urlscan.io logo urlscan.io
SecurityTrails logo

heaventools.com Open in urlscan Pro
208.76.175.57  Public Scan

Go To Rescan Add Verdict Report
URL: http://heaventools.com/
Submission: On February 03 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 47 HTTP transactions. The main IP is 208.76.175.57, located in United States and belongs to CIFNET, US. The main domain is heaventools.com.
This is the only time heaventools.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

32    208.76.175.57 (United States)

ASN14585 (CIFNET, US)
PTR: heaventools.com
heaventools.com
restuner.com
6    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
31 heaventools.com
heaventools.com
218 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
tpc.googlesyndication.com — Cisco Umbrella Rank: 124
191 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 80
www.google.com — Cisco Umbrella Rank: 13
2 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 46
5 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 8028
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 777
648 B
1 restuner.com
restuner.com
489 B
47 7
Domain Requested by
31 heaventools.com heaventools.com
6 pagead2.googlesyndication.com heaventools.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 www.google.com tpc.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 restuner.com heaventools.com
47 9

This site contains links to these domains. Also see Links.

Domain
www.heaventools.de
www.heaventools.ru
Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh

This page contains 6 frames:

Primary Page: http://heaventools.com/
Frame ID: 4F06C08849832897093D57722A5041A0
Requests: 39 HTTP requests in this frame

Frame: http://restuner.com/bitrix/spread.php?s=SFRfQ09NX0dVRVNUX0lEATIyMzU4MDYBMTY3NDk5NjMyNwEvAQECSFRfQ09NX0xBU1RfVklTSVQBMDMuMDIuMjAyMiAwNjo0NToyNwExNjc0OTk2MzI3AS8BAQI%3D&k=d81b44064de7e81c42b9333ed1690254
Frame ID: 0B70A6BEED3ABB8438136479634A8703
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20190131/zrt_lookup.html
Frame ID: F3C4164E30FF59DCF0554CE245AD7949
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1362608992090644&output=html&adk=1812271804&adf=3025194257&lmt=1643892328&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fheaventools.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1643892328488&bpp=4&bdt=507&idt=83&shv=r20220201&mjsv=m202201250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=727364056597&frm=20&pv=2&ga_vid=1321056405.1643892329&ga_sid=1643892329&ga_hid=1905908851&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C44750773%2C31064036%2C31064544%2C44756555%2C31063246&oid=2&pvsid=1006567125323240&pem=782&tmod=1200498056&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=105
Frame ID: 32D43CBEF62C566D38E1DD3A6A414CE1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3D53A2E6513504E4975DC0CD47A2FE3D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C685D1FEC72DD8DF57A0C11DD29F0AF7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

PE Explorer: EXE File Editor, Resource Editor, DLL View Scan Tool, Disassembler.

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

47
Requests

32 %
HTTPS

75 %
IPv6

7
Domains

9
Subdomains

8
IPs

2
Countries

417 kB
Transfer

739 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
heaventools.com/ 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://heaventools.com/
Protocol
HTTP/1.1
Server
208.76.175.57 , United States, ASN14585 (CIFNET, US),
Reverse DNS
heaventools.com
Software
nginx/1.6.2 / PHP/5.4.34
Resource Hash
b71da61da594cb8de4662c2d3f914eca0d8ef9b39e112c975e420541d7fd8a94

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx/1.6.2
Date
Thu, 03 Feb 2022 12:45:27 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=20
X-Powered-By
PHP/5.4.34
P3P
policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
B-Powered-By
Bitrix SM (6aed906550dfc1baed22fdc226ec502b)
Content-Encoding
gzip
htcom_i.css
heaventools.com/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://heaventools.com/htcom_i.css
Requested by
Host: heaventools.com
URL: http://heaventools.com/
Protocol
HTTP/1.1
Server
208.76.175.57 , United States, ASN14585 (CIFNET, US),
Reverse DNS
heaventools.com
Software
nginx/1.6.2 /
Resource Hash
ab4d09c009a9be66ca62308e7a028c0f70fd1e02bfc62f391955c277cf505adf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://heaventools.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 03 Feb 2022 12:45:27 GMT
Last-Modified
Tue, 22 Jun 2021 13:31:48 GMT
Server
nginx/1.6.2
ETag
"60d1e644-c97"
Content-Type
text/css
Cache-Control
max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
3223
Expires
Tue, 08 Feb 2022 12:45:27 GMT
ccht.css
heaventools.com/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://heaventools.com/ccht.css
Requested by
Host: heaventools.com
URL: http://heaventools.com/
Protocol
HTTP/1.1
Server
208.76.175.57 , United States, ASN14585 (CIFNET, US),
Reverse DNS
heaventools.com
Software
nginx/1.6.2 /
Resource Hash
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://heaventools.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 03 Feb 2022 12:45:27 GMT
Last-Modified
Thu, 24 May 2018 18:05:50 GMT
Server
nginx/1.6.2
ETag
"5b06fefe-f62"
Content-Type
text/css
Cache-Control
max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
3938
Expires
Tue, 08 Feb 2022 12:45:27 GMT
ccht.js
heaventools.com/ 		19 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://heaventools.com/ccht.js
Requested by
Host: heaventools.com
URL: http://heaventools.com/
Protocol
HTTP/1.1
Server
208.76.175.57 , United States, ASN14585 (CIFNET, US),
Reverse DNS
heaventools.com
Software
nginx/1.6.2 /
Resource Hash
aaca6feede48b2d655e75e4a853f4936b2703bdfd55d89366d7bc4af4af1540d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://heaventools.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 03 Feb 2022 12:45:27 GMT
Last-Modified
Thu, 24 May 2018 18:05:48 GMT
Server
nginx/1.6.2
ETag
"2da401-4d31-56cf78040b700"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
19761
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		149 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: heaventools.com
URL: http://heaventools.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3e50e63f2f1324733b9c6b2d3f20790734ed869ea434bd91ad8bfc9b8fdb1ed7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://heaventools.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 03 Feb 2022 12:45:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52888
x-xss-protection
0
server
cafe
etag
6740150294998098626
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 03 Feb 2022 12:45:28 GMT
ens.jpg
heaventools.com/img/ 		900 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://heaventools.com/img/ens.jpg
Requested by
Host: heaventools.com
URL: http://heaventools.com/
Protocol
HTTP/1.1
Server
208.76.175.57 , United States, ASN14585 (CIFNET, US),
Reverse DNS
heaventools.com
Software
nginx/1.6.2 /
Resource Hash
53133d84f1e5995ceda3c3249d335d9097ca1166e80b56214e3c083835ef41e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://heaventools.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 03 Feb 2022 12:45:27 GMT
Last-Modified
Fri, 20 Mar 2009 03:26:52 GMT
Server
nginx/1.6.2
ETag
"49c30cfc-384"
Content-Type
image/jpeg
Cache-Control
max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
900
Expires
Tue, 08 Feb 2022 12:45:27 GMT
des.jpg
heaventools.com/img/ 		845 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://heaventools.com/img/des.jpg
Requested by
Host: heaventools.com
URL: http://heaventools.com/
Protocol
HTTP/1.1
Server
208.76.175.57 , United States, ASN14585 (CIFNET, US),
Reverse DNS
heaventools.com
Software
nginx/1.6.2 /
Resource Hash
c53aa71262e59132e76937b35cfc8d101d1f91918f57534ad91397a2da9c4f0a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://heaventools.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 03 Feb 2022 12:45:27 GMT
Last-Modified
Fri, 20 Mar 2009 03:26:50 GMT
Server
nginx/1.6.2
ETag
"49c30cfa-34d"
Content-Type
image/jpeg
Cache-Control
max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
845
Expires
Tue, 08 Feb 2022 12:45:27 GMT
rus.jpg
heaventools.com/img/ 		841 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://heaventools.com/img/rus.jpg
Requested by
Host: heaventools.com
URL: http://heaventools.com/
Protocol
HTTP/1.1
Server
208.76.175.57 , United States, ASN14585 (CIFNET, US),
Reverse DNS
heaventools.com
Software
nginx/1.6.2 /
Resource Hash
db5f28b19031f765ca573a84efadc34211836267c69165f2f262c98609a2b671

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://heaventools.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 03 Feb 2022 12:45:27 GMT
Last-Modified
Fri, 16 Apr 2010 06:10:43 GMT
Server
nginx/1.6.2
ETag
"4bc7ff63-349"
Content-Type
image/jpeg
Cache-Control
max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
841
Expires
Tue, 08 Feb 2022 12:45:27 GMT
arro.gif
heaventools.com/img/ 		62 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://heaventools.com/img/arro.gif
Requested by
Host: heaventools.com
URL: http://heaventools.com/
Protocol
HTTP/1.1
Server
208.76.175.57 , United States, ASN14585 (CIFNET, US),
Reverse DNS
heaventools.com
Software
nginx/1.6.2 /
Resource Hash
7c85e63091b0cb5971a32d8acab530cc7f6257c9e4c21b96bd49cf1103be5ebc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://heaventools.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 03 Feb 2022 12:45:28 GMT
Last-Modified
Sun, 22 Mar 2009 11:07:13 GMT
Server
nginx/1.6.2
ETag
"49c61be1-3e"
Content-Type
image/gif
Cache-Control
max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
62
Expires
Tue, 08 Feb 2022 12:45:28 GMT
3.gif
heaventools.com/img/ 		673 B
1005 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://heaventools.com/img/3.gif
Requested by
Host: heaventools.com
URL: http://heaventools.com/
Protocol
HTTP/1.1
Server
208.76.175.57 , United States, ASN14585 (CIFNET, US),
Reverse DNS
heaventools.com
Software
nginx/1.6.2 /
Resource Hash
35eb9bd2693d9f8ee9224201fcb1daa50cb05e3e8b11dee6bf2bb6a5ed236fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://heaventools.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 03 Feb 2022 12:45:28 GMT
Last-Modified
Fri, 20 Mar 2009 03:22:28 GMT
Server
nginx/1.6.2
ETag
"49c30bf4-2a1"
Content-Type
image/gif
Cache-Control
max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
673
Expires
Tue, 08 Feb 2022 12:45:28 GMT
11.gif
heaventools.com/img/ 		600 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://heaventools.com/img/11.gif
Requested by
Host: heaventools.com
URL: http://heaventools.com/
Protocol
HTTP/1.1
Server
208.76.175.57 , United States, ASN14585 (CIFNET, US),
Reverse DNS
heaventools.com
Software
nginx/1.6.2 /
Resource Hash
35587ad74e87ade5ccf92104e95537ac708447d3d5371ace0eaa01bf0cee131a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://heaventools.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 03 Feb 2022 12:45:28 GMT
Last-Modified
Fri, 20 Mar 2009 03:22:19 GMT
Server
nginx/1.6.2
ETag
"49c30beb-258"
Content-Type
image/gif
Cache-Control
max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
600
Expires
Tue, 08 Feb 2022 12:45:28 GMT
121.gif
heaventools.com/img/ 		781 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://heaventools.com/img/121.gif
Requested by
Host: heaventools.com
URL: http://heaventools.com/
Protocol
HTTP/1.1
Server
208.76.175.57 , United States, ASN14585 (CIFNET, US),
Reverse DNS
heaventools.com
Software
nginx/1.6.2 /
Resource Hash
b39e6042200200a647470bf9d97a1ebed2f1c3979273bcba370a8df12d0d2ab7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://heaventools.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 03 Feb 2022 12:45:28 GMT
Last-Modified
Fri, 20 Mar 2009 03:22:21 GMT
Server
nginx/1.6.2
ETag
"49c30bed-30d"
Content-Type
image/gif
Cache-Control
max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
781
Expires
Tue, 08 Feb 2022 12:45:28 GMT
8.gif
heaventools.com/img/ 		599 B
931 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://heaventools.com/img/8.gif
Requested by
Host: heaventools.com
URL: http://heaventools.com/
Protocol
HTTP/1.1
Server
208.76.175.57 , United States, ASN14585 (CIFNET, US),
Reverse DNS
heaventools.com
Software
nginx/1.6.2 /
Resource Hash
52c5aefe8daf5e3a868b0dbb9ceabac736a9a638c7fc0e2d80409d2dc1970375

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://heaventools.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 03 Feb 2022 12:45:28 GMT
Last-Modified
Fri, 20 Mar 2009 03:22:30 GMT
Server
nginx/1.6.2
ETag
"49c30bf6-257"
Content-Type
image/gif
Cache-Control
max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
599
Expires
Tue, 08 Feb 2022 12:45:28 GMT
htcom.css
heaventools.com/ 		12 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://heaventools.com/htcom.css
Requested by
Host: heaventools.com
URL: http://heaventools.com/htcom_i.css
Protocol
HTTP/1.1
Server
208.76.175.57 , United States, ASN14585 (CIFNET, US),
Reverse DNS
heaventools.com
Software
nginx/1.6.2 /
Resource Hash
1bc4ec501d23579e9fd8985944b17c214835814c0f2e1984b093ff53ff663656

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://heaventools.com/htcom_i.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 03 Feb 2022 12:45:27 GMT
Last-Modified
Mon, 31 Jan 2022 13:31:55 GMT
Server
nginx/1.6.2
ETag
"61f7e4cb-3127"
Content-Type
text/css
Cache-Control
max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
12583
Expires
Tue, 08 Feb 2022 12:45:27 GMT
spread.php
restuner.com/bitrix/ Frame 0B70 		0
489 B 		Document
General
Check archive.org
Download Go to
Full URL
http://restuner.com/bitrix/spread.php?s=SFRfQ09NX0dVRVNUX0lEATIyMzU4MDYBMTY3NDk5NjMyNwEvAQECSFRfQ09NX0xBU1RfVklTSVQBMDMuMDIuMjAyMiAwNjo0NToyNwExNjc0OTk2MzI3AS8BAQI%3D&k=d81b44064de7e81c42b9333ed1690254
Requested by
Host: heaventools.com
URL: http://heaventools.com/
Protocol
HTTP/1.1
Server
208.76.175.57 , United States, ASN14585 (CIFNET, US),
Reverse DNS
heaventools.com
Software
nginx/1.6.2 / PHP/5.4.34
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://heaventools.com/

Response headers

Server
nginx/1.6.2
Date
Thu, 03 Feb 2022 12:45:28 GMT
Content-Type
text/html
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=20
X-Powered-By
PHP/5.4.34
P3P
policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
bkgr.gif
heaventools.com/img/css/ 		100 B
431 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://heaventools.com/img/css/bkgr.gif
Requested by
Host: heaventools.com
URL: http://heaventools.com/htcom.css
Protocol
HTTP/1.1
Server
208.76.175.57 , United States, ASN14585 (CIFNET, US),
Reverse DNS
heaventools.com
Software
nginx/1.6.2 /
Resource Hash
733d931a9342705907a0e41ce115181321c171ae30e3298e90da831dcf837235

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://heaventools.com/htcom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 03 Feb 2022 12:45:28 GMT
Last-Modified
Fri, 20 Mar 2009 03:34:55 GMT
Server
nginx/1.6.2
ETag
"49c30edf-64"
Content-Type
image/gif
Cache-Control
max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
100
Expires
Tue, 08 Feb 2022 12:45:28 GMT
htoolsv5.gif
heaventools.com/img/css/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://heaventools.com/img/css/htoolsv5.gif
Requested by
Host: heaventools.com
URL: http://heaventools.com/htcom.css
Protocol
HTTP/1.1
Server
208.76.175.57 , United States, ASN14585 (CIFNET, US),
Reverse DNS
heaventools.com
Software
nginx/1.6.2 /
Resource Hash
d51972dae711af7b64516d288734dc08331a95ab5cd6dcd588cce1e67048e5cf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://heaventools.com/htcom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 03 Feb 2022 12:45:28 GMT
Last-Modified
Fri, 20 Mar 2009 03:34:58 GMT
Server
nginx/1.6.2
ETag
"49c30ee2-12d6"
Content-Type
image/gif
Cache-Control
max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
4822
Expires
Tue, 08 Feb 2022 12:45:28 GMT
htheadbkg.png
heaventools.com/img/css/ 		278 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://heaventools.com/img/css/htheadbkg.png
Requested by
Host: heaventools.com
URL: http://heaventools.com/htcom.css
Protocol
HTTP/1.1
Server
208.76.175.57 , United States, ASN14585 (CIFNET, US),
Reverse DNS
heaventools.com
Software
nginx/1.6.2 /
Resource Hash
445a0d2e902086af5a2d2b23d52f6ebb7c330b5363a499547a7068b0f942d9d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://heaventools.com/htcom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 03 Feb 2022 12:45:28 GMT
Last-Modified
Fri, 20 Mar 2009 03:35:49 GMT
Server
nginx/1.6.2
ETag
"49c30f15-116"
Content-Type
image/png
Cache-Control
max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
278
Expires
Tue, 08 Feb 2022 12:45:28 GMT
hthead.png
heaventools.com/img/css/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://heaventools.com/img/css/hthead.png
Requested by
Host: heaventools.com
URL: http://heaventools.com/htcom.css
Protocol
HTTP/1.1
Server
208.76.175.57 , United States, ASN14585 (CIFNET, US),
Reverse DNS
heaventools.com
Software
nginx/1.6.2 /
Resource Hash
e9b0d90921f78a9c4731cd6aa8456055a933f6b58f6cbd2db946c21dc40a41ae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://heaventools.com/htcom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 03 Feb 2022 12:45:28 GMT
Last-Modified
Fri, 20 Mar 2009 03:35:47 GMT
Server
nginx/1.6.2
ETag
"49c30f13-56ed"
Content-Type
image/png
Cache-Control
max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
22253
Expires
Tue, 08 Feb 2022 12:45:28 GMT
surmrx.png
heaventools.com/img/css/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://heaventools.com/img/css/surmrx.png
Requested by
Host: heaventools.com
URL: http://heaventools.com/htcom.css
Protocol
HTTP/1.1
Server
208.76.175.57 , United States, ASN14585 (CIFNET, US),
Reverse DNS
heaventools.com
Software
nginx/1.6.2 /
Resource Hash
9562fab36c332a1f4903e3f0dd6c4703cb123f5a3b87e84ae90f83b5e1f483d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://heaventools.com/htcom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 03 Feb 2022 12:45:28 GMT
Last-Modified
Fri, 20 Mar 2009 03:36:09 GMT
Server
nginx/1.6.2
ETag
"49c30f29-4f72"
Content-Type
image/png
Cache-Control
max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
20338
Expires
Tue, 08 Feb 2022 12:45:28 GMT
menubkg.gif
heaventools.com/img/css/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://heaventools.com/img/css/menubkg.gif
Requested by
Host: heaventools.com
URL: http://heaventools.com/htcom.css
Protocol
HTTP/1.1
Server
208.76.175.57 , United States, ASN14585 (CIFNET, US),
Reverse DNS
heaventools.com
Software
nginx/1.6.2 /
Resource Hash
85581ca41859c8fe899c8797a4d52f82613f875c698dee14b739adbee98c5704

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://heaventools.com/htcom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 03 Feb 2022 12:45:28 GMT
Last-Modified
Fri, 20 Mar 2009 03:35:00 GMT
Server
nginx/1.6.2
ETag
"49c30ee4-654"
Content-Type
image/gif
Cache-Control
max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
1620
Expires
Tue, 08 Feb 2022 12:45:28 GMT
menusepr.gif
heaventools.com/img/css/ 		280 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://heaventools.com/img/css/menusepr.gif
Requested by
Host: heaventools.com
URL: http://heaventools.com/htcom.css
Protocol
HTTP/1.1
Server
208.76.175.57 , United States, ASN14585 (CIFNET, US),
Reverse DNS
heaventools.com
Software
nginx/1.6.2 /
Resource Hash
a18a6bf9e55964c35716f28591bb0e2980bd189736c879f5eee164e0462a66ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://heaventools.com/htcom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 03 Feb 2022 12:45:28 GMT
Last-Modified
Fri, 20 Mar 2009 03:35:06 GMT
Server
nginx/1.6.2
ETag
"49c30eea-118"
Content-Type
image/gif
Cache-Control
max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
280
Expires
Tue, 08 Feb 2022 12:45:28 GMT
menubkg_sel.gif
heaventools.com/img/css/ 		491 B
823 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://heaventools.com/img/css/menubkg_sel.gif
Requested by
Host: heaventools.com
URL: http://heaventools.com/htcom.css
Protocol
HTTP/1.1
Server
208.76.175.57 , United States, ASN14585 (CIFNET, US),
Reverse DNS
heaventools.com
Software
nginx/1.6.2 /
Resource Hash
291ae89e0d30285d20dd25bbb7ea981517a39de221eeebf710588331441feaa4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://heaventools.com/htcom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 03 Feb 2022 12:45:28 GMT
Last-Modified
Fri, 20 Mar 2009 03:35:02 GMT
Server
nginx/1.6.2
ETag
"49c30ee6-1eb"
Content-Type
image/gif
Cache-Control
max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
491
Expires
Tue, 08 Feb 2022 12:45:28 GMT
bkg_pex.png
heaventools.com/img/css/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://heaventools.com/img/css/bkg_pex.png
Requested by
Host: heaventools.com
URL: http://heaventools.com/htcom_i.css
Protocol
HTTP/1.1
Server
208.76.175.57 , United States, ASN14585 (CIFNET, US),
Reverse DNS
heaventools.com
Software
nginx/1.6.2 /
Resource Hash
ac8cb7a6318383ce49271c7cb3ce7933770621e8dd3aeb54d0202a375548e724

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://heaventools.com/htcom_i.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 03 Feb 2022 12:45:28 GMT
Last-Modified
Fri, 20 Mar 2009 03:35:14 GMT
Server
nginx/1.6.2
ETag
"49c30ef2-5232"
Content-Type
image/png
Cache-Control
max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
21042
Expires
Tue, 08 Feb 2022 12:45:28 GMT
bkg_rt.png
heaventools.com/img/css/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://heaventools.com/img/css/bkg_rt.png
Requested by
Host: heaventools.com
URL: http://heaventools.com/htcom_i.css
Protocol
HTTP/1.1
Server
208.76.175.57 , United States, ASN14585 (CIFNET, US),
Reverse DNS
heaventools.com
Software
nginx/1.6.2 /
Resource Hash
0ec70ba5c668836cc0aa5a90a2fd7d2f164f490aae91baced2b47ad1b2a9b965

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://heaventools.com/htcom_i.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 03 Feb 2022 12:45:28 GMT
Last-Modified
Fri, 20 Mar 2009 03:35:16 GMT
Server
nginx/1.6.2
ETag
"49c30ef4-485a"
Content-Type
image/png
Cache-Control
max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
18522
Expires
Tue, 08 Feb 2022 12:45:28 GMT
bkg_rtc.png
heaventools.com/img/css/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://heaventools.com/img/css/bkg_rtc.png
Requested by
Host: heaventools.com
URL: http://heaventools.com/htcom_i.css
Protocol
HTTP/1.1
Server
208.76.175.57 , United States, ASN14585 (CIFNET, US),
Reverse DNS
heaventools.com
Software
nginx/1.6.2 /
Resource Hash
c9ddbbfd670d55992fcfc3d4339c237593c075a3d27fe4b1d191b82fdb79b4d4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://heaventools.com/htcom_i.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 03 Feb 2022 12:45:28 GMT
Last-Modified
Fri, 20 Mar 2009 03:35:19 GMT
Server
nginx/1.6.2
ETag
"49c30ef7-43cf"
Content-Type
image/png
Cache-Control
max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
17359
Expires
Tue, 08 Feb 2022 12:45:28 GMT
bkg_flex.png
heaventools.com/img/css/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://heaventools.com/img/css/bkg_flex.png
Requested by
Host: heaventools.com
URL: http://heaventools.com/htcom_i.css
Protocol
HTTP/1.1
Server
208.76.175.57 , United States, ASN14585 (CIFNET, US),
Reverse DNS
heaventools.com
Software
nginx/1.6.2 /
Resource Hash
5cc2a38caee1b94a6421667d1498960e9d746fb9becaf736abe2a42deee04056

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://heaventools.com/htcom_i.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 03 Feb 2022 12:45:28 GMT
Last-Modified
Fri, 20 Mar 2009 03:35:11 GMT
Server
nginx/1.6.2
ETag
"49c30eef-3503"
Content-Type
image/png
Cache-Control
max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
13571
Expires
Tue, 08 Feb 2022 12:45:28 GMT
solone.png
heaventools.com/img/css/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://heaventools.com/img/css/solone.png
Requested by
Host: heaventools.com
URL: http://heaventools.com/htcom_i.css
Protocol
HTTP/1.1
Server
208.76.175.57 , United States, ASN14585 (CIFNET, US),
Reverse DNS
heaventools.com
Software
nginx/1.6.2 /
Resource Hash
c7e48b910e57a158cbce6e61e3f2047a4662d64a473ce2265b1ed21082078ba9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://heaventools.com/htcom_i.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 03 Feb 2022 12:45:28 GMT
Last-Modified
Fri, 20 Mar 2009 03:36:05 GMT
Server
nginx/1.6.2
ETag
"49c30f25-6575"
Content-Type
image/png
Cache-Control
max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
25973
Expires
Tue, 08 Feb 2022 12:45:28 GMT
bkg_cell.png
heaventools.com/img/css/ 		330 B
662 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://heaventools.com/img/css/bkg_cell.png
Requested by
Host: heaventools.com
URL: http://heaventools.com/htcom_i.css
Protocol
HTTP/1.1
Server
208.76.175.57 , United States, ASN14585 (CIFNET, US),
Reverse DNS
heaventools.com
Software
nginx/1.6.2 /
Resource Hash
0050b94eeb16555d3baae0013d829e1d71602ec8b6582bd83b12dc3b31ae1dc9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://heaventools.com/htcom_i.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 03 Feb 2022 12:45:28 GMT
Last-Modified
Fri, 20 Mar 2009 03:35:09 GMT
Server
nginx/1.6.2
ETag
"49c30eed-14a"
Content-Type
image/png
Cache-Control
max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
330
Expires
Tue, 08 Feb 2022 12:45:28 GMT
ci.gif
heaventools.com/logo/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://heaventools.com/logo/ci.gif
Requested by
Host: heaventools.com
URL: http://heaventools.com/htcom_i.css
Protocol
HTTP/1.1
Server
208.76.175.57 , United States, ASN14585 (CIFNET, US),
Reverse DNS
heaventools.com
Software
nginx/1.6.2 /
Resource Hash
916e43acce8964a9d22de216a65130281c9d1d22e30f41b0e160ef856d15475a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://heaventools.com/htcom_i.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 03 Feb 2022 12:45:28 GMT
Last-Modified
Wed, 21 Feb 2007 03:56:02 GMT
Server
nginx/1.6.2
ETag
"45dbc2d2-649"
Content-Type
image/gif
Cache-Control
max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
1609
Expires
Tue, 08 Feb 2022 12:45:28 GMT
20y.png
heaventools.com/img/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://heaventools.com/img/20y.png
Requested by
Host: heaventools.com
URL: http://heaventools.com/htcom_i.css
Protocol
HTTP/1.1
Server
208.76.175.57 , United States, ASN14585 (CIFNET, US),
Reverse DNS
heaventools.com
Software
nginx/1.6.2 /
Resource Hash
1f6a8e02d47bc565dbf35c0d4a53d97dd113f5f28a3012ae79493fdc5f3ff5ba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://heaventools.com/htcom_i.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 03 Feb 2022 12:45:28 GMT
Last-Modified
Tue, 22 Jun 2021 13:31:24 GMT
Server
nginx/1.6.2
ETag
"60d1e62c-380c"
Content-Type
image/png
Cache-Control
max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
14348
Expires
Tue, 08 Feb 2022 12:45:28 GMT
footerbg.gif
heaventools.com/img/css/ 		263 B
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://heaventools.com/img/css/footerbg.gif
Requested by
Host: heaventools.com
URL: http://heaventools.com/htcom.css
Protocol
HTTP/1.1
Server
208.76.175.57 , United States, ASN14585 (CIFNET, US),
Reverse DNS
heaventools.com
Software
nginx/1.6.2 /
Resource Hash
56f977eb7a215d5e6a074d1df01c16bf6d818136182f3c7ac3ba7444864b6a6a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://heaventools.com/htcom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 03 Feb 2022 12:45:28 GMT
Last-Modified
Fri, 20 Mar 2009 03:34:56 GMT
Server
nginx/1.6.2
ETag
"49c30ee0-107"
Content-Type
image/gif
Cache-Control
max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
263
Expires
Tue, 08 Feb 2022 12:45:28 GMT
basement.gif
heaventools.com/img/css/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://heaventools.com/img/css/basement.gif
Requested by
Host: heaventools.com
URL: http://heaventools.com/htcom.css
Protocol
HTTP/1.1
Server
208.76.175.57 , United States, ASN14585 (CIFNET, US),
Reverse DNS
heaventools.com
Software
nginx/1.6.2 /
Resource Hash
0f2ca53c101b8429fd4b04e898deddc0c23413e929d307e0ceede2d95a0ecb56

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://heaventools.com/htcom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 03 Feb 2022 12:45:28 GMT
Last-Modified
Fri, 20 Mar 2009 03:34:53 GMT
Server
nginx/1.6.2
ETag
"49c30edd-521"
Content-Type
image/gif
Cache-Control
max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
1313
Expires
Tue, 08 Feb 2022 12:45:28 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201250101/ 		287 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201250101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1362608992090644&plah=heaventools.com&bust=31064544
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
72f6a0b72ea77ca0050e4a58202e851e386845dbcdb521e0718ed7a75ff81d90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://heaventools.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 03 Feb 2022 12:45:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
105699
x-xss-protection
0
server
cafe
etag
15330951444674901986
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 03 Feb 2022 12:45:28 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220201/r20190131/ Frame F3C4 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220201/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://heaventools.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4612
x-xss-protection
0
date
Wed, 02 Feb 2022 16:33:14 GMT
expires
Wed, 16 Feb 2022 16:33:14 GMT
cache-control
public, max-age=1209600
age
72734
etag
18247940800414524076
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/ 		219 B
648 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=heaventools.com&callback=_gfp_s_&client=ca-pub-1362608992090644
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201250101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1362608992090644&plah=heaventools.com&bust=31064544
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
9f1186468c2dcab535264c18e9fbb22406f67992feb6373135dcde0073841431
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://heaventools.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 03 Feb 2022 12:45:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
204
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=heaventools.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201250101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1362608992090644&plah=heaventools.com&bust=31064544
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://heaventools.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 03 Feb 2022 12:45:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=heaventools.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201250101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1362608992090644&plah=heaventools.com&bust=31064544
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://heaventools.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 03 Feb 2022 12:45:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 32D4 		603 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1362608992090644&output=html&adk=1812271804&adf=3025194257&lmt=1643892328&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fheaventools.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1643892328488&bpp=4&bdt=507&idt=83&shv=r20220201&mjsv=m202201250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=727364056597&frm=20&pv=2&ga_vid=1321056405.1643892329&ga_sid=1643892329&ga_hid=1905908851&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C44750773%2C31064036%2C31064544%2C44756555%2C31063246&oid=2&pvsid=1006567125323240&pem=782&tmod=1200498056&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=105
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201250101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1362608992090644&plah=heaventools.com&bust=31064544
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://heaventools.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 03 Feb 2022 12:45:28 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 03 Feb 2022 12:45:28 GMT
cache-control
private
sodar
pagead2.googlesyndication.com/getconfig/ 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220201&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201250101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1362608992090644&plah=heaventools.com&bust=31064544
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
39660a68e37ddcd20210b7f02621f18253901fab0ca497998a3c8580bbaea3a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://heaventools.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 03 Feb 2022 12:45:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9914
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201250101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1362608992090644&plah=heaventools.com&bust=31064544
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://heaventools.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 03 Feb 2022 12:45:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 03 Feb 2022 12:45:29 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3D53 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://heaventools.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 03 Feb 2022 11:15:25 GMT
expires
Fri, 03 Feb 2023 11:15:25 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
5404
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame C685 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
245638250758d7c1686248d0e9f3f77b2af7a68760cd6afce1112f11cfffab50
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7KD20CWdGEj1sV8o4OLO5A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://heaventools.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Thu, 03 Feb 2022 12:45:29 GMT
date
Thu, 03 Feb 2022 12:45:29 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-7KD20CWdGEj1sV8o4OLO5A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
515
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Ol8DAVooj0Rm15QbcMm2xe-FwsEsVu5ZVwbhFimW5pI.js
pagead2.googlesyndication.com/bg/ Frame 3D53 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ol8DAVooj0Rm15QbcMm2xe-FwsEsVu5ZVwbhFimW5pI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3a5f03015a288f4466d7941b70c9b6c5ef85c2c12c56ee595706e1162996e692
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 03 Feb 2022 12:41:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
267
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13749
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Feb 2023 12:41:02 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C685 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220201&jk=1006567125323240&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 3D53 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?5rSZfQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 03 Feb 2022 12:45:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220201&jk=1006567125323240&bg=!pKelp-PNAAYZkRhwGZE7ACkAdvg8Wk2awBdqBGpLoeiy-zLKWI7JyURTkEziihpdL0__28kTYE0H9wIAAABcUgAAAAJoAQeZArdYUVTaakFLeANh5qRHdepJGKy_vGqI4KXQzp3HWvvZ1VxD4VMT0dubHDE8Re_ueoXHP79fZEZhP64Z6jt_8C4AZNQxocbKrb6XTMFSP49nmQ6sv5L8Er1FEK0XhJCPChTN7LTYk2GISxZoEYStlbrDeoTdljihP6uaEUPzMJwT3p1NoIbDl8n6xBtIaodQcrod8z7jxxTRerIHefZWrbpqu_CvVFn5zIAAR_r0ag4D954vmYKXTP7PxghG0Ose7V5qfMk9E96rdSBDRkjZKqB7iPVaHg_oCFteF7NlPHoVA_Qq80aVArb_TIOcfb80jfj5JQneYUCh3vwIguyKAospnRakvv16BGrmlDAnJ4PreL6Vsc4ezO4iya-lX5dQOX0B0nc8o5dyACJDzksHYQ5GE3BVpNBZe6DPynBFtgmoIlRh8kIJ622bDt76o7JZQR2-skYHCPhwFPXPrxxGdni9rQKBHHbp0IiWs4b4tENSC_whfhCSuDht10H2dnOORSQPjQF7wAmVzL0wUFwv3QTxuwuZxYyU3G1xR-KGa6_NqP2t6_0DOEYDa4tc_NEGR9L7EqJeRevhGmjJr9GDZcgzHA9LwGzUCLQyDMTOWPnkzMWZdurcb6y628hnAEG3iA36Yxgxn9iXYao8SYANbAAxik8XHi8hwLo4bQ72skb1W_lxzokLz0dWA4COWXriIGHQ8FD4_Qq_OeKQstw_faYwCns9cQnEoCejMuM0765rFGUtP7hoyYJZsrKZHKZALE5AsZNu-fgPZf6MJaNc3YaacWtDT6zIQO8mIrXaXoum-qN4w5WWVc8IlgGLH7OnOq1VA6yPOE3UvB3_UDnnvpn5-KDUgRD2WaBVTuQASxnrSLphnp_tHUO_QWpHRLIeEO_lyIb9El8uGhNfQcCffarQO05p6rUdmw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://heaventools.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Feb 2022 12:45:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| cookieconsent boolean| loaded object| googletag object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

5 Cookies

Domain/Path Name / Value
heaventools.com/ Name: PHPSESSID
Value: hcsogkeambub65js0i54iih111
heaventools.com/ Name: HT_COM_GUEST_ID
Value: 2235806
heaventools.com/ Name: HT_COM_LAST_VISIT
Value: 03.02.2022+06%3A45%3A27
.heaventools.com/ Name: __gads
Value: ID=bd01a96baf10912f-22b6fa7233cd00bf:T=1643892328:RT=1643892328:S=ALNI_MY5srx9P51P7cFpJOkLn-9KxhvX0Q
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
googleads.g.doubleclick.net
heaventools.com
pagead2.googlesyndication.com
partner.googleadservices.com
restuner.com
tpc.googlesyndication.com
www.google.com
142.250.184.226
208.76.175.57
2a00:1450:4001:802::2002
2a00:1450:4001:803::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2001
2a00:1450:4001:828::2002
2a00:1450:4001:831::2002
0050b94eeb16555d3baae0013d829e1d71602ec8b6582bd83b12dc3b31ae1dc9
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0ec70ba5c668836cc0aa5a90a2fd7d2f164f490aae91baced2b47ad1b2a9b965
0f2ca53c101b8429fd4b04e898deddc0c23413e929d307e0ceede2d95a0ecb56
1bc4ec501d23579e9fd8985944b17c214835814c0f2e1984b093ff53ff663656
1f6a8e02d47bc565dbf35c0d4a53d97dd113f5f28a3012ae79493fdc5f3ff5ba
245638250758d7c1686248d0e9f3f77b2af7a68760cd6afce1112f11cfffab50
291ae89e0d30285d20dd25bbb7ea981517a39de221eeebf710588331441feaa4
35587ad74e87ade5ccf92104e95537ac708447d3d5371ace0eaa01bf0cee131a
35eb9bd2693d9f8ee9224201fcb1daa50cb05e3e8b11dee6bf2bb6a5ed236fa7
39660a68e37ddcd20210b7f02621f18253901fab0ca497998a3c8580bbaea3a7
3a5f03015a288f4466d7941b70c9b6c5ef85c2c12c56ee595706e1162996e692
3e50e63f2f1324733b9c6b2d3f20790734ed869ea434bd91ad8bfc9b8fdb1ed7
445a0d2e902086af5a2d2b23d52f6ebb7c330b5363a499547a7068b0f942d9d9
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
52c5aefe8daf5e3a868b0dbb9ceabac736a9a638c7fc0e2d80409d2dc1970375
53133d84f1e5995ceda3c3249d335d9097ca1166e80b56214e3c083835ef41e5
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56f977eb7a215d5e6a074d1df01c16bf6d818136182f3c7ac3ba7444864b6a6a
5cc2a38caee1b94a6421667d1498960e9d746fb9becaf736abe2a42deee04056
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
72f6a0b72ea77ca0050e4a58202e851e386845dbcdb521e0718ed7a75ff81d90
733d931a9342705907a0e41ce115181321c171ae30e3298e90da831dcf837235
7c85e63091b0cb5971a32d8acab530cc7f6257c9e4c21b96bd49cf1103be5ebc
85581ca41859c8fe899c8797a4d52f82613f875c698dee14b739adbee98c5704
916e43acce8964a9d22de216a65130281c9d1d22e30f41b0e160ef856d15475a
9562fab36c332a1f4903e3f0dd6c4703cb123f5a3b87e84ae90f83b5e1f483d3
9f1186468c2dcab535264c18e9fbb22406f67992feb6373135dcde0073841431
a18a6bf9e55964c35716f28591bb0e2980bd189736c879f5eee164e0462a66ac
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
aaca6feede48b2d655e75e4a853f4936b2703bdfd55d89366d7bc4af4af1540d
ab4d09c009a9be66ca62308e7a028c0f70fd1e02bfc62f391955c277cf505adf
ac8cb7a6318383ce49271c7cb3ce7933770621e8dd3aeb54d0202a375548e724
b39e6042200200a647470bf9d97a1ebed2f1c3979273bcba370a8df12d0d2ab7
b71da61da594cb8de4662c2d3f914eca0d8ef9b39e112c975e420541d7fd8a94
c53aa71262e59132e76937b35cfc8d101d1f91918f57534ad91397a2da9c4f0a
c7e48b910e57a158cbce6e61e3f2047a4662d64a473ce2265b1ed21082078ba9
c9ddbbfd670d55992fcfc3d4339c237593c075a3d27fe4b1d191b82fdb79b4d4
d51972dae711af7b64516d288734dc08331a95ab5cd6dcd588cce1e67048e5cf
db5f28b19031f765ca573a84efadc34211836267c69165f2f262c98609a2b671
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9b0d90921f78a9c4731cd6aa8456055a933f6b58f6cbd2db946c21dc40a41ae