descargar.heaven32.com Open in urlscan Pro
216.246.113.147 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://descargar.heaven32.com/
Effective URL:
https://descargar.heaven32.com/
Submission Tags: falconsandbox
Submission: On January 26 via api (January 26th 2022, 9:50:38 pm UTC) from US — Scanned from DE

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 21 HTTP transactions. The main IP is 216.246.113.147, located in United States and belongs to SERVERCENTRAL, US. The main domain is descargar.heaven32.com.
TLS certificate: Issued by R3 on December 2nd 2021. Valid for: 3 months.

This is the only time descargar.heaven32.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	216.246.113.147 216.246.113.147	23352 (SERVERCEN...) (SERVERCENTRAL)
7	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400f:801::200e	15169 (GOOGLE) (GOOGLE)
4	104.109.75.95 104.109.75.95	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2606:4700:10:... 2606:4700:10::6814:7674	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
21	8

4 216.246.113.147 (United States) 1 redirects

ASN23352 (SERVERCENTRAL, US)

descargar.heaven32.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400f:801::200e (Ireland)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.109.75.95 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-75-95.deploy.static.akamaitechnologies.com

img.utdstc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6814:7674 (United States)

ASN13335 (CLOUDFLARENET, US)

static.filehorse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 324	126 KB
4	filehorse.com static.filehorse.com — Cisco Umbrella Rank: 453858	95 KB
4	utdstc.com img.utdstc.com — Cisco Umbrella Rank: 91242	10 KB
4	heaven32.com 1 redirects descargar.heaven32.com	97 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	396 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	945 B
1	gstatic.com encrypted-tbn0.gstatic.com	7 KB
21	7

	Domain	Requested by
7	cdn.ampproject.org	descargar.heaven32.com cdn.ampproject.org
4	static.filehorse.com	descargar.heaven32.com
4	img.utdstc.com	descargar.heaven32.com
4	descargar.heaven32.com	1 redirects descargar.heaven32.com
1	www.google-analytics.com
1	www.googletagmanager.com	cdn.ampproject.org
1	encrypted-tbn0.gstatic.com	descargar.heaven32.com
21	7

This site contains no links.

Subject Issuer	Validity	Valid
download.heaven32.com R3	`2021-12-02` - `2022-03-02`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
uptodown.com DigiCert SHA2 Secure Server CA	`2021-09-14` - `2022-09-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://descargar.heaven32.com/
Frame ID: 91FABCE42F4FB86919A065E9082345E9
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Descargar Programas Gratis - Descargar Gratis

Page URL History Show full URLs

http://descargar.heaven32.com/ HTTP 301
https://descargar.heaven32.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

21
Requests

100 %
HTTPS

71 %
IPv6

7
Domains

7
Subdomains

8
IPs

3
Countries

337 kB
Transfer

716 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://descargar.heaven32.com/ HTTP 301
https://descargar.heaven32.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
descargar.heaven32.com/
Redirect Chain

http://descargar.heaven32.com/
https://descargar.heaven32.com/

107 KB
16 KB

501ms
286ms

Document
text/html

216.246.113.147
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://descargar.heaven32.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.246.113.147 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
Software: nginx /
Resource Hash: ce40b4127e92bc75256a47aebcae5d77522030880c0541f59330261a2da9e124

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Wed, 26 Jan 2022 21:50:33 GMT
content-type: text/html; charset=UTF-8
last-modified: Wed, 26 Jan 2022 21:38:49 GMT
cache-control: public, max-age=0
expires: Wed, 26 Jan 2022 21:50:33 GMT
content-encoding: br
vary: Accept-Encoding,User-Agent,Accept-Encoding
alt-svc: quic=":9443"; ma=2592000; v="43,46", h3-Q043=":9443"; ma=2592000, h3-Q046=":9443"; ma=2592000, h3-Q050=":9443"; ma=2592000, h3-25=":9443"; ma=2592000, h3-27=":9443"; ma=2592000
x-microcachable: 0
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"

Redirect headers

Server: nginx
Date: Wed, 26 Jan 2022 21:50:33 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-Redirect-By: WordPress
Location: https://descargar.heaven32.com/
Server-Timing
Vary: User-Agent,Accept-Encoding
X-Proxy-Cache: MISS
P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"

GET
H2 200 v0.mjs Show response
cdn.ampproject.org/ 220 KB
61 KB 153ms
61ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.mjs

Requested by

Host: descargar.heaven32.com
URL: https://descargar.heaven32.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8980c3020a3f9445f4c3edbe298065ff8c1d53257aca6c1ed2334650f1d703fb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://descargar.heaven32.com/
Origin: https://descargar.heaven32.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62747
x-xss-protection: 0
server: sffe
date: Wed, 26 Jan 2022 21:50:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=3000, stale-while-revalidate=1206600
etag: "59de8e520fbb2eae"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 26 Jan 2022 21:50:34 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/v0/ 96 KB
29 KB 175ms
83ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.mjs

Requested by

Host: descargar.heaven32.com
URL: https://descargar.heaven32.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b453cf7e9127517403f871ce507f516b5a926d7ad4478840292d358752732dd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://descargar.heaven32.com/
Origin: https://descargar.heaven32.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29593
x-xss-protection: 0
server: sffe
date: Wed, 26 Jan 2022 21:50:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "2bc04200de85b987"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 26 Jan 2022 21:50:34 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/v0/ 42 KB
13 KB 139ms
49ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-form-0.1.mjs

Requested by

Host: descargar.heaven32.com
URL: https://descargar.heaven32.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4194e81ed5f65462e9b8da18457ddef5f07c06e58f511434a5b12c013d44ec40

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://descargar.heaven32.com/
Origin: https://descargar.heaven32.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13626
x-xss-protection: 0
server: sffe
date: Wed, 26 Jan 2022 21:50:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "f5a02c790879b4fd"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 26 Jan 2022 21:50:34 GMT

GET
H2 200 amp-mustache-0.2.mjs Show response
cdn.ampproject.org/v0/ 39 KB
15 KB 125ms
35ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-mustache-0.2.mjs

Requested by

Host: descargar.heaven32.com
URL: https://descargar.heaven32.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b693ae44eac77746eacb7665b0c49867a59202aa251012bebff783d286496ed

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://descargar.heaven32.com/
Origin: https://descargar.heaven32.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13811
x-xss-protection: 0
server: sffe
date: Wed, 26 Jan 2022 21:50:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "2e2262760ac0edc8"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 26 Jan 2022 21:50:34 GMT

GET
H2 200 images
encrypted-tbn0.gstatic.com/ 7 KB
7 KB 202ms
50ms Image
image/jpeg 2a00:1450:400f:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcS65NOaJXcaJBEVLINNt5ndzlT9Hu4NGg4OvVbCQ9LxEij1QFMY5eVzc5JCtgV0KYR1r8c&usqp=CAU

Requested by

Host: descargar.heaven32.com
URL: https://descargar.heaven32.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400f:801::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6df90a661258ad82452b512cfe46375957198cff54581d47de0af22c78121e63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://descargar.heaven32.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 21:50:34 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6993
x-xss-protection: 0
last-modified: Sat, 27 Nov 2021 07:02:57 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 26 Jan 2023 21:50:34 GMT

GET
DATA 200
OK truncated
/ 79 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 512e3034bb639d98c2c2c0b233b753e5f7e1d3d51f34836581afbb2c8be0747b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 80 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a98be002a6c1179774246848e020a5cec127917bab6b77bfc11663844dc5cf6c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 80 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2241b1e6ead7d8ec8ab5c54e45264b2ba85738473e060636cbb6135313e1518a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 80 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04ddb6783556052d4e4e04dbd6e4969b701cb06f1851b1d95c6c70fee7af902d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 fontawesome-webfont.woff2
descargar.heaven32.com/wp-content/themes/vendd/inc/fonts/font-awesome/fonts/ 75 KB
76 KB 129ms
129ms Font
font/woff2 216.246.113.147
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://descargar.heaven32.com/wp-content/themes/vendd/inc/fonts/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: descargar.heaven32.com
URL: https://descargar.heaven32.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.246.113.147 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
Software: nginx /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://descargar.heaven32.com/
Origin: https://descargar.heaven32.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 21:50:33 GMT
last-modified: Tue, 29 Dec 2020 19:22:43 GMT
server: nginx
x-microcachable: 0
vary: User-Agent,Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: public, max-age=10368000
accept-ranges: bytes
content-type: font/woff2
alt-svc: quic=":9443"; ma=2592000; v="43,46", h3-Q043=":9443"; ma=2592000, h3-Q046=":9443"; ma=2592000, h3-Q050=":9443"; ma=2592000, h3-25=":9443"; ma=2592000, h3-27=":9443"; ma=2592000
content-length: 77160
expires: Thu, 26 May 2022 21:50:33 GMT

GET
H2 200 logo-heaven32.png
descargar.heaven32.com/wp-content/uploads/2020/12/ 4 KB
4 KB 124ms
123ms Image
image/png 216.246.113.147
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://descargar.heaven32.com/wp-content/uploads/2020/12/logo-heaven32.png
Requested by: Host: descargar.heaven32.com
URL: https://descargar.heaven32.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.246.113.147 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
Software: nginx /
Resource Hash: 40ea3ea25414ccd5b490ee91e62816357f7e63e564fd51e50b0fa9234b3dcf1c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://descargar.heaven32.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 21:50:33 GMT
last-modified: Tue, 29 Dec 2020 19:29:21 GMT
server: nginx
x-microcachable: 0
vary: User-Agent,Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: public, max-age=10368000,public
accept-ranges: bytes
content-type: image/png
alt-svc: quic=":9443"; ma=2592000; v="43,46", h3-Q043=":9443"; ma=2592000, h3-Q046=":9443"; ma=2592000, h3-Q050=":9443"; ma=2592000, h3-25=":9443"; ma=2592000, h3-27=":9443"; ma=2592000
content-length: 3817
expires: Thu, 26 May 2022 21:50:33 GMT

GET
H2 200 4abbe31c0ef62fab474a8dcf20e37fe24560dd9f30893f6fa72fa76a276a95b6:100
img.utdstc.com/icon/4ab/be3/ 2 KB
2 KB 115ms
58ms Image
image/webp 104.109.75.95
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.utdstc.com/icon/4ab/be3/4abbe31c0ef62fab474a8dcf20e37fe24560dd9f30893f6fa72fa76a276a95b6:100

Requested by

Host: descargar.heaven32.com
URL: https://descargar.heaven32.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.109.75.95 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-109-75-95.deploy.static.akamaitechnologies.com

Software

nginx/1.14.2 /

Resource Hash

73f3b62e7e1db8c9365f04571810173aea2e4cd0a871658ade67b5874599d72b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://descargar.heaven32.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 07 Dec 2021 11:40:47 GMT
server: nginx/1.14.2
etag: "61af483f-7c6"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: private, max-age=3861
date: Wed, 26 Jan 2022 21:50:34 GMT
content-security-policy: default-src 'self'
accept-ranges: bytes
vary: Accept
content-length: 1990
x-xss-protection: 1; mode=block
expires: Wed, 26 Jan 2022 22:54:55 GMT

GET
H2 200 light-image-resizer-screenshot-01.png
static.filehorse.com/screenshots/imaging-and-digital-photo/ 28 KB
28 KB 223ms
150ms Image
image/png 2606:4700:10::6814:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.filehorse.com/screenshots/imaging-and-digital-photo/light-image-resizer-screenshot-01.png
Requested by: Host: descargar.heaven32.com
URL: https://descargar.heaven32.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:7674 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bb808c9c07d97111382282a53745eb837708f6823f9666fd2583ffeb10ec21b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://descargar.heaven32.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 21:50:34 GMT
cf-cache-status: MISS
last-modified: Mon, 24 Apr 2017 20:56:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 6d3cf5297ced59a7-MXP
content-length: 28397

GET
H2 200 ac671f23af02a46f7fdbd0b28b23386f3b747ba8c414a97acc86e9669ad8cff5:100
img.utdstc.com/icon/ac6/71f/ 1 KB
2 KB 504ms
448ms Image
image/webp 104.109.75.95
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.utdstc.com/icon/ac6/71f/ac671f23af02a46f7fdbd0b28b23386f3b747ba8c414a97acc86e9669ad8cff5:100

Requested by

Host: descargar.heaven32.com
URL: https://descargar.heaven32.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.109.75.95 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-109-75-95.deploy.static.akamaitechnologies.com

Software

nginx/1.14.2 /

Resource Hash

55270ac8ed1f2a427058434419fdeef3f0738c1552fc29b9037017499094891d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://descargar.heaven32.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 10 Oct 2021 18:06:43 GMT
server: nginx/1.14.2
etag: "61632bb3-5d4"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: private, max-age=21600
date: Wed, 26 Jan 2022 21:50:34 GMT
content-security-policy: default-src 'self'
accept-ranges: bytes
vary: Accept
content-length: 1492
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 03:50:34 GMT

GET
H2 200 amazon-chime-screenshot-01.png
static.filehorse.com/screenshots/messaging-and-chat/ 32 KB
33 KB 191ms
118ms Image
image/png 2606:4700:10::6814:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.filehorse.com/screenshots/messaging-and-chat/amazon-chime-screenshot-01.png
Requested by: Host: descargar.heaven32.com
URL: https://descargar.heaven32.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:7674 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f65d93c59519b989c7be0b754b7553ac85e8c3562151208fc64c4b5c893e09ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://descargar.heaven32.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 21:50:34 GMT
cf-cache-status: MISS
last-modified: Thu, 27 Apr 2017 17:23:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 6d3cf5297cf259a7-MXP
content-length: 33242

GET
H2 200 mpv-player-icon-top.png
static.filehorse.com/icons-mac/video-software/ 3 KB
4 KB 179ms
107ms Image
image/png 2606:4700:10::6814:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.filehorse.com/icons-mac/video-software/mpv-player-icon-top.png
Requested by: Host: descargar.heaven32.com
URL: https://descargar.heaven32.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:7674 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 651849126a1fe779c8eaa154f8c57eaeb8aff98e004319187395599aaa3aa227

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://descargar.heaven32.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 21:50:34 GMT
cf-cache-status: MISS
last-modified: Fri, 07 Feb 2020 00:44:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 6d3cf5297cf059a7-MXP
content-length: 3520

GET
H2 200 2e588658aa01b5aa321edd4b33131823bbd2b56ac6327aeba4c40f71311da740:100
img.utdstc.com/icon/2e5/886/ 3 KB
4 KB 478ms
422ms Image
image/webp 104.109.75.95
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.utdstc.com/icon/2e5/886/2e588658aa01b5aa321edd4b33131823bbd2b56ac6327aeba4c40f71311da740:100

Requested by

Host: descargar.heaven32.com
URL: https://descargar.heaven32.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.109.75.95 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-109-75-95.deploy.static.akamaitechnologies.com

Software

nginx/1.14.2 /

Resource Hash

76055ce9a14c9043a1162da61a6a6e3e29bdbc830186510f11c57640bdb573d0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://descargar.heaven32.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 10 Oct 2021 11:52:26 GMT
server: nginx/1.14.2
etag: "6162d3fa-d72"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: private, max-age=21578
date: Wed, 26 Jan 2022 21:50:34 GMT
content-security-policy: default-src 'self'
accept-ranges: bytes
vary: Accept
content-length: 3442
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 03:50:12 GMT

GET
H2 200 siw-screenshot-01.png
static.filehorse.com/screenshots/benchmarking/ 31 KB
31 KB 245ms
173ms Image
image/png 2606:4700:10::6814:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.filehorse.com/screenshots/benchmarking/siw-screenshot-01.png
Requested by: Host: descargar.heaven32.com
URL: https://descargar.heaven32.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:7674 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32b5e642bb4e1ef587133e3afb8a70f6844551a5c22cfa6e681fcabc817d322e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://descargar.heaven32.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 21:50:34 GMT
cf-cache-status: MISS
last-modified: Wed, 22 Feb 2017 14:51:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 6d3cf5297cf359a7-MXP
content-length: 31352

GET
H2 200 17fe66f8fb8849248bd6dcf727c7447c03bda88285b31e19f4cafecec49afc9d:100
img.utdstc.com/icon/17f/e66/ 2 KB
3 KB 142ms
85ms Image
image/webp 104.109.75.95
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.utdstc.com/icon/17f/e66/17fe66f8fb8849248bd6dcf727c7447c03bda88285b31e19f4cafecec49afc9d:100

Requested by

Host: descargar.heaven32.com
URL: https://descargar.heaven32.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.109.75.95 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-109-75-95.deploy.static.akamaitechnologies.com

Software

nginx/1.14.2 /

Resource Hash

a5d07a3defbee9e47eca422a9f75227aba4f98d28ae220b75a205994d794f290

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://descargar.heaven32.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 07 Dec 2021 11:07:38 GMT
server: nginx/1.14.2
etag: "61af407a-8b8"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: private, max-age=21575
date: Wed, 26 Jan 2022 21:50:34 GMT
content-security-policy: default-src 'self'
accept-ranges: bytes
vary: Accept
content-length: 2232
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 03:50:09 GMT

GET
H2 200 amp-auto-lightbox-0.1.mjs Show response
cdn.ampproject.org/rtv/012201141909003/v0/ 8 KB
3 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909003/v0/amp-auto-lightbox-0.1.mjs

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

529e1021816500af5652d6b4fb719d9e65c1ed90a162be3c969830f52a526c11

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://descargar.heaven32.com/
Origin: https://descargar.heaven32.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 2963
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3123
x-xss-protection: 0
server: sffe
date: Wed, 26 Jan 2022 21:01:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "32d29248528a78f3"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 26 Jan 2023 21:01:11 GMT

GET
H2 200 amp-loader-0.1.mjs Show response
cdn.ampproject.org/rtv/012201141909003/v0/ 12 KB
4 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909003/v0/amp-loader-0.1.mjs

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2de51079fc70096a9eb108996d57d2dc102e1147454fd8d985591f79eb966333

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://descargar.heaven32.com/
Origin: https://descargar.heaven32.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 2963
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4000
x-xss-protection: 0
server: sffe
date: Wed, 26 Jan 2022 21:01:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aa9aac134107fe5a"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 26 Jan 2023 21:01:11 GMT

GET
H3 200 gtag.json Show response
cdn.ampproject.org/rtv/012201141909003/v0/analytics-vendors/ 2 KB
931 B 24ms
24ms Fetch
application/json 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909003/v0/analytics-vendors/gtag.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://descargar.heaven32.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 2955
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 901
x-xss-protection: 0
server: sffe
date: Wed, 26 Jan 2022 21:01:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fa72672e50def154"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 26 Jan 2023 21:01:20 GMT

POST
H2 200 amp Show response
www.googletagmanager.com/gtag/ 874 B
945 B 339ms
17ms Fetch
application/json 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fdescargar.heaven32.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

69230f73714c14eccf1a2c6b51406c75f8eb362ca8fe9b227ada36bee2f55c91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://descargar.heaven32.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

date: Wed, 26 Jan 2022 21:50:35 GMT
content-encoding: br
vary: *
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="amp.json"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 381
x-xss-protection: 0
pragma: no-cache
amp-access-control-allow-source-origin: https://descargar.heaven32.com
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://descargar.heaven32.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
396 B 41ms
14ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=Descargar%20Programas%20Gratis%20-%20Descargar%20Gratis&sr=1600x1200&cid=amp-7FGygYrjsBlfIztltCKRSA&tid=UA-145434812-9&dl=https%3A%2F%2Fdescargar.heaven32.com%2F&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.2165637973172545&gjid=0.6075758532526421&_r=1&a=2128&z=0.5328039101426529&gtm=2pu000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://descargar.heaven32.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 21:50:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			descargar.heaven32.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: cd78fc2d31a3cbaae72e00d875c3e84b
			.heaven32.com/	1970-01-20 09:12:49	Name: _ga Value: amp-7FGygYrjsBlfIztltCKRSA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ampproject.org
descargar.heaven32.com
encrypted-tbn0.gstatic.com
img.utdstc.com
static.filehorse.com
www.google-analytics.com
www.googletagmanager.com
104.109.75.95
216.246.113.147
2606:4700:10::6814:7674
2a00:1450:4001:82a::2001
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2008
2a00:1450:400f:801::200e
04ddb6783556052d4e4e04dbd6e4969b701cb06f1851b1d95c6c70fee7af902d
1b453cf7e9127517403f871ce507f516b5a926d7ad4478840292d358752732dd
2241b1e6ead7d8ec8ab5c54e45264b2ba85738473e060636cbb6135313e1518a
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2de51079fc70096a9eb108996d57d2dc102e1147454fd8d985591f79eb966333
32b5e642bb4e1ef587133e3afb8a70f6844551a5c22cfa6e681fcabc817d322e
40ea3ea25414ccd5b490ee91e62816357f7e63e564fd51e50b0fa9234b3dcf1c
4194e81ed5f65462e9b8da18457ddef5f07c06e58f511434a5b12c013d44ec40
512e3034bb639d98c2c2c0b233b753e5f7e1d3d51f34836581afbb2c8be0747b
529e1021816500af5652d6b4fb719d9e65c1ed90a162be3c969830f52a526c11
55270ac8ed1f2a427058434419fdeef3f0738c1552fc29b9037017499094891d
651849126a1fe779c8eaa154f8c57eaeb8aff98e004319187395599aaa3aa227
69230f73714c14eccf1a2c6b51406c75f8eb362ca8fe9b227ada36bee2f55c91
6bb808c9c07d97111382282a53745eb837708f6823f9666fd2583ffeb10ec21b
6df90a661258ad82452b512cfe46375957198cff54581d47de0af22c78121e63
73f3b62e7e1db8c9365f04571810173aea2e4cd0a871658ade67b5874599d72b
76055ce9a14c9043a1162da61a6a6e3e29bdbc830186510f11c57640bdb573d0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8980c3020a3f9445f4c3edbe298065ff8c1d53257aca6c1ed2334650f1d703fb
8b693ae44eac77746eacb7665b0c49867a59202aa251012bebff783d286496ed
a5d07a3defbee9e47eca422a9f75227aba4f98d28ae220b75a205994d794f290
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
a98be002a6c1179774246848e020a5cec127917bab6b77bfc11663844dc5cf6c
ce40b4127e92bc75256a47aebcae5d77522030880c0541f59330261a2da9e124
f65d93c59519b989c7be0b754b7553ac85e8c3562151208fc64c4b5c893e09ca

descargar.heaven32.com Open in urlscan Pro 216.246.113.147 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

100 %HTTPS

71 %IPv6

7 Domains

7 Subdomains

8 IPs

3 Countries

337 kBTransfer

716 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

2 Cookies

Indicators

descargar.heaven32.com Open in urlscan Pro
216.246.113.147 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

100 %
HTTPS

71 %
IPv6

7
Domains

7
Subdomains

8
IPs

3
Countries

337 kB
Transfer

716 kB
Size

2
Cookies

21 HTTP transactions
4 data transactions