bundles.safehavenpest.com Open in urlscan Pro
2606:4700::6810:ec2  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://bundles.safehavenpest.com/ Page URL
2. https://bundles.safehavenpest.com/ Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	503	/ Show response bundles.safehavenpest.com/	10 KB 11 KB	88ms 31ms	Document text/html	2606:4700::6810:ec2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bundles.safehavenpest.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5aafab7f86396cf26cc8824a4540fc25881de0281a8a8f9bf2543e9649dae919 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 705d7cf208fa01db-ZRH content-type text/html; charset=UTF-8 date Wed, 04 May 2022 01:33:24 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" expires Thu, 01 Jan 1970 00:00:01 GMT permissions-policy accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() server cloudflare vary Accept-Encoding x-frame-options SAMEORIGIN
GET H2	200	v1 Show response bundles.safehavenpest.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/	39 KB 14 KB	35ms 35ms	Script application/javascript	2606:4700::6810:ec2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bundles.safehavenpest.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=705d7cf208fa01db Requested by Host: bundles.safehavenpest.com URL: https://bundles.safehavenpest.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ed5cac9cd6261fb7ce50ef26a5364566659f0359d53519383c6bb8ae45409367 Request headers accept-language de-DE,de;q=0.9 Referer https://bundles.safehavenpest.com/?__cf_chl_rt_tk=H7n1n03ewzSNIMGUK99yRb74XMZlKIzN3OxGPbrgCU4-1651628004-0-gaNycGzNCFE User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Wed, 04 May 2022 01:33:24 GMT content-encoding br server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, must-revalidate cf-ray 705d7cf2894901db-ZRH
GET H2	200	transparent.gif bundles.safehavenpest.com/cdn-cgi/images/trace/jschal/js/	42 B 220 B	16ms 16ms	Image image/gif	2606:4700::6810:ec2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bundles.safehavenpest.com/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=705d7cf208fa01db Requested by Host: bundles.safehavenpest.com URL: https://bundles.safehavenpest.com/?__cf_chl_rt_tk=H7n1n03ewzSNIMGUK99yRb74XMZlKIzN3OxGPbrgCU4-1651628004-0-gaNycGzNCFE Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://bundles.safehavenpest.com/?__cf_chl_rt_tk=H7n1n03ewzSNIMGUK99yRb74XMZlKIzN3OxGPbrgCU4-1651628004-0-gaNycGzNCFE User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Wed, 04 May 2022 01:33:24 GMT x-content-type-options nosniff last-modified Fri, 29 Apr 2022 17:17:13 GMT server cloudflare etag "626c1d99-2a" x-frame-options DENY content-type image/gif cache-control max-age=7200, public accept-ranges bytes cf-ray 705d7cf2894a01db-ZRH vary Accept-Encoding content-length 42 expires Wed, 04 May 2022 03:33:24 GMT
GET H2	200	transparent.gif bundles.safehavenpest.com/cdn-cgi/images/trace/jschal/nojs/	42 B 101 B	16ms 16ms	Image image/gif	2606:4700::6810:ec2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bundles.safehavenpest.com/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=705d7cf208fa01db Requested by Host: bundles.safehavenpest.com URL: https://bundles.safehavenpest.com/?__cf_chl_rt_tk=H7n1n03ewzSNIMGUK99yRb74XMZlKIzN3OxGPbrgCU4-1651628004-0-gaNycGzNCFE Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://bundles.safehavenpest.com/?__cf_chl_rt_tk=H7n1n03ewzSNIMGUK99yRb74XMZlKIzN3OxGPbrgCU4-1651628004-0-gaNycGzNCFE User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Wed, 04 May 2022 01:33:24 GMT x-content-type-options nosniff last-modified Fri, 29 Apr 2022 17:17:13 GMT server cloudflare etag "626c1d99-2a" x-frame-options DENY content-type image/gif cache-control max-age=7200, public accept-ranges bytes cf-ray 705d7cf2894b01db-ZRH vary Accept-Encoding content-length 42 expires Wed, 04 May 2022 03:33:24 GMT
POST H2	200	c1fc56c7add6048 Show response bundles.safehavenpest.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.768937695091581:1651626616:2dca7cf7e988eb991a9bc50a0318e8a85ccebb2e21ecac83e37739e1fc0cfaf6/705d7cf208fa01db/	109 KB 60 KB	61ms 61ms	XHR text/plain	2606:4700::6810:ec2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bundles.safehavenpest.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.768937695091581:1651626616:2dca7cf7e988eb991a9bc50a0318e8a85ccebb2e21ecac83e37739e1fc0cfaf6/705d7cf208fa01db/c1fc56c7add6048 Requested by Host: bundles.safehavenpest.com URL: https://bundles.safehavenpest.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=705d7cf208fa01db Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b5a0eeb8049d18e374f25cdda854fea02f3291734d5e9aa89f15e04dccbc9caa Request headers Referer https://bundles.safehavenpest.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 CF-Challenge c1fc56c7add6048 Content-type application/x-www-form-urlencoded Response headers date Wed, 04 May 2022 01:33:24 GMT content-encoding br cf_chl_gen vv654WnoKurmU/3QNoNCCtqjrnw/QPJbGvHRXTQ1nQAO/unJ2E+X4Yr1UY0e/OEgZyXIhfuhsHouWPpEJM/Xuz/tpe0tKP5TgAsufETAbyB0ma+teqIDXOgWSQALvNjjM4iiRhIb9oBP9kMmbklW9qXrFWsl9DXXL59Hqv38O1K32pL9B6gDexRyrc6z5X/GZb6CHO4EMUem2KcT8JNVce/thdoFYm1InSHxpWJau+cdCMwiEC2tR+K0evvsFN6wo3Ifj5KkR9WuBX9dZwxd2VFvX2ZE1s1PwROBAVbDCcgU9ansHXhU8q0eafvj9CHh++l3p8SVn+6PGJdG5kw3bA==$c9DH+YpPBrq1kywIjN83Hw== server cloudflare cf-ray 705d7cf3a9a601db-ZRH expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type text/plain; charset=UTF-8
GET DATA	200 OK	truncated /	68 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Content-Type image/png
GET H2	200	J-efP1DV3ZmghM4 bundles.safehavenpest.com/cdn-cgi/challenge-platform/h/g/img/705d7cf208fa01db/1651628004442/	61 B 143 B	27ms 26ms	Image image/png	2606:4700::6810:ec2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bundles.safehavenpest.com/cdn-cgi/challenge-platform/h/g/img/705d7cf208fa01db/1651628004442/J-efP1DV3ZmghM4 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0f3322a9a4fae0f0e72cdfa9211fe65721922683e26879a1e8275e2696ac0d44 Request headers accept-language de-DE,de;q=0.9 Referer https://bundles.safehavenpest.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Wed, 04 May 2022 01:33:25 GMT server cloudflare cf-ray 705d7cf9ac7201db-ZRH expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png
POST H2	200	c1fc56c7add6048 Show response bundles.safehavenpest.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.768937695091581:1651626616:2dca7cf7e988eb991a9bc50a0318e8a85ccebb2e21ecac83e37739e1fc0cfaf6/705d7cf208fa01db/	1 KB 1 KB	55ms 55ms	XHR text/html	2606:4700::6810:ec2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bundles.safehavenpest.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.768937695091581:1651626616:2dca7cf7e988eb991a9bc50a0318e8a85ccebb2e21ecac83e37739e1fc0cfaf6/705d7cf208fa01db/c1fc56c7add6048 Requested by Host: bundles.safehavenpest.com URL: https://bundles.safehavenpest.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=705d7cf208fa01db Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 72062ec7cbca6a3aea661e3bbc2070ecf82ab12f3f391d0bed81fc44f5d946d1 Request headers Referer https://bundles.safehavenpest.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 CF-Challenge c1fc56c7add6048 Content-type application/x-www-form-urlencoded Response headers date Wed, 04 May 2022 01:33:25 GMT content-encoding br server cloudflare cf_chl_out 9lHM1mjvMJJacTBYLLd7/XqCsYtCMlmrenPdWCocmk6ni2gXbSQ+PLLNY02QCJMMfVnrASpNvwKklsjyPW3ClA==$89IyksCmsXoLOq9ADq8M2A== expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type text/html; charset=UTF-8 cf_chl_out_s yl5hHOqcdg2r3Zk2OE45TbVZpg3YLOZLX2toK9UkuOc4u06qgF/uSUnwR0enOAxc7yAyKq00ksnlh6NrBes46jAiBUNiqmwiLP2POmCefntMjcgo8khhILVEpwmcmsTuE/EtmBND9k5/UmZaSfsFsyZQdOhlqQgCYgnLeOfEKwPVQaz2r0yCD7AWRH07NSI073t0YbUCZC/p0JInDw/tnK57r92O5Z/NhFo4rnYxVOekfkS59wLQ4MDpgEYJQZxv$T93U594YFDLb1hy0AWNxgw== cf-ray 705d7cfa8cc401db-ZRH
GET H2	503	Primary Request / Show response bundles.safehavenpest.com/	10 KB 10 KB	24ms 23ms	Document text/html	2606:4700::6810:ec2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bundles.safehavenpest.com/ Requested by Host: bundles.safehavenpest.com URL: https://bundles.safehavenpest.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 317097f91322d9d8e0e838afe8577ea410e9aacfb0183c8f3b1574da9e3f3149 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://bundles.safehavenpest.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 705d7d076aca01db-ZRH content-type text/html; charset=UTF-8 date Wed, 04 May 2022 01:33:27 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" expires Thu, 01 Jan 1970 00:00:01 GMT permissions-policy accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() server cloudflare vary Accept-Encoding x-frame-options SAMEORIGIN
GET H2	200	v1 Show response bundles.safehavenpest.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/	41 KB 15 KB	27ms 26ms	Script application/javascript	2606:4700::6810:ec2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bundles.safehavenpest.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=705d7d076aca01db Requested by Host: bundles.safehavenpest.com URL: https://bundles.safehavenpest.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8e8b2c4aed3bcf4d7fe6c0c0b1d4a8bb40dc7b7ec6e87bf655952286b2665099 Request headers accept-language de-DE,de;q=0.9 Referer https://bundles.safehavenpest.com/?__cf_chl_rt_tk=nIt4qeacyjYIXBDcA9tk1KXXAZjCuEVHX633TBuAcfk-1651628007-0-gaNycGzNB9E User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Wed, 04 May 2022 01:33:27 GMT content-encoding br server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, must-revalidate cf-ray 705d7d07bafd01db-ZRH
GET H2	200	transparent.gif bundles.safehavenpest.com/cdn-cgi/images/trace/jschal/js/	42 B 101 B	18ms 17ms	Image image/gif	2606:4700::6810:ec2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bundles.safehavenpest.com/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=705d7d076aca01db Requested by Host: bundles.safehavenpest.com URL: https://bundles.safehavenpest.com/?__cf_chl_rt_tk=nIt4qeacyjYIXBDcA9tk1KXXAZjCuEVHX633TBuAcfk-1651628007-0-gaNycGzNB9E Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://bundles.safehavenpest.com/?__cf_chl_rt_tk=nIt4qeacyjYIXBDcA9tk1KXXAZjCuEVHX633TBuAcfk-1651628007-0-gaNycGzNB9E User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Wed, 04 May 2022 01:33:27 GMT x-content-type-options nosniff last-modified Fri, 29 Apr 2022 17:17:13 GMT server cloudflare etag "626c1d99-2a" x-frame-options DENY content-type image/gif cache-control max-age=7200, public accept-ranges bytes cf-ray 705d7d07bafe01db-ZRH vary Accept-Encoding content-length 42 expires Wed, 04 May 2022 03:33:27 GMT
GET H2	200	transparent.gif bundles.safehavenpest.com/cdn-cgi/images/trace/jschal/nojs/	42 B 124 B	15ms 15ms	Image image/gif	2606:4700::6810:ec2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bundles.safehavenpest.com/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=705d7d076aca01db Requested by Host: bundles.safehavenpest.com URL: https://bundles.safehavenpest.com/?__cf_chl_rt_tk=nIt4qeacyjYIXBDcA9tk1KXXAZjCuEVHX633TBuAcfk-1651628007-0-gaNycGzNB9E Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://bundles.safehavenpest.com/?__cf_chl_rt_tk=nIt4qeacyjYIXBDcA9tk1KXXAZjCuEVHX633TBuAcfk-1651628007-0-gaNycGzNB9E User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Wed, 04 May 2022 01:33:27 GMT x-content-type-options nosniff last-modified Fri, 29 Apr 2022 17:17:13 GMT server cloudflare etag "626c1d99-2a" x-frame-options DENY content-type image/gif cache-control max-age=7200, public accept-ranges bytes cf-ray 705d7d07baff01db-ZRH vary Accept-Encoding content-length 42 expires Wed, 04 May 2022 03:33:27 GMT
POST H2	200	15bfbf2a77600a9 Show response bundles.safehavenpest.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.23631660194108053:1651626612:7756c5ea4e3436ac65446d4098cb210d2542681ac7c9a15524aef3f2e9159479/705d7d076aca01db/	134 KB 74 KB	62ms 62ms	XHR text/plain	2606:4700::6810:ec2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bundles.safehavenpest.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.23631660194108053:1651626612:7756c5ea4e3436ac65446d4098cb210d2542681ac7c9a15524aef3f2e9159479/705d7d076aca01db/15bfbf2a77600a9 Requested by Host: bundles.safehavenpest.com URL: https://bundles.safehavenpest.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=705d7d076aca01db Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8c7f04e1f98c77d4d812eaf1921da84358f375b104ebcee756c7145ef8bd16a0 Request headers Referer https://bundles.safehavenpest.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 CF-Challenge 15bfbf2a77600a9 Content-type application/x-www-form-urlencoded Response headers date Wed, 04 May 2022 01:33:27 GMT content-encoding br cf_chl_gen MhM9PuJ/fjgq7/eGPx7r1b87AmBY7QlvNm83MdUO3f/qcd6RbL2EQebZH+0CJ1iWffItdMRW5Uxeulcqio5n1QIHvWGKT3eHpkgZ0XiXhQNiLWgGGxPquTrXx6Z9MajWQ1Pn9zHvYl46vZzFERWYhrxu/urfnxbBBJHRGsdRqtHia8GPIe49xlWbEjRShaiBfxO7l17XVvYwzvCcKCklDnjr10gx/MCC/sE3yPhCjpELoPTpI7WdwrRZLCiz62duRws+syp4HK5zq/wCV8+CTDJ7pUpsFPKW4UFg0WVoWe+Jkp1xNNJAdQ408WKVxhO8EOVqgybpUozYgiHyk9dW9zeMmBMe5njTDkaqu9ollBsdYTJiQf40uFuT9tBbH/vZ$L7DQWq36iKzYVOvfrROOQA== server cloudflare cf-ray 705d7d089b5f01db-ZRH expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type text/plain; charset=UTF-8
GET BLOB	200 OK	bf9f40f7-d107-4856-b607-073fab3cf492 https://bundles.safehavenpest.com/	120 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://bundles.safehavenpest.com/bf9f40f7-d107-4856-b607-073fab3cf492 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash c609febe6499f4d3ca41a5a6266ea0f7f1f5641c8917d26a20261f3c7ae89185 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Content-Length 120 Content-Type application/javascript
GET H2	200	mQJktnFtZDOWHnr bundles.safehavenpest.com/cdn-cgi/challenge-platform/h/g/img/705d7d076aca01db/1651628007791/	61 B 112 B	27ms 27ms	Image image/png	2606:4700::6810:ec2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bundles.safehavenpest.com/cdn-cgi/challenge-platform/h/g/img/705d7d076aca01db/1651628007791/mQJktnFtZDOWHnr Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff9c33673375c6959833d15524ffbf4b02a983ba05207f17c03a6bbb18f594a0 Request headers accept-language de-DE,de;q=0.9 Referer https://bundles.safehavenpest.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Wed, 04 May 2022 01:33:27 GMT server cloudflare cf-ray 705d7d095bc701db-ZRH expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| _cf_chl_opt function| _cf_chl_enter function| sendRequest function| _cf_atob boolean| _cf_chl_done_ran function| _cf_chl_done function| SHA256 object| _cf_chl_ctx object| _ string| prop

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			bundles.safehavenpest.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.23631660194108053:1651626612:7756c5ea4e3436ac65446d4098cb210d2542681ac7c9a15524aef3f2e9159479/705d7d076aca01db	1969-12-31 23:59:59	Name: cf_chl_seq_15bfbf2a77600a9 Value: EDFoXJxY9QtvaIJ
			.bundles.safehavenpest.com/	1970-01-20 02:47:09	Name: __cf_bm Value: O0HJ0TtaN1.QEU4ShpNUpAq_RdFMcDy3O1XvgZMnPcc-1651628004-0-Ad8T2SUfz9UY0MwRJxunzcxXDzV5SyXBxXJ1vsO8zzTwMMdPXnVe5lvnQ1S8bGhvQdLNsnwZy+wBJPIJ6fgP2243kCOIa9UGyPLmkUZ+9OPR
			bundles.safehavenpest.com/	1970-01-20 02:47:11	Name: cf_chl_rc_ni Value: 1
			bundles.safehavenpest.com/	1970-01-20 02:47:11	Name: cf_chl_prog Value: e

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://bundles.safehavenpest.com/ Message: Failed to load resource: the server responded with a status of 503 ()
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://bundles.safehavenpest.com/ Message: Failed to load resource: the server responded with a status of 503 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bundles.safehavenpest.com
2606:4700::6810:ec2
0f3322a9a4fae0f0e72cdfa9211fe65721922683e26879a1e8275e2696ac0d44
317097f91322d9d8e0e838afe8577ea410e9aacfb0183c8f3b1574da9e3f3149
5aafab7f86396cf26cc8824a4540fc25881de0281a8a8f9bf2543e9649dae919
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
72062ec7cbca6a3aea661e3bbc2070ecf82ab12f3f391d0bed81fc44f5d946d1
8c7f04e1f98c77d4d812eaf1921da84358f375b104ebcee756c7145ef8bd16a0
8e8b2c4aed3bcf4d7fe6c0c0b1d4a8bb40dc7b7ec6e87bf655952286b2665099
b5a0eeb8049d18e374f25cdda854fea02f3291734d5e9aa89f15e04dccbc9caa
c609febe6499f4d3ca41a5a6266ea0f7f1f5641c8917d26a20261f3c7ae89185
ed5cac9cd6261fb7ce50ef26a5364566659f0359d53519383c6bb8ae45409367
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ff9c33673375c6959833d15524ffbf4b02a983ba05207f17c03a6bbb18f594a0