Failed	havensproject.online
0	www.aqguardians.com Failed	havensproject.online
40	13

This site contains no links.

Subject Issuer	Validity	Valid
havensproject.online E1	`2024-05-22` - `2024-08-20`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
upload.video.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
adnetworkperformance.com E1	`2024-04-23` - `2024-07-22`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.imgur.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-15` - `2025-02-14`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-01` - `2024-05-30`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://havensproject.online/
Frame ID: 1F5984D7CCA2F4722F2008FA905555A5
Requests: 34 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240521/r20110914/zrt_lookup_fy2021.html
Frame ID: CBC7BA8AC97EA08F36C88672F941EC57
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2776420396696608&output=html&h=280&slotname=2721953971&adk=2712857028&adf=2944451431&pi=t.ma~as.2721953971&w=336&lmt=1716440350&url=https%3A%2F%2Fhavensproject.online%2F&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuNzYiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyNS4wLjY0MjIuNzYiXSxbIkNocm9taXVtIiwiMTI1LjAuNjQyMi43NiJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1716440349909&bpp=181&bdt=649&idt=335&shv=r20240521&mjsv=m202405200101&ptt=5&saldr=sd&abxe=1&eoidce=1&correlator=3956841772644&frm=20&pv=2&ga_vid=1085966507.1716440350&ga_sid=1716440350&ga_hid=1250622049&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=902&ady=270&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95331982%2C95331712%2C31078668&oid=2&pvsid=2779358639080058&tmod=812476961&uas=0&nvt=1&fc=896&brdim=320%2C320%2C320%2C320%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=354
Frame ID: FC25AD39A0E515FB450A013FD6E0B8CE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2776420396696608&output=html&h=280&slotname=2721953971&adk=2712857028&adf=880476663&pi=t.ma~as.2721953971&w=336&lmt=1716440350&url=https%3A%2F%2Fhavensproject.online%2F&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuNzYiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyNS4wLjY0MjIuNzYiXSxbIkNocm9taXVtIiwiMTI1LjAuNjQyMi43NiJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1716440349911&bpp=179&bdt=651&idt=369&shv=r20240521&mjsv=m202405200101&ptt=5&saldr=sd&abxe=1&eoidce=1&prev_slotnames=2721953971&correlator=3956841772644&frm=20&pv=1&ga_vid=1085966507.1716440350&ga_sid=1716440350&ga_hid=1250622049&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=902&ady=2664&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95331982%2C95331712%2C31078668&oid=2&pvsid=2779358639080058&tmod=812476961&uas=0&nvt=1&fc=896&brdim=320%2C320%2C320%2C320%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&nt=1&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=373
Frame ID: C44F735EC31776B9162826FEA35FA6CA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2776420396696608&output=html&adk=522671305&adf=1178619241&abgtt=1&lmt=1716440350&plat=2%3A16777216%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fhavensproject.online%2F&pra=7&wgl=1&easpi=0&aihb=0&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuNzYiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyNS4wLjY0MjIuNzYiXSxbIkNocm9taXVtIiwiMTI1LjAuNjQyMi43NiJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1716440350090&bpp=1&bdt=830&idt=203&shv=r20240521&mjsv=m202405200101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_slotnames=2721953971%2C2721953971&nras=1&correlator=3956841772644&frm=20&pv=1&ga_vid=1085966507.1716440350&ga_sid=1716440350&ga_hid=1250622049&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95331982%2C95331712%2C31078668&oid=2&pvsid=2779358639080058&tmod=812476961&uas=0&nvt=1&fsapi=1&fc=896&brdim=320%2C320%2C320%2C320%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=3&uci=a!3&fsb=1&dtd=209
Frame ID: BD35A3FCF9AA9A4E0EBBB375F89DE94B
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.3/plugins/page.php?adapt_container_width=true&app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ea5340f9735298e%26domain%3Dhavensproject.online%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhavensproject.online%252Ffbb628c26dc6c3916%26relation%3Dparent.parent&container_width=509&height=280&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FFantasyOfLoreAQWorlds&locale=en_US&sdk=joey&show_facepile=true&show_posts=true&small_header=false&width=500&_rdc=1&_rdr
Frame ID: D30CF1BF4E76E4BDE2F7B7C454D3C352
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AA2D57EA95FA157EB14C5A9AC8292654
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Havens Project - Home Page / AQWorlds Private Server

Page URL History Show full URLs

http://havensproject.online/ HTTP 307
https://havensproject.online/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swfobject.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

40
Requests

85 %
HTTPS

45 %
IPv6

10
Domains

13
Subdomains

11
IPs

3
Countries

2084 kB
Transfer

2886 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://havensproject.online/ HTTP 307
https://havensproject.online/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://web.facebook.com/v2.3/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ea5340f9735298e%26domain%3Dhavensproject.online%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhavensproject.online%252Ffbb628c26dc6c3916%26relation%3Dparent.parent&container_width=509&height=280&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FFantasyOfLoreAQWorlds&locale=en_US&sdk=joey&show_facepile=true&show_posts=true&small_header=false&width=500 HTTP 302
https://www.facebook.com/v2.3/plugins/page.php?adapt_container_width=true&app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ea5340f9735298e%26domain%3Dhavensproject.online%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhavensproject.online%252Ffbb628c26dc6c3916%26relation%3Dparent.parent&container_width=509&height=280&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FFantasyOfLoreAQWorlds&locale=en_US&sdk=joey&show_facepile=true&show_posts=true&small_header=false&width=500&_rdc=1&_rdr

40 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
havensproject.online/
Redirect Chain

http://havensproject.online/
https://havensproject.online/

15 KB
5 KB

1533ms
1470ms

Document
text/html

172.67.166.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://havensproject.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.166.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.4.34
Resource Hash: 7a8804f25804d367cb09c2d802a816d7c3cbdd2a701c965e89eb22454d817c24

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8882798dcc8d9b5d-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=UTF-8
date: Thu, 23 May 2024 04:59:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ucr5%2BbTyLYftWlotfgv3SkiWkfzNHw%2Fa6hNnbyMXRl9fPnWSQPSqezYD2tAIreCczD1GpKKYUhf%2FpAjRd3tWzcknLLHz1991NnoSwwaZEvNxxLRz%2B6wr26sR0D5xcSydx4oJhiRv6g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-powered-by: PHP/5.4.34

Redirect headers

Location: https://havensproject.online/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 bootstrap.css
havensproject.online/templates/css/ 114 KB
19 KB 636ms
635ms Stylesheet
text/css 172.67.166.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://havensproject.online/templates/css/bootstrap.css?R3
Requested by: Host: havensproject.online
URL: https://havensproject.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.166.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f0e5c7823db4f395ae54bf84b4627c5cbc96eef7ed8d27be5546d17773fe2c1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://havensproject.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 04:59:09 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 19060
last-modified: Wed, 07 Oct 2015 14:24:46 GMT
server: cloudflare
etag: "1c9cd-521848227b490-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I1Ci4zUkHEjI%2B21xbJOGeKbG90UeuVTWuPJ9SjUB1wfkqwdFTZnMH5nomYiCPXBqzt%2Fq%2BoJZtIMaNu0v6XBs3SKCkQ1od58OZqQjSJCBEmZ29H3Wcgd4Dm5G2UOCinq3JmU4aK6h1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-language: en
content-type: text/css
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 888279970bb89b5d-FRA

GET
H3 200 bootstrap.min.css
havensproject.online/templates/css/ 2 KB
1 KB 437ms
435ms Stylesheet
text/css 172.67.166.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://havensproject.online/templates/css/bootstrap.min.css
Requested by: Host: havensproject.online
URL: https://havensproject.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.166.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e514fb1b7f178b85f10059c48e366ef26e681bd97de1377cd862923f8e78772a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://havensproject.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 04:59:09 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 877
last-modified: Wed, 07 Oct 2015 13:57:44 GMT
server: cloudflare
etag: "927-521842172e8dc-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m%2F2%2BqHQQio6mSM%2BLglbR7BvuvoU3b0ykuYRLHLa6EvBgImjSakYVkyJfb26MVBq2V8gtCtZvwmU9VK7KLiTZHndPswZCRWqIdwElx6GVYyQbcmbDZZ6VsV6oNQ3aL7WMArPLidwXUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-language: en
content-type: text/css
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 888279970bba9b5d-FRA

GET
H3 200 FantasyOfLore.css
havensproject.online/templates/css/ 251 B
670 B 436ms
434ms Stylesheet
text/css 172.67.166.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://havensproject.online/templates/css/FantasyOfLore.css?R2
Requested by: Host: havensproject.online
URL: https://havensproject.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.166.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e66117bfc7a58557a306ef37803fc73872d259b571bae96e25c08a07001879f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://havensproject.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 04:59:09 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 182
last-modified: Wed, 07 Oct 2015 14:43:39 GMT
server: cloudflare
etag: "fb-52184c5af79d9-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rN%2B0DLVCt%2FDwVZ1JM8DfcT7yJYWDR0Q0SRoNJlZcgmV3te52t4v%2BlP3BbIWtt0%2FFIZJj7BDSXSf91xye9RGpbyRHsYAEIkJYPS8crmUrDAm%2FDkiStlDg30jRaom0NZ65um5t0C305A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-language: en
content-type: text/css
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 888279970bbb9b5d-FRA

GET
H2 200 jquery-2.1.4.min.js Show response
code.jquery.com/ 82 KB
29 KB 132ms
35ms Script
application/javascript 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.1.4.min.js
Requested by: Host: havensproject.online
URL: https://havensproject.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://havensproject.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 04:59:09 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 21639695
x-cache: HIT, HIT
content-length: 29519
x-served-by: cache-lga21971-LGA, cache-cph2320053-CPH
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1716440349.377689,VS0,VE0
etag: W/"28feccc0-14979"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 32, 6632

GET
H2 200 swfobject.js Show response
ajax.googleapis.com/ajax/libs/swfobject/2.2/ 10 KB
4 KB 145ms
45ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/swfobject/2.2/swfobject.js

Requested by

Host: havensproject.online
URL: https://havensproject.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://havensproject.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 02:41:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8278
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3974
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 May 2025 02:41:11 GMT

GET
H3 200 bootstrap.min.js Show response
havensproject.online/templates/js/ 35 KB
10 KB 437ms
435ms Script
application/javascript 172.67.166.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://havensproject.online/templates/js/bootstrap.min.js
Requested by: Host: havensproject.online
URL: https://havensproject.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.166.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://havensproject.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 04:59:09 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 9512
last-modified: Fri, 07 Aug 2015 20:21:10 GMT
server: cloudflare
etag: "8c6f-51cbe606bd077-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DjCAHTxBRz%2BULCFjWvvbyw92vRaIhi8Isccc4L3SJHYytF86s7w9HRpFwpZjC8WD4UiIqmz8jO3hsbySLbkrXfokCzLknZWDnogCcdvk8zkMlFkfTdJq%2FtZGDiq4epYhv9%2FzOn%2BVHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-language: en
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 888279970bbc9b5d-FRA

GET
H3 200 FantasyOfLore.js Show response
havensproject.online/templates/js/ 1 KB
1 KB 471ms
469ms Script
application/javascript 172.67.166.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://havensproject.online/templates/js/FantasyOfLore.js
Requested by: Host: havensproject.online
URL: https://havensproject.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.166.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1e5bf4ae5739fc45ba23634fb94e023b906d3fde640258b03bb4f88b29253a9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://havensproject.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 04:59:09 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 629
last-modified: Sun, 02 Aug 2015 11:02:52 GMT
server: cloudflare
etag: "546-51c51fe9a1a73-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q6FviwYRIV1nS333FRCMGCcTrAvoO2YRqSzMGySk8AP91ZLhnGWe5G1%2BT7KPwclFTgyXdXmu7CWYvet2R%2FHgkT2O0ux6ozGJPqhVXnFL9bZZCKOtYYAozvipQe0CApMD3XOgxAv3bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-language: en
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 888279970bbe9b5d-FRA

GET
H3 204 display.php Show response
www.adnetworkperformance.com/a/ 0
471 B 279ms
173ms Script
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.adnetworkperformance.com/a/display.php?r=972050
Requested by: Host: havensproject.online
URL: https://havensproject.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://havensproject.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 04:59:09 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UBaVw2FHJZyGTRhclau9P%2BbS36dKKmETTAvdqntA9%2FXIabtGIkSkYKvRTznB931%2FGB5k3o3s%2FkOcOO7tgpKXlbJVsoOc1HnZLU%2FdcnkTV0pQnBq8gUBeVQY81LSsEPnzB5m%2BMFwm5EuJljNrNnRj"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 88827997a8ce9b67-FRA
access-control-allow-headers: Content-Type
alt-svc: h3=":443"; ma=86400

GET
H3 200 logo.png
havensproject.online/templates/img/ 8 KB
9 KB 426ms
424ms Image
image/png 172.67.166.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://havensproject.online/templates/img/logo.png
Requested by: Host: havensproject.online
URL: https://havensproject.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.166.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e1583dee250d6d7dfa5ad9e84058d19997697e41e95790affcb6deeee1b6335

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://havensproject.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 04:59:09 GMT
cf-cache-status: MISS
last-modified: Fri, 16 Oct 2015 07:55:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "206f-522341cc8c802"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fi8hgieOPGlULvLEvx3GORywb%2FQoRUVPu3IET2LsitIF3zgXJ2%2FG3NYmmOrpXMocFeqLQ1Em9SxaQMYB0HPHUuP6VMUzgICLYbav4pyX1%2BGSCfNJ5TeUzfiUTdWFFDTM%2FDLUhePUEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-language: en
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 888279970bc09b5d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 8303

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 25 KB
10 KB 155ms
64ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: havensproject.online
URL: https://havensproject.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

13edb5262855bec8ed0dfee2505a18e7cc885c587c425a4423d7676ac8de72bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://havensproject.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 04:59:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10569
x-xss-protection: 0
server: cafe
etag: 6783520098384552592
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 23 May 2024 04:59:09 GMT

GET multi-1.jpg
www.aqguardians.com/media/1070/ 0
0

GET about-1.jpg
www.aqguardians.com/media/1071/ 0
0

GET faq-1.jpg
www.aqguardians.com/media/1069/ 0
0

GET
H3 404 Larion.jpg
havensproject.online/templates/img/avatar/ 348 B
348 B 439ms
439ms Image
text/html 172.67.166.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://havensproject.online/templates/img/avatar/Larion.jpg
Requested by: Host: havensproject.online
URL: https://havensproject.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.166.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd7a636d97c1e87abe96beeb075d629e76996d1d6f858565c1ffa95bdfedbe70

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://havensproject.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 04:59:10 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hTF8X8Ox9w7McT%2FMVNNVyi1sLwCsl6Rk3HdsCfZtYUcZgUzSg6k9n3AuxckFuIhSIq9wN0bPKvYxuNtTM7RIvqJogpD1h3C42BTXZ%2FcjjByBWQtvhskKESS2PeYpV8iTTDWrQ3xovQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 8882799a0e239b5d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 v5vc0ht.jpg
i.imgur.com/ 216 KB
217 KB 135ms
40ms Image
image/jpeg 199.232.196.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/v5vc0ht.jpg

Requested by

Host: havensproject.online
URL: https://havensproject.online/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

ed383409cabb101d5fa9cf0453060532290624ffe1ef64b8c3e404817254df0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://havensproject.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 04:59:09 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 1486514
x-cache: Miss from cloudfront, HIT, HIT
x-amz-storage-class: STANDARD_IA
content-length: 221203
x-served-by: cache-iad-kiad7000173-IAD, cache-fra-etou8220053-FRA
last-modified: Tue, 03 Nov 2015 11:05:20 GMT
server: cat factory 1.0
x-timer: S1716440350.605030,VS0,VE2
etag: "36a3ea3f02a0d82c7b6d893a75d939d4"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: pGfihdfso5UYXBydIYHmI5Vc4BZHphq3Hbde7CTCnQgVStFOq6ro1g==
x-cache-hits: 5, 0

GET
H3 200 Exos.jpg
havensproject.online/templates/img/avatar/ 26 KB
26 KB 624ms
624ms Image
image/jpeg 172.67.166.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://havensproject.online/templates/img/avatar/Exos.jpg
Requested by: Host: havensproject.online
URL: https://havensproject.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.166.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e6a7667f2893c9807f9d7a103a1b1b97b1c4405d683f117cb7ae4085aef99d5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://havensproject.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 04:59:10 GMT
cf-cache-status: MISS
last-modified: Thu, 15 Oct 2015 16:08:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "67bd-52226e27389f0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2vpHDuQVQtKp8EHSNDooyb6TdA3yqJx2Lld60gKpmrUu0FrxInsowclPKDa4QXuDeadS%2BK22AH5aQpw0Nfu5PpE%2FbmA0yXq7L2lPLc9qRfwqMR7eLpo9THpJ8E%2FLUN7RQsfxqdzZCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-language: en
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8882799b0ecf9b5d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 26557

GET
H3 200 3.png
havensproject.online/images/ 241 KB
241 KB 828ms
816ms Image
image/png 172.67.166.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://havensproject.online/images/3.png
Requested by: Host: havensproject.online
URL: https://havensproject.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.166.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24d268bf4e04b7f473e5c4198c796bd103d2658232052935b0f26371904198fe

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://havensproject.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 04:59:10 GMT
cf-cache-status: MISS
last-modified: Tue, 20 Oct 2015 22:11:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3c32e-522908b4ed52f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qO8k7BiYrRMPG5FltHqHMKGbErzgl%2BxxwGVBNRzda7yn03odtVWHvNbPlJk3iNjCrEboJ4rUAaaZs%2BB4Y7vg5vpvBYytfgjJA0F4ek34B2RLlYmlazhCEAd%2B4S1vBCV8TyWbbPXDrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-language: en
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8882799b2ee29b5d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 246574

GET
H3 200 2.png
havensproject.online/images/ 361 KB
362 KB 868ms
857ms Image
image/png 172.67.166.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://havensproject.online/images/2.png
Requested by: Host: havensproject.online
URL: https://havensproject.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.166.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67050d4b6845f18bcf8512b1adf2f4fb30282ae40a74c0dff80b0d98ff8653c3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://havensproject.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 04:59:10 GMT
cf-cache-status: MISS
last-modified: Fri, 16 Oct 2015 07:24:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5a531-52233ae3db688"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=und3ImPaW3Y7cXdAL97luSpxDTDDVdyikj8OMc3Ha%2F1rW448IxT1%2Bjljsqdg91latrdvWcsZZP31KgfgG3wJ9wpAVlJkTDJiQB0LUf2s9r6OFMSn6K%2F9mw%2Bf0nK5eiYCZMIB7I2AHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-language: en
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8882799b2ee89b5d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 369969

GET 12039197_1625253921088619_1308113486793723955_n.png
fbcdn-sphotos-e-a.akamaihd.net/hphotos-ak-xfa1/v/t1.0-9/s720x720/ 0
0

GET
H3 200 Raily.jpg
havensproject.online/templates/img/avatar/ 24 KB
24 KB 656ms
645ms Image
image/jpeg 172.67.166.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://havensproject.online/templates/img/avatar/Raily.jpg
Requested by: Host: havensproject.online
URL: https://havensproject.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.166.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb42faa813fc13d90b72553cc45014af9aa24d4437233504783de93ba2d64627

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://havensproject.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 04:59:10 GMT
cf-cache-status: MISS
last-modified: Sun, 04 Oct 2015 14:28:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5f9c-5214836ae7d1b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tNvRmzU3OiQNxWc6u2ypVKVDExd5%2FuX%2FOjjxCZHTwX60y7qf9f7AIV%2FtJt4dNIye9fYlmEOlnoy19zBd6r%2FZpwXA%2BfIEdPdxpRVYnPU43xjDLz2JkZriYy9miAgx5MY0Ornu4%2F05lQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-language: en
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8882799b2ee99b5d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 24476

GET 12143264_1627267744220570_1881374242506502944_n.png
fbcdn-photos-a-a.akamaihd.net/hphotos-ak-xlt1/v/t1.0-0/p280x280/ 0
0

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
4 KB 182ms
18ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: havensproject.online
URL: https://havensproject.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1f4adf9cca29a136e2535ad52ee50feaf54a7810835fbf60892adf76e871b997

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://havensproject.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 23 May 2024 04:59:10 GMT
content-md5: rGLKWlLgPCfR8R+LZMuXxA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=12, mss=1294, tbw=2803, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug: uBQx5K2auN51lldMFHuFWeR1ZIlCqecvXhQvsbgH14jALnbBFBRNQf3sq9noOTVzxED52ElrQXDBB+46wrhpTg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: df0b839e1f8534b999a0283f3854e276
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "136eb96488303dd92a1ad4cb10878c1a"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Thu, 23 May 2024 05:13:02 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
51 KB 86ms
76ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

431f7831ff7d79b2ad5db41b355658717aa70489e002985ddac47cd4ccd24201

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://havensproject.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 04:59:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51908
x-xss-protection: 0
server: cafe
etag: 14005352026090176825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 23 May 2024 04:59:09 GMT

GET
H2 200 fk3NHds.png
i.imgur.com/ 696 KB
696 KB 65ms
37ms Image
image/png 199.232.196.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/fk3NHds.png?1

Requested by

Host: havensproject.online
URL: https://havensproject.online/templates/css/bootstrap.css?R3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

5573bb3ed17404dc818fb4e066b7ae986ed5bb6817fb59f931eb3ec597c2fb31

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://havensproject.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 04:59:09 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: ATL56-P1
age: 74549
x-cache: Miss from cloudfront, MISS, HIT
x-amz-storage-class: STANDARD_IA
content-length: 712376
x-served-by: cache-iad-kjyo7100034-IAD, cache-fra-etou8220053-FRA
last-modified: Wed, 07 Oct 2015 21:21:01 GMT
server: cat factory 1.0
x-timer: S1716440350.956024,VS0,VE1
etag: "06ae4b947108de86d8c07fc1698cb10a"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: pWXv4w6mZ_0VlNWnHYTvytzQ3LBg1BDljhuk2XOe5jQEA80OQeNV1g==
x-cache-hits: 0, 0

GET
H3 200 seppy.jpg
havensproject.online/templates/img/ 126 KB
127 KB 864ms
850ms Image
image/jpeg 172.67.166.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://havensproject.online/templates/img/seppy.jpg
Requested by: Host: havensproject.online
URL: https://havensproject.online/templates/css/FantasyOfLore.css?R2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.166.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a95b9d27734129eee06fd3bcb63f92a650f2ac665d8f7e09b18c4eeb7c9a1931

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://havensproject.online/templates/css/FantasyOfLore.css?R2
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 04:59:10 GMT
cf-cache-status: MISS
last-modified: Fri, 07 Aug 2015 20:21:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1f89a-51cbe605e1ec2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sqpgZhlKu3FRbTEYuB3qGWDF%2FB0LiPcZkUvzwxYVvWsYPoqzs%2BqUnl2hfpoJLnfATl3Lkn3poX1xYKwc10byRLrMVWlst5EZ6cBIiL530eHJ%2BMv2Ah5WnJIWFrwQDrHzcdiDJQZ0uQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-language: en
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8882799b2eeb9b5d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 129178

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405200101/ 415 KB
140 KB 85ms
84ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2776420396696608&plah=havensproject.online&aplac=true

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

bd9b776f85fb078f7cde76a66f32595734d385ed9c96914878f763faa0830edb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://havensproject.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 04:59:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 143653
x-xss-protection: 0
server: cafe
etag: 339080930490553958
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 23 May 2024 04:59:10 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 299 KB
86 KB 84ms
39ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=621dceee9dc728f3f09674d5b6f1d188

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

3ef555e7b0edc90f6f79a49e50dc403468c352d98c9be11872e96405d54def7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://havensproject.online/
Origin: https://havensproject.online
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 23 May 2024 04:59:10 GMT
content-md5: K4iI/5kv+PTjbCyBNSAImg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87616
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=33, mss=1232, tbw=4294, tp=9, tpl=0, uplat=1, ullat=-1
x-fb-debug: UgImSKqR4pC9g7fLbJ70gQCd6ZbuCOk5FIkk1kdmRxYUud+nnDMDizC9w+ZV5H6spRp8CuLskFwRKOVzHvvXtw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 4331092e7b0d96236d21c10531fd547d
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "2dfc97f8c6226a7a8e6aa78d0785fbe2"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Fri, 23 May 2025 03:53:37 GMT

GET
H3 200 zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240521/r20110914/ Frame CBC7 0
0 115ms
40ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/html/r20240521/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2776420396696608&plah=havensproject.online&aplac=true

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://havensproject.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 53229
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4164
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 May 2024 14:12:01 GMT
etag: 11731753506229902092
expires: Wed, 05 Jun 2024 14:12:01 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 400 ads
pagead2.googlesyndication.com/pagead/ Frame FC25 0
0 126ms
60ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2776420396696608&output=html&h=280&slotname=2721953971&adk=2712857028&adf=2944451431&pi=t.ma~as.2721953971&w=336&lmt=1716440350&url=https%3A%2F%2Fhavensproject.online%2F&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuNzYiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyNS4wLjY0MjIuNzYiXSxbIkNocm9taXVtIiwiMTI1LjAuNjQyMi43NiJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1716440349909&bpp=181&bdt=649&idt=335&shv=r20240521&mjsv=m202405200101&ptt=5&saldr=sd&abxe=1&eoidce=1&correlator=3956841772644&frm=20&pv=2&ga_vid=1085966507.1716440350&ga_sid=1716440350&ga_hid=1250622049&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=902&ady=270&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95331982%2C95331712%2C31078668&oid=2&pvsid=2779358639080058&tmod=812476961&uas=0&nvt=1&fc=896&brdim=320%2C320%2C320%2C320%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=354

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://havensproject.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 May 2024 04:59:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 400 ads
pagead2.googlesyndication.com/pagead/ Frame C44F 0
0 106ms
61ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2776420396696608&output=html&h=280&slotname=2721953971&adk=2712857028&adf=880476663&pi=t.ma~as.2721953971&w=336&lmt=1716440350&url=https%3A%2F%2Fhavensproject.online%2F&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuNzYiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyNS4wLjY0MjIuNzYiXSxbIkNocm9taXVtIiwiMTI1LjAuNjQyMi43NiJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1716440349911&bpp=179&bdt=651&idt=369&shv=r20240521&mjsv=m202405200101&ptt=5&saldr=sd&abxe=1&eoidce=1&prev_slotnames=2721953971&correlator=3956841772644&frm=20&pv=1&ga_vid=1085966507.1716440350&ga_sid=1716440350&ga_hid=1250622049&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=902&ady=2664&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95331982%2C95331712%2C31078668&oid=2&pvsid=2779358639080058&tmod=812476961&uas=0&nvt=1&fc=896&brdim=320%2C320%2C320%2C320%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&nt=1&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=373

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://havensproject.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 May 2024 04:59:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 71ms
71ms Image
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=navbar%20navbar-default%20navbar-fixed-top%20navbar-transparent%20container&ign=false&pw=1600&ph=1200&x=800&y=0

Requested by

Host: havensproject.online
URL: https://havensproject.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://havensproject.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 23 May 2024 04:59:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame BD35 0
0 80ms
49ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2776420396696608&output=html&adk=522671305&adf=1178619241&abgtt=1&lmt=1716440350&plat=2%3A16777216%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fhavensproject.online%2F&pra=7&wgl=1&easpi=0&aihb=0&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuNzYiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyNS4wLjY0MjIuNzYiXSxbIkNocm9taXVtIiwiMTI1LjAuNjQyMi43NiJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1716440350090&bpp=1&bdt=830&idt=203&shv=r20240521&mjsv=m202405200101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_slotnames=2721953971%2C2721953971&nras=1&correlator=3956841772644&frm=20&pv=1&ga_vid=1085966507.1716440350&ga_sid=1716440350&ga_hid=1250622049&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95331982%2C95331712%2C31078668&oid=2&pvsid=2779358639080058&tmod=812476961&uas=0&nvt=1&fsapi=1&fc=896&brdim=320%2C320%2C320%2C320%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=3&uci=a!3&fsb=1&dtd=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://havensproject.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 May 2024 04:59:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

page.php
www.facebook.com/v2.3/plugins/ Frame D30C
Redirect Chain

https://web.facebook.com/v2.3/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ea5340f9735298e%2...
https://www.facebook.com/v2.3/plugins/page.php?adapt_container_width=true&app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ea5340f9735298e%26...

0
0

198ms
119ms

Document
text/html

2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.3/plugins/page.php?adapt_container_width=true&app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ea5340f9735298e%26domain%3Dhavensproject.online%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhavensproject.online%252Ffbb628c26dc6c3916%26relation%3Dparent.parent&container_width=509&height=280&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FFantasyOfLoreAQWorlds&locale=en_US&sdk=joey&show_facepile=true&show_posts=true&small_header=false&width=500&_rdc=1&_rdr

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=621dceee9dc728f3f09674d5b6f1d188

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://havensproject.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: zstd
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: unsafe-none;report-to="coop_report"
cross-origin-resource-policy: cross-origin
date: Thu, 23 May 2024 04:59:11 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v13.0
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1294, tbw=2773, tp=-1, tpl=-1, uplat=79, ullat=0
x-fb-debug: diD0tRmtRgoya1haXi7TIeG56lWMotAYm6OrxqNC9PS7UuMHetzHd7wF8Y2MrDs4HBCBZSyF7u6X9Mm9sBxh6Q==
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none;report-to="coop_report"
date: Thu, 23 May 2024 04:59:11 GMT
location: https://www.facebook.com/v2.3/plugins/page.php?adapt_container_width=true&app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ea5340f9735298e%26domain%3Dhavensproject.online%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhavensproject.online%252Ffbb628c26dc6c3916%26relation%3Dparent.parent&container_width=509&height=280&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FFantasyOfLoreAQWorlds&locale=en_US&sdk=joey&show_facepile=true&show_posts=true&small_header=false&width=500&_rdc=1&_rdr
origin-agent-cluster: ?0
priority: u=0,i
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/web.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
reporting-endpoints: coop_report="https://web.facebook.com/browser_reporting/coop/?minimize=0"
strict-transport-security: max-age=15552000; preload
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=33, mss=1232, tbw=4294, tp=9, tpl=0, uplat=32, ullat=0
x-fb-debug: 3Dwp0Sh2my52S+fEiOjZeU8h5yyQ0eKHRSyrZSLqRZHlk8z60wPCpT8QFVwxo4Nc7uAycjpbgON8Ct3RVAACXA==
x-fb-zr-redirect: 02|1716526751|

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 127ms
52ms XHR
application/json 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240521&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

17d7a5a4d743c735dfa3028e5f530d7eaff9ff96272895eba3796199924977db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://havensproject.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 04:59:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12625
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 187ms
99ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://havensproject.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 04:59:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 23 May 2024 04:59:11 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AA2D 0
0 124ms
37ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://havensproject.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 8287
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 23 May 2024 02:41:04 GMT
expires: Fri, 23 May 2025 02:41:04 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 404 icon.png
havensproject.online/templates/img/ 339 B
674 B 459ms
458ms Other
text/html 172.67.166.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://havensproject.online/templates/img/icon.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.166.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ade48e4cc614ce31ea495469c366d5f7d9826b9ac7fe369c50055258f723abc

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://havensproject.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 04:59:12 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7s2v%2BRdp9bzWRHDCpJ%2BtFzKKhy%2FNJXjYZTa4wWgKJyg8u5lcpWaff3DGmnJsS242dK3VvF4nugJEyYDRp8Sd0EL%2FhfJewgP4sU1Vi1P%2BGgM%2FqVTuv%2BCnIa%2F%2FWbNbC%2FFuE9EPj6rFKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 888279a7183d9b5d-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 158ms
158ms Image
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-2776420396696608&su=havensproject.online&eid=44759875%2C44759926%2C44759842%2C95331982%2C95331712%2C31078668&doc=complete&pg_h=3921&pg_w=1600&pg_hs=3921&c=2&aa_c=0&av_h=280&av_w=336&av_a=94080&s=3071.453&all_s=3071.453&b=19.547&all_b=19.547&d=0.143&all_d=0.143&ard=0.030&all_ard=0.030&dt=d

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://havensproject.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 23 May 2024 04:59:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.aqguardians.com
URL: https://www.aqguardians.com/media/1070/multi-1.jpg

Domain: www.aqguardians.com
URL: https://www.aqguardians.com/media/1071/about-1.jpg

Domain: www.aqguardians.com
URL: https://www.aqguardians.com/media/1069/faq-1.jpg

Domain: fbcdn-sphotos-e-a.akamaihd.net
URL: https://fbcdn-sphotos-e-a.akamaihd.net/hphotos-ak-xfa1/v/t1.0-9/s720x720/12039197_1625253921088619_1308113486793723955_n.png?oh=8c29edaf4e5308a60cbedfc838562303&oe=569AF7A7&__gda__=1452319020_6225ca65d53f8031f482d139f2e279c0

Domain: fbcdn-photos-a-a.akamaihd.net
URL: https://fbcdn-photos-a-a.akamaihd.net/hphotos-ak-xlt1/v/t1.0-0/p280x280/12143264_1627267744220570_1881374242506502944_n.png?oh=321105f47c089bb6201a1ffa6750e9fe&oe=568B74B7&__gda__=1451720156_9e777dc83e1fe4984f105ac88083b881

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240521&jk=2779358639080058&bg=!qKulq-TNAAaTdHvKs3Q7ADQBe5WfOKA8LXPc6CUfVCHcyNLSkcEhH_gQ2JDmXKrWrj5o7SYoqJNUWObH2zLKpUt8ACtoAgAAADdSAAAAAWgBB34ANXXQRvlHcCr46V4uj4hg0iFk7-kfjxfD0Q9tPLe6nByPjcruorjTvGlHifA5X2tRAwQS6xHqCgBvp3nSVI3WS49cG1s83GVaRZdt4JHi-vMtptnqiFSp-tsarXc2ibsv65m2bOvCKLXRL_iPIvjCPdvFgeu17LJfUwB-tuZz_KUKhCINg2lpYPorlOx0eCMVcfWHH9OqDSv9aUO01729HGIUoNiwTWKOmQKml6ADCoIKjOQyii860R-RRTFgQngIdMnl3bN1TSGG4BzStQ8Ywisoh6Eq5nXZQsaBWlD11PPbc7QfZMWuFO8TGgdHWlKLVZ1C-a1WfN_AV1Z5jCuvpSboIxn4Jrfk-OV2ro6osBrCRzjYN3mubCBocAbKxcmYAwZ7v3zlkql7bmHJ9gYYHmjb1gkC9oCd-wFP2ExyXtYy0jo-6-lX0c_57V40gEUNUTdYHyQEm0VpXB6WKyLQDl0BM6SAKbQZHLaVIf3IYzgN1-I4R2FNvDqogmH0ZX553c0dHC3XRewYaDRlLU5aR7ZtF9ak-0-QeOVyKtJlEf4zeDRDxxw4b7Z_7hedY83B5W0hHMv7QHENFgxFUENVzlHUK29rPfsTD1urnmVCjx5ZjQT-6-DOxKGtCBGZyP_5q58x4OPW97WUWekJ-es9Sn1gH5FUlQiql1qidD3E5sgp4Wyk8yyTddOBBaySi5oSfA5UF-ECSwfAHf0XaZyCZn4gIsiZqf-sF41lJhWFtz-tKZQBBOdf8Zgwbfgq_zpUyLtpfq3ofhA1rrtvbu1VST0CZuD9yQczu24MCLDZhhNdKk5PsJsyv_-zslmuijQ8HP7YhWe8LLuTL539a4P6W36gvTFSJ3UyHu7iaaBAnxxcm2m6X0UsbHFFB0h2LB7vnqnOLudWgo6XSbcq4A_JHkd7FcEQWUW2Y6X3QfbbVjAndTtOPH5T7uxC09g-oB_MqECCeDH6jf5X51QIUldT5s_Fi2hczpxSQ5T3TajZ_y-olUjKGvnM92FBtyp5aZqtvulpVretYd8hhmuDbeLMgobqRrTIV8L8lnHJf1WqRcctvT8mRosc5uTT94QbfOdc0c15mC5FmAU4AtvWOl-V7AfI7Vw70y9pCOfBGQjrADKf

Verdicts & Comments Add Verdict or Comment

177 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

16 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://havensproject.online/ Message: Mixed Content: The page at 'https://havensproject.online/' was loaded over HTTPS, but requested an insecure element 'http://www.aqguardians.com/media/1070/multi-1.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://havensproject.online/ Message: Mixed Content: The page at 'https://havensproject.online/' was loaded over HTTPS, but requested an insecure element 'http://www.aqguardians.com/media/1071/about-1.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://havensproject.online/ Message: Mixed Content: The page at 'https://havensproject.online/' was loaded over HTTPS, but requested an insecure element 'http://www.aqguardians.com/media/1069/faq-1.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://havensproject.online/ Message: Mixed Content: The page at 'https://havensproject.online/' was loaded over HTTPS, but requested an insecure element 'http://i.imgur.com/v5vc0ht.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://www.aqguardians.com/media/1070/multi-1.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://www.aqguardians.com/media/1071/about-1.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://www.aqguardians.com/media/1069/faq-1.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security	warning	URL: https://havensproject.online/(Line 133) Message: Mixed Content: The page at 'https://havensproject.online/' was loaded over HTTPS, but requested an insecure element 'http://www.aqguardians.com/media/1070/multi-1.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://havensproject.online/(Line 133) Message: Mixed Content: The page at 'https://havensproject.online/' was loaded over HTTPS, but requested an insecure element 'http://www.aqguardians.com/media/1071/about-1.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://havensproject.online/(Line 133) Message: Mixed Content: The page at 'https://havensproject.online/' was loaded over HTTPS, but requested an insecure element 'http://www.aqguardians.com/media/1069/faq-1.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://havensproject.online/(Line 133) Message: Mixed Content: The page at 'https://havensproject.online/' was loaded over HTTPS, but requested an insecure element 'http://i.imgur.com/v5vc0ht.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://havensproject.online/(Line 142) Message: Mixed Content: The page at 'https://havensproject.online/' was loaded over HTTPS, but requested an insecure element 'http://i.imgur.com/fk3NHds.png?1'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://fbcdn-sphotos-e-a.akamaihd.net/hphotos-ak-xfa1/v/t1.0-9/s720x720/12039197_1625253921088619_1308113486793723955_n.png?oh=8c29edaf4e5308a60cbedfc838562303&oe=569AF7A7&__gda__=1452319020_6225ca65d53f8031f482d139f2e279c0 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://fbcdn-photos-a-a.akamaihd.net/hphotos-ak-xlt1/v/t1.0-0/p280x280/12143264_1627267744220570_1881374242506502944_n.png?oh=321105f47c089bb6201a1ffa6750e9fe&oe=568B74B7&__gda__=1451720156_9e777dc83e1fe4984f105ac88083b881 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://havensproject.online/templates/img/avatar/Larion.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://havensproject.online/templates/img/icon.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
code.jquery.com
connect.facebook.net
fbcdn-photos-a-a.akamaihd.net
fbcdn-sphotos-e-a.akamaihd.net
havensproject.online
i.imgur.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
web.facebook.com
www.adnetworkperformance.com
www.aqguardians.com
www.facebook.com
fbcdn-photos-a-a.akamaihd.net
fbcdn-sphotos-e-a.akamaihd.net
pagead2.googlesyndication.com
www.aqguardians.com
157.240.0.6
157.240.252.10
172.217.18.2
172.67.166.27
188.114.96.3
199.232.196.193
2a00:1450:4001:828::200a
2a00:1450:4001:830::2001
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42::649
13edb5262855bec8ed0dfee2505a18e7cc885c587c425a4423d7676ac8de72bc
17d7a5a4d743c735dfa3028e5f530d7eaff9ff96272895eba3796199924977db
1e1583dee250d6d7dfa5ad9e84058d19997697e41e95790affcb6deeee1b6335
1f4adf9cca29a136e2535ad52ee50feaf54a7810835fbf60892adf76e871b997
24d268bf4e04b7f473e5c4198c796bd103d2658232052935b0f26371904198fe
3e66117bfc7a58557a306ef37803fc73872d259b571bae96e25c08a07001879f
3ef555e7b0edc90f6f79a49e50dc403468c352d98c9be11872e96405d54def7c
431f7831ff7d79b2ad5db41b355658717aa70489e002985ddac47cd4ccd24201
4f0e5c7823db4f395ae54bf84b4627c5cbc96eef7ed8d27be5546d17773fe2c1
5573bb3ed17404dc818fb4e066b7ae986ed5bb6817fb59f931eb3ec597c2fb31
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67050d4b6845f18bcf8512b1adf2f4fb30282ae40a74c0dff80b0d98ff8653c3
7a8804f25804d367cb09c2d802a816d7c3cbdd2a701c965e89eb22454d817c24
8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4
9ade48e4cc614ce31ea495469c366d5f7d9826b9ac7fe369c50055258f723abc
9e6a7667f2893c9807f9d7a103a1b1b97b1c4405d683f117cb7ae4085aef99d5
a95b9d27734129eee06fd3bcb63f92a650f2ac665d8f7e09b18c4eeb7c9a1931
b1e5bf4ae5739fc45ba23634fb94e023b906d3fde640258b03bb4f88b29253a9
bb42faa813fc13d90b72553cc45014af9aa24d4437233504783de93ba2d64627
bd9b776f85fb078f7cde76a66f32595734d385ed9c96914878f763faa0830edb
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e514fb1b7f178b85f10059c48e366ef26e681bd97de1377cd862923f8e78772a
ed383409cabb101d5fa9cf0453060532290624ffe1ef64b8c3e404817254df0c
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c
fd7a636d97c1e87abe96beeb075d629e76996d1d6f858565c1ffa95bdfedbe70

havensproject.online Open in urlscan Pro 172.67.166.27 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

40 Requests

85 %HTTPS

45 %IPv6

10 Domains

13 Subdomains

11 IPs

3 Countries

2084 kBTransfer

2886 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

havensproject.online Open in urlscan Pro
172.67.166.27 Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

85 %
HTTPS

45 %
IPv6

10
Domains

13
Subdomains

11
IPs

3
Countries

2084 kB
Transfer

2886 kB
Size

0
Cookies

40 HTTP transactions
0 data transactions