urlscan.io logo urlscan.io
SecurityTrails logo

hey-mp.uk Open in urlscan Pro
2606:4700:3037::ac43:9762  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.bestforbritain.org/r?u=fh2lJr4fbhcYejSZeGDZQkrSLrvfpqWGG7mjRD1oFBk&e=52f5ef6addbead8f7b4457d195945e38&utm_source=b4...
Effective URL: https://hey-mp.uk/?c=povtra
Submission: On November 16 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 15 HTTP transactions. The main IP is 2606:4700:3037::ac43:9762, located in United States and belongs to CLOUDFLARENET, US. The main domain is hey-mp.uk.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 5th 2021. Valid for: a year.
This is the only time hey-mp.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700:7::a29f:8a2c (United States)

ASN13335 (CLOUDFLARENET, US)
www.bestforbritain.org
4    2606:4700:3037::ac43:9762 (United States)

ASN13335 (CLOUDFLARENET, US)
hey-mp.uk
1    2600:9000:2156:1c00:e:3706:bd00:93a1 (United States)

ASN16509 (AMAZON-02, US)
cc.cdn.civiccomputing.com
4    2606:4700:3037::6815:4e07 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2001:470:6e0a::1b:243 (United States)

ASN6939 (HURRICANE, US)
apikeys.civiccomputing.com
2    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
4 use.fontawesome.com hey-mp.uk
use.fontawesome.com
4 hey-mp.uk hey-mp.uk
2 fonts.gstatic.com fonts.googleapis.com
1 apikeys.civiccomputing.com cc.cdn.civiccomputing.com
1 fonts.googleapis.com hey-mp.uk
1 cdnjs.cloudflare.com hey-mp.uk
1 ajax.googleapis.com hey-mp.uk
1 cc.cdn.civiccomputing.com hey-mp.uk
1 www.bestforbritain.org 1 redirects
15 9

This site contains links to these domains. Also see Links.

Domain
www.bestforbritain.org
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-05 -
2022-07-04		 a year crt.sh
*.cdn.civiccomputing.com
Amazon		 2021-10-22 -
2022-11-19		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
apikeys.civiccomputing.com
R3		 2021-10-26 -
2022-01-24		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://hey-mp.uk/?c=povtra
Frame ID: 1581D600A7106005EED8BA8E73EBCA58
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hey MP! 🙋 from Best for Britain

Page URL History Show full URLs

  1. https://www.bestforbritain.org/r?u=fh2lJr4fbhcYejSZeGDZQkrSLrvfpqWGG7mjRD1oFBk&e=52f5ef6addbead8f7b4457d195... HTTP 302
    https://hey-mp.uk/?c=povtra Page URL

Page Statistics

15
Requests

100 %
HTTPS

100 %
IPv6

7
Domains

9
Subdomains

8
IPs

2
Countries

190 kB
Transfer

364 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.bestforbritain.org/r?u=fh2lJr4fbhcYejSZeGDZQkrSLrvfpqWGG7mjRD1oFBk&e=52f5ef6addbead8f7b4457d195945e38&utm_source=b4b&utm_medium=email&utm_campaign=211115_food_pov_survey&n=1 HTTP 302
    https://hey-mp.uk/?c=povtra Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
hey-mp.uk/
Redirect Chain
  • https://www.bestforbritain.org/r?u=fh2lJr4fbhcYejSZeGDZQkrSLrvfpqWGG7mjRD1oFBk&e=52f5ef6addbead8f7b4457d195945e38&utm_source=b4b&utm_medium=email&utm_campaign=211115_food_pov_survey&n=1
  • https://hey-mp.uk/?c=povtra
30 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hey-mp.uk/?c=povtra
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9762 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca6757fb12e94227c82cd7a6d1e02d9ccb1b5eda286921e8e7bba78e2901eca0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 16 Nov 2021 04:29:47 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, private
x-cloud-trace-context
372bc1fef813ae7a585fac02040ff924
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mLl5xD8oUDakpmsiy%2Fs9L4cWg2dZM%2BJiDBOgP21lR6KOalFWE1H6CTQ7C8beUoxmBI6n%2Fn4sJJeluRiT8Ef3dqdG2jc3hie2XzO55e2TWj4H0YAsyiJ6IUkJBZXKnx%2B44SG3CZp46gk%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6aedfaf5be62f93b-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Tue, 16 Nov 2021 04:29:47 GMT
content-type
text/html; charset=utf-8
cache-control
no-cache
x-request-id
b74f40c5-1336-45cd-8c93-78c40c94c8b7
x-served-by
app13
x-middleware-start
t=1637036987571707
x-runtime
0.107557
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-rack-cache
miss
location
https://hey-mp.uk/?c=povtra
status
302 Found
x-nationbuilder
true
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6aedfaf21b1b0e1e-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cookieControl-8.2.1.min.js
cc.cdn.civiccomputing.com/8/ 		44 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cc.cdn.civiccomputing.com/8/cookieControl-8.2.1.min.js
Requested by
Host: hey-mp.uk
URL: https://hey-mp.uk/?c=povtra
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1c00:e:3706:bd00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
1d66cddd100dded0673de2e53f8e8acde19afade84e111c7959a991fc57963e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://hey-mp.uk/
Origin
https://hey-mp.uk
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 04:20:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
579
x-cache
Hit from cloudfront
content-length
12293
x-xss-protection
1
access-control-allow-origin
*
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 01 Aug 2019 08:09:29 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"b027-58f09c2d378bf-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
access-control-allow-headers
origin, x-requested-with, content-type
x-amz-cf-id
YUGbc0m32i5b7oBc1gPQSXjZYIkXJHjOvrr_PVglw_CwCbARExtHiA==
expires
Tue, 23 Nov 2021 04:20:08 GMT
brands.css
use.fontawesome.com/releases/v5.7.1/css/ 		475 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.7.1/css/brands.css
Requested by
Host: hey-mp.uk
URL: https://hey-mp.uk/?c=povtra
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d01e4ed470894f4bf3dd3bb80f91da7d8743b883af28cf4cffa094c514c0cd21

Request headers

Referer
https://hey-mp.uk/
Origin
https://hey-mp.uk
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 04:29:47 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1620196
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
PDZ1GBX1WT0E4RD5
x-amz-id-2
Q0Nci8OKiHiD1Ilai/ivheaqkfaMD2Chnejpf/fBxZN6DkVqyafSDErGl1FVcWbSUQEi2oMa0fY=
last-modified
Wed, 30 Jun 2021 15:45:37 GMT
server
cloudflare
etag
W/"39401661f292a1b333ed11444a0d42c5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0tYOJGlJ%2BK07Gt4GDCt8nGrjfDKdupoc4nx%2FCOYlKvAkFfBUcYJjjLtJ85l6GKy6C253aD1TNN9onAnq5jOcoM6LC8cZYMSE6VnLTFOV3SqJTWxRh3VfOaDGWNPdErrOrP7IoY10QbR1%2FPhrckuL2Bjj"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
6aedfaf6dfcb4ed9-FRA
solid.css
use.fontawesome.com/releases/v5.7.1/css/ 		482 B
599 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.7.1/css/solid.css
Requested by
Host: hey-mp.uk
URL: https://hey-mp.uk/?c=povtra
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8b0e1996e25c33251177670f2174ac0abd650eed0843e65ecb0509fcbcddeea

Request headers

Referer
https://hey-mp.uk/
Origin
https://hey-mp.uk
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 04:29:47 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
73631
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
3616RC02K5FWE9PJ
x-amz-id-2
hCg9tohtVmr2/OlpSxqywm1/qN8JA9gXPXUMXEFdvnL4Ned3VxNJB1IwHZ45e1h83PsNjXY6f9Q=
last-modified
Wed, 30 Jun 2021 15:45:37 GMT
server
cloudflare
etag
W/"372b31365ea9367753d9137e8a9e934e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aBtxY3tcFgGPmo8LmjlwKUhbHBUQYSqkCKiTuCyF2zu%2BD8mCjbPhyFBGi4%2FQoNVyZHU2gj4OeYwW2twmPnj%2BEN6t7kmzfpe0YzZ%2BuTMfBO%2F0aIEMUGim6sF6p1fKmL8mdnbhvmalNrpjkZhUjNFATSod"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
6aedfaf6dfcc4ed9-FRA
fontawesome.css
use.fontawesome.com/releases/v5.7.1/css/ 		52 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.7.1/css/fontawesome.css
Requested by
Host: hey-mp.uk
URL: https://hey-mp.uk/?c=povtra
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38061a3f942f842cd10b5be71cf71210f0705da370d479992ba07ba480de492b

Request headers

Referer
https://hey-mp.uk/
Origin
https://hey-mp.uk
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 04:29:47 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11434839
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
ETHHYAVGQGP81TF1
x-amz-id-2
r0xbX/wbnSRUZRcu4pAnVQADlIejckWETIrlNc+xi/LQOmzvKl6wtNe9Vm2rSn7d7PdRgMVxT4E=
last-modified
Wed, 30 Jun 2021 15:45:37 GMT
server
cloudflare
etag
W/"761f47f35799f23c7596e6c82c8ce6e9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rDeDvSJDEFaeJ%2FWxL9ylfqnpZsZBD4YJ4%2BukSoZcCFNq2UO3bqFqjOfgg9oz1C4B4juAUYGn9Cfy1uoKJ0Eqa6jKNxd5bmj3%2Fa67Uu2Yq4LHl%2BpdtW5Yz97DtTsPERKxM0bMRZjB14xN7NsPUWDJuH7c"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
6aedfaf6dfcf4ed9-FRA
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: hey-mp.uk
URL: https://hey-mp.uk/?c=povtra
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hey-mp.uk/
Origin
https://hey-mp.uk
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 22:45:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20668
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Nov 2022 22:45:20 GMT
jquery.autocomplete.js
cdnjs.cloudflare.com/ajax/libs/jquery.devbridge-autocomplete/1.4.9/ 		32 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery.devbridge-autocomplete/1.4.9/jquery.autocomplete.js
Requested by
Host: hey-mp.uk
URL: https://hey-mp.uk/?c=povtra
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
014ea68c62ad7723ea28ea44a909bf50216643d52aacfd501f411956fa680274
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://hey-mp.uk/
Origin
https://hey-mp.uk
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 04:29:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
14276276
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6035
cf-request-id
0a75ac7df90000d6c99b938000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-81d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ri5QBK5e6VnL%2BpaHeFwZ8GpYLZq5RfTuVcM8uFRoubkpYT46VfclORlF9B78SgbJDlRgsxG6NIm7i2bqYeSdihrzgE40J2vVo6zZreV8eH%2BJ5Biyy7Dz2Ku1RwyZ%2BeleI3FJHqk1XCa2QAchrhjQgYGI"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6aedfaf6df9a073e-FRA
expires
Sun, 06 Nov 2022 04:29:47 GMT
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Staatliches|Roboto:300
Requested by
Host: hey-mp.uk
URL: https://hey-mp.uk/?c=povtra
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
72df2e658e7f3722b1a5f23ca5ea569ffe6aa42534cfdfe19ced03c446755d2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://hey-mp.uk/
Origin
https://hey-mp.uk
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 16 Nov 2021 04:29:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 16 Nov 2021 04:29:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 16 Nov 2021 04:29:47 GMT
style.css
hey-mp.uk/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hey-mp.uk/css/style.css
Requested by
Host: hey-mp.uk
URL: https://hey-mp.uk/?c=povtra
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9762 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42abb428ee53850c104fcc2e0717d4630d685f61e603142bb9c045e8238c3954

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hey-mp.uk/?c=povtra
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 04:29:47 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
etag
W/"npeK0A"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hcx7GG5LtOujjSvX%2Ba7weykAceUw7QRJQWdp6MgRQztMBqhNOWhelM146Q6WijHbby%2BMRKkKncc5hyaB1swreYJx2pgPBvNMfXliu5%2BwnRq%2F02Ij%2BUYNcZk6FQBZcrg2jKOwlbRuXpY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-cloud-trace-context
ef47cd40c01f868e8f5c6223fc9c2082
cache-control
public, max-age=14400
cf-ray
6aedfaf6ced2f93b-MXP
expires
Tue, 16 Nov 2021 04:39:10 GMT
b4b.png
hey-mp.uk/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hey-mp.uk/img/b4b.png
Requested by
Host: hey-mp.uk
URL: https://hey-mp.uk/?c=povtra
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9762 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1285f9e9f90a92b0d90c9efcfa07b22f636e94f296e7289f9bc4f5330047ddf6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hey-mp.uk/?c=povtra
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 04:29:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
38
etag
"npeK0A"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rlQHi9N9LdxxLHSOMKbHL%2BTk5kv1q9Zrj8eJ%2FH2%2F9egBiYGWkMlxe1k0TNP4580ywGAXZdP5%2FPApuIkqkoXcY5uVYWCRoqIq4oqFUIkAl50KJGRUnmdrEuMjfStPsAvLabcxVjLY2Qs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
x-cloud-trace-context
0de7b23cbc48fc52469c9a1cf58270af
cache-control
public, max-age=14400
cf-ray
6aedfaf70ee6f93b-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 16 Nov 2021 04:39:10 GMT
v
apikeys.civiccomputing.com/c/ 		449 B
956 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apikeys.civiccomputing.com/c/v?d=hey-mp.uk&p=CookieControl%20Multi-Site&v=8&k=7b97678ca6446369bc2be9786d7f73d5b9666768&format=json
Requested by
Host: cc.cdn.civiccomputing.com
URL: https://cc.cdn.civiccomputing.com/8/cookieControl-8.2.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:470:6e0a::1b:243 , United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software
Apache /
Resource Hash
bc749a75ed81ff4d33c24dfe2b0af4591770d9d7f4b8a60cd07841176416b10c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hey-mp.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-apikeys
hit
date
Tue, 16 Nov 2021 04:29:48 GMT
referrer-policy
strict-origin-when-cross-origin
server
Apache
vary
X-Forwarded-Protocol
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-xss-protection
1
cache-control
max-age=7200, private
transfer-encoding
chunked
access-control-allow-headers
origin, x-requested-with, content-type
x-content-type-options
nosniff
expires
Tue, 16 Nov 2021 06:29:39 GMT
emoji.png
hey-mp.uk/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hey-mp.uk/img/emoji.png
Requested by
Host: hey-mp.uk
URL: https://hey-mp.uk/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9762 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c4ded3ee71f3ce3d5bb44d0746d6b4254a2e3c032088c78ada4d3d6ddaaf188

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hey-mp.uk/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 04:29:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
38
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4334
server
cloudflare
etag
"npeK0A"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4UNfthET4MJLMRxWEALd%2Fqbie%2FhZQcqzYVT9i5cEIjCcPCZVmU4GlVV%2BtGeBhMK0oeQLBWK5tdiq9NdT0xZcSSyDWjbdo%2FPq9NFl7KmD6eSkqKNHx2BDIgH9q70teGWIcOz8puYGlYU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
x-cloud-trace-context
4c6bbe3bf95756fadbc3ecaa337884de
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6aedfaf8bfa4f93b-MXP
expires
Tue, 16 Nov 2021 04:38:51 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Staatliches|Roboto:300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hey-mp.uk
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 02:40:20 GMT
x-content-type-options
nosniff
age
438568
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 11 Nov 2022 02:40:20 GMT
HI_OiY8KO6hCsQSoAPmtMYebvpA.woff2
fonts.gstatic.com/s/staatliches/v6/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/staatliches/v6/HI_OiY8KO6hCsQSoAPmtMYebvpA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Staatliches|Roboto:300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d286cd05ba4e1bc5222a8d0ef6db7fa7bbae735a82968d7aff8937925a563d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hey-mp.uk
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 18:14:10 GMT
x-content-type-options
nosniff
age
36938
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15764
x-xss-protection
0
last-modified
Wed, 24 Mar 2021 17:48:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 15 Nov 2022 18:14:10 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.7.1/webfonts/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.7.1/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.7.1/css/solid.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e6bd5b2d75bba485d2337d020750744983a3521ec697adfe21b29ee4f14f6a9

Request headers

Referer
https://use.fontawesome.com/releases/v5.7.1/css/solid.css
Origin
https://hey-mp.uk
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 04:29:48 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
73631
cf-ray
6aedfaf8b99f4ed9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
74320
x-amz-id-2
QmhqxmzU3jm5W05H+DFf7wsWJx9RtJr5g/GDlBhwkeyw5yK4zWsth7wWxnT7AmXGd3MbRdhIyQY=
last-modified
Wed, 30 Jun 2021 15:45:57 GMT
server
cloudflare
etag
"3638e62ea50e6f5859b6a15276c25c87"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GSA07fAis3zzPcVVkDFvB4wk27zzY9R%2BbF3zgRfJ4Xv%2F9fMkraUWvXZUrGT79Z8f0o6Rmyz7QczjhsWbP9E%2Fjh6Aovmd2j0abu9XSmz2WkeAe54bCPeCbDZENvcS6dkMWD%2F9gub9Vl3WgMInlLbUPBVL"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
ZJWD4VKW03A5X4PQ
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| cmpStub object| CookieControl object| config function| ga function| __cmp function| $ function| jQuery object| mps function| geolocate function| doResult

1 Cookies

Domain/Path Name / Value
www.bestforbritain.org/ Name: _nbuild_session
Value: 2e5b76e6b75ca6bcea9e4d4f23eb95d9

2 Console Messages

Source Level URL
Text
rendering warning URL: https://hey-mp.uk/?c=povtra(Line 110)
Message:
The key "min-scale" is not recognized and ignored.
rendering warning URL: https://hey-mp.uk/?c=povtra(Line 110)
Message:
The key "max-scale" is not recognized and ignored.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
apikeys.civiccomputing.com
cc.cdn.civiccomputing.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
hey-mp.uk
use.fontawesome.com
www.bestforbritain.org
2001:470:6e0a::1b:243
2600:9000:2156:1c00:e:3706:bd00:93a1
2606:4700:3037::6815:4e07
2606:4700:3037::ac43:9762
2606:4700:7::a29f:8a2c
2606:4700::6810:125e
2a00:1450:4001:803::2003
2a00:1450:4001:812::200a
2a00:1450:4001:813::200a
014ea68c62ad7723ea28ea44a909bf50216643d52aacfd501f411956fa680274
1285f9e9f90a92b0d90c9efcfa07b22f636e94f296e7289f9bc4f5330047ddf6
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1d66cddd100dded0673de2e53f8e8acde19afade84e111c7959a991fc57963e1
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
38061a3f942f842cd10b5be71cf71210f0705da370d479992ba07ba480de492b
42abb428ee53850c104fcc2e0717d4630d685f61e603142bb9c045e8238c3954
5c4ded3ee71f3ce3d5bb44d0746d6b4254a2e3c032088c78ada4d3d6ddaaf188
72df2e658e7f3722b1a5f23ca5ea569ffe6aa42534cfdfe19ced03c446755d2a
8d286cd05ba4e1bc5222a8d0ef6db7fa7bbae735a82968d7aff8937925a563d0
9e6bd5b2d75bba485d2337d020750744983a3521ec697adfe21b29ee4f14f6a9
bc749a75ed81ff4d33c24dfe2b0af4591770d9d7f4b8a60cd07841176416b10c
ca6757fb12e94227c82cd7a6d1e02d9ccb1b5eda286921e8e7bba78e2901eca0
d01e4ed470894f4bf3dd3bb80f91da7d8743b883af28cf4cffa094c514c0cd21
d8b0e1996e25c33251177670f2174ac0abd650eed0843e65ecb0509fcbcddeea