safehaven.brookfielddev.co.uk Open in urlscan Pro
87.239.23.43  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response safehaven.brookfielddev.co.uk/	9 KB 3 KB	224ms 117ms	Document text/html	87.239.23.43 LAYERSHIFT
General Check archive.org Show headers Download Go to Full URL https://safehaven.brookfielddev.co.uk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 87.239.23.43 , United Kingdom, ASN205072 (LAYERSHIFT, GB), Reverse DNS webserver.brookfielddigital.co.uk Software nginx / MODX Revolution PleskLin Resource Hash 99a278d8bb5ff73ba05052887e637e910fd18a57203308ffadb04a3136816b21 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers cache-control no-store, no-cache, must-revalidate content-encoding br content-type text/html; charset=UTF-8 date Thu, 08 Aug 2024 02:31:37 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server nginx vary Accept-Encoding x-powered-by MODX Revolution PleskLin
GET H2	200	styles_315247c273.css safehaven.brookfielddev.co.uk/assets/components/minifyx/cache/	635 KB 82 KB	97ms 96ms	Stylesheet text/css	87.239.23.43 LAYERSHIFT
General Check archive.org Show headers Download Go to Full URL https://safehaven.brookfielddev.co.uk/assets/components/minifyx/cache/styles_315247c273.css Requested by Host: safehaven.brookfielddev.co.uk URL: https://safehaven.brookfielddev.co.uk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 87.239.23.43 , United Kingdom, ASN205072 (LAYERSHIFT, GB), Reverse DNS webserver.brookfielddigital.co.uk Software nginx / PleskLin Resource Hash 0f419db60d026c485e9e32f550d0859ddde1da2c25e510f16424c2ae3291ecaa Request headers Referer https://safehaven.brookfielddev.co.uk/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 02:31:37 GMT content-encoding br last-modified Fri, 17 Dec 2021 14:35:41 GMT server nginx etag W/"61bca03d-9ebb2" x-powered-by PleskLin vary Accept-Encoding content-type text/css
GET H2	200	Logo.350825aa9424fd5e2eb497bc7d9c1ed5.png safehaven.brookfielddev.co.uk/assets/components/phpthumbof/cache/	3 KB 3 KB	52ms 52ms	Image image/png	87.239.23.43 LAYERSHIFT
General Check archive.org Show headers Download Go to Show image Full URL https://safehaven.brookfielddev.co.uk/assets/components/phpthumbof/cache/Logo.350825aa9424fd5e2eb497bc7d9c1ed5.png Requested by Host: safehaven.brookfielddev.co.uk URL: https://safehaven.brookfielddev.co.uk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 87.239.23.43 , United Kingdom, ASN205072 (LAYERSHIFT, GB), Reverse DNS webserver.brookfielddigital.co.uk Software nginx / PleskLin Resource Hash 52d6cd5d0c354a2f2c23bcd5f9033a67b36b64030d873d8e1c1e3b30f07d00d4 Request headers Referer https://safehaven.brookfielddev.co.uk/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 02:31:37 GMT last-modified Fri, 17 Dec 2021 14:38:18 GMT server nginx etag "61bca0da-cf8" x-powered-by PleskLin content-type image/png accept-ranges bytes content-length 3320
GET H2	200	parking.jpg safehaven.brookfielddev.co.uk/assets/media/images/heros/	6 MB 6 MB	168ms 168ms	Image image/jpeg	87.239.23.43 LAYERSHIFT
General Check archive.org Show headers Download Go to Show image Full URL https://safehaven.brookfielddev.co.uk/assets/media/images/heros/parking.jpg Requested by Host: safehaven.brookfielddev.co.uk URL: https://safehaven.brookfielddev.co.uk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 87.239.23.43 , United Kingdom, ASN205072 (LAYERSHIFT, GB), Reverse DNS webserver.brookfielddigital.co.uk Software nginx / PleskLin Resource Hash 17a8ba8cd598345d0dcd0273c623bd2db7f41b02839f8319f8476ecae7c857b4 Request headers Referer https://safehaven.brookfielddev.co.uk/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 02:31:37 GMT last-modified Sun, 30 Jan 2022 12:54:05 GMT server nginx etag "61f68a6d-5d14ba" x-powered-by PleskLin content-type image/jpeg accept-ranges bytes content-length 6100154
GET H2	200	Logo_1.af449dc22e3bc680bb0c89a9e0bb8c9a.png safehaven.brookfielddev.co.uk/assets/components/phpthumbof/cache/	3 KB 3 KB	138ms 137ms	Image image/png	87.239.23.43 LAYERSHIFT
General Check archive.org Show headers Download Go to Show image Full URL https://safehaven.brookfielddev.co.uk/assets/components/phpthumbof/cache/Logo_1.af449dc22e3bc680bb0c89a9e0bb8c9a.png Requested by Host: safehaven.brookfielddev.co.uk URL: https://safehaven.brookfielddev.co.uk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 87.239.23.43 , United Kingdom, ASN205072 (LAYERSHIFT, GB), Reverse DNS webserver.brookfielddigital.co.uk Software nginx / PleskLin Resource Hash 37306ce3fb0c64d3cda65b8dd7b07f8ebb8f7ae7b7dcc402e4ac4673fa4e906d Request headers Referer https://safehaven.brookfielddev.co.uk/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 02:31:37 GMT last-modified Sun, 30 Jan 2022 12:57:15 GMT server nginx etag "61f68b2b-bf1" x-powered-by PleskLin content-type image/png accept-ranges bytes content-length 3057
GET H2	200	gold_award.png safehaven.brookfielddev.co.uk/assets/media/images/uploads/	5 KB 5 KB	138ms 137ms	Image image/png	87.239.23.43 LAYERSHIFT
General Check archive.org Show headers Download Go to Show image Full URL https://safehaven.brookfielddev.co.uk/assets/media/images/uploads/gold_award.png Requested by Host: safehaven.brookfielddev.co.uk URL: https://safehaven.brookfielddev.co.uk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 87.239.23.43 , United Kingdom, ASN205072 (LAYERSHIFT, GB), Reverse DNS webserver.brookfielddigital.co.uk Software nginx / PleskLin Resource Hash b7d92db0118b44984a7cbde06d591ff8d3917a5b22c400e6a20b9b4223fee8b1 Request headers Referer https://safehaven.brookfielddev.co.uk/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 02:31:37 GMT last-modified Sat, 29 Jan 2022 17:43:07 GMT server nginx etag "61f57cab-1260" x-powered-by PleskLin content-type image/png accept-ranges bytes content-length 4704
GET H3	200	api.js Show response www.google.com/recaptcha/	1 KB 989 B	166ms 75ms	Script text/javascript	172.217.18.4 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?render=6Lf9-r0fAAAAAKL57lUsBpI_hxUTtMcDgXAeyTC8&hl=en Requested by Host: safehaven.brookfielddev.co.uk URL: https://safehaven.brookfielddev.co.uk/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.4 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s28-in-f4.1e100.net Software GSE / Resource Hash 0eb6497d4dcfc9e0e9597bd7050716b6d1ec72e440e5465f00579d3abcebd73d Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://safehaven.brookfielddev.co.uk/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 02:31:37 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Thu, 08 Aug 2024 02:31:37 GMT
GET H2	200	scripts_4353d8a4a8.js Show response safehaven.brookfielddev.co.uk/assets/components/minifyx/cache/	563 KB 159 KB	138ms 137ms	Script application/javascript	87.239.23.43 LAYERSHIFT
General Check archive.org Show headers Download Go to Full URL https://safehaven.brookfielddev.co.uk/assets/components/minifyx/cache/scripts_4353d8a4a8.js Requested by Host: safehaven.brookfielddev.co.uk URL: https://safehaven.brookfielddev.co.uk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 87.239.23.43 , United Kingdom, ASN205072 (LAYERSHIFT, GB), Reverse DNS webserver.brookfielddigital.co.uk Software nginx / PleskLin Resource Hash 42c08fc51f973e8289aabc9b82eb12fa2f252916830e62752e6a11d44301fdd8 Request headers Referer https://safehaven.brookfielddev.co.uk/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 02:31:37 GMT content-encoding br last-modified Tue, 03 May 2022 10:37:03 GMT server nginx etag W/"627105cf-8cb84" x-powered-by PleskLin vary Accept-Encoding content-type application/javascript
GET H2	200	css fonts.googleapis.com/	3 KB 1 KB	154ms 53ms	Stylesheet text/css	2a00:1450:4001:830::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato|Montserrat&display=swap Requested by Host: safehaven.brookfielddev.co.uk URL: https://safehaven.brookfielddev.co.uk/assets/components/minifyx/cache/styles_315247c273.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 19fcb69ba038753674493d76a6d6d53a1c6189a55d805b6976fa5abf372cb37d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://safehaven.brookfielddev.co.uk/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 08 Aug 2024 02:31:37 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 08 Aug 2024 02:31:37 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 08 Aug 2024 02:31:37 GMT
GET H2	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/	531 KB 210 KB	149ms 45ms	Script text/javascript	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?render=6Lf9-r0fAAAAAKL57lUsBpI_hxUTtMcDgXAeyTC8&hl=en Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e96a5e1e04ee3d7ffd8118f853ec2c0bcbf73b571cfa1c710238557baf5dd896 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://safehaven.brookfielddev.co.uk/ Origin https://safehaven.brookfielddev.co.uk User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 01:53:06 GMT content-encoding gzip x-content-type-options nosniff age 2312 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 214556 x-xss-protection 0 last-modified Mon, 29 Jul 2024 04:00:39 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 08 Aug 2025 01:53:06 GMT
GET H2	200	fa-solid-900.woff2 safehaven.brookfielddev.co.uk/assets/templates/default/fontawesome/webfonts/	120 KB 120 KB	130ms 129ms	Font font/woff2	87.239.23.43 LAYERSHIFT
General Check archive.org Show headers Download Go to Full URL https://safehaven.brookfielddev.co.uk/assets/templates/default/fontawesome/webfonts/fa-solid-900.woff2 Requested by Host: safehaven.brookfielddev.co.uk URL: https://safehaven.brookfielddev.co.uk/assets/components/minifyx/cache/styles_315247c273.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 87.239.23.43 , United Kingdom, ASN205072 (LAYERSHIFT, GB), Reverse DNS webserver.brookfielddigital.co.uk Software nginx / PleskLin Resource Hash 741ff0931a0d2097b2ecaa880274a38aa7766973adfe2ae84273641783cdce16 Request headers Referer https://safehaven.brookfielddev.co.uk/assets/components/minifyx/cache/styles_315247c273.css Origin https://safehaven.brookfielddev.co.uk User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 02:31:37 GMT last-modified Tue, 27 Aug 2019 12:23:18 GMT server nginx etag "5d6520b6-1e0b4" x-powered-by PleskLin content-type font/woff2 accept-ranges bytes content-length 123060
GET H2	200	S6uyw4BMUTPHjx4wXg.woff2 fonts.gstatic.com/s/lato/v24/	23 KB 23 KB	156ms 57ms	Font font/woff2	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato|Montserrat&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://safehaven.brookfielddev.co.uk User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 06 Aug 2024 15:02:44 GMT x-content-type-options nosniff age 127734 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23580 x-xss-protection 0 last-modified Tue, 02 May 2023 15:17:22 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 06 Aug 2025 15:02:44 GMT
GET H2	200	JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 fonts.gstatic.com/s/montserrat/v26/	15 KB 15 KB	143ms 44ms	Font font/woff2	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato|Montserrat&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://safehaven.brookfielddev.co.uk User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 07 Aug 2024 19:49:29 GMT x-content-type-options nosniff age 24129 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14940 x-xss-protection 0 last-modified Wed, 13 Sep 2023 22:46:07 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 07 Aug 2025 19:49:29 GMT
GET H2	200	revolution.extension.slideanims.min.js Show response safehaven.brookfielddev.co.uk/assets/templates/default/site/revolution/js/extensions/	28 KB 6 KB	159ms 156ms	XHR application/javascript	87.239.23.43 LAYERSHIFT
General Check archive.org Show headers Download Go to Full URL https://safehaven.brookfielddev.co.uk/assets/templates/default/site/revolution/js/extensions/revolution.extension.slideanims.min.js?version=5.4.8 Requested by Host: safehaven.brookfielddev.co.uk URL: https://safehaven.brookfielddev.co.uk/assets/components/minifyx/cache/scripts_4353d8a4a8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 87.239.23.43 , United Kingdom, ASN205072 (LAYERSHIFT, GB), Reverse DNS webserver.brookfielddigital.co.uk Software nginx / PleskLin Resource Hash 528240420dedd03c508141f501169017954b9724ca8334ccf96582ecdad4f5e2 Request headers Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01 Referer https://safehaven.brookfielddev.co.uk/ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 02:31:38 GMT content-encoding br last-modified Thu, 05 Sep 2019 11:57:43 GMT server nginx etag W/"5d70f837-718a" x-powered-by PleskLin vary Accept-Encoding content-type application/javascript
GET H2	200	revolution.extension.layeranimation.min.js Show response safehaven.brookfielddev.co.uk/assets/templates/default/site/revolution/js/extensions/	54 KB 13 KB	157ms 156ms	XHR application/javascript	87.239.23.43 LAYERSHIFT
General Check archive.org Show headers Download Go to Full URL https://safehaven.brookfielddev.co.uk/assets/templates/default/site/revolution/js/extensions/revolution.extension.layeranimation.min.js?version=5.4.8 Requested by Host: safehaven.brookfielddev.co.uk URL: https://safehaven.brookfielddev.co.uk/assets/components/minifyx/cache/scripts_4353d8a4a8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 87.239.23.43 , United Kingdom, ASN205072 (LAYERSHIFT, GB), Reverse DNS webserver.brookfielddigital.co.uk Software nginx / PleskLin Resource Hash 2b4488725ceb13f3bb8ed8461c8d2bcd6e463a0321e9bcee9903a966182d515e Request headers Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01 Referer https://safehaven.brookfielddev.co.uk/ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 02:31:38 GMT content-encoding br last-modified Thu, 05 Sep 2019 11:57:43 GMT server nginx etag W/"5d70f837-d9fd" x-powered-by PleskLin vary Accept-Encoding content-type application/javascript
GET H2	200	revolution.extension.kenburn.min.js Show response safehaven.brookfielddev.co.uk/assets/templates/default/site/revolution/js/extensions/	4 KB 2 KB	156ms 155ms	XHR application/javascript	87.239.23.43 LAYERSHIFT
General Check archive.org Show headers Download Go to Full URL https://safehaven.brookfielddev.co.uk/assets/templates/default/site/revolution/js/extensions/revolution.extension.kenburn.min.js?version=5.4.8 Requested by Host: safehaven.brookfielddev.co.uk URL: https://safehaven.brookfielddev.co.uk/assets/components/minifyx/cache/scripts_4353d8a4a8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 87.239.23.43 , United Kingdom, ASN205072 (LAYERSHIFT, GB), Reverse DNS webserver.brookfielddigital.co.uk Software nginx / PleskLin Resource Hash c635d40308367a226983ba271f569bf14e65c8be6b3a25ff0f61b8bac60d71d3 Request headers Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01 Referer https://safehaven.brookfielddev.co.uk/ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 02:31:38 GMT content-encoding br last-modified Thu, 05 Sep 2019 11:57:43 GMT server nginx etag W/"5d70f837-ea6" x-powered-by PleskLin vary Accept-Encoding content-type application/javascript
GET H2	200	security.15599c90d6035bc1e23e3496937f5819.jpg safehaven.brookfielddev.co.uk/assets/components/phpthumbof/cache/	68 KB 68 KB	149ms 148ms	Image image/jpeg	87.239.23.43 LAYERSHIFT
General Check archive.org Show headers Download Go to Show image Full URL https://safehaven.brookfielddev.co.uk/assets/components/phpthumbof/cache/security.15599c90d6035bc1e23e3496937f5819.jpg Requested by Host: safehaven.brookfielddev.co.uk URL: https://safehaven.brookfielddev.co.uk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 87.239.23.43 , United Kingdom, ASN205072 (LAYERSHIFT, GB), Reverse DNS webserver.brookfielddigital.co.uk Software nginx / PleskLin Resource Hash b6387869633ae12c6bd7152110ef9111b73b1a456a6cfe5e9db1fae15abc2487 Request headers Referer https://safehaven.brookfielddev.co.uk/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 02:31:38 GMT last-modified Tue, 15 Feb 2022 11:59:08 GMT server nginx etag "620b958c-10ee2" x-powered-by PleskLin content-type image/jpeg accept-ranges bytes content-length 69346
GET H2	200	why.15599c90d6035bc1e23e3496937f5819.jpg safehaven.brookfielddev.co.uk/assets/components/phpthumbof/cache/	75 KB 75 KB	148ms 148ms	Image image/jpeg	87.239.23.43 LAYERSHIFT
General Check archive.org Show headers Download Go to Show image Full URL https://safehaven.brookfielddev.co.uk/assets/components/phpthumbof/cache/why.15599c90d6035bc1e23e3496937f5819.jpg Requested by Host: safehaven.brookfielddev.co.uk URL: https://safehaven.brookfielddev.co.uk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 87.239.23.43 , United Kingdom, ASN205072 (LAYERSHIFT, GB), Reverse DNS webserver.brookfielddigital.co.uk Software nginx / PleskLin Resource Hash d4928a3930c193be3413683d0ea4e541e663413b612a14f411d8ee60788da017 Request headers Referer https://safehaven.brookfielddev.co.uk/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 02:31:38 GMT last-modified Tue, 15 Feb 2022 12:00:54 GMT server nginx etag "620b95f6-12cb9" x-powered-by PleskLin content-type image/jpeg accept-ranges bytes content-length 76985
GET H2	200	loader.gif safehaven.brookfielddev.co.uk/assets/templates/default/site/revolution/assets/	2 KB 3 KB	48ms 48ms	Image image/gif	87.239.23.43 LAYERSHIFT
General Check archive.org Show headers Download Go to Show image Full URL https://safehaven.brookfielddev.co.uk/assets/templates/default/site/revolution/assets/loader.gif Requested by Host: safehaven.brookfielddev.co.uk URL: https://safehaven.brookfielddev.co.uk/assets/components/minifyx/cache/styles_315247c273.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 87.239.23.43 , United Kingdom, ASN205072 (LAYERSHIFT, GB), Reverse DNS webserver.brookfielddigital.co.uk Software nginx / PleskLin Resource Hash 9034d5d34015e4b05d2c1d1a8dc9f6ec9d59bd96d305eb9e24e24e65c591a645 Request headers Referer https://safehaven.brookfielddev.co.uk/assets/components/minifyx/cache/styles_315247c273.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 02:31:38 GMT last-modified Thu, 05 Sep 2019 11:58:08 GMT server nginx etag "5d70f850-9f1" x-powered-by PleskLin content-type image/gif accept-ranges bytes content-length 2545
GET H3	200	anchor www.google.com/recaptcha/api2/ Frame 1591	0 0	155ms 67ms	Document text/html	172.217.18.4 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf9-r0fAAAAAKL57lUsBpI_hxUTtMcDgXAeyTC8&co=aHR0cHM6Ly9zYWZlaGF2ZW4uYnJvb2tmaWVsZGRldi5jby51azo0NDM.&hl=en&v=hfUfsXWZFeg83qqxrK27GB8P&size=invisible&cb=dfh8j2m43s79 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__en.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.4 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s28-in-f4.1e100.net Software GSE / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-Pwc31CZ7RZCKrdJhrOMF3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://safehaven.brookfielddev.co.uk/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-Pwc31CZ7RZCKrdJhrOMF3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Thu, 08 Aug 2024 02:31:38 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	parking.jpg safehaven.brookfielddev.co.uk/assets/media/images/heros/	6 MB 0	0ms 0ms	Image image/jpeg	87.239.23.43 LAYERSHIFT
General Check archive.org Show headers Download Go to Show image Full URL https://safehaven.brookfielddev.co.uk/assets/media/images/heros/parking.jpg Requested by Host: safehaven.brookfielddev.co.uk URL: https://safehaven.brookfielddev.co.uk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 87.239.23.43 , United Kingdom, ASN205072 (LAYERSHIFT, GB), Reverse DNS webserver.brookfielddigital.co.uk Software nginx / PleskLin Resource Hash 17a8ba8cd598345d0dcd0273c623bd2db7f41b02839f8319f8476ecae7c857b4 Request headers Referer https://safehaven.brookfielddev.co.uk/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 02:31:37 GMT last-modified Sun, 30 Jan 2022 12:54:05 GMT server nginx etag "61f68a6d-5d14ba" x-powered-by PleskLin content-type image/jpeg accept-ranges bytes content-length 6100154
GET H2	404	favicon.ico safehaven.brookfielddev.co.uk/	9 KB 3 KB	172ms 171ms	Other text/html	87.239.23.43 LAYERSHIFT
General Check archive.org Show headers Download Go to Full URL https://safehaven.brookfielddev.co.uk/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 87.239.23.43 , United Kingdom, ASN205072 (LAYERSHIFT, GB), Reverse DNS webserver.brookfielddigital.co.uk Software nginx / MODX Revolution Resource Hash 99a278d8bb5ff73ba05052887e637e910fd18a57203308ffadb04a3136816b21 Request headers Referer https://safehaven.brookfielddev.co.uk/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Thu, 08 Aug 2024 02:31:39 GMT content-encoding br server nginx x-powered-by MODX Revolution vary Accept-Encoding content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate expires Thu, 19 Nov 1981 08:52:00 GMT

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| punchgs object| _gsScope function| $ function| jQuery object| bootstrap object| picturefillBackgroundOptions function| picturefillBackground object| picturefillCFG function| picturefill function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry object| cookieconsent object| recaptcha object| closure_lm_192303

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.google.com/recaptcha	1970-01-21 02:57:16	Name: _GRECAPTCHA Value: 09AC6kKj-WRacGHJ-NQ397mL4AZ28zDrkfG_RLDF7fXQ5MBiVRzdo-89uUnlT22KHrJLQFQJpqH5ikuvYyIMQBGhk
			safehaven.brookfielddev.co.uk/	1970-01-20 22:48:09	Name: PHPSESSID Value: 7ps8h42v6naq1pt0r3r5t1eepg

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://safehaven.brookfielddev.co.uk/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
safehaven.brookfielddev.co.uk
www.google.com
www.gstatic.com
172.217.18.4
2a00:1450:4001:812::2003
2a00:1450:4001:813::2003
2a00:1450:4001:830::200a
87.239.23.43
0eb6497d4dcfc9e0e9597bd7050716b6d1ec72e440e5465f00579d3abcebd73d
0f419db60d026c485e9e32f550d0859ddde1da2c25e510f16424c2ae3291ecaa
17a8ba8cd598345d0dcd0273c623bd2db7f41b02839f8319f8476ecae7c857b4
19fcb69ba038753674493d76a6d6d53a1c6189a55d805b6976fa5abf372cb37d
2b4488725ceb13f3bb8ed8461c8d2bcd6e463a0321e9bcee9903a966182d515e
37306ce3fb0c64d3cda65b8dd7b07f8ebb8f7ae7b7dcc402e4ac4673fa4e906d
42c08fc51f973e8289aabc9b82eb12fa2f252916830e62752e6a11d44301fdd8
4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281
528240420dedd03c508141f501169017954b9724ca8334ccf96582ecdad4f5e2
52d6cd5d0c354a2f2c23bcd5f9033a67b36b64030d873d8e1c1e3b30f07d00d4
741ff0931a0d2097b2ecaa880274a38aa7766973adfe2ae84273641783cdce16
9034d5d34015e4b05d2c1d1a8dc9f6ec9d59bd96d305eb9e24e24e65c591a645
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
99a278d8bb5ff73ba05052887e637e910fd18a57203308ffadb04a3136816b21
b6387869633ae12c6bd7152110ef9111b73b1a456a6cfe5e9db1fae15abc2487
b7d92db0118b44984a7cbde06d591ff8d3917a5b22c400e6a20b9b4223fee8b1
c635d40308367a226983ba271f569bf14e65c8be6b3a25ff0f61b8bac60d71d3
d4928a3930c193be3413683d0ea4e541e663413b612a14f411d8ee60788da017
e96a5e1e04ee3d7ffd8118f853ec2c0bcbf73b571cfa1c710238557baf5dd896