havenpost.pages.dev Open in urlscan Pro
172.66.44.253 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://havenpost.pages.dev/
Effective URL:
https://havenpost.pages.dev/
Submission: On June 24 via api (June 24th 2024, 12:37:54 am UTC) from LU — Scanned from DE

Summary HTTP 35 Redirects Links 100 Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 13 domains to perform 35 HTTP transactions. The main IP is 172.66.44.253, located in United States and belongs to CLOUDFLARENET, US. The main domain is havenpost.pages.dev.
TLS certificate: Issued by GTS CA 1P5 on May 23rd 2024. Valid for: 3 months.

This is the only time havenpost.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BT (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
1	172.66.44.253 172.66.44.253	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	41.63.96.2 41.63.96.2	22822 (LLNW) (LLNW)
2 4	37.157.2.228 37.157.2.228	198622 (ADFORM) (ADFORM)
1	151.101.192.84 151.101.192.84	54113 (FASTLY) (FASTLY)
1	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 4	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
2 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	93.184.221.165 93.184.221.165	15133 (EDGECAST) (EDGECAST)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1	13.248.207.97 13.248.207.97	16509 (AMAZON-02) (AMAZON-02)
35	12

1 172.66.44.253 (United States)

ASN13335 (CLOUDFLARENET, US)

havenpost.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 41.63.96.2 (Frankfurt am Main, Germany)

ASN22822 (LLNW, US)
PTR: https-41-63-96-2.hhn.llnw.net

img01.bt.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.2.228 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.192.84 (San Francisco, United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.43.134 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.184.221.165 (London, United Kingdom)

ASN15133 (EDGECAST, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.207.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: a5c358b10ce834189.awsglobalaccelerator.com

api.bigdatacloud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	bt.co.uk img01.bt.co.uk — Cisco Umbrella Rank: 636429	727 KB
4	snapchat.com 1 redirects tr.snapchat.com — Cisco Umbrella Rank: 938	1 KB
4	adform.net 2 redirects track.adform.net — Cisco Umbrella Rank: 5060	2 KB
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 520	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	306 B
1	bigdatacloud.net api.bigdatacloud.net — Cisco Umbrella Rank: 40927	226 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 986	394 B
1	t.co t.co — Cisco Umbrella Rank: 726	377 B
1	bing.com bat.bing.com — Cisco Umbrella Rank: 361	488 B
1	doubleclick.net ad.doubleclick.net — Cisco Umbrella Rank: 164	21 KB
1	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 913	398 B
1	pages.dev havenpost.pages.dev	12 KB
0	bt.com Failed www.bt.com Failed
35	13

	Domain	Requested by
20	img01.bt.co.uk	havenpost.pages.dev img01.bt.co.uk
4	tr.snapchat.com	1 redirects havenpost.pages.dev
4	track.adform.net	2 redirects havenpost.pages.dev
2	pixel.tapad.com	2 redirects
2	www.facebook.com	havenpost.pages.dev
1	api.bigdatacloud.net	havenpost.pages.dev
1	analytics.twitter.com	havenpost.pages.dev
1	t.co	havenpost.pages.dev
1	bat.bing.com	havenpost.pages.dev
1	ad.doubleclick.net	havenpost.pages.dev
1	ct.pinterest.com	havenpost.pages.dev
1	havenpost.pages.dev
0	www.bt.com Failed	havenpost.pages.dev
35	13

This site contains links to these domains. Also see Links.

Domain
img01.bt.co.uk
www.bt.com
business.bt.com
www.globalservices.bt.com
shop.bt.com
www.player.bt.com
home.bt.com
support.bt.com
community.bt.com

Subject Issuer	Validity	Valid
havenpost.pages.dev GTS CA 1P5	`2024-05-23` - `2024-08-21`	3 months	crt.sh
www.bt.com GeoTrust EV RSA CA G2	`2024-06-05` - `2024-09-24`	4 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-31` - `2024-08-07`	a year	crt.sh
*.doubleclick.net WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-02` - `2024-07-01`	3 months	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-21` - `2025-02-20`	a year	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-08` - `2025-05-07`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
*.bigdatacloud.net Amazon RSA 2048 M02	`2024-04-01` - `2025-04-29`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://havenpost.pages.dev/
Frame ID: 3F82DB5573F12C6CD559C1F6A2F7F359
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Email Login Page

Page URL History Show full URLs

http://havenpost.pages.dev/ HTTP 307
https://havenpost.pages.dev/ Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

35
Requests

89 %
HTTPS

17 %
IPv6

13
Domains

13
Subdomains

12
IPs

4
Countries

764 kB
Transfer

1261 kB
Size

11
Cookies

100 Outgoing links

These are links going to different origins than the main page.

URL: https://img01.bt.co.uk/#maincontent
Title: Skip Navigation

Search URL Search Domain Scan URL

URL: https://www.bt.com/
Title: For the home

Search URL Search Domain Scan URL

URL: https://business.bt.com/
Title: For business and public sector

Search URL Search Domain Scan URL

URL: https://www.globalservices.bt.com/en
Title: For global business

Search URL Search Domain Scan URL

URL: http://www.globalservices.bt.com/LanguageUL.do?method=VIEW
Title: UK

Search URL Search Domain Scan URL

URL: https://www.bt.com/broadband
Title: Broadband

Search URL Search Domain Scan URL

URL: https://www.bt.com/broadband/
Title: Broadband

Search URL Search Domain Scan URL

URL: https://www.bt.com/products/broadband/deals
Title: Broadband deals

Search URL Search Domain Scan URL

URL: https://www.bt.com/broadband/upgrade/
Title: Upgrade broadband

Search URL Search Domain Scan URL

URL: https://shop.bt.com/learnmore/bt-branded-products-and-services/bt-broadband-accessories?ReferrerID=G600&utm_source=btcom&utm_medium=bt+marketing&utm_campaign=navigation&utm_content=G600
Title: Broadband accessories

Search URL Search Domain Scan URL

URL: https://www.bt.com/landline/
Title: Landline

Search URL Search Domain Scan URL

URL: https://www.bt.com/landline/deals/
Title: Landline deals

Search URL Search Domain Scan URL

URL: https://www.bt.com/broadband/digital-voice
Title: Digital Voice

Search URL Search Domain Scan URL

URL: https://www.bt.com/landline/manage/
Title: Manage landline

Search URL Search Domain Scan URL

URL: https://www.bt.com/landline/calling-features/
Title: Calling features

Search URL Search Domain Scan URL

URL: https://www.bt.com/landline/calling-costs/
Title: Calling costs

Search URL Search Domain Scan URL

URL: https://shop.bt.com/learnmore/bt-branded-products-and-services/bt-home-phones?ReferrerID=G600&utm_source=btcom&utm_medium=bt+marketing&utm_campaign=navigation&utm_content=G600
Title: Buy a home phone

Search URL Search Domain Scan URL

URL: https://www.bt.com/manage/moving-home/
Title: Moving home

Search URL Search Domain Scan URL

URL: https://www.bt.com/broadband/switch
Title: Switch to BT

Search URL Search Domain Scan URL

URL: https://www.bt.com/tv
Title: TV

Search URL Search Domain Scan URL

URL: https://www.bt.com/tv/packages
Title: TV & broadband deals

Search URL Search Domain Scan URL

URL: https://www.bt.com/tv/buy
Title: Buy TV

Search URL Search Domain Scan URL

URL: https://www.bt.com/tv/add
Title: Add TV to your BT broadband

Search URL Search Domain Scan URL

URL: https://www.bt.com/tv/about-tv
Title: About BT TV

Search URL Search Domain Scan URL

URL: https://www.bt.com/personalised-tv-packages
Title: Change your BT TV package

Search URL Search Domain Scan URL

URL: https://shop.bt.com/learnmore/bt-branded-products-and-services/bt-tv-accessories?ReferrerID=G600&utm_source=btcom&utm_medium=bt+marketing&utm_campaign=navigation&utm_content=G600
Title: TV accessories

Search URL Search Domain Scan URL

URL: https://www.player.bt.com/#/livetv/fulltvlistings
Title: TV Guide

Search URL Search Domain Scan URL

URL: https://www.bt.com/tv/best-of-tv
Title: Best of TV

Search URL Search Domain Scan URL

URL: https://www.bt.com/tv/on-demand/now-tv
Title: NOW

Search URL Search Domain Scan URL

URL: https://www.bt.com/tv/on-demand/netflix
Title: Netflix

Search URL Search Domain Scan URL

URL: https://www.bt.com/tv/on-demand/amazon-prime-video
Title: Prime Video

Search URL Search Domain Scan URL

URL: https://www.bt.com/tv/on-demand/britbox
Title: BritBox

Search URL Search Domain Scan URL

URL: https://www.player.bt.com/#/home
Title: What's on

Search URL Search Domain Scan URL

URL: https://www.player.bt.com/#/filmstore
Title: BT TV Film Store

Search URL Search Domain Scan URL

URL: https://www.player.bt.com/#/mytv
Title: TV purchases

Search URL Search Domain Scan URL

URL: https://www.bt.com/sport/watch/tv-guide
Title: Sport TV Guide

Search URL Search Domain Scan URL

URL: https://www.bt.com/sport/watch/whats-on
Title: What's on

Search URL Search Domain Scan URL

URL: https://www.bt.com/sport/watch/live-now/bt-sport-1
Title: BT Sport 1

Search URL Search Domain Scan URL

URL: https://www.bt.com/sport/watch/live-now/bt-sport-2
Title: BT Sport 2

Search URL Search Domain Scan URL

URL: https://www.bt.com/sport/watch/live-now/bt-sport-3
Title: BT Sport 3

Search URL Search Domain Scan URL

URL: https://www.bt.com/sport/watch/live-now/bt-sport-4
Title: BT Sport 4

Search URL Search Domain Scan URL

URL: https://www.bt.com/sport
Title: Sport

Search URL Search Domain Scan URL

URL: https://www.bt.com/sport/buy
Title: BT Sport Deals

Search URL Search Domain Scan URL

URL: https://www.bt.com/sport/tv
Title: BT Sport on TV deals

Search URL Search Domain Scan URL

URL: https://www.bt.com/sport/app
Title: BT Sport App

Search URL Search Domain Scan URL

URL: https://www.bt.com/sport/sky
Title: BT Sport on Sky TV

Search URL Search Domain Scan URL

URL: https://www.bt.com/sport/packages
Title: BT Sport on Sky TV with BT Broadband

Search URL Search Domain Scan URL

URL: https://www.bt.com/sport/monthly-pass
Title: BT Sport Monthly Pass

Search URL Search Domain Scan URL

URL: https://www.bt.com/sport/bt-sport-ultimate
Title: BT Sport Ultimate

Search URL Search Domain Scan URL

URL: https://shop.bt.com/learnmore/bt-branded-products-and-services/bt-sport-accessories?ReferrerID=G600&utm_source=btcom&utm_medium=bt+marketing&utm_campaign=navigation&utm_content=G600
Title: BT Sport accessories

Search URL Search Domain Scan URL

URL: https://www.bt.com/sport/watch
Title: Watch

Search URL Search Domain Scan URL

URL: https://www.bt.com/sport/box-office
Title: BT Sport Box Office

Search URL Search Domain Scan URL

URL: https://www.bt.com/sport/watch/catch-up
Title: TV Catch Up

Search URL Search Domain Scan URL

URL: https://www.bt.com/sport/watch/whats-on/pub-finder
Title: BT Sport Pub Finder

Search URL Search Domain Scan URL

URL: https://www.bt.com/sport/all-sports
Title: Sports

Search URL Search Domain Scan URL

URL: https://www.bt.com/sport/football
Title: Football

Search URL Search Domain Scan URL

URL: https://www.bt.com/sport/boxing
Title: Boxing

Search URL Search Domain Scan URL

URL: https://www.bt.com/sport/motogp
Title: MotoGP

Search URL Search Domain Scan URL

URL: https://www.bt.com/sport/cricket
Title: Cricket

Search URL Search Domain Scan URL

URL: https://www.bt.com/sport/rugby-union
Title: Rugby Union

Search URL Search Domain Scan URL

URL: https://www.bt.com/sport/ufc
Title: UFC

Search URL Search Domain Scan URL

URL: https://www.bt.com/sport/tennis
Title: Tennis

Search URL Search Domain Scan URL

URL: https://home.bt.com/login/loginform?view=btsport&TARGET=$SM$https%3A%2F%2Fwww%2Ebt%2Ecom%2Fsport
Title: Log in to BT Sport

Search URL Search Domain Scan URL

URL: https://www.bt.com/mobile
Title: Mobile

Search URL Search Domain Scan URL

URL: https://www.bt.com/products/mobile/
Title: Mobile

Search URL Search Domain Scan URL

URL: https://www.bt.com/products/mobile/sim-only-deals/
Title: SIM Only deals

Search URL Search Domain Scan URL

URL: https://www.bt.com/products/mobile/phones/
Title: Mobile phones

Search URL Search Domain Scan URL

URL: https://www.bt.com/products/mobile/about/upgrade/
Title: Upgrade mobile

Search URL Search Domain Scan URL

URL: https://shop.bt.com/learnmore/bt-branded-products-and-services/bt-mobile-accessories?ReferrerID=G600&utm_source=btcom&utm_medium=bt+marketing&utm_campaign=navigation&utm_content=G600
Title: Mobile accessories

Search URL Search Domain Scan URL

URL: https://www.bt.com/products/mobile/about/coverage-checker
Title: Coverage checker

Search URL Search Domain Scan URL

URL: https://www.bt.com/products/broadband/gaming
Title: Gaming

Search URL Search Domain Scan URL

URL: https://www.bt.com/halo
Title: Discover BT Halo

Search URL Search Domain Scan URL

URL: https://www.bt.com/help
Title: Help

Search URL Search Domain Scan URL

URL: https://www.bt.com/help/
Title: Help and support

Search URL Search Domain Scan URL

URL: https://www.bt.com/help/broadband/
Title: Broadband

Search URL Search Domain Scan URL

URL: https://www.bt.com/help/account-and-billing
Title: Billing

Search URL Search Domain Scan URL

URL: https://www.bt.com/help/email/
Title: Email

Search URL Search Domain Scan URL

URL: https://www.bt.com/help/tv/
Title: TV

Search URL Search Domain Scan URL

URL: https://www.bt.com/help/landline/
Title: Landline

Search URL Search Domain Scan URL

URL: https://www.bt.com/help/security/
Title: Security

Search URL Search Domain Scan URL

URL: https://www.bt.com/help/sport/
Title: Sport

Search URL Search Domain Scan URL

URL: https://www.bt.com/help/mobile/
Title: Mobile

Search URL Search Domain Scan URL

URL: https://www.bt.com/help/home/userguides/#/
Title: User guides

Search URL Search Domain Scan URL

URL: https://www.bt.com/faults
Title: Fault tracking and repair

Search URL Search Domain Scan URL

URL: https://support.bt.com/track/fault/?view=faulttracker
Title: Track a fault

Search URL Search Domain Scan URL

URL: https://www.bt.com/help/check-service-status
Title: Check service in your area

Search URL Search Domain Scan URL

URL: https://support.bt.com/fix/bbspeedtest/
Title: Test your broadband speed

Search URL Search Domain Scan URL

URL: https://www.bt.com/buy-our-products/store-finder
Title: Find a BT Store

Search URL Search Domain Scan URL

URL: https://www.bt.com/help/account-and-billing/usernames-and-passwords/i-can-t-log-in/help-with-bt-usernames-and-passwords/
Title: Password help

Search URL Search Domain Scan URL

URL: https://www.bt.com/appsordermgmt/public/index.do
Title: Track your order

Search URL Search Domain Scan URL

URL: https://community.bt.com/
Title: Ask the BT community

Search URL Search Domain Scan URL

URL: https://www.bt.com/help/welcome-to-bt
Title: Welcome to BT

Search URL Search Domain Scan URL

URL: https://www.bt.com/help/here-for-you/
Title: Here For You

Search URL Search Domain Scan URL

URL: https://www.bt.com/skillsfortomorrow
Title: Skills for Tomorrow

Search URL Search Domain Scan URL

URL: https://www.bt.com/help/home/contactus/#/home
Title: Get in touch

Search URL Search Domain Scan URL

URL: https://www.bt.com/help/contact-bt
Title: Contact BT

Search URL Search Domain Scan URL

URL: https://www.bt.com/help/contact-bt/complaints
Title: Make a complaint

Search URL Search Domain Scan URL

URL: https://www.bt.com/help/home/scams/
Title: Report a scam call

Search URL Search Domain Scan URL

URL: https://home.bt.com/secure/loginforward?view=mybt&redirectURL=https%3A%2F%2Fmy.bt.com%2Fmybt
Title: My BT

Search URL Search Domain Scan URL

URL: https://home.bt.com/secure/loginforward?siteArea=con.mya&redirectURL=https://my.bt.com/s/apps/appsbills/index.html%23%2Fbillingdashboard
Title: Your bills

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://havenpost.pages.dev/ HTTP 307
https://havenpost.pages.dev/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://home.bt.com/images/ee--bt---a-better-deal-as-one-136446259020602601-221215121755.jpg HTTP 301
https://www.bt.com/images/ee--bt---a-better-deal-as-one-136446259020602601-221215121755.jpg

Request Chain 11

https://track.adform.net/Serving/TrackPoint/?pm=1678631&ADFPageName=BTC%20-%20All%20Pages&ADFdivider=| HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1678631&ADFPageName=BTC%20-%20All%20Pages&ADFdivider=|

Request Chain 12

https://track.adform.net/Serving/TrackPoint/?pm=1678631&ADFPageName=BTC%20-%20Login&ADFdivider=| HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1678631&ADFPageName=BTC%20-%20Login&ADFdivider=|

Request Chain 20

https://tr.snapchat.com/cm/s?pnid=140 HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1718928112681%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1718928112681%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://tr.snapchat.com/cm/p?rand=1718928112681&pnid=140&pcid=c36ef8f1-603a-4974-9bb1-e3692ba3ede3

35 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
havenpost.pages.dev/
Redirect Chain

http://havenpost.pages.dev/
https://havenpost.pages.dev/

113 KB
12 KB

237ms
179ms

Document
text/html

172.66.44.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://havenpost.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.253 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef54a2b7307c0d5d6cdb6d1525df94609efcd83f5ee85c2a3988e48ab008e669

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.24 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-ray: 8988a6c4ef856a73-TXL
content-encoding: zstd
content-type: text/html; charset=utf-8
date: Mon, 24 Jun 2024 00:37:49 GMT
etag: W/"08572629c02843d563e7552dfe4cf575"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VYx05lD62jOPnpcH7ULQsbCL5QAFlda%2B7CsZRTmPMIes7VQZendzyNO5b5sGoQF0xX30WXYJ2IalU%2BL50zAcSDxMfMBCjIr%2BajW%2BF1BRHVXxpA1FbQjRYLVj9UVsd%2FLayAF%2BWgSP"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://havenpost.pages.dev/
Non-Authoritative-Reason: HSTS

GET
H2 200 email-login.css
img01.bt.co.uk/s/assets/020822/home/css/ 18 KB
4 KB 260ms
121ms Stylesheet
text/css 41.63.96.2
LLNW

General

Check archive.org

Show headers Download Go to

Full URL

https://img01.bt.co.uk/s/assets/020822/home/css/email-login.css

Requested by

Host: havenpost.pages.dev
URL: https://havenpost.pages.dev/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),

Reverse DNS

https-41-63-96-2.hhn.llnw.net

Software

Resource Hash

0c56b79713f050f34ab44c942cf611188f182674ae7d22076ed5ee36f295f3d1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://havenpost.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.24 Safari/537.36

Response headers

x-ua-compatible: IE=Edge
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
date: Mon, 24 Jun 2024 00:37:49 GMT
last-modified: Wed, 07 Feb 2024 18:38:15 GMT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
x-btsite: 1
cache-control: max-age=86400
content-length: 3783
x-xss-protection: 1; mode=block
x-llid: 3e87bcb052fb2a879d3e6b7b1cc3b734
expires: Tue, 25 Jun 2024 00:37:49 GMT

GET
H2 200 main.css
img01.bt.co.uk/s/assets/020822/home/css/ 378 KB
79 KB 416ms
277ms Stylesheet
text/css 41.63.96.2
LLNW

General

Check archive.org

Show headers Download Go to

Full URL

https://img01.bt.co.uk/s/assets/020822/home/css/main.css

Requested by

Host: havenpost.pages.dev
URL: https://havenpost.pages.dev/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),

Reverse DNS

https-41-63-96-2.hhn.llnw.net

Software

Resource Hash

027fae39fa7bd05049ec06463b1f408d842cfbce740f731aa6b2cc6fab22e5e0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://havenpost.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.24 Safari/537.36

Response headers

x-ua-compatible: IE=Edge
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
date: Mon, 24 Jun 2024 00:37:49 GMT
last-modified: Wed, 07 Feb 2024 18:38:15 GMT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
x-btsite: 1
cache-control: max-age=86400
content-length: 80986
x-xss-protection: 1; mode=block
x-llid: 715723b5b08726e0606afcbce8f1e3ca
expires: Tue, 25 Jun 2024 00:37:49 GMT

GET
H2 200 responsive-menu.css
img01.bt.co.uk/s/assets/020822/css/ 30 KB
4 KB 180ms
42ms Stylesheet
text/css 41.63.96.2
LLNW

General

Check archive.org

Show headers Download Go to

Full URL

https://img01.bt.co.uk/s/assets/020822/css/responsive-menu.css

Requested by

Host: havenpost.pages.dev
URL: https://havenpost.pages.dev/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),

Reverse DNS

https-41-63-96-2.hhn.llnw.net

Software

Resource Hash

ba17e376fe781be2379255a95419d1d627a41d49a0d5284c99f60ac1e3b6e5c8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://havenpost.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.24 Safari/537.36

Response headers

x-ua-compatible: IE=Edge
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
date: Mon, 24 Jun 2024 00:37:49 GMT
last-modified: Wed, 07 Feb 2024 18:38:15 GMT
age: 84454
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
x-btsite: 1
cache-control: max-age=86400
content-length: 4206
x-xss-protection: 1; mode=block
x-llid: e69e117474bb204f7238b01b0d22c779
expires: Mon, 24 Jun 2024 01:10:15 GMT

GET
H2 200 jquery-1.10.2.min.js Show response
img01.bt.co.uk/s/assets/020822/sport/js/libs/jquery/1.10.2/ 91 KB
34 KB 298ms
160ms Script
application/javascript 41.63.96.2
LLNW

General

Check archive.org

Show headers Download Go to

Full URL

https://img01.bt.co.uk/s/assets/020822/sport/js/libs/jquery/1.10.2/jquery-1.10.2.min.js

Requested by

Host: havenpost.pages.dev
URL: https://havenpost.pages.dev/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),

Reverse DNS

https-41-63-96-2.hhn.llnw.net

Software

Resource Hash

0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://havenpost.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.24 Safari/537.36

Response headers

x-ua-compatible: IE=Edge
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
date: Mon, 24 Jun 2024 00:37:49 GMT
last-modified: Wed, 07 Feb 2024 18:38:16 GMT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
x-btsite: 1
cache-control: max-age=86400
content-length: 33923
x-xss-protection: 1; mode=block
x-llid: 4636d35522e786f9f66a507ae5ddbae4
expires: Tue, 25 Jun 2024 00:37:49 GMT

GET
H2 200 responsive-footer.css
img01.bt.co.uk/s/assets/020822/css/ 9 KB
2 KB 184ms
46ms Stylesheet
text/css 41.63.96.2
LLNW

General

Check archive.org

Show headers Download Go to

Full URL

https://img01.bt.co.uk/s/assets/020822/css/responsive-footer.css

Requested by

Host: havenpost.pages.dev
URL: https://havenpost.pages.dev/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),

Reverse DNS

https-41-63-96-2.hhn.llnw.net

Software

Resource Hash

d72ecb212984592129b1aaaead91855a72dffa15bddb9f2e7d5cdca4edd0a63d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://havenpost.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.24 Safari/537.36

Response headers

x-ua-compatible: IE=Edge
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
date: Mon, 24 Jun 2024 00:37:49 GMT
last-modified: Wed, 07 Feb 2024 18:38:15 GMT
age: 84454
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
x-btsite: 1
cache-control: max-age=86400
content-length: 1615
x-xss-protection: 1; mode=block
x-llid: 0b15c50eef08f80e8a373b2d69ad935e
expires: Mon, 24 Jun 2024 01:10:15 GMT

GET
H2 200 logo-2018.svg
img01.bt.co.uk/s/assets/020822/images/logo/ 1 KB
991 B 287ms
149ms Image
image/svg+xml 41.63.96.2
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img01.bt.co.uk/s/assets/020822/images/logo/logo-2018.svg

Requested by

Host: havenpost.pages.dev
URL: https://havenpost.pages.dev/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),

Reverse DNS

https-41-63-96-2.hhn.llnw.net

Software

Resource Hash

07e9d4d6a617d90407a0041a950912ba8f85bcb61be41deec67fc95aa16062a1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://havenpost.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.24 Safari/537.36

Response headers

x-ua-compatible: IE=Edge
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
date: Mon, 24 Jun 2024 00:37:49 GMT
last-modified: Wed, 07 Feb 2024 18:38:15 GMT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
x-btsite: 1
cache-control: max-age=86400
accept-ranges: bytes
content-length: 628
x-xss-protection: 1; mode=block
x-llid: 866494b2659bf44e2468e4f546823973
expires: Tue, 25 Jun 2024 00:37:49 GMT

GET
H2 200 BT_logo.png
img01.bt.co.uk/s/assets/aauth/images/ 2 KB
2 KB 166ms
159ms Image
image/png 41.63.96.2
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img01.bt.co.uk/s/assets/aauth/images/BT_logo.png

Requested by

Host: havenpost.pages.dev
URL: https://havenpost.pages.dev/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),

Reverse DNS

https-41-63-96-2.hhn.llnw.net

Software

Resource Hash

670d9073ccec70934db12cf5580205e55d8e2613e7b51a632736abb72bf8eb42

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://havenpost.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.24 Safari/537.36

Response headers

x-ua-compatible: IE=Edge
content-security-policy: frame-ancestors 'self'
date: Mon, 24 Jun 2024 00:37:49 GMT
last-modified: Wed, 07 Feb 2024 18:38:15 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
x-btsite: 1
cache-control: max-age=86400
accept-ranges: bytes
content-length: 1720
x-xss-protection: 1; mode=block
x-llid: b9071e199d6052c2fa099a91fbd3782f
expires: Tue, 25 Jun 2024 00:37:49 GMT

GET

ee--bt---a-better-deal-as-one-136446259020602601-221215121755.jpg
www.bt.com/images/
Redirect Chain

https://home.bt.com/images/ee--bt---a-better-deal-as-one-136446259020602601-221215121755.jpg
https://www.bt.com/images/ee--bt---a-better-deal-as-one-136446259020602601-221215121755.jpg

0
0

GET
H2 200 logo-footer2018.svg
img01.bt.co.uk/s/assets/020822/images/logo/ 1 KB
991 B 72ms
72ms Image
image/svg+xml 41.63.96.2
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img01.bt.co.uk/s/assets/020822/images/logo/logo-footer2018.svg

Requested by

Host: havenpost.pages.dev
URL: https://havenpost.pages.dev/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),

Reverse DNS

https-41-63-96-2.hhn.llnw.net

Software

Resource Hash

07e9d4d6a617d90407a0041a950912ba8f85bcb61be41deec67fc95aa16062a1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://havenpost.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.24 Safari/537.36

Response headers

x-ua-compatible: IE=Edge
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
date: Mon, 24 Jun 2024 00:37:49 GMT
last-modified: Wed, 07 Feb 2024 18:38:15 GMT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
x-btsite: 1
cache-control: max-age=86400
accept-ranges: bytes
content-length: 628
x-xss-protection: 1; mode=block
x-llid: e42ab831823c6de3f61a9ae8fdc2fdb5
expires: Tue, 25 Jun 2024 00:37:49 GMT

GET
H2 200 responsive-footer.min.js Show response
img01.bt.co.uk/s/assets/020822/js/ 970 B
906 B 76ms
75ms Script
application/javascript 41.63.96.2
LLNW

General

Check archive.org

Show headers Download Go to

Full URL

https://img01.bt.co.uk/s/assets/020822/js/responsive-footer.min.js

Requested by

Host: havenpost.pages.dev
URL: https://havenpost.pages.dev/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),

Reverse DNS

https-41-63-96-2.hhn.llnw.net

Software

Resource Hash

fb4f69078c24ab4a77db8c99fd19f05ead8878306c9e79b08656feb9ebcc328e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://havenpost.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.24 Safari/537.36

Response headers

x-ua-compatible: IE=Edge
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
date: Mon, 24 Jun 2024 00:37:49 GMT
last-modified: Wed, 07 Feb 2024 18:38:15 GMT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
x-btsite: 1
cache-control: max-age=86400
accept-ranges: bytes
content-length: 534
x-xss-protection: 1; mode=block
x-llid: b1a59570e8378f7df8e136136bb96813
expires: Tue, 25 Jun 2024 00:37:49 GMT

GET
H2 200 footer-adjuster.css
img01.bt.co.uk/s/assets/020822/home/css/ 165 B
501 B 73ms
69ms Stylesheet
text/css 41.63.96.2
LLNW

General

Check archive.org

Show headers Download Go to

Full URL

https://img01.bt.co.uk/s/assets/020822/home/css/footer-adjuster.css

Requested by

Host: havenpost.pages.dev
URL: https://havenpost.pages.dev/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),

Reverse DNS

https-41-63-96-2.hhn.llnw.net

Software

Resource Hash

d9824ada36c9e9fbea22b55eb21af77f129649bbe7d2cfb3378eca5f4fb98e9c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://havenpost.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.24 Safari/537.36

Response headers

x-ua-compatible: IE=Edge
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
date: Mon, 24 Jun 2024 00:37:49 GMT
last-modified: Wed, 07 Feb 2024 18:38:15 GMT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
x-btsite: 1
cache-control: max-age=86400
content-length: 150
x-xss-protection: 1; mode=block
x-llid: dcc8e7abf10bd5bc845c3595eda56aaa
expires: Tue, 25 Jun 2024 00:37:49 GMT

GET
H2

200

/
track.adform.net/Serving/TrackPoint/
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=1678631&ADFPageName=BTC%20-%20All%20Pages&ADFdivider=|
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1678631&ADFPageName=BTC%20-%20All%20Pages&ADFdivider=|

35 B
518 B

54ms
40ms

Image
image/gif

37.157.2.228
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1678631&ADFPageName=BTC%20-%20All%20Pages&ADFdivider=|

Requested by

Host: havenpost.pages.dev
URL: https://havenpost.pages.dev/

Protocol

Server

37.157.2.228 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://havenpost.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.24 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jun 2024 00:37:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: image/gif
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 24 Jun 2024 00:37:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1678631&ADFPageName=BTC%20-%20All%20Pages&ADFdivider=|
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2

200

/
track.adform.net/Serving/TrackPoint/
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=1678631&ADFPageName=BTC%20-%20Login&ADFdivider=|
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1678631&ADFPageName=BTC%20-%20Login&ADFdivider=|

35 B
518 B

52ms
38ms

Image
image/gif

37.157.2.228
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1678631&ADFPageName=BTC%20-%20Login&ADFdivider=|

Requested by

Host: havenpost.pages.dev
URL: https://havenpost.pages.dev/

Protocol

Server

37.157.2.228 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://havenpost.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.24 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jun 2024 00:37:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: image/gif
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 24 Jun 2024 00:37:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1678631&ADFPageName=BTC%20-%20Login&ADFdivider=|
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
398 B 174ms
70ms Image
image/gif 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?event=init&tid=2614351310657&noscript=1
Requested by: Host: havenpost.pages.dev
URL: https://havenpost.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://havenpost.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.24 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jun 2024 00:37:49 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
pinterest-version: ea7c913d1adcbb6fa3baa49abbfb88c249c35ad2
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
alt-svc: h3=":443";ma=600
x-pinterest-rid: 8498895810183117
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 B7238964;sz=1x2;ord=1677930098998;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=
ad.doubleclick.net/ddm/adj/N3784.197812.NSO.CODESRV/ 21 KB
21 KB 141ms
80ms Image
text/javascript 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/adj/N3784.197812.NSO.CODESRV/B7238964;sz=1x2;ord=1677930098998;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=?304886781084

Requested by

Host: havenpost.pages.dev
URL: https://havenpost.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://havenpost.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.24 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jun 2024 00:37:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15026
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tr
www.facebook.com/ 0
32 B 151ms
47ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=1370377746451250&ev=PageView&noscript=1&dl=home.bt.com/login/loginform

Requested by

Host: havenpost.pages.dev
URL: https://havenpost.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://havenpost.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.24 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=10, mss=1297, tbw=2791, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 24 Jun 2024 00:37:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 tr
www.facebook.com/ 0
274 B 150ms
47ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=1370377746451250&ev=ViewContent&noscript=1&dl=home.bt.com/login/loginform

Requested by

Host: havenpost.pages.dev
URL: https://havenpost.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://havenpost.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.24 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=10, mss=1297, tbw=2791, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 24 Jun 2024 00:37:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 204 0
bat.bing.com/action/ 0
488 B 240ms
72ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5063977&Ver=2

Requested by

Host: havenpost.pages.dev
URL: https://havenpost.pages.dev/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://havenpost.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.24 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Jun 2024 00:37:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A56FB8C4AB57469FA4D1700B91FCC047 Ref B: FRA31EDGE0607 Ref C: 2024-06-24T00:37:49Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p
tr.snapchat.com/ 68 B
278 B 164ms
57ms Image
image/png 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?pid=eabd29ee-821e-4531-b4e3-a9524bbee4da&ev=PAGE_VIEW&v=2.3&rand=&pl=https://home.bt.com/login/loginform?TARGET=$SM$https%3A%2F%2Fsignin1.bt.com%2Fbtmail%2Fsecure%2Femaillogin

Requested by

Host: havenpost.pages.dev
URL: https://havenpost.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://havenpost.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.24 Safari/537.36

Response headers

date: Mon, 24 Jun 2024 00:37:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68

GET
H2 200 p
tr.snapchat.com/ 68 B
454 B 163ms
56ms Image
image/png 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?pid=eabd29ee-821e-4531-b4e3-a9524bbee4da&ev=VIEW_CONTENT&v=2.3&rand=&pl=https://home.bt.com/login/loginform?TARGET=$SM$https%3A%2F%2Fsignin1.bt.com%2Fbtmail%2Fsecure%2Femaillogin

Requested by

Host: havenpost.pages.dev
URL: https://havenpost.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://havenpost.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.24 Safari/537.36

Response headers

date: Mon, 24 Jun 2024 00:37:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68

GET
H2

200

p
tr.snapchat.com/cm/
Redirect Chain

https://tr.snapchat.com/cm/s?pnid=140
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1718928112681%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1718928112681%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://tr.snapchat.com/cm/p?rand=1718928112681&pnid=140&pcid=c36ef8f1-603a-4974-9bb1-e3692ba3ede3

68 B
139 B

56ms
56ms

Image
text/html

35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/cm/p?rand=1718928112681&pnid=140&pcid=c36ef8f1-603a-4974-9bb1-e3692ba3ede3

Requested by

Host: havenpost.pages.dev
URL: https://havenpost.pages.dev/

Protocol

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://havenpost.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.24 Safari/537.36

Response headers

date: Mon, 24 Jun 2024 00:37:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68

Redirect headers

date: Mon, 24 Jun 2024 00:37:50 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://tr.snapchat.com/cm/p?rand=1718928112681&pnid=140&pcid=c36ef8f1-603a-4974-9bb1-e3692ba3ede3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 adsct
t.co/i/ 43 B
377 B 381ms
231ms Image
image/gif 93.184.221.165
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=fd44e924-41ac-4139-8064-cdcc04bad768&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=7054d674-444d-47f3-87c6-dcf8e34615eb&tw_document_href=https%3A%2F%2Fhome.bt.com%2Flogin%2Floginform%3FTARGET%3D%24SM%24https%253A%252F%252Fsignin1.bt.com%252Fbtmail%252Fsecure%252Femaillogin&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o17f0&type=javascript&version=2.3.29

Requested by

Host: havenpost.pages.dev
URL: https://havenpost.pages.dev/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.221.165 London, United Kingdom, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://havenpost.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.24 Safari/537.36

Response headers

x-response-time: 175
date: Mon, 24 Jun 2024 00:37:49 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 20e938198c1ca102
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 28f937691a49879665179d63c29dcae84d7c997e0f1034ad9417b0ccda4fa24f
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
394 B 269ms
162ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=fd44e924-41ac-4139-8064-cdcc04bad768&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=7054d674-444d-47f3-87c6-dcf8e34615eb&tw_document_href=https%3A%2F%2Fhome.bt.com%2Flogin%2Floginform%3FTARGET%3D%24SM%24https%253A%252F%252Fsignin1.bt.com%252Fbtmail%252Fsecure%252Femaillogin&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o17f0&type=javascript&version=2.3.29

Requested by

Host: havenpost.pages.dev
URL: https://havenpost.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://havenpost.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.24 Safari/537.36

Response headers

x-response-time: 115
date: Mon, 24 Jun 2024 00:37:49 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: e680f2d508b98146
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 08441d10034d373e91d858e2363eab079b69b12abd9f5832871802b0577c24f7
content-length: 43

GET
H2 200 BTFont_Rg.woff
img01.bt.co.uk/s/assets/020822/fonts/bt/ 58 KB
58 KB 204ms
122ms Font
application/x-font-woff 41.63.96.2
LLNW

General

Check archive.org

Show headers Download Go to

Full URL

https://img01.bt.co.uk/s/assets/020822/fonts/bt/BTFont_Rg.woff

Requested by

Host: img01.bt.co.uk
URL: https://img01.bt.co.uk/s/assets/020822/css/responsive-menu.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),

Reverse DNS

https-41-63-96-2.hhn.llnw.net

Software

Resource Hash

ef203c78f49eb32821e0c6ce993bb2d35a0c58fe770fe5ccbcfe5585a01e2ba4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://img01.bt.co.uk/s/assets/020822/css/responsive-menu.css
Origin: https://havenpost.pages.dev
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.24 Safari/537.36

Response headers

x-ua-compatible: IE=Edge
content-security-policy: frame-ancestors 'self'
date: Mon, 24 Jun 2024 00:37:49 GMT
last-modified: Wed, 07 Feb 2024 18:38:15 GMT
x-frame-options: SAMEORIGIN
content-type: application/x-font-woff
access-control-allow-origin: *
x-btsite: 1
cache-control: max-age=86400
accept-ranges: bytes
content-length: 59092
x-xss-protection: 1; mode=block
x-llid: dcd917b1139253891bd3ee44907a1441
expires: Tue, 25 Jun 2024 00:37:49 GMT

GET
H2 200 bttvicons.woff
img01.bt.co.uk/s/assets/020822/fonts/bt/ 8 KB
9 KB 127ms
45ms Font
application/x-font-woff 41.63.96.2
LLNW

General

Check archive.org

Show headers Download Go to

Full URL

https://img01.bt.co.uk/s/assets/020822/fonts/bt/bttvicons.woff

Requested by

Host: img01.bt.co.uk
URL: https://img01.bt.co.uk/s/assets/020822/css/responsive-menu.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),

Reverse DNS

https-41-63-96-2.hhn.llnw.net

Software

Resource Hash

c471c762b4eb8ce3aac5aec2b1aac9bf9e8ccb8d2fe84d74c940e9ad2c5bc168

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://img01.bt.co.uk/s/assets/020822/css/responsive-menu.css
Origin: https://havenpost.pages.dev
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.24 Safari/537.36

Response headers

x-ua-compatible: IE=Edge
content-security-policy: frame-ancestors 'self'
date: Mon, 24 Jun 2024 00:37:49 GMT
last-modified: Wed, 07 Feb 2024 18:38:15 GMT
age: 84451
x-frame-options: SAMEORIGIN
content-type: application/x-font-woff
access-control-allow-origin: *
x-btsite: 1
cache-control: max-age=86400
accept-ranges: bytes
content-length: 8356
x-xss-protection: 1; mode=block
x-llid: 8465cc065964174f54b4ea32e5e373a3
expires: Mon, 24 Jun 2024 01:10:18 GMT

GET
H2 200 BTFont_Bd.woff
img01.bt.co.uk/s/assets/020822/fonts/bt/ 57 KB
58 KB 375ms
294ms Font
application/x-font-woff 41.63.96.2
LLNW

General

Check archive.org

Show headers Download Go to

Full URL

https://img01.bt.co.uk/s/assets/020822/fonts/bt/BTFont_Bd.woff

Requested by

Host: img01.bt.co.uk
URL: https://img01.bt.co.uk/s/assets/020822/css/responsive-menu.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),

Reverse DNS

https-41-63-96-2.hhn.llnw.net

Software

Resource Hash

57bc7fa23e811af367993a5e283c9e0ae088e9235114aa5a17778cf3c5abaea2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://img01.bt.co.uk/s/assets/020822/css/responsive-menu.css
Origin: https://havenpost.pages.dev
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.24 Safari/537.36

Response headers

x-ua-compatible: IE=Edge
content-security-policy: frame-ancestors 'self'
date: Mon, 24 Jun 2024 00:37:49 GMT
last-modified: Wed, 07 Feb 2024 18:38:15 GMT
x-frame-options: SAMEORIGIN
content-type: application/x-font-woff
access-control-allow-origin: *
x-btsite: 1
cache-control: max-age=86400
accept-ranges: bytes
content-length: 58492
x-xss-protection: 1; mode=block
x-llid: a99afc5efa5a142f35fffcd8cf23a4d8
expires: Tue, 25 Jun 2024 00:37:49 GMT

GET
H2 200 BTFont-Light.ttf
img01.bt.co.uk/s/assets/020822/home/fonts/bt/ 78 KB
79 KB 263ms
181ms Font
application/x-font-ttf 41.63.96.2
LLNW

General

Check archive.org

Show headers Download Go to

Full URL

https://img01.bt.co.uk/s/assets/020822/home/fonts/bt/BTFont-Light.ttf

Requested by

Host: img01.bt.co.uk
URL: https://img01.bt.co.uk/s/assets/020822/home/css/main.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),

Reverse DNS

https-41-63-96-2.hhn.llnw.net

Software

Resource Hash

1bf00cf620e35d507d951cf6d6cf329fd0cf71cebd99eab026ded7c714abf428

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://img01.bt.co.uk/s/assets/020822/home/css/main.css
Origin: https://havenpost.pages.dev
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.24 Safari/537.36

Response headers

x-ua-compatible: IE=Edge
content-security-policy: frame-ancestors 'self'
date: Mon, 24 Jun 2024 00:37:49 GMT
last-modified: Wed, 07 Feb 2024 18:38:15 GMT
x-frame-options: SAMEORIGIN
content-type: application/x-font-ttf
access-control-allow-origin: *
x-btsite: 1
cache-control: max-age=86400
accept-ranges: bytes
content-length: 80268
x-xss-protection: 1; mode=block
x-llid: 6ceba05a8e74965ef2536487d8371bd2
expires: Tue, 25 Jun 2024 00:37:49 GMT

GET
H2 200 BTFont-Bold.ttf
img01.bt.co.uk/s/assets/020822/home/fonts/bt/ 78 KB
79 KB 153ms
71ms Font
application/x-font-ttf 41.63.96.2
LLNW

General

Check archive.org

Show headers Download Go to

Full URL

https://img01.bt.co.uk/s/assets/020822/home/fonts/bt/BTFont-Bold.ttf

Requested by

Host: img01.bt.co.uk
URL: https://img01.bt.co.uk/s/assets/020822/home/css/main.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),

Reverse DNS

https-41-63-96-2.hhn.llnw.net

Software

Resource Hash

61e09ec00965113d9560869717d58ebb0528403c15420044902e86c0207ade66

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://img01.bt.co.uk/s/assets/020822/home/css/main.css
Origin: https://havenpost.pages.dev
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.24 Safari/537.36

Response headers

x-ua-compatible: IE=Edge
content-security-policy: frame-ancestors 'self'
date: Mon, 24 Jun 2024 00:37:49 GMT
last-modified: Wed, 07 Feb 2024 18:38:15 GMT
x-frame-options: SAMEORIGIN
content-type: application/x-font-ttf
access-control-allow-origin: *
x-btsite: 1
cache-control: max-age=86400
accept-ranges: bytes
content-length: 80380
x-xss-protection: 1; mode=block
x-llid: 792aa006a29671e1bef86a93a3f9059f
expires: Tue, 25 Jun 2024 00:37:49 GMT

GET
H2 200 BTFont-Regular.ttf
img01.bt.co.uk/s/assets/020822/home/fonts/bt/ 78 KB
78 KB 246ms
176ms Font
application/x-font-ttf 41.63.96.2
LLNW

General

Check archive.org

Show headers Download Go to

Full URL

https://img01.bt.co.uk/s/assets/020822/home/fonts/bt/BTFont-Regular.ttf

Requested by

Host: img01.bt.co.uk
URL: https://img01.bt.co.uk/s/assets/020822/home/css/main.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),

Reverse DNS

https-41-63-96-2.hhn.llnw.net

Software

Resource Hash

ced95495f7f56bf24a6db6255dedeeeae30cb04f1b321a6de6fcebba0ae55973

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://img01.bt.co.uk/s/assets/020822/home/css/main.css
Origin: https://havenpost.pages.dev
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.24 Safari/537.36

Response headers

x-ua-compatible: IE=Edge
content-security-policy: frame-ancestors 'self'
date: Mon, 24 Jun 2024 00:37:49 GMT
last-modified: Wed, 07 Feb 2024 18:38:15 GMT
x-frame-options: SAMEORIGIN
content-type: application/x-font-ttf
access-control-allow-origin: *
x-btsite: 1
cache-control: max-age=86400
accept-ranges: bytes
content-length: 79668
x-xss-protection: 1; mode=block
x-llid: c41997e399a9d41853890ab9238b5264
expires: Tue, 25 Jun 2024 00:37:49 GMT

GET
H2 200 BTTV-Bold.woff
img01.bt.co.uk/s/assets/020822/fonts/bt/ 38 KB
38 KB 283ms
214ms Font
application/x-font-woff 41.63.96.2
LLNW

General

Check archive.org

Show headers Download Go to

Full URL

https://img01.bt.co.uk/s/assets/020822/fonts/bt/BTTV-Bold.woff

Requested by

Host: img01.bt.co.uk
URL: https://img01.bt.co.uk/s/assets/020822/css/responsive-menu.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),

Reverse DNS

https-41-63-96-2.hhn.llnw.net

Software

Resource Hash

654945ffe912fffdf845880b3e0872abcb3ab1c7abc7a6b040ddea47c46e3cac

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://img01.bt.co.uk/s/assets/020822/css/responsive-menu.css
Origin: https://havenpost.pages.dev
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.24 Safari/537.36

Response headers

x-ua-compatible: IE=Edge
content-security-policy: frame-ancestors 'self'
date: Mon, 24 Jun 2024 00:37:49 GMT
last-modified: Wed, 07 Feb 2024 18:38:15 GMT
x-frame-options: SAMEORIGIN
content-type: application/x-font-woff
access-control-allow-origin: *
x-btsite: 1
cache-control: max-age=86400
accept-ranges: bytes
content-length: 38608
x-xss-protection: 1; mode=block
x-llid: 6b917fe61fce5a70d618e71b095da17a
expires: Tue, 25 Jun 2024 00:37:49 GMT

GET
H2 200 BTTV-Regular.woff
img01.bt.co.uk/s/assets/020822/fonts/bt/ 37 KB
37 KB 243ms
174ms Font
application/x-font-woff 41.63.96.2
LLNW

General

Check archive.org

Show headers Download Go to

Full URL

https://img01.bt.co.uk/s/assets/020822/fonts/bt/BTTV-Regular.woff

Requested by

Host: img01.bt.co.uk
URL: https://img01.bt.co.uk/s/assets/020822/css/responsive-menu.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),

Reverse DNS

https-41-63-96-2.hhn.llnw.net

Software

Resource Hash

4378aea5a80e4e470f1e5d82d2781d5129a18f2860e0c5ee8934133a71cf9018

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://img01.bt.co.uk/s/assets/020822/css/responsive-menu.css
Origin: https://havenpost.pages.dev
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.24 Safari/537.36

Response headers

x-ua-compatible: IE=Edge
content-security-policy: frame-ancestors 'self'
date: Mon, 24 Jun 2024 00:37:49 GMT
last-modified: Wed, 07 Feb 2024 18:38:15 GMT
x-frame-options: SAMEORIGIN
content-type: application/x-font-woff
access-control-allow-origin: *
x-btsite: 1
cache-control: max-age=86400
accept-ranges: bytes
content-length: 37588
x-xss-protection: 1; mode=block
x-llid: be61e54379d1a103870769f1d64d6997
expires: Tue, 25 Jun 2024 00:37:49 GMT

GET
H2 200 fontawesome-webfont.ttf
img01.bt.co.uk/s/assets/020822/home/fonts/bt/ 162 KB
162 KB 361ms
293ms Font
application/x-font-ttf 41.63.96.2
LLNW

General

Check archive.org

Show headers Download Go to

Full URL

https://img01.bt.co.uk/s/assets/020822/home/fonts/bt/fontawesome-webfont.ttf

Requested by

Host: img01.bt.co.uk
URL: https://img01.bt.co.uk/s/assets/020822/home/css/email-login.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),

Reverse DNS

https-41-63-96-2.hhn.llnw.net

Software

Resource Hash

aa58f33f239a0fb02f5c7a6c45c043d7a9ac9a093335806694ecd6d4edc0d6a8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://img01.bt.co.uk/s/assets/020822/home/css/email-login.css
Origin: https://havenpost.pages.dev
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.24 Safari/537.36

Response headers

x-ua-compatible: IE=Edge
content-security-policy: frame-ancestors 'self'
date: Mon, 24 Jun 2024 00:37:49 GMT
last-modified: Wed, 07 Feb 2024 18:38:15 GMT
x-frame-options: SAMEORIGIN
content-type: application/x-font-ttf
access-control-allow-origin: *
x-btsite: 1
cache-control: max-age=86400
accept-ranges: bytes
content-length: 165548
x-xss-protection: 1; mode=block
x-llid: 2c0f584c110b677eb9b5567602e99bf6
expires: Tue, 25 Jun 2024 00:37:49 GMT

GET
H2 200 client-ip Show response
api.bigdatacloud.net/data/ 52 B
226 B 181ms
93ms Fetch
application/json 13.248.207.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bigdatacloud.net/data/client-ip
Requested by: Host: havenpost.pages.dev
URL: https://havenpost.pages.dev/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.207.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a5c358b10ce834189.awsglobalaccelerator.com
Software: /
Resource Hash: 910cba87972b07396c46ce6ce21f3f5e261dd2f7837792dfb1fc2466854bb29a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://havenpost.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.24 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 24 Jun 2024 00:37:49 GMT
content-encoding: gzip
x-response-time-ms: 0.13
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 favicon.ico
img01.bt.co.uk/s/assets/020822/images/logo/ 877 B
1 KB 59ms
59ms Other
image/x-icon 41.63.96.2
LLNW

General

Check archive.org

Show headers Download Go to

Full URL

https://img01.bt.co.uk/s/assets/020822/images/logo/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),

Reverse DNS

https-41-63-96-2.hhn.llnw.net

Software

Resource Hash

fd98910da13b877b92584901ae97b8aa508c1d55bd132cbdde01f45bdeb1008c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://havenpost.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.24 Safari/537.36

Response headers

x-ua-compatible: IE=Edge
content-security-policy: frame-ancestors 'self'
date: Mon, 24 Jun 2024 00:37:50 GMT
last-modified: Wed, 07 Feb 2024 18:38:15 GMT
age: 26527
x-frame-options: SAMEORIGIN
content-type: image/x-icon
x-btsite: 1
cache-control: max-age=86400
accept-ranges: bytes
content-length: 877
x-xss-protection: 1; mode=block
x-llid: b8c1d0aa4863f0af5df50c09b72da5b6
expires: Mon, 24 Jun 2024 17:15:43 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.bt.com
URL: https://www.bt.com/images/ee--bt---a-better-deal-as-one-136446259020602601-221215121755.jpg

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BT (Telecommunication)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.adform.net/	1970-01-20 22:16:21	Name: C Value: 1
.adform.net/	1970-01-20 22:59:33	Name: receive-cookie-deprecation Value: 1
.snapchat.com/	1970-01-21 06:54:45	Name: sc_at Value: v2\|H4sIAAAAAAAAAE3GwRGAMAgEwIqY4cLFgN0IwSpSvF/3teyh28JFV6ew3pTsp6U4ymDgnH5AvbEQ8OAV51f9AJl6OxVAAAAA
.pinterest.com/	1970-01-21 06:18:45	Name: ar_debug Value: 1
.adform.net/	1970-01-20 22:59:33	Name: uid Value: 1073912733276269440
.bing.com/	1970-01-21 06:54:45	Name: MUID Value: 273E760DAF4162B8276E62A5AECA6333
.tapad.com/	1970-01-20 22:59:33	Name: TapAd_TS Value: 1719189469896
.tapad.com/	1970-01-20 22:59:33	Name: TapAd_DID Value: c36ef8f1-603a-4974-9bb1-e3692ba3ede3
.twitter.com/	1970-01-21 07:09:09	Name: personalization_id Value: "v1_JNN6muQ4ookrxQda2ownvw=="
.t.co/	1970-01-21 07:09:09	Name: muc_ads Value: 6395eb12-365b-4c6f-a7d6-633efb5a48f4
.tapad.com/	1970-01-20 22:59:33	Name: TapAd_3WAY_SYNCS Value:

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
analytics.twitter.com
api.bigdatacloud.net
bat.bing.com
ct.pinterest.com
havenpost.pages.dev
img01.bt.co.uk
pixel.tapad.com
t.co
tr.snapchat.com
track.adform.net
www.bt.com
www.facebook.com
www.bt.com
104.244.42.195
13.248.207.97
142.250.184.198
151.101.192.84
172.66.44.253
2620:1ec:c11::237
2a03:2880:f177:83:face:b00c:0:25de
34.111.113.62
35.190.43.134
37.157.2.228
41.63.96.2
93.184.221.165
027fae39fa7bd05049ec06463b1f408d842cfbce740f731aa6b2cc6fab22e5e0
07e9d4d6a617d90407a0041a950912ba8f85bcb61be41deec67fc95aa16062a1
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
0c56b79713f050f34ab44c942cf611188f182674ae7d22076ed5ee36f295f3d1
1bf00cf620e35d507d951cf6d6cf329fd0cf71cebd99eab026ded7c714abf428
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
4378aea5a80e4e470f1e5d82d2781d5129a18f2860e0c5ee8934133a71cf9018
57bc7fa23e811af367993a5e283c9e0ae088e9235114aa5a17778cf3c5abaea2
61e09ec00965113d9560869717d58ebb0528403c15420044902e86c0207ade66
654945ffe912fffdf845880b3e0872abcb3ab1c7abc7a6b040ddea47c46e3cac
670d9073ccec70934db12cf5580205e55d8e2613e7b51a632736abb72bf8eb42
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
910cba87972b07396c46ce6ce21f3f5e261dd2f7837792dfb1fc2466854bb29a
aa58f33f239a0fb02f5c7a6c45c043d7a9ac9a093335806694ecd6d4edc0d6a8
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ba17e376fe781be2379255a95419d1d627a41d49a0d5284c99f60ac1e3b6e5c8
c471c762b4eb8ce3aac5aec2b1aac9bf9e8ccb8d2fe84d74c940e9ad2c5bc168
ced95495f7f56bf24a6db6255dedeeeae30cb04f1b321a6de6fcebba0ae55973
d72ecb212984592129b1aaaead91855a72dffa15bddb9f2e7d5cdca4edd0a63d
d9824ada36c9e9fbea22b55eb21af77f129649bbe7d2cfb3378eca5f4fb98e9c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef203c78f49eb32821e0c6ce993bb2d35a0c58fe770fe5ccbcfe5585a01e2ba4
ef54a2b7307c0d5d6cdb6d1525df94609efcd83f5ee85c2a3988e48ab008e669
fb4f69078c24ab4a77db8c99fd19f05ead8878306c9e79b08656feb9ebcc328e
fd98910da13b877b92584901ae97b8aa508c1d55bd132cbdde01f45bdeb1008c

havenpost.pages.dev Open in urlscan Pro 172.66.44.253 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

35 Requests

89 %HTTPS

17 %IPv6

13 Domains

13 Subdomains

12 IPs

4 Countries

764 kBTransfer

1261 kBSize

11 Cookies

100 Outgoing links

Page URL History

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

havenpost.pages.dev Open in urlscan Pro
172.66.44.253 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

89 %
HTTPS

17 %
IPv6

13
Domains

13
Subdomains

12
IPs

4
Countries

764 kB
Transfer

1261 kB
Size

11
Cookies

35 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!