www.havenday.com Open in urlscan Pro
216.18.168.223 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://havenday.com/
Effective URL:
https://www.havenday.com/
Submission: On April 30 via manual (April 30th 2021, 2:54:32 pm UTC) from FR

Summary HTTP 21 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 21 HTTP transactions. The main IP is 216.18.168.223, located in United States and belongs to REFLECTED, US. The main domain is www.havenday.com.
TLS certificate: Issued by R3 on March 26th 2021. Valid for: 3 months.

This is the only time www.havenday.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 12	216.18.168.223 216.18.168.223	29789 (REFLECTED) (REFLECTED)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	143.204.202.49 143.204.202.49	16509 (AMAZON-02) (AMAZON-02)
21	7

12 216.18.168.223 (United States) 2 redirects

ASN29789 (REFLECTED, US)

havenday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.havenday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.202.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-49.fra53.r.cloudfront.net

prod-csx-static-assets.infoserv.systems	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	havenday.com 2 redirects havenday.com www.havenday.com	928 KB
4	gstatic.com fonts.gstatic.com	76 KB
3	google-analytics.com www.google-analytics.com	58 KB
2	googleapis.com fonts.googleapis.com	3 KB
1	infoserv.systems prod-csx-static-assets.infoserv.systems	3 KB
1	googletagmanager.com www.googletagmanager.com	62 KB
21	6

	Domain	Requested by
10	www.havenday.com	www.havenday.com
4	fonts.gstatic.com	fonts.googleapis.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.googleapis.com	www.havenday.com
2	havenday.com	2 redirects
1	prod-csx-static-assets.infoserv.systems	www.havenday.com
1	www.googletagmanager.com	www.havenday.com
21	7

This site contains links to these domains. Also see Links.

Domain
members.havenday.com
personal.natwest.com

Subject Issuer	Validity	Valid
havenday.com R3	`2021-03-26` - `2021-06-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.infoserv.systems Amazon	`2021-01-19` - `2022-02-16`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.havenday.com/
Frame ID: 210F7279CAFE7C52C3574E9FC995D990
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://havenday.com/ HTTP 301
https://havenday.com/ HTTP 302
https://www.havenday.com/ Page URL

Detected technologies

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
html //i

Page Statistics

21
Requests

100 %
HTTPS

71 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

1129 kB
Transfer

2334 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://members.havenday.com/
Title: Member's Area

Search URL Search Domain Scan URL

URL: https://personal.natwest.com/personal/fraud-and-security.html
Title: Customer Security Center

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://havenday.com/ HTTP 301
https://havenday.com/ HTTP 302
https://www.havenday.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
www.havenday.com/
Redirect Chain

http://havenday.com/
https://havenday.com/
https://www.havenday.com/

15 KB
4 KB

1798ms
1670ms

Document
text/html

216.18.168.223
REFLECTED

General

Check archive.org

Show headers Download Go to

Full URL

https://www.havenday.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

216.18.168.223 , United States, ASN29789 (REFLECTED, US),

Reverse DNS

Software

Apache /

Resource Hash

da3a1446dee613e834dbb8ed0bd03e3d3448abeab7644ffd9c38d1ea51f62db2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Host: www.havenday.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Apr 2021 14:54:12 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000;includeSubDomains
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-XSS-Protection: 1; mode=block
Set-Cookie: PHPSESSID=ccsmrt8b43f7limv47ujibgi16; path=/;Secure;SameSite=None studcat=1; expires=Sun, 30-May-2021 14:54:12 GMT; Max-Age=2592000;Secure;SameSite=None RNLBSERVERID=ded5249CuYZ0zUoVH1P4YA4vwSgrCvZ; path=/; Secure
Content-Length: 3828
Content-Type: text/html; charset=UTF-8
X-Request-ID: 608C1A14-D812A8DF01BB1AC3-81DA4

Redirect headers

Date: Fri, 30 Apr 2021 14:54:11 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000;includeSubDomains
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: https://www.havenday.com/
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-XSS-Protection: 1; mode=block
Set-Cookie: PHPSESSID=8rqn7k2l5e7rda1mavea0ojqf2; path=/;Secure;SameSite=None studcat=1; expires=Sun, 30-May-2021 14:54:11 GMT; Max-Age=2592000;Secure;SameSite=None RNLBSERVERID=ded5250D9Dahjyp0jB22jcTK51U8GBe; path=/; Secure
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Request-ID: 608C1A13-D812A8DF01BB1AC3-81DA0

GET
H2 200 css2
fonts.googleapis.com/ 22 KB
1 KB 15ms
15ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap

Requested by

Host: www.havenday.com
URL: https://www.havenday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cc5fd132061a74f7734ff3ff5e31d6fc9e9ecf30798d98f9f1ac0bceb37fb7db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.havenday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 30 Apr 2021 14:24:35 GMT
server: ESF
date: Fri, 30 Apr 2021 14:54:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 30 Apr 2021 14:54:13 GMT

GET
H2 200 css2
fonts.googleapis.com/ 51 KB
2 KB 26ms
25ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap

Requested by

Host: www.havenday.com
URL: https://www.havenday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8b372f64a6271c43eb704e467e0596772f40e3f623074ac442ec672e88ed68f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.havenday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 30 Apr 2021 14:54:13 GMT
server: ESF
date: Fri, 30 Apr 2021 14:54:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 30 Apr 2021 14:54:13 GMT

GET
H/1.1 200
OK app.min.css
www.havenday.com/css/ 497 KB
132 KB 167ms
166ms Stylesheet
text/css 216.18.168.223
REFLECTED

General

Check archive.org

Show headers Download Go to

Full URL

https://www.havenday.com/css/app.min.css

Requested by

Host: www.havenday.com
URL: https://www.havenday.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

216.18.168.223 , United States, ASN29789 (REFLECTED, US),

Reverse DNS

Software

Apache /

Resource Hash

b278418c2964bef30f15152f92847475c071a64b6123e3ebca2ed7bcdf97262f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.havenday.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.havenday.com/
Cookie: PHPSESSID=ccsmrt8b43f7limv47ujibgi16; studcat=1; RNLBSERVERID=ded5249CuYZ0zUoVH1P4YA4vwSgrCvZ
Connection: keep-alive
Referer: https://www.havenday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Apr 2021 14:54:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Request-ID: 608C1A15-D812A8DF01BB1AC3-81DA6
Last-Modified: Tue, 20 Apr 2021 13:18:28 GMT
Server: Apache
X-Frame-Options: sameorigin
ETag: "7c254-5c06748237100-gzip"
Strict-Transport-Security: max-age=63072000;includeSubDomains
Content-Type: text/css
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Expires: Sat, 30 Apr 2022 14:54:13 GMT

GET
H/1.1 200
OK 27_logo.png
www.havenday.com/uploads/ 2 KB
2 KB 362ms
254ms Image
image/png 216.18.168.223
REFLECTED

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.havenday.com/uploads/27_logo.png

Requested by

Host: www.havenday.com
URL: https://www.havenday.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

216.18.168.223 , United States, ASN29789 (REFLECTED, US),

Reverse DNS

Software

Apache /

Resource Hash

318851579f08f4ff3d35e0758cc4d05d5cc6948615d4d8b12e5486c38bc52ef5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.havenday.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.havenday.com/
Cookie: PHPSESSID=ccsmrt8b43f7limv47ujibgi16; studcat=1; RNLBSERVERID=ded5249CuYZ0zUoVH1P4YA4vwSgrCvZ
Connection: keep-alive
Referer: https://www.havenday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Apr 2021 14:54:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 12 Dec 2018 13:36:20 GMT
Server: Apache
ETag: "6cd-57cd348825d00"
X-Frame-Options: sameorigin
Content-Type: image/png
Cache-Control: max-age=31536000
Strict-Transport-Security: max-age=63072000;includeSubDomains
Accept-Ranges: bytes
Content-Length: 1741
X-XSS-Protection: 1; mode=block
X-Request-ID: 608C1A15-D812A8DF01BB1AC3-81DA8
Expires: Sat, 30 Apr 2022 14:54:14 GMT

GET
H/1.1 200
OK ico-visa.png
www.havenday.com/images/ 5 KB
6 KB 443ms
257ms Image
image/png 216.18.168.223
REFLECTED

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.havenday.com/images/ico-visa.png

Requested by

Host: www.havenday.com
URL: https://www.havenday.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

216.18.168.223 , United States, ASN29789 (REFLECTED, US),

Reverse DNS

Software

Apache /

Resource Hash

80df0b531b8da755214383f80763adc2a7908d684a420999b4b25421807c4bc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.havenday.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.havenday.com/
Cookie: PHPSESSID=ccsmrt8b43f7limv47ujibgi16; studcat=1; RNLBSERVERID=ded5249CuYZ0zUoVH1P4YA4vwSgrCvZ
Connection: keep-alive
Referer: https://www.havenday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Apr 2021 14:54:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 24 Sep 2020 13:44:16 GMT
Server: Apache
ETag: "14c3-5b00f656a0c00"
X-Frame-Options: sameorigin
Content-Type: image/png
Cache-Control: max-age=31536000
Strict-Transport-Security: max-age=63072000;includeSubDomains
Accept-Ranges: bytes
Content-Length: 5315
X-XSS-Protection: 1; mode=block
X-Request-ID: 608C1A15-D812A8DF01BB1AC3-81DAA
Expires: Sat, 30 Apr 2022 14:54:14 GMT

GET
H/1.1 200
OK ico-mastercard.png
www.havenday.com/images/ 5 KB
6 KB 516ms
153ms Image
image/png 216.18.168.223
REFLECTED

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.havenday.com/images/ico-mastercard.png

Requested by

Host: www.havenday.com
URL: https://www.havenday.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

216.18.168.223 , United States, ASN29789 (REFLECTED, US),

Reverse DNS

Software

Apache /

Resource Hash

e40b8971fdedd8241bdf074717685d9604888461b1581281121140757e45a002

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.havenday.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.havenday.com/
Cookie: PHPSESSID=ccsmrt8b43f7limv47ujibgi16; studcat=1; RNLBSERVERID=ded5249CuYZ0zUoVH1P4YA4vwSgrCvZ
Connection: keep-alive
Referer: https://www.havenday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Apr 2021 14:54:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 24 Sep 2020 13:44:16 GMT
Server: Apache
ETag: "1556-5b00f656a0c00"
X-Frame-Options: sameorigin
Content-Type: image/png
Cache-Control: max-age=31536000
Strict-Transport-Security: max-age=63072000;includeSubDomains
Accept-Ranges: bytes
Content-Length: 5462
X-XSS-Protection: 1; mode=block
X-Request-ID: 608C1A16-D812A8DF01BB1AC3-81DAB
Expires: Sat, 30 Apr 2022 14:54:14 GMT

GET
H/1.1 200
OK main.php Show response
www.havenday.com/js/ 774 KB
255 KB 405ms
297ms Script
application/javascript 216.18.168.223
REFLECTED

General

Check archive.org

Show headers Download Go to

Full URL

https://www.havenday.com/js/main.php

Requested by

Host: www.havenday.com
URL: https://www.havenday.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

216.18.168.223 , United States, ASN29789 (REFLECTED, US),

Reverse DNS

Software

Apache /

Resource Hash

043a1ade174504c3be6da24c2a1b462f4ea77033bd072d90c129e3fdefb107c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.havenday.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.havenday.com/
Cookie: PHPSESSID=ccsmrt8b43f7limv47ujibgi16; studcat=1; RNLBSERVERID=ded5249CuYZ0zUoVH1P4YA4vwSgrCvZ
Connection: keep-alive
Referer: https://www.havenday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Fri, 30 Apr 2021 14:54:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: sameorigin
Content-Type: application/javascript
Cache-Control: 31536000
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000;includeSubDomains
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Request-ID: 608C1A15-D812A8DF01BB1AC3-81DA7
Expires: Sat, 30 Apr 2022 14:54:14 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 198 KB
62 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NTC28N5

Requested by

Host: www.havenday.com
URL: https://www.havenday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

562834835f1afb69728626bf032f6e46d1497c65bfbad32a4707c96afc14dff0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.havenday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 14:54:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63059
x-xss-protection: 0
last-modified: Fri, 30 Apr 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 30 Apr 2021 14:54:13 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTC28N5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.havenday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 4420
date: Fri, 30 Apr 2021 13:40:33 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Fri, 30 Apr 2021 15:40:33 GMT

GET
H/1.1 200
OK 27_background.jpg
www.havenday.com/uploads/ 253 KB
254 KB 518ms
155ms Image
image/jpeg 216.18.168.223
REFLECTED

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.havenday.com/uploads/27_background.jpg

Requested by

Host: www.havenday.com
URL: https://www.havenday.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

216.18.168.223 , United States, ASN29789 (REFLECTED, US),

Reverse DNS

Software

Apache /

Resource Hash

411b15d85b1c3978c6a413e68da6df0822f4f96975a4213f273b8e6fbd2060c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.havenday.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.havenday.com/
Cookie: PHPSESSID=ccsmrt8b43f7limv47ujibgi16; studcat=1; RNLBSERVERID=ded5249CuYZ0zUoVH1P4YA4vwSgrCvZ
Connection: keep-alive
Referer: https://www.havenday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Apr 2021 14:54:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 12 Dec 2018 13:36:20 GMT
Server: Apache
ETag: "3f563-57cd348825d00"
X-Frame-Options: sameorigin
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Strict-Transport-Security: max-age=63072000;includeSubDomains
Accept-Ranges: bytes
Content-Length: 259427
X-XSS-Protection: 1; mode=block
X-Request-ID: 608C1A16-D812A8DF01BB1AC3-81DAC
Expires: Sat, 30 Apr 2022 14:54:14 GMT

GET
H/1.1 200
OK havenday-content.png
www.havenday.com/uploads/ 195 KB
196 KB 472ms
462ms Image
image/png 216.18.168.223
REFLECTED

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.havenday.com/uploads/havenday-content.png

Requested by

Host: www.havenday.com
URL: https://www.havenday.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

216.18.168.223 , United States, ASN29789 (REFLECTED, US),

Reverse DNS

Software

Apache /

Resource Hash

31a811241f50580915c77cc3f590de4b3f1ba1dd86f87fab2682ea6553bbeb53

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.havenday.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.havenday.com/
Cookie: PHPSESSID=ccsmrt8b43f7limv47ujibgi16; studcat=1; RNLBSERVERID=ded5249CuYZ0zUoVH1P4YA4vwSgrCvZ
Connection: keep-alive
Referer: https://www.havenday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Apr 2021 14:54:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 17 Apr 2019 09:32:11 GMT
Server: Apache
ETag: "30dd4-586b68f5d9cc0"
X-Frame-Options: sameorigin
Content-Type: image/png
Cache-Control: max-age=31536000
Strict-Transport-Security: max-age=63072000;includeSubDomains
Accept-Ranges: bytes
Content-Length: 200148
X-XSS-Protection: 1; mode=block
X-Request-ID: 608C1A15-D812A8DF01BBA01B-81A9A
Expires: Sat, 30 Apr 2022 14:54:14 GMT

GET
H/1.1 200
OK 27_footer.jpg
www.havenday.com/uploads/ 47 KB
48 KB 250ms
245ms Image
image/jpeg 216.18.168.223
REFLECTED

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.havenday.com/uploads/27_footer.jpg

Requested by

Host: www.havenday.com
URL: https://www.havenday.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

216.18.168.223 , United States, ASN29789 (REFLECTED, US),

Reverse DNS

Software

Apache /

Resource Hash

625d3a7cfb5e2026ab1d3a5c6eae05db9ded75940330e0cf593dbda9d2e93202

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.havenday.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.havenday.com/
Cookie: PHPSESSID=ccsmrt8b43f7limv47ujibgi16; studcat=1; RNLBSERVERID=ded5249CuYZ0zUoVH1P4YA4vwSgrCvZ
Connection: keep-alive
Referer: https://www.havenday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Apr 2021 14:54:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 12 Dec 2018 13:36:20 GMT
Server: Apache
ETag: "bd2f-57cd348825d00"
X-Frame-Options: sameorigin
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Strict-Transport-Security: max-age=63072000;includeSubDomains
Accept-Ranges: bytes
Content-Length: 48431
X-XSS-Protection: 1; mode=block
X-Request-ID: 608C1A15-D812A8DF01BBA4E8-81FA0
Expires: Sat, 30 Apr 2022 14:54:14 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 28ms
13ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=944556661&t=pageview&_s=1&dl=https%3A%2F%2Fwww.havenday.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Havenday%20%7C%20Unlimited%20Movies%2C%20Games%2C%20Music%20and%20E-books&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=2070421077&gjid=33333894&cid=1865283122.1619794454&tid=UA-160266386-1&_gid=1830393262.1619794454&_r=1&gtm=2wg4l3NTC28N5&z=758920603

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.havenday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 14:54:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.havenday.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_cJD3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_cJD3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab9241a07a70085385b3b30dbf081ad3296f8a95a48bbf524c5eb74f0fc030a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.havenday.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:13:19 GMT
server: sffe
age: 449436
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18988
x-xss-protection: 0
expires: Mon, 25 Apr 2022 10:03:38 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.havenday.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 03:56:48 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
age: 39446
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19480
x-xss-protection: 0
expires: Sat, 30 Apr 2022 03:56:48 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.havenday.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:52 GMT
server: sffe
age: 449436
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19172
x-xss-protection: 0
expires: Mon, 25 Apr 2022 10:03:38 GMT

GET
H/1.1 200
OK icon-font.woff
www.havenday.com/css/fonts/ 24 KB
25 KB 154ms
154ms Font
application/font-woff 216.18.168.223
REFLECTED

General

Check archive.org

Show headers Download Go to

Full URL

https://www.havenday.com/css/fonts/icon-font.woff

Requested by

Host: www.havenday.com
URL: https://www.havenday.com/css/app.min.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

216.18.168.223 , United States, ASN29789 (REFLECTED, US),

Reverse DNS

Software

Apache /

Resource Hash

58e311ce8be394ab565a71f996825b6052ef1b0d1238298e2fdc5317a407f897

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.havenday.com
Accept-Encoding: gzip, deflate, br
Host: www.havenday.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.havenday.com/css/app.min.css
Cookie: PHPSESSID=ccsmrt8b43f7limv47ujibgi16; studcat=1; RNLBSERVERID=ded5249CuYZ0zUoVH1P4YA4vwSgrCvZ; _ga=GA1.2.1865283122.1619794454; _gid=GA1.2.1830393262.1619794454; _gat_UA-160266386-1=1
Connection: keep-alive
Origin: https://www.havenday.com
Referer: https://www.havenday.com/css/app.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Apr 2021 14:54:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 18 Nov 2020 10:00:55 GMT
Server: Apache
ETag: "6190-5b45eafeca3c0"
X-Frame-Options: sameorigin
Content-Type: application/font-woff
Strict-Transport-Security: max-age=63072000;includeSubDomains
Accept-Ranges: bytes
Content-Length: 24976
X-XSS-Protection: 1; mode=block
X-Request-ID: 608C1A16-D812A8DF01BB1AC3-81DAD

GET
H3-29 200 JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eeb4ec8571a426f7168aa0aa95f3a738a0c45f71b919cfb49f648912b2b6640

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.havenday.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:12:13 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:52 GMT
server: sffe
age: 312121
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19660
x-xss-protection: 0
expires: Wed, 27 Apr 2022 00:12:13 GMT

GET
H2 200 index.js Show response
prod-csx-static-assets.infoserv.systems/csx-trk-client/2.1.6/ 8 KB
3 KB 182ms
56ms Script
application/javascript 143.204.202.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-csx-static-assets.infoserv.systems/csx-trk-client/2.1.6/index.js
Requested by: Host: www.havenday.com
URL: https://www.havenday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.202.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-49.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 41c43b7c645ea0bb73afde86129182d18543ac7415381f4e4346225d29787040

Request headers

Referer: https://www.havenday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 14:08:15 GMT
content-encoding: gzip
last-modified: Tue, 06 Aug 2019 20:24:27 GMT
server: AmazonS3
age: 2760
etag: W/"462d9d3545a1a4bdf8fe7e8255247509"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: aDDDTyz_HYImXDKB3Poi-jIfHldWyoSiPcTfE7Zb8ch8kzbqRiniMQ==

GET
H3-29 200 js Show response
www.google-analytics.com/gtm/ 114 KB
38 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-KW55NQN&t=gtm9&cid=1865283122.1619794454

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e1958f73f3cecd9f02fc9455dc58e0782cafc8f0b07a8c1e752ec3d80d26a342

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.havenday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 14:54:14 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39307
x-xss-protection: 0
expires: Fri, 30 Apr 2021 14:54:14 GMT

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
havenday.com
prod-csx-static-assets.infoserv.systems
www.google-analytics.com
www.googletagmanager.com
www.havenday.com
143.204.202.49
216.18.168.223
2a00:1450:4001:80e::2003
2a00:1450:4001:812::2008
2a00:1450:4001:828::200a
2a00:1450:4001:829::2003
2a00:1450:4001:830::200e
043a1ade174504c3be6da24c2a1b462f4ea77033bd072d90c129e3fdefb107c4
0eeb4ec8571a426f7168aa0aa95f3a738a0c45f71b919cfb49f648912b2b6640
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
318851579f08f4ff3d35e0758cc4d05d5cc6948615d4d8b12e5486c38bc52ef5
31a811241f50580915c77cc3f590de4b3f1ba1dd86f87fab2682ea6553bbeb53
411b15d85b1c3978c6a413e68da6df0822f4f96975a4213f273b8e6fbd2060c0
41c43b7c645ea0bb73afde86129182d18543ac7415381f4e4346225d29787040
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
562834835f1afb69728626bf032f6e46d1497c65bfbad32a4707c96afc14dff0
58e311ce8be394ab565a71f996825b6052ef1b0d1238298e2fdc5317a407f897
625d3a7cfb5e2026ab1d3a5c6eae05db9ded75940330e0cf593dbda9d2e93202
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
80df0b531b8da755214383f80763adc2a7908d684a420999b4b25421807c4bc8
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
8b372f64a6271c43eb704e467e0596772f40e3f623074ac442ec672e88ed68f8
ab9241a07a70085385b3b30dbf081ad3296f8a95a48bbf524c5eb74f0fc030a4
b278418c2964bef30f15152f92847475c071a64b6123e3ebca2ed7bcdf97262f
cc5fd132061a74f7734ff3ff5e31d6fc9e9ecf30798d98f9f1ac0bceb37fb7db
da3a1446dee613e834dbb8ed0bd03e3d3448abeab7644ffd9c38d1ea51f62db2
e1958f73f3cecd9f02fc9455dc58e0782cafc8f0b07a8c1e752ec3d80d26a342
e40b8971fdedd8241bdf074717685d9604888461b1581281121140757e45a002

www.havenday.com Open in urlscan Pro 216.18.168.223 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

100 %HTTPS

71 %IPv6

6 Domains

7 Subdomains

7 IPs

2 Countries

1129 kBTransfer

2334 kBSize

0 Cookies

2 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

www.havenday.com Open in urlscan Pro
216.18.168.223 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

100 %
HTTPS

71 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

1129 kB
Transfer

2334 kB
Size

0
Cookies

21 HTTP transactions
0 data transactions