urlscan.io logo urlscan.io
SecurityTrails logo

www.safehavenhc.com Open in urlscan Pro
13.225.87.81  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.safehavenhc.com/
Submission: On October 29 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 8 domains to perform 29 HTTP transactions. The main IP is 13.225.87.81, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is www.safehavenhc.com.
TLS certificate: Issued by Amazon on November 13th 2020. Valid for: a year.
This is the only time www.safehavenhc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
19 13.225.87.81 16509 (AMAZON-02)
1 2 104.111.232.109 16625 (AKAMAI-AS)
2 2 185.33.221.91 29990 (ASN-APPNEX)
1 142.250.181.234 15169 (GOOGLE)
2 142.250.186.35 15169 (GOOGLE)
1 142.250.186.132 15169 (GOOGLE)
3 142.250.185.110 15169 (GOOGLE)
1 142.250.181.227 15169 (GOOGLE)
1 64.233.166.156 15169 (GOOGLE)
29 9
19    13.225.87.81 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-81.fra2.r.cloudfront.net
www.safehavenhc.com
2    104.111.232.109 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-232-109.deploy.static.akamaitechnologies.com
servedby.ipromote.com
2    185.33.221.91 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    142.250.181.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f10.1e100.net
fonts.googleapis.com
2    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
fonts.gstatic.com
1    142.250.186.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f4.1e100.net
www.google.com
3    142.250.185.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f14.1e100.net
www.google-analytics.com
1    142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net
www.gstatic.com
1    64.233.166.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wm-in-f156.1e100.net
stats.g.doubleclick.net
Domain Requested by
19 www.safehavenhc.com www.safehavenhc.com
3 www.google-analytics.com www.safehavenhc.com
www.google-analytics.com
2 fonts.gstatic.com fonts.googleapis.com
2 ib.adnxs.com 2 redirects
2 servedby.ipromote.com 1 redirects www.safehavenhc.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.gstatic.com www.google.com
1 www.google.com www.safehavenhc.com
1 fonts.googleapis.com www.safehavenhc.com
29 9

This site contains links to these domains. Also see Links.

Domain
www.yelp.com
www.facebook.com
twitter.com
instagram.com
vivial.net
Subject Issuer Validity Valid
www.safehavenhc.com
Amazon		 2020-11-13 -
2021-12-12		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.safehavenhc.com/
Frame ID: 9DEFED96C529E3605A61A5D6C750AA12
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Safe Haven Home Care Inc. | Home Health Care | Brooklyn, NY

Page Statistics

29
Requests

97 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

9
IPs

2
Countries

1797 kB
Transfer

2583 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://servedby.ipromote.com/ad/?src=pixel_cid&nid=2482&cid=3M7JLJGNQ0V&cat=10477 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fservedby.ipromote.com%2Fad%2F%3Fsrc%3Dpixel_cid%26nid%3D2482%26cid%3D3M7JLJGNQ0V%26cat%3D10477%26anuid%3D$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fservedby.ipromote.com%252Fad%252F%253Fsrc%253Dpixel_cid%2526nid%253D2482%2526cid%253D3M7JLJGNQ0V%2526cat%253D10477%2526anuid%253D%24UID HTTP 302
  • https://servedby.ipromote.com/ad/?src=pixel_cid&nid=2482&cid=3M7JLJGNQ0V&cat=10477&anuid=5351654806023366661

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.safehavenhc.com/ 		15 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.safehavenhc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.81 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-81.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5bdde82369eb6ae9f72b722b9d6a64a3f1b7e27e01de340bacdb74f4914f2c3b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html
date
Fri, 29 Oct 2021 02:58:43 GMT
last-modified
Mon, 18 Oct 2021 16:38:21 GMT
x-amz-version-id
V9MlCk.g4H7XNSgDz136MRDTvRFnLkEv
server
AmazonS3
content-encoding
gzip
etag
W/"4aecdd9eaca4b05262dfbebec7be0533"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
oKq0zzS703BFyHQc7tQ4v9LEUDQ7VXoI5fuaJarIsO1bXBPCwzMy3w==
age
41646
require.min.js
www.safehavenhc.com/themes/js/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.safehavenhc.com/themes/js/require.min.js
Requested by
Host: www.safehavenhc.com
URL: https://www.safehavenhc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.81 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-81.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b7faebc9c83d40bb8c017a5242ed65e110054245f928a36e410c1d716a4b54

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.safehavenhc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 00:59:23 GMT
content-encoding
gzip
last-modified
Mon, 18 Oct 2021 16:38:22 GMT
server
AmazonS3
age
308007
etag
W/"2842d0ca2a86ca59639ffe99308bdf3f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
OOeLHwgLLFRg6wZHObGZkZhFkGW14jQJ
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=31536000
x-amz-cf-pop
FRA2-C2
content-type
application/javascript
x-amz-cf-id
rcqhxPVzLZnNZ0cDL7vth3QCG16mtIrK4A-jATw22JfPG_fa3Q3dQg==
ed5c550458e108181f6b491d15b1f0d2.css
www.safehavenhc.com/themes/dynamic/ 		363 KB
53 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.safehavenhc.com/themes/dynamic/ed5c550458e108181f6b491d15b1f0d2.css
Requested by
Host: www.safehavenhc.com
URL: https://www.safehavenhc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.81 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-81.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
377a0f99b820ec8aa383879392274439a5a14d45a71c3d5ad19a1de0b8c2f296

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.safehavenhc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 20:31:28 GMT
content-encoding
gzip
last-modified
Mon, 18 Oct 2021 16:38:22 GMT
server
AmazonS3
age
928881
etag
W/"04b2fbd3e8239e4ddf694dee6f069085"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
Y66roKu8RoUfvrTpQ8vlT4Q14JYn02_2
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=31536000
x-amz-cf-pop
FRA2-C2
content-type
text/css
x-amz-cf-id
MPeYRKcOQ_NcY5Um2Ffckbr4yDSQDCJVyBL2MP8Gzzj5FYjBIUX8PA==
shhclogo.pngV4A7neWR0L.jrb9ze5je92hGpfOXdB5a
www.safehavenhc.com/library/site/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.safehavenhc.com/library/site/shhclogo.pngV4A7neWR0L.jrb9ze5je92hGpfOXdB5a
Requested by
Host: www.safehavenhc.com
URL: https://www.safehavenhc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.81 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-81.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fd6f69b5a4308c9a75ec99146999640f8b4ca703f54c82cfdc6ad5dc5af685e6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.safehavenhc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 14:32:50 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
last-modified
Mon, 18 Oct 2021 16:38:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"c5d158599ab5ecc1db871762f405356b"
x-cache
Miss from cloudfront
x-amz-version-id
6mVFVJ.RWNcMX3D2BE2CQLdi2M1UoGca
cache-control
max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-type
image/png
content-length
28277
x-amz-cf-id
Cv7B0iqkLzfAnYkTfcagJuPg2yMiub1pUoaJB5s62XNVvsGe8ybGtw==
/
servedby.ipromote.com/ad/
Redirect Chain
  • https://servedby.ipromote.com/ad/?src=pixel_cid&nid=2482&cid=3M7JLJGNQ0V&cat=10477
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fservedby.ipromote.com%2Fad%2F%3Fsrc%3Dpixel_cid%26nid%3D2482%26cid%3D3M7JLJGNQ0V%26cat%3D10477%26anuid%3D$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fservedby.ipromote.com%252Fad%252F%253Fsrc%253Dpixel_cid%2526nid%253D2482%2526cid%253D3M7JLJGNQ0V%2526cat%253D10477%2526anuid%253D%24UID
  • https://servedby.ipromote.com/ad/?src=pixel_cid&nid=2482&cid=3M7JLJGNQ0V&cat=10477&anuid=5351654806023366661
0
567 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servedby.ipromote.com/ad/?src=pixel_cid&nid=2482&cid=3M7JLJGNQ0V&cat=10477&anuid=5351654806023366661
Requested by
Host: www.safehavenhc.com
URL: https://www.safehavenhc.com/
Protocol
HTTP/1.1
Server
104.111.232.109 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-232-109.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.safehavenhc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 29 Oct 2021 14:32:49 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Expires
Fri, 29 Oct 2021 14:32:49 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 29 Oct 2021 14:32:49 GMT
X-Proxy-Origin
216.131.111.144; 216.131.111.144; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
9a0c3b68-a9fb-4a9f-9650-32af68ddae9d
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://servedby.ipromote.com/ad/?src=pixel_cid&nid=2482&cid=3M7JLJGNQ0V&cat=10477&anuid=5351654806023366661
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/gif
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Josefin+Slab:400,600|Roboto:300,300i,700
Requested by
Host: www.safehavenhc.com
URL: https://www.safehavenhc.com/themes/dynamic/ed5c550458e108181f6b491d15b1f0d2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f10.1e100.net
Software
ESF /
Resource Hash
6d624e519f33db946cbf66bb0cbf9d431b42883a0b4e21f6d737ffc1dd65448c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.safehavenhc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 14:32:49 GMT
server
ESF
date
Fri, 29 Oct 2021 14:32:49 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Fri, 29 Oct 2021 14:32:49 GMT
home-a65f1597256e10e6b680a67ca099f9bd.js
www.safehavenhc.com/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.safehavenhc.com/js/home-a65f1597256e10e6b680a67ca099f9bd.js
Requested by
Host: www.safehavenhc.com
URL: https://www.safehavenhc.com/themes/js/require.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.81 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-81.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
df140bf89e3f40f53f8e6d48be779efc6ccf74c6fa70e735c9ae4693b3530788

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.safehavenhc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 16:01:59 GMT
content-encoding
gzip
last-modified
Mon, 18 Oct 2021 16:38:21 GMT
server
AmazonS3
age
426651
etag
W/"a65f1597256e10e6b680a67ca099f9bd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
16upnTDoHCCeRmvZIgUMQio_6yJTwMKi
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=31536000
x-amz-cf-pop
FRA2-C2
content-type
application/javascript
x-amz-cf-id
jLbyCBg2lxI8ZPpIkE6PvpptweH7OOOev-U5SaFAx9K4CDaoIUOeMA==
bundle.js
www.safehavenhc.com/themes/js/ 		274 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.safehavenhc.com/themes/js/bundle.js
Requested by
Host: www.safehavenhc.com
URL: https://www.safehavenhc.com/themes/js/require.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.81 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-81.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e7e3f924ddc945722840ce2049d98c8c0aba3f8bd9e2d209648e650044cfad42

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.safehavenhc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 20:31:29 GMT
content-encoding
gzip
last-modified
Mon, 18 Oct 2021 16:38:22 GMT
server
AmazonS3
age
928880
etag
W/"3554c66022f59d38fbdc165967c5c74c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
NdvD8uRt2QSGw5h2v4IuxKdDz9kPKOJQ
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=31536000
x-amz-cf-pop
FRA2-C2
content-type
application/javascript
x-amz-cf-id
WOS3RuYOM025sT0-E3TgR8pCdqeCI7tPlrpqUScGFiYZtP5OosXxdA==
couple%20with%20mom.jpgh1hj27_Ol_9Wr0vQpgNLZHuQc9CFmfb8
www.safehavenhc.com/library/site/ 		481 KB
482 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.safehavenhc.com/library/site/couple%20with%20mom.jpgh1hj27_Ol_9Wr0vQpgNLZHuQc9CFmfb8
Requested by
Host: www.safehavenhc.com
URL: https://www.safehavenhc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.81 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-81.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
25eea5f994c24a7f0b1fc47e44713631c3e1af18bd1389271712e22b37157e35

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.safehavenhc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 14:32:50 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
last-modified
Mon, 18 Oct 2021 16:38:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"729f1844c98fe008b0bd7f3755e5f788"
x-cache
Miss from cloudfront
x-amz-version-id
3B5iL3bu8tn0yANNGPxHxLpqQntQLFjA
cache-control
max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-type
image/jpeg
content-length
492567
x-amz-cf-id
DjnJQ612gd9WGznrvc6lknwoU_fNxfHw_Ar6GPvtfKJ2JWMkIZ5SRg==
Quotation-4.pngrLyu3wv0.hFbvYMxSQqL.kaxqgMUN9h3
www.safehavenhc.com/library/site/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.safehavenhc.com/library/site/Quotation-4.pngrLyu3wv0.hFbvYMxSQqL.kaxqgMUN9h3
Requested by
Host: www.safehavenhc.com
URL: https://www.safehavenhc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.81 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-81.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d0578b5c326cc627fc7b723c1df905d4e16567a89e818f7d9e43abb55b567a4a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.safehavenhc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 14:32:50 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
last-modified
Mon, 18 Oct 2021 16:38:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"54fe68583ff9b6d79e00f02bc57e5e6e"
x-cache
Miss from cloudfront
x-amz-version-id
4UVWaWYa2zkQwSXuUVAhhDT1DAP9WOz2
cache-control
max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-type
image/png
content-length
1480
x-amz-cf-id
5kzqDRG29GIXqQbZGSon_1DyddpvBD0dRJTnRlNH0a-bUO74gZ_DDQ==
prev.png
www.safehavenhc.com/themes/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.safehavenhc.com/themes/images/prev.png
Requested by
Host: www.safehavenhc.com
URL: https://www.safehavenhc.com/themes/dynamic/ed5c550458e108181f6b491d15b1f0d2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.81 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-81.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.safehavenhc.com/themes/dynamic/ed5c550458e108181f6b491d15b1f0d2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 14:32:50 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
last-modified
Mon, 18 Oct 2021 16:38:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"84b76dee6b27b795e89e3649078a11c2"
x-cache
Miss from cloudfront
x-amz-version-id
CgbID.B07WxZ551BLxHCoBrmVEGWV6u6
cache-control
max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-type
image/png
content-length
1360
x-amz-cf-id
nLQkIJ2MOLJo2aJ5z46O-uH16guoqsFPQG88GGw1Y-KI34lnC2DwTg==
next.png
www.safehavenhc.com/themes/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.safehavenhc.com/themes/images/next.png
Requested by
Host: www.safehavenhc.com
URL: https://www.safehavenhc.com/themes/dynamic/ed5c550458e108181f6b491d15b1f0d2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.81 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-81.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.safehavenhc.com/themes/dynamic/ed5c550458e108181f6b491d15b1f0d2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 14:32:50 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
last-modified
Mon, 18 Oct 2021 16:38:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"31f15875975aab69085470aabbfec802"
x-cache
Miss from cloudfront
x-amz-version-id
2_qPTYCTKGQ7MjczgdeL5aU10y3HEgKS
cache-control
max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-type
image/png
content-length
1350
x-amz-cf-id
pvRs_dgptVqffEdFZEXhflYVtyEUoSs3M8OPJzeLQp4QtcETWu_zzQ==
loading.gif
www.safehavenhc.com/themes/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.safehavenhc.com/themes/images/loading.gif
Requested by
Host: www.safehavenhc.com
URL: https://www.safehavenhc.com/themes/dynamic/ed5c550458e108181f6b491d15b1f0d2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.81 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-81.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.safehavenhc.com/themes/dynamic/ed5c550458e108181f6b491d15b1f0d2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 14:32:50 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
last-modified
Mon, 18 Oct 2021 16:38:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"2299ad0b3f63413f026dfec20c205b8f"
x-cache
Miss from cloudfront
x-amz-version-id
dpz5AdH1EL5lmyohtqg_GZO2plIs_Nl2
cache-control
max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-type
image/gif
content-length
8476
x-amz-cf-id
tTzuLZlprKps7dUKZw0Y39rNCJFAMqeOaKyi_jZiKUEIzg3wioqKrw==
close.png
www.safehavenhc.com/themes/images/ 		280 B
675 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.safehavenhc.com/themes/images/close.png
Requested by
Host: www.safehavenhc.com
URL: https://www.safehavenhc.com/themes/dynamic/ed5c550458e108181f6b491d15b1f0d2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.81 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-81.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.safehavenhc.com/themes/dynamic/ed5c550458e108181f6b491d15b1f0d2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 14:32:50 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
last-modified
Mon, 18 Oct 2021 16:38:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"d9d2d0b1308cb694aa8116915592e2a9"
x-cache
Miss from cloudfront
x-amz-version-id
mPCT4_R1nJWKQ3dnuTsu.Gy7mu3ktiUL
cache-control
max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-type
image/png
content-length
280
x-amz-cf-id
O5LDZukyI5YsFc9zYeDklmKsjbsjpIOYQo4B2DNtMCOONWtxIJTTZA==
fa-light-300.woff2
www.safehavenhc.com/themes/fonts/ 		181 KB
182 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.safehavenhc.com/themes/fonts/fa-light-300.woff2
Requested by
Host: www.safehavenhc.com
URL: https://www.safehavenhc.com/themes/dynamic/ed5c550458e108181f6b491d15b1f0d2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.81 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-81.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b1a5b8d96b8e8792ac50f6f4ad4d8051ade721c69a5fec310378155681d110b8

Request headers

Referer
https://www.safehavenhc.com/themes/dynamic/ed5c550458e108181f6b491d15b1f0d2.css
Origin
https://www.safehavenhc.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 00:59:23 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
last-modified
Mon, 18 Oct 2021 16:38:22 GMT
server
AmazonS3
age
308006
etag
"095e140e404f4ade8132d4df67b6b74b"
x-cache
Hit from cloudfront
x-amz-version-id
vdiOIc0PPXeEY5fpF43ryPmEtds8EAZj
cache-control
max-age=31536000, s-maxage=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
font/woff2
content-length
185712
x-amz-cf-id
nohkL0usmmRLvUhzFdVEYExKTGokybJWU0vYkWqAVaQhKKa33v0hcw==
fa-brands-400.woff2
www.safehavenhc.com/themes/fonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.safehavenhc.com/themes/fonts/fa-brands-400.woff2
Requested by
Host: www.safehavenhc.com
URL: https://www.safehavenhc.com/themes/dynamic/ed5c550458e108181f6b491d15b1f0d2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.81 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-81.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c8f7932217a70a360d6b40a128f6822553c178fef1d9c27419f5f5f252163fdc

Request headers

Referer
https://www.safehavenhc.com/themes/dynamic/ed5c550458e108181f6b491d15b1f0d2.css
Origin
https://www.safehavenhc.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 00:59:23 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
last-modified
Mon, 18 Oct 2021 16:38:22 GMT
server
AmazonS3
age
308006
etag
"b5af211056f634a8fe488a06d1d24493"
x-cache
Hit from cloudfront
x-amz-version-id
Vtv9og.6u8FQ.WajMeVilD1LjDlw_eNU
cache-control
max-age=31536000, s-maxage=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
font/woff2
content-length
76500
x-amz-cf-id
eyjwNuMT_Kh9DhS-m6-N3nAfD1L2flkVao-MAUnyqwWWR0t0rBS-JQ==
fa-regular-400.woff2
www.safehavenhc.com/themes/fonts/ 		166 KB
167 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.safehavenhc.com/themes/fonts/fa-regular-400.woff2
Requested by
Host: www.safehavenhc.com
URL: https://www.safehavenhc.com/themes/dynamic/ed5c550458e108181f6b491d15b1f0d2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.81 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-81.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1347ac5037cc8eab1f63005e4767f2595a685e7fe47bfecafd181704e65aac12

Request headers

Referer
https://www.safehavenhc.com/themes/dynamic/ed5c550458e108181f6b491d15b1f0d2.css
Origin
https://www.safehavenhc.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 00:59:23 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
last-modified
Mon, 18 Oct 2021 16:38:22 GMT
server
AmazonS3
age
308006
etag
"272144c92f337ca162fe46de1bb245af"
x-cache
Hit from cloudfront
x-amz-version-id
6nSDw7ZgdpLAdzkhEe3tSKmWMS_d5yIJ
cache-control
max-age=31536000, s-maxage=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
font/woff2
content-length
170020
x-amz-cf-id
YYL34i-IlxAM0B6qiR9o3OagYUzZmYD9x36JimFDE5ddiBUkuJOoIw==
lW-5wjwOK3Ps5GSJlNNkMalnqg6v.woff2
fonts.gstatic.com/s/josefinslab/v13/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/josefinslab/v13/lW-5wjwOK3Ps5GSJlNNkMalnqg6v.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Josefin+Slab:400,600|Roboto:300,300i,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
314a94b9f418cfa15ba4cc5b609000cd75aba4d36d5dbea2e7259cb8143c2eaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.safehavenhc.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 10:52:31 GMT
x-content-type-options
nosniff
age
445218
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18756
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 20:25:04 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Mon, 24 Oct 2022 10:52:31 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Josefin+Slab:400,600|Roboto:300,300i,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.safehavenhc.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 02:40:20 GMT
x-content-type-options
nosniff
age
129149
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 28 Oct 2022 02:40:20 GMT
global.js
www.safehavenhc.com/themes/js/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.safehavenhc.com/themes/js/global.js
Requested by
Host: www.safehavenhc.com
URL: https://www.safehavenhc.com/themes/js/require.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.81 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-81.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
609f32b365a91ba688e490b664fbc60a7918c480f706d4afb4ac52bbb7c8e34a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.safehavenhc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 20:31:30 GMT
content-encoding
gzip
last-modified
Mon, 18 Oct 2021 16:38:22 GMT
server
AmazonS3
age
928879
etag
W/"e10431049dfbd259e9b5e5dcd6a8ec83"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
Xtf9Mp.b9_PN.o9uupXU0NvF.9DVoqOT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=31536000
x-amz-cf-pop
FRA2-C2
content-type
application/javascript
x-amz-cf-id
aOdtFdhCx7RsWX2w5IFhUWO1c_tGOCgKtJYEmi6MLrNAEB1Ot9k8hQ==
theme.js
www.safehavenhc.com/themes/dynamic/ 		52 B
463 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.safehavenhc.com/themes/dynamic/theme.js
Requested by
Host: www.safehavenhc.com
URL: https://www.safehavenhc.com/js/home-a65f1597256e10e6b680a67ca099f9bd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.81 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-81.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e78bb2ccfb13187dcc94f0ef945b725381163c220ef9e98c1cb1cd4fa74c7e28

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.safehavenhc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 00:59:24 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
last-modified
Mon, 18 Oct 2021 16:38:22 GMT
server
AmazonS3
age
308006
etag
"0c68bde33f15d2f61b76d5132d274cab"
x-cache
Hit from cloudfront
x-amz-version-id
IIvPrXg9Uf0btcj8tDE07VbptjrFV6cm
cache-control
max-age=31536000, s-maxage=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
application/javascript
content-length
52
x-amz-cf-id
0KjwrG8Juy98388brdP-7XmWpyLNL3-y-RmHwRasKGLYkVr4i4srZA==
api.js
www.google.com/recaptcha/ 		918 B
996 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=recaptchaOnLoadCallback&render=explicit
Requested by
Host: www.safehavenhc.com
URL: https://www.safehavenhc.com/js/home-a65f1597256e10e6b680a67ca099f9bd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
GSE /
Resource Hash
fb47553edb7f11c75b45aec25f20747692a88e6261c6ed0f1fce6b5aa3401402
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.safehavenhc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 14:32:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
583
x-xss-protection
1; mode=block
expires
Fri, 29 Oct 2021 14:32:49 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.safehavenhc.com
URL: https://www.safehavenhc.com/themes/js/global.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.safehavenhc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 26 Oct 2021 23:24:02 GMT
server
Golfe2
age
1935
date
Fri, 29 Oct 2021 14:00:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Fri, 29 Oct 2021 16:00:34 GMT
safe%20haven%20hc%20pic%201.jpgGsrxRGcBG.YjMPXk5ZITkkE9nhdo_dgR
www.safehavenhc.com/library/site/ 		266 KB
267 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.safehavenhc.com/library/site/safe%20haven%20hc%20pic%201.jpgGsrxRGcBG.YjMPXk5ZITkkE9nhdo_dgR
Requested by
Host: www.safehavenhc.com
URL: https://www.safehavenhc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.81 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-81.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
943a1c37673d09df4c2d212b97534b60db8e2ba61afca483fed3ff6567163913

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.safehavenhc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 14:32:50 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
last-modified
Mon, 18 Oct 2021 16:38:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"7167c03830ffe17f3ba0954d0523550e"
x-cache
Miss from cloudfront
x-amz-version-id
Rd05LTvKQKw3VWVTE8Ve2arIrErpqH4Q
cache-control
max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-type
image/jpeg
content-length
272475
x-amz-cf-id
PCHR1Qy_wq6OLwXNkuEnua8rFhtzTbaUl5PNZQD6WmszSe-uUQUGmA==
safe%20haven%20hc%20pic%2013.jpghXLUYfVdiMeIJHTWnt2DUHY5atd7kzpp
www.safehavenhc.com/library/site/ 		237 KB
237 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.safehavenhc.com/library/site/safe%20haven%20hc%20pic%2013.jpghXLUYfVdiMeIJHTWnt2DUHY5atd7kzpp
Requested by
Host: www.safehavenhc.com
URL: https://www.safehavenhc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.81 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-81.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
374d5cf30a76a3e39afc559543e95301dbc43ae6f4e0d04a78197ee8b8a2cef4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.safehavenhc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 14:32:50 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
last-modified
Mon, 18 Oct 2021 16:38:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"5dce4b3ebb65c2ac3b6d969716eae631"
x-cache
Miss from cloudfront
x-amz-version-id
_v5KHVPcQi0NzK.rnrrKjlz1c8veUFbj
cache-control
max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-type
image/jpeg
content-length
242396
x-amz-cf-id
u3yEJ7OXKHE7Zwnw558mZQZVTtTNdSvVFi1V3egIfObhlTKdOyL3hA==
recaptcha__de.js
www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/ 		348 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=recaptchaOnLoadCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
aba311cb6a5c9a5bc6aedd12bf7e4eafe080fecd789840865ffebb30c4cdde5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.safehavenhc.com/
Origin
https://www.safehavenhc.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 14:05:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1650
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
139303
x-xss-protection
0
last-modified
Mon, 25 Oct 2021 04:03:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="recaptcha"
expires
Sat, 29 Oct 2022 14:05:19 GMT
collect
www.google-analytics.com/j/ 		4 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1814981740&t=pageview&_s=1&dl=https%3A%2F%2Fwww.safehavenhc.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Safe%20Haven%20Home%20Care%20Inc.%20%7C%20Home%20Health%20Care%20%7C%20Brooklyn%2C%20NY&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAAC~&jid=1442388418&gjid=466177860&cid=13299237.1635517969&tid=UA-86758039-1&_gid=1520811353.1635517969&_r=1&_slc=1&cd1=vivial&cd2=safehavenhomecareinc&cd5=prod&cd3=home&cd4=en&z=1671731246
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.safehavenhc.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Oct 2021 14:32:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.safehavenhc.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1814981740&t=pageview&_s=1&dl=https%3A%2F%2Fwww.safehavenhc.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Safe%20Haven%20Home%20Care%20Inc.%20%7C%20Home%20Health%20Care%20%7C%20Brooklyn%2C%20NY&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAAC~&jid=938978840&gjid=102817504&cid=13299237.1635517969&tid=UA-86758039-2&_gid=1520811353.1635517969&_r=1&_slc=1&cd1=vivial&cd2=safehavenhomecareinc&cd5=prod&cd3=home&cd4=en&z=1192129334
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.safehavenhc.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Oct 2021 14:32:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.safehavenhc.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-86758039-1&cid=13299237.1635517969&jid=1442388418&gjid=466177860&_gid=1520811353.1635517969&_u=YEDAAEAAAAAAAC~&z=1708907351
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.166.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wm-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.safehavenhc.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 29 Oct 2021 14:32:49 GMT
content-type
text/plain
access-control-allow-origin
https://www.safehavenhc.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| requirejs function| require function| define function| addScript string| sitesApiServiceUrl function| $ function| jQuery function| Sly function| isSafari boolean| designer object| trackers object| functionsToProcess function| initializeGa function| copyToClipBoard function| gaAll function| sendGaEvent function| initCollapseNavbar boolean| insertedBanner function| collapseNavbar function| shareThis function| initializeNestedNav function| afterImagesLoaded function| lazyLoadImgs function| runThemeSpecific function| afterDesignerFrameReady function| handleYellowPagesSubmission function| yellowPageSubmit boolean| greReady number| greUniqueIndex function| recaptchaOnLoadCallback function| getRecpatchId function| gaEvents function| rescaleCaptcha function| removeClearedFillHeights function| setAutoFillHeights function| checkboxRequiredValidation object| vsm function| mobileAndTabletcheck function| getWindowSize string| GoogleAnalyticsObject function| ga object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| recaptcha

7 Cookies

Domain/Path Name / Value
.ipromote.com/ad Name: crt
Value: 3M7JLJGNQ0V%3D0
.ipromote.com/ad Name: cat2
Value: 2482%3A10477%3D1
.safehavenhc.com/ Name: _ga
Value: GA1.2.13299237.1635517969
.safehavenhc.com/ Name: _gid
Value: GA1.2.1520811353.1635517969
.safehavenhc.com/ Name: _gat_system
Value: 1
.safehavenhc.com/ Name: _gat_affiliate
Value: 1
.adnxs.com/ Name: uuid2
Value: 5351654806023366661

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
servedby.ipromote.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.gstatic.com
www.safehavenhc.com
104.111.232.109
13.225.87.81
142.250.181.227
142.250.181.234
142.250.185.110
142.250.186.132
142.250.186.35
185.33.221.91
64.233.166.156
1347ac5037cc8eab1f63005e4767f2595a685e7fe47bfecafd181704e65aac12
15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a
225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed
25eea5f994c24a7f0b1fc47e44713631c3e1af18bd1389271712e22b37157e35
314a94b9f418cfa15ba4cc5b609000cd75aba4d36d5dbea2e7259cb8143c2eaf
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
374d5cf30a76a3e39afc559543e95301dbc43ae6f4e0d04a78197ee8b8a2cef4
377a0f99b820ec8aa383879392274439a5a14d45a71c3d5ad19a1de0b8c2f296
5bdde82369eb6ae9f72b722b9d6a64a3f1b7e27e01de340bacdb74f4914f2c3b
5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c
609f32b365a91ba688e490b664fbc60a7918c480f706d4afb4ac52bbb7c8e34a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d624e519f33db946cbf66bb0cbf9d431b42883a0b4e21f6d737ffc1dd65448c
7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2
943a1c37673d09df4c2d212b97534b60db8e2ba61afca483fed3ff6567163913
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
aba311cb6a5c9a5bc6aedd12bf7e4eafe080fecd789840865ffebb30c4cdde5a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a5b8d96b8e8792ac50f6f4ad4d8051ade721c69a5fec310378155681d110b8
c8f7932217a70a360d6b40a128f6822553c178fef1d9c27419f5f5f252163fdc
d0578b5c326cc627fc7b723c1df905d4e16567a89e818f7d9e43abb55b567a4a
df140bf89e3f40f53f8e6d48be779efc6ccf74c6fa70e735c9ae4693b3530788
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b7faebc9c83d40bb8c017a5242ed65e110054245f928a36e410c1d716a4b54
e78bb2ccfb13187dcc94f0ef945b725381163c220ef9e98c1cb1cd4fa74c7e28
e7e3f924ddc945722840ce2049d98c8c0aba3f8bd9e2d209648e650044cfad42
fb47553edb7f11c75b45aec25f20747692a88e6261c6ed0f1fce6b5aa3401402
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd6f69b5a4308c9a75ec99146999640f8b4ca703f54c82cfdc6ad5dc5af685e6