urlscan.io logo urlscan.io
SecurityTrails logo

steam-heven.com Open in urlscan Pro
31.43.191.130  Public Scan

Go To Rescan Add Verdict Report
URL: https://steam-heven.com/
Submission: On March 25 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 6 countries across 13 domains to perform 60 HTTP transactions. The main IP is 31.43.191.130, located in South Africa and belongs to TK-NET, SC. The main domain is steam-heven.com.
TLS certificate: Issued by R3 on February 12th 2024. Valid for: 3 months.
This is the only time steam-heven.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

28    31.43.191.130 (South Africa)

ASN210848 (TK-NET, SC)
steam-heven.com
games-database.com
2    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2600:9000:235a:3000:b:b271:7c80:21 (United States)

ASN16509 (AMAZON-02, US)
d26adrx9c3n0mq.cloudfront.net
7    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
pogothere.xyz
3    104.21.48.128 (None, )

ASN13335 (CLOUDFLARENET, US)
weredthechild.info
1    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
6    2a00:1450:400c:c09::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
accounts.google.com
2    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    3.160.150.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-46.fra60.r.cloudfront.net
dmetherearlyinhes.info
2    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Apex Domain
Subdomains		 Transfer
27 games-database.com
games-database.com
331 KB
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 143
tpc.googlesyndication.com — Cisco Umbrella Rank: 204
228 KB
6 google.com
accounts.google.com — Cisco Umbrella Rank: 62
3 KB
4 pogothere.xyz
pogothere.xyz — Cisco Umbrella Rank: 23200
202 KB
3 weredthechild.info
weredthechild.info
1 KB
3 cloudfront.net
d26adrx9c3n0mq.cloudfront.net
102 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
21 KB
2 dmetherearlyinhes.info
dmetherearlyinhes.info
3 KB
2 gstatic.com
fonts.gstatic.com
67 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
3 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
67 KB
1 steam-heven.com
steam-heven.com
3 KB
60 13
Domain Requested by
27 games-database.com steam-heven.com
games-database.com
7 pagead2.googlesyndication.com steam-heven.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
6 accounts.google.com 4 redirects steam-heven.com
4 pogothere.xyz d26adrx9c3n0mq.cloudfront.net
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 weredthechild.info steam-heven.com
3 d26adrx9c3n0mq.cloudfront.net steam-heven.com
dmetherearlyinhes.info
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 dmetherearlyinhes.info d26adrx9c3n0mq.cloudfront.net
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com steam-heven.com
1 www.facebook.com steam-heven.com
1 www.googletagmanager.com steam-heven.com
1 steam-heven.com
60 14

This site contains links to these domains. Also see Links.

Domain
games-database.com
Subject Issuer Validity Valid
games-database.com
R3		 2024-02-12 -
2024-05-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
pogothere.xyz
GTS CA 1P5		 2024-01-27 -
2024-04-26		 3 months crt.sh
weredthechild.info
GTS CA 1P5		 2024-03-09 -
2024-06-07		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-01-02 -
2024-04-01		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
dmetherearlyinhes.info
Amazon RSA 2048 M03		 2024-03-13 -
2025-04-11		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://steam-heven.com/
Frame ID: 83408EC79A98C1D14DEC273660FD972C
Requests: 51 HTTP requests in this frame

Frame: https://dmetherearlyinhes.info/S0JpUUUqIAo8eip/C3cwOS5UdHcNZ1sXIXl0CDU3M3sKYit7Lxh/JictHDUjOS0HJWslJx10dw0zJgUDfhRbPSQTKgopEyBzMBkSOxMqABcBGFg6IxoTGigBPBAqFRECCz8TMhkPAWgmE3MKYQcnEzEUPBoFP2EDDg8qKQouAAEkFRx7KxcROxMwEyYFDjhhAAoEUWYGDSY+Aw0ODz9gDw4YAmgcHRAdIB0Zey8SESwBKxcUCgs4JSYaOh5oDQ12MRUBERc/F3EPEg4HEx4EET0JPDUPAh0BICoDLgQSDjUhEyVdOhEKMSsXPAUPKiYDAhhZMg8NB0Q+Ex8DGhMBIXYhFTIdITMSNigDWTozEzVZCB0MFDMGAA4IJiY9BBQrIn0KB1kEFjMEChIiERozF30oA1k9YHkEKD0DDQQtJQgIcSMyHx0uPwYHAjs9EDYJCgMYDh4uXAAmJzEjBC0OLis9Fx4aLgQzCAMnHSAdKTETdT8qPhMmChFbaAgINSwaCyx7MAA9CTs+Yn0OEQQTDQglDTcMJxMgdy84LQcheCwHHhgkchY/ISkmezA
Frame ID: A9DF1AD84FA00A12254C5350305FDC8C
Requests: 2 HTTP requests in this frame

Frame: https://dmetherearlyinhes.info/bnZIU1gPFCs+Zw9LKnUtHBp1dmooU3oVPFxAKTcqFk8rYDZeGzl9OwIZPTc+HBkmJ3YAEzx2aigdHwQSOhcPAm4qIngcDxdGBB1pOBIpBTwEIR5ifVwwDTodIDclAgokAXgVFitOfxcKJ04MG2giNTIBHSEkOx8WFjw9GT8vIg4AAVk8P2cPLzU8BRA9IHkbGlpPEGESITUMNBUgMB4QCC8BPwUOOFN6FRkUFQMED18zAis/Ijska2orJAFkGhczBhcxGTAsAWgoLAlrYCsReGIcBDwGBTBXLi4FMCwXeRlvJgF4YBoEAS4VaxYnESQBPxAOETI5IBpgDQBbEjESAA4ZCiBWOAZiCgAiHjA6PEQOChApTx82M18hKQIVBDEJNGAoIhEYHBQ3Hzc0AR8qFR4FJCQ3LjxEDgoMKj8DGS87Py4VGT8iHgkoKhwnFxk2DhkKL1Y0BzQzVicdFSo7HAkSHgQvGB0zXyEAYhYGISMjKDoxHjINAx4FCjQeFS4VGgQxPwZ9XDAJKh0sJx8gMzQaPAc8XzAkBzAoHR0kfgQFJz0oUzgsGS8bJQsELD01eRcf
Frame ID: 03E6B8E869EF8289E5FF5C861B6D4BE8
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9624204658352581&output=html&adk=1812271804&adf=3025194257&lmt=1711333959&plat=8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_l%7C500x540_r&format=0x0&url=https%3A%2F%2Fsteam-heven.com%2F&pra=5&wgl=1&easpi=1&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711333959079&bpp=2&bdt=321&idt=79&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7419247740724&frm=20&pv=2&ga_vid=1274981329.1711333959&ga_sid=1711333959&ga_hid=320570027&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31082022%2C44795922%2C95326316%2C31082078%2C95320378%2C95322399%2C95326918&oid=2&pvsid=4409943239387806&tmod=966927818&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=90
Frame ID: 03AF6BA6AE6203D02EC29D8263036904
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9624204658352581&output=html&h=280&slotname=2733830507&adk=2267609003&adf=1899011384&pi=t.ma~as.2733830507&w=1110&fwrn=4&fwrnh=100&lmt=1711333959&rafmt=1&format=1110x280&url=https%3A%2F%2Fsteam-heven.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711333959081&bpp=1&bdt=324&idt=100&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7419247740724&frm=20&pv=1&ga_vid=1274981329.1711333959&ga_sid=1711333959&ga_hid=320570027&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31082022%2C44795922%2C95326316%2C31082078%2C95320378%2C95322399%2C95326918&oid=2&pvsid=4409943239387806&tmod=966927818&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=103
Frame ID: EC1A92E2D2E76C0D310314ADB0A10734
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 45835A5CF4636368ED3F335B5644E71C
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Upload Files - Games Database - Free Games Library

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • dataTables.*\.js
Overall confidence: 100%
Detected patterns
  • /flickity(?:\.pkgd)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+lightbox(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

60
Requests

95 %
HTTPS

69 %
IPv6

13
Domains

14
Subdomains

13
IPs

6
Countries

1029 kB
Transfer

2680 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ARZ0qKLdN6eToim6EO92YE3kEnsSeflNicXJIq302LK6Cjq9QgbOcGuaQbejNZ2LeF2Cta1YGjDH HTTP 302
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKL7nTOwpCDy_Mc-kpHbjCONaEIUrzPNOayY6ztPBKjWqbuNVxfI9U5U1240AVVRPp_kU53B&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1190503899%3A1711333959089383&theme=mn&ddm=0
Request Chain 38
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ARZ0qKI4IVgL7_g0dbOtmNGTqQNJT52l7lFFYDdmDeiLQWldqPER548fxmqj3k5AAncuhGu6QBF- HTTP 302
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKI9bJObMWqkgFMfZJkvjS1FryqOr9vCarq9hiDDgFhHHF50IoGwou4oPpJq8o0g-jHdrCk1&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S621626329%3A1711333959092664&theme=mn&ddm=0

60 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
steam-heven.com/ 		16 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://steam-heven.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.43.191.130 , South Africa, ASN210848 (TK-NET, SC),
Reverse DNS
Software
Litespeed /
Resource Hash
4ff08bea011633b67bb0320c3ab48a581e4d8056c95c415b00fc0c3e703d6fd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate no-cache
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 25 Mar 2024 02:32:38 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Litespeed
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block
bootstrap.min.css
games-database.com/themes/spirit/assets/frontend/css/ 		75 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://games-database.com/themes/spirit/assets/frontend/css/bootstrap.min.css
Requested by
Host: steam-heven.com
URL: https://steam-heven.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.43.191.130 , South Africa, ASN210848 (TK-NET, SC),
Reverse DNS
Software
Litespeed /
Resource Hash
2642f94894419d1cebdc4a010b9380a7403063dd6d28ea8a80bd5ebd01186732

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://steam-heven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:32:38 GMT
content-encoding
br
last-modified
Tue, 19 Apr 2022 12:49:58 GMT
server
Litespeed
etag
W/"625eaff6-12c7a"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires
Wed, 24 Apr 2024 02:32:38 GMT
stack-interface.css
games-database.com/themes/spirit/assets/frontend/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://games-database.com/themes/spirit/assets/frontend/css/stack-interface.css
Requested by
Host: steam-heven.com
URL: https://steam-heven.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.43.191.130 , South Africa, ASN210848 (TK-NET, SC),
Reverse DNS
Software
Litespeed /
Resource Hash
6910b6609166588208a24355d3c3666140dd0d7fcb3884b31eedb72773e44794

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://steam-heven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:32:38 GMT
content-encoding
br
last-modified
Tue, 19 Apr 2022 12:49:58 GMT
server
Litespeed
etag
W/"625eaff6-c58"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires
Wed, 24 Apr 2024 02:32:38 GMT
socicon.css
games-database.com/themes/spirit/assets/frontend/css/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://games-database.com/themes/spirit/assets/frontend/css/socicon.css
Requested by
Host: steam-heven.com
URL: https://steam-heven.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.43.191.130 , South Africa, ASN210848 (TK-NET, SC),
Reverse DNS
Software
Litespeed /
Resource Hash
010e6ffb18715ededb10c4ae5a8518475c138fb63b83ec1c125d09b714ccdd8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://steam-heven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:32:38 GMT
content-encoding
br
last-modified
Tue, 19 Apr 2022 12:49:58 GMT
server
Litespeed
etag
W/"625eaff6-266e"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires
Wed, 24 Apr 2024 02:32:38 GMT
lightbox.min.css
games-database.com/themes/spirit/assets/frontend/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://games-database.com/themes/spirit/assets/frontend/css/lightbox.min.css
Requested by
Host: steam-heven.com
URL: https://steam-heven.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.43.191.130 , South Africa, ASN210848 (TK-NET, SC),
Reverse DNS
Software
Litespeed /
Resource Hash
f9f33dca7f9a5a735a0a03502993e0a092df81d820beb1ed4071e4611a9630ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://steam-heven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:32:38 GMT
content-encoding
br
last-modified
Tue, 19 Apr 2022 12:49:58 GMT
server
Litespeed
etag
W/"625eaff6-f31"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires
Wed, 24 Apr 2024 02:32:38 GMT
flickity.css
games-database.com/themes/spirit/assets/frontend/css/ 		2 KB
970 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://games-database.com/themes/spirit/assets/frontend/css/flickity.css
Requested by
Host: steam-heven.com
URL: https://steam-heven.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.43.191.130 , South Africa, ASN210848 (TK-NET, SC),
Reverse DNS
Software
Litespeed /
Resource Hash
ff5fe542e37297733305fb7e68a41b3269a681d64145945f2131a646044c016a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://steam-heven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:32:38 GMT
content-encoding
br
last-modified
Tue, 19 Apr 2022 12:49:58 GMT
server
Litespeed
etag
W/"625eaff6-9d9"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires
Wed, 24 Apr 2024 02:32:38 GMT
iconsmind.css
games-database.com/themes/spirit/assets/frontend/css/ 		100 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://games-database.com/themes/spirit/assets/frontend/css/iconsmind.css
Requested by
Host: steam-heven.com
URL: https://steam-heven.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.43.191.130 , South Africa, ASN210848 (TK-NET, SC),
Reverse DNS
Software
Litespeed /
Resource Hash
fc190f724340fc20fd1d175f49c70e70f4acfdd9303ae4f68d9765a2a5958d9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://steam-heven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:32:38 GMT
content-encoding
br
last-modified
Tue, 19 Apr 2022 12:49:58 GMT
server
Litespeed
etag
W/"625eaff6-19147"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires
Wed, 24 Apr 2024 02:32:38 GMT
jquery.steps.css
games-database.com/themes/spirit/assets/frontend/css/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://games-database.com/themes/spirit/assets/frontend/css/jquery.steps.css
Requested by
Host: steam-heven.com
URL: https://steam-heven.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.43.191.130 , South Africa, ASN210848 (TK-NET, SC),
Reverse DNS
Software
Litespeed /
Resource Hash
709debbdebf13d8d6c85571caee6e44629142518e9336ed1aa01d6e94ab4d056

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://steam-heven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:32:38 GMT
content-encoding
br
last-modified
Tue, 19 Apr 2022 12:49:58 GMT
server
Litespeed
etag
W/"625eaff6-1783"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires
Wed, 24 Apr 2024 02:32:38 GMT
theme.css
games-database.com/themes/spirit/assets/frontend/css/ 		202 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://games-database.com/themes/spirit/assets/frontend/css/theme.css
Requested by
Host: steam-heven.com
URL: https://steam-heven.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.43.191.130 , South Africa, ASN210848 (TK-NET, SC),
Reverse DNS
Software
Litespeed /
Resource Hash
8a10549eed29cff62aa0098311b5c1c37601577a11de64f72095aacb90715c8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://steam-heven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:32:38 GMT
content-encoding
br
last-modified
Tue, 19 Apr 2022 12:49:58 GMT
server
Litespeed
etag
W/"625eaff6-32678"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires
Wed, 24 Apr 2024 02:32:38 GMT
red.css
games-database.com/themes/spirit/assets/frontend/css/theme/ 		202 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://games-database.com/themes/spirit/assets/frontend/css/theme/red.css
Requested by
Host: steam-heven.com
URL: https://steam-heven.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.43.191.130 , South Africa, ASN210848 (TK-NET, SC),
Reverse DNS
Software
Litespeed /
Resource Hash
3c212fabe8e066c213ffd4e212ccc3e30f109c9ff859654ce929eae8d997d9e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://steam-heven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:32:38 GMT
content-encoding
br
last-modified
Tue, 19 Apr 2022 12:49:58 GMT
server
Litespeed
etag
W/"625eaff6-3269d"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires
Wed, 24 Apr 2024 02:32:38 GMT
font-awesome.min.css
games-database.com/themes/spirit/assets/frontend/css/ 		58 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://games-database.com/themes/spirit/assets/frontend/css/font-awesome.min.css
Requested by
Host: steam-heven.com
URL: https://steam-heven.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.43.191.130 , South Africa, ASN210848 (TK-NET, SC),
Reverse DNS
Software
Litespeed /
Resource Hash
c5d7f0d9e646698b20734ce6dcc2c0a8ecf6ebe27b4b7625bfcf42c4416fb7ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://steam-heven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:32:38 GMT
content-encoding
br
last-modified
Tue, 19 Apr 2022 12:49:58 GMT
server
Litespeed
etag
W/"625eaff6-e6ef"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires
Wed, 24 Apr 2024 02:32:38 GMT
custom.css
games-database.com/themes/spirit/assets/frontend/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://games-database.com/themes/spirit/assets/frontend/css/custom.css
Requested by
Host: steam-heven.com
URL: https://steam-heven.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.43.191.130 , South Africa, ASN210848 (TK-NET, SC),
Reverse DNS
Software
Litespeed /
Resource Hash
c8dee41785c1f45859a70f3bb9a65b3cba83d866dd46ca0096d07067fec9d280

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://steam-heven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:32:38 GMT
content-encoding
br
last-modified
Tue, 19 Apr 2022 12:49:58 GMT
server
Litespeed
etag
W/"625eaff6-22e8"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires
Wed, 24 Apr 2024 02:32:38 GMT
css
fonts.googleapis.com/ 		36 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i
Requested by
Host: steam-heven.com
URL: https://steam-heven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c593f4a688585b14c31e71fc64bfaa81d768984cdf182bca40ba8c524582685
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://steam-heven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 25 Mar 2024 02:32:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 25 Mar 2024 02:32:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 25 Mar 2024 02:32:38 GMT
icon
fonts.googleapis.com/ 		569 B
775 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: steam-heven.com
URL: https://steam-heven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
452410fef223a412e5608205fc069ecc35a4d919b413b3422a714a17ebfd0651
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://steam-heven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 25 Mar 2024 02:32:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 25 Mar 2024 02:32:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 25 Mar 2024 02:32:38 GMT
custom_css.css
games-database.com/cache/themes/spirit/ 		69 B
373 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://games-database.com/cache/themes/spirit/custom_css.css?r=8b33aaf6c4b9bcdeda4a7e2423475561
Requested by
Host: steam-heven.com
URL: https://steam-heven.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.43.191.130 , South Africa, ASN210848 (TK-NET, SC),
Reverse DNS
Software
Litespeed /
Resource Hash
732db6d438882b58a811f2f25b06de57e56195456feab635f513791f82863fc6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://steam-heven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:32:38 GMT
last-modified
Fri, 06 May 2022 10:28:55 GMT
server
Litespeed
etag
"6274f867-45"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges
bytes
content-length
69
expires
Wed, 24 Apr 2024 02:32:38 GMT
/
d26adrx9c3n0mq.cloudfront.net/ 		312 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d26adrx9c3n0mq.cloudfront.net/?xrdad=905000
Requested by
Host: steam-heven.com
URL: https://steam-heven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:3000:b:b271:7c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
aa4237d04f91355a0bef506ab449c358ca681e803fd5b5717f7182ce55e58a23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://steam-heven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Mar 2024 02:32:38 GMT
content-encoding
gzip
via
1.1 4d37a80c51c1368344134f5bdf1ea92e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P9
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length
102713
x-amz-cf-id
fqi7yTuIVGkiCQteSFN2Ln7jjSzDnU0za_TQR2oWFVQRxMwN4Bs4vQ==
logo_inverse.png
games-database.com/cache/themes/spirit/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://games-database.com/cache/themes/spirit/logo_inverse.png
Requested by
Host: steam-heven.com
URL: https://steam-heven.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.43.191.130 , South Africa, ASN210848 (TK-NET, SC),
Reverse DNS
Software
Litespeed /
Resource Hash
034c3e43e8e1585facd24dfdd3be42f8aa19cc8f11487f52cafda7a5f8e8ce58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://steam-heven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:32:38 GMT
last-modified
Tue, 19 Apr 2022 12:49:58 GMT
server
Litespeed
etag
"625eaff6-61d2"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges
bytes
content-length
25042
expires
Wed, 24 Apr 2024 02:32:38 GMT
logo.png
games-database.com/cache/themes/spirit/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://games-database.com/cache/themes/spirit/logo.png
Requested by
Host: steam-heven.com
URL: https://steam-heven.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.43.191.130 , South Africa, ASN210848 (TK-NET, SC),
Reverse DNS
Software
Litespeed /
Resource Hash
17a6b3f9cc81f3e1f9d4220cf51c8a7cba031558ad91264c35b2d8aa68c3f795

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://steam-heven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:32:38 GMT
last-modified
Tue, 19 Apr 2022 12:49:58 GMT
server
Litespeed
etag
"625eaff6-343a"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges
bytes
content-length
13370
expires
Wed, 24 Apr 2024 02:32:38 GMT
homepage-banner-1.png
games-database.com/themes/spirit/assets/frontend/img/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://games-database.com/themes/spirit/assets/frontend/img/homepage-banner-1.png
Requested by
Host: steam-heven.com
URL: https://steam-heven.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.43.191.130 , South Africa, ASN210848 (TK-NET, SC),
Reverse DNS
Software
Litespeed /
Resource Hash
e14bd0ce479e16b029b0f0d9fdbc2c0708f7dd64779c9adfda766dd7fb8f42c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://steam-heven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:32:38 GMT
last-modified
Tue, 19 Apr 2022 12:49:58 GMT
server
Litespeed
etag
"625eaff6-789d"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges
bytes
content-length
30877
expires
Wed, 24 Apr 2024 02:32:38 GMT
homepage-banner-3.png
games-database.com/themes/spirit/assets/frontend/img/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://games-database.com/themes/spirit/assets/frontend/img/homepage-banner-3.png
Requested by
Host: steam-heven.com
URL: https://steam-heven.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.43.191.130 , South Africa, ASN210848 (TK-NET, SC),
Reverse DNS
Software
Litespeed /
Resource Hash
b7318b359db394611fa6aec7a541ca1d365491e5459393a17eb196f51e5e581e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://steam-heven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:32:38 GMT
last-modified
Tue, 19 Apr 2022 12:49:58 GMT
server
Litespeed
etag
"625eaff6-c362"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges
bytes
content-length
50018
expires
Wed, 24 Apr 2024 02:32:38 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9624204658352581
Requested by
Host: steam-heven.com
URL: https://steam-heven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
24bcddda50eaf71d092be5521482ff8cf3c4ea04f7bf0fe325c220b9f36b230f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://steam-heven.com/
Origin
https://steam-heven.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:32:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51079
x-xss-protection
0
server
cafe
etag
10483673654961150255
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Mon, 25 Mar 2024 02:32:39 GMT
jquery-3.1.1.min.js
games-database.com/themes/spirit/assets/frontend/js/ 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://games-database.com/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js
Requested by
Host: steam-heven.com
URL: https://steam-heven.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.43.191.130 , South Africa, ASN210848 (TK-NET, SC),
Reverse DNS
Software
Litespeed /
Resource Hash
1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://steam-heven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:32:38 GMT
content-encoding
br
last-modified
Tue, 19 Apr 2022 12:49:58 GMT
server
Litespeed
etag
W/"625eaff6-152b9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires
Wed, 24 Apr 2024 02:32:38 GMT
jquery.dataTables.min.js
games-database.com/themes/spirit/assets/frontend/js/ 		68 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://games-database.com/themes/spirit/assets/frontend/js/jquery.dataTables.min.js
Requested by
Host: steam-heven.com
URL: https://steam-heven.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.43.191.130 , South Africa, ASN210848 (TK-NET, SC),
Reverse DNS
Software
Litespeed /
Resource Hash
8ef749c3869991924150dc932c48cd57bf69ac25a378bb2e14f8e1733c17406f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://steam-heven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:32:38 GMT
content-encoding
br
last-modified
Tue, 19 Apr 2022 12:49:58 GMT
server
Litespeed
etag
W/"625eaff6-1107a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires
Wed, 24 Apr 2024 02:32:38 GMT
flickity.min.js
games-database.com/themes/spirit/assets/frontend/js/ 		53 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://games-database.com/themes/spirit/assets/frontend/js/flickity.min.js
Requested by
Host: steam-heven.com
URL: https://steam-heven.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.43.191.130 , South Africa, ASN210848 (TK-NET, SC),
Reverse DNS
Software
Litespeed /
Resource Hash
c0b706b9b1ca12b631496228a0eb0fe15ccb14f21ab554f6c4b4f20474e4d3a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://steam-heven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:32:38 GMT
content-encoding
br
last-modified
Tue, 19 Apr 2022 12:49:58 GMT
server
Litespeed
etag
W/"625eaff6-d271"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires
Wed, 24 Apr 2024 02:32:38 GMT
typed.min.js
games-database.com/themes/spirit/assets/frontend/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://games-database.com/themes/spirit/assets/frontend/js/typed.min.js
Requested by
Host: steam-heven.com
URL: https://steam-heven.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.43.191.130 , South Africa, ASN210848 (TK-NET, SC),
Reverse DNS
Software
Litespeed /
Resource Hash
914df93a9770d8a0e132b6ce3e8f1cfba0e0fae8f3b9002a3f0eb47c3d0cc97b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://steam-heven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:32:38 GMT
content-encoding
br
last-modified
Tue, 19 Apr 2022 12:49:58 GMT
server
Litespeed
etag
W/"625eaff6-f6d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires
Wed, 24 Apr 2024 02:32:38 GMT
datepicker.js
games-database.com/themes/spirit/assets/frontend/js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://games-database.com/themes/spirit/assets/frontend/js/datepicker.js
Requested by
Host: steam-heven.com
URL: https://steam-heven.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.43.191.130 , South Africa, ASN210848 (TK-NET, SC),
Reverse DNS
Software
Litespeed /
Resource Hash
804e3c2608de23694fa71684178e2f9815115d56ee022ec770e1fcb208847acc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://steam-heven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:32:38 GMT
content-encoding
br
last-modified
Tue, 19 Apr 2022 12:49:58 GMT
server
Litespeed
etag
W/"625eaff6-51ef"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires
Wed, 24 Apr 2024 02:32:38 GMT
granim.min.js
games-database.com/themes/spirit/assets/frontend/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://games-database.com/themes/spirit/assets/frontend/js/granim.min.js
Requested by
Host: steam-heven.com
URL: https://steam-heven.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.43.191.130 , South Africa, ASN210848 (TK-NET, SC),
Reverse DNS
Software
Litespeed /
Resource Hash
e70b27194b8793b68cccee28a6d8a1e39aae2ce5d28d5e71ac204d7a3ac164e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://steam-heven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:32:38 GMT
content-encoding
br
last-modified
Tue, 19 Apr 2022 12:49:58 GMT
server
Litespeed
etag
W/"625eaff6-298b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires
Wed, 24 Apr 2024 02:32:38 GMT
jquery.steps.min.js
games-database.com/themes/spirit/assets/frontend/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://games-database.com/themes/spirit/assets/frontend/js/jquery.steps.min.js
Requested by
Host: steam-heven.com
URL: https://steam-heven.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.43.191.130 , South Africa, ASN210848 (TK-NET, SC),
Reverse DNS
Software
Litespeed /
Resource Hash
95a14a4473ff130eb29f3cc02e135978505655e3c931b6c3726dedd4f558f843

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://steam-heven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:32:38 GMT
content-encoding
br
last-modified
Tue, 19 Apr 2022 12:49:58 GMT
server
Litespeed
etag
W/"625eaff6-3626"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires
Wed, 24 Apr 2024 02:32:38 GMT
countdown.min.js
games-database.com/themes/spirit/assets/frontend/js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://games-database.com/themes/spirit/assets/frontend/js/countdown.min.js
Requested by
Host: steam-heven.com
URL: https://steam-heven.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.43.191.130 , South Africa, ASN210848 (TK-NET, SC),
Reverse DNS
Software
Litespeed /
Resource Hash
8f195573d6fa06641814b476fea2b92579c983cac46d683f356238207692c9f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://steam-heven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:32:38 GMT
content-encoding
br
last-modified
Tue, 19 Apr 2022 12:49:58 GMT
server
Litespeed
etag
W/"625eaff6-14f0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires
Wed, 24 Apr 2024 02:32:38 GMT
smooth-scroll.min.js
games-database.com/themes/spirit/assets/frontend/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://games-database.com/themes/spirit/assets/frontend/js/smooth-scroll.min.js
Requested by
Host: steam-heven.com
URL: https://steam-heven.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.43.191.130 , South Africa, ASN210848 (TK-NET, SC),
Reverse DNS
Software
Litespeed /
Resource Hash
aeda362b1d693480453b895cbcf8b92629f58240c42ba8c643f0d5d338baf805

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://steam-heven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:32:38 GMT
content-encoding
br
last-modified
Tue, 19 Apr 2022 12:49:58 GMT
server
Litespeed
etag
W/"625eaff6-178c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires
Wed, 24 Apr 2024 02:32:38 GMT
scripts.js
games-database.com/themes/spirit/assets/frontend/js/ 		112 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://games-database.com/themes/spirit/assets/frontend/js/scripts.js
Requested by
Host: steam-heven.com
URL: https://steam-heven.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.43.191.130 , South Africa, ASN210848 (TK-NET, SC),
Reverse DNS
Software
Litespeed /
Resource Hash
ac331833ebf1c06b0f8565caaeb4760c2184bd89d1cb5574c3947a8d0b6dca1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://steam-heven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:32:38 GMT
content-encoding
br
last-modified
Tue, 19 Apr 2022 12:49:58 GMT
server
Litespeed
etag
W/"625eaff6-1c0ae"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires
Wed, 24 Apr 2024 02:32:38 GMT
js
www.googletagmanager.com/gtag/ 		184 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-136825651-4
Requested by
Host: steam-heven.com
URL: https://steam-heven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2e26b59d5626f071d45c221036216b5a74deacea2bf76d1b392a3c8357d25261
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://steam-heven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:32:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68693
x-xss-protection
0
last-modified
Mon, 25 Mar 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 25 Mar 2024 02:32:39 GMT
asd100.bin
pogothere.xyz/ 		100 KB
100 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/asd100.bin
Requested by
Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=905000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://steam-heven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:32:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Mar 2024 02:32:39 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://steam-heven.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kH61EDbb4eZjVHfOa%2BjGyuwvAGcTEVh5Dak0LSo8tScDbpVol%2BB1qoDUlPA27HExz2h7ZYKckNK7aaNf0ExFAkr3Y7YEp3AhvKftS6PSo1CAnowDVoWh1ON2ZFBAs7J4"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
869b7ddbedf92c5e-FRA
access-control-allow-headers
X-Requested-With, content-type
/
pogothere.xyz/ 		26 B
345 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/
Requested by
Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=905000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d1daf388c5b8879de6a11f0edf3618ffc9334ed7239eb9d1d11981b34b1fcf6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://steam-heven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:32:39 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ioo14Cskh8qK8lIaqi7w8Em64DfjHW%2FiF00k92YKLqoBwPR8TdSH32y8KCd6ygbyQfo7VbdBYYdjP1bD0EjnjHWd9MrgpluDpFn2yjPLxxRqJ3whQJlAS03RFQcznoD9"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
https://steam-heven.com
content-type
text/plain
access-control-allow-credentials
true
cf-ray
869b7ddbedf62c5e-FRA
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400
asd100.bin
pogothere.xyz/ 		100 KB
100 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/asd100.bin
Requested by
Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=905000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://steam-heven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:32:39 GMT
cf-cache-status
MISS
last-modified
Mon, 25 Mar 2024 02:32:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://steam-heven.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OfCAUV6xFcey%2BiiwLnjck%2Fl5dBu44FwXOpL%2BFKgmcO1PEZ7%2BSdja692OW6GadC4AGO7UFCVb2fSBiOs4uTgYVsR4FzFVltWDyk8rPfgu8XlCPpM1NZFmo9vV6bQQI4rj"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
869b7ddbedf52c5e-FRA
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400
/
pogothere.xyz/ 		27 B
627 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/
Requested by
Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=905000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c785cd2538c38dcae7b864bfb1e2e32ffa488474d78d4f26aa86cb40eaccb4ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://steam-heven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:32:39 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8WlXTO8qYvoJGVY17ccfNejVZJkosxWYIQnyZ0XGqwGd8lUg8vYF7bEtLY%2BUTB0QOFsvPd5%2BgtOhlN%2BjL14n%2B%2FenzyovGEb452QUN2D%2FjQWOkjc%2BuanyI%2FF%2FODlC%2Bret"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
https://steam-heven.com
content-type
text/plain
access-control-allow-credentials
true
cf-ray
869b7ddbedf82c5e-FRA
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400
dkhhYmJZdwIRXxIkKxI4HAYkOA40GSBSMBEfUAEpJw8VAzQ3K0cWCxJ1WFJXRnhRRBIfLFxTRAU8ABYXBXVQRAsYLg5fRAB1UExRQmZSVExCbhRfU1A8EQMFS3lHEhYCJFxTVUd5UlFRT31ZW1tE
weredthechild.info/ 		0
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://weredthechild.info/dkhhYmJZdwIRXxIkKxI4HAYkOA40GSBSMBEfUAEpJw8VAzQ3K0cWCxJ1WFJXRnhRRBIfLFxTRAU8ABYXBXVQRAsYLg5fRAB1UExRQmZSVExCbhRfU1A8EQMFS3lHEhYCJFxTVUd5UlFRT31ZW1tE
Requested by
Host: steam-heven.com
URL: https://steam-heven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.48.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://steam-heven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:32:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m4EljFEKoSNOfPDgsS%2BeIAgJ9%2Bi2ZnWyaxqs8RNDqthu%2FbqX2BqIWl2XCVgKoAv4ycuzclzwX8%2F5aSYgpdQrHt%2FFUWhYXCy3UokjIVKzjbAxaZEy%2F3w1tva1fxDTH3cgaQ9ylCA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
869b7ddbfa8d4dbd-FRA
alt-svc
h3=":443"; ma=86400
login.php
www.facebook.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by
Host: steam-heven.com
URL: https://steam-heven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://steam-heven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
  • https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ARZ0qKLdN6eToim6EO92YE3kEnsSeflNicXJIq302LK6Cjq9QgbOcGuaQbejNZ2...
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKL7nTOwpCDy_Mc-kpHbjCONaEIUrzPNOayY6ztPBKjWqbuNVxfI9U5U1240AVVRPp_kU53B&passive=...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKL7nTOwpCDy_Mc-kpHbjCONaEIUrzPNOayY6ztPBKjWqbuNVxfI9U5U1240AVVRPp_kU53B&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1190503899%3A1711333959089383&theme=mn&ddm=0
Requested by
Host: steam-heven.com
URL: https://steam-heven.com/
Protocol
H3
Server
2a00:1450:400c:c09::54 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://steam-heven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Redirect headers

date
Mon, 25 Mar 2024 02:32:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce--Y-TvBkAhOBMHDG8SHnumA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
429
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKL7nTOwpCDy_Mc-kpHbjCONaEIUrzPNOayY6ztPBKjWqbuNVxfI9U5U1240AVVRPp_kU53B&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1190503899%3A1711333959089383&theme=mn&ddm=0
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
  • https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ARZ0qKI4IVgL7_g0dbOtmNGTqQNJT52l7lFFYDdmDeiLQWldqPER548fxmq...
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKI9bJObMWqkgFMfZJkvjS1FryqOr9vCarq9hiDDgFhHHF50IoGwou4oPpJq8o0g-jHdrCk1&passive...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKI9bJObMWqkgFMfZJkvjS1FryqOr9vCarq9hiDDgFhHHF50IoGwou4oPpJq8o0g-jHdrCk1&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S621626329%3A1711333959092664&theme=mn&ddm=0
Requested by
Host: steam-heven.com
URL: https://steam-heven.com/
Protocol
H3
Server
2a00:1450:400c:c09::54 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://steam-heven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Redirect headers

date
Mon, 25 Mar 2024 02:32:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-TkYLNUVo7pXF59Z1v7Tasg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
424
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKI9bJObMWqkgFMfZJkvjS1FryqOr9vCarq9hiDDgFhHHF50IoGwou4oPpJq8o0g-jHdrCk1&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S621626329%3A1711333959092664&theme=mn&ddm=0
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
popunder.gif
weredthechild.info/ 		35 B
531 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://weredthechild.info/popunder.gif
Requested by
Host: steam-heven.com
URL: https://steam-heven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.48.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://steam-heven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
public
date
Mon, 25 Mar 2024 02:32:39 GMT
cf-cache-status
HIT
last-modified
Sun, 24 Mar 2024 16:01:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
37885
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pmtCtAhx7y22i6Qangd3Ur4LPJjff0y%2B2e9tkdBOzIaRjzBG5pDXuXJlhorgO1SDjqIUThl5TUQ34p4Dh8VTeSfUwY5tkO8VDtVS%2FwfHpSOXbkCIwLmtwrYKcHU6mvcsbeYAB2w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
cf-ray
869b7ddbfa8a4dbd-FRA
alt-svc
h3=":443"; ma=86400
JmAfeRctHk08LyduUnhzc2JSbjYqN1Z5YDAnCjwzMG5abi8tNQR1YDVuWmZ1d31Yfmh3dR51d2UnGykhfmJNODI3P1Z5cXJiWHt1emZTcX90
weredthechild.info/Q1NrSEZsbAg7exdjXgoicwFZLR4nFAgQNnA3AAJ/ 		0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://weredthechild.info/Q1NrSEZsbAg7exdjXgoicwFZLR4nFAgQNnA3AAJ/JmAfeRctHk08LyduUnhzc2JSbjYqN1Z5YDAnCjwzMG5abi8tNQR1YDVuWmZ1d31Yfmh3dR51d2UnGykhfmJNODI3P1Z5cXJiWHt1emZTcX90
Requested by
Host: steam-heven.com
URL: https://steam-heven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.48.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://steam-heven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:32:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RkbXlesp1RF7W2bjvrh6uZhoFWoUuiugnFerd3m559nfSq5I4KMKyyvgpBTE2KC6qLW1ARdhZVZhWG7gvCYnAEGXA7qs0IQ9YuE0IGfBGZqLAy9lHEvYhDYxVKRBY3s0HoQ%2FmCM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
869b7ddbfa8e4dbd-FRA
alt-svc
h3=":443"; ma=86400
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://steam-heven.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 00:50:53 GMT
x-content-type-options
nosniff
age
524506
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Mar 2025 00:50:53 GMT
stack-interface.woff2
games-database.com/themes/spirit/assets/frontend/fonts/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://games-database.com/themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631
Requested by
Host: games-database.com
URL: https://games-database.com/themes/spirit/assets/frontend/css/stack-interface.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.43.191.130 , South Africa, ASN210848 (TK-NET, SC),
Reverse DNS
Software
Litespeed /
Resource Hash
31205df908aed9881f6d2d3ae7d38975252bf99e38268978b4236dc3c314754b

Request headers

Referer
https://games-database.com/themes/spirit/assets/frontend/css/stack-interface.css
Origin
https://steam-heven.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:32:39 GMT
last-modified
Tue, 19 Apr 2022 12:49:58 GMT
server
Litespeed
etag
"625eaff6-10c4"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
4292
expires
Tue, 25 Mar 2025 02:32:39 GMT
memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
fonts.gstatic.com/s/opensans/v40/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4855cc8ec721cbaf27f3c907345e101b1524858221c14faa79df34cb2f84991
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://steam-heven.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 07:46:31 GMT
x-content-type-options
nosniff
age
499568
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19280
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:02:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Mar 2025 07:46:31 GMT
ISkmezA
dmetherearlyinhes.info/S0JpUUUqIAo8eip/C3cwOS5UdHcNZ1sXIXl0CDU3M3sKYit7Lxh/JictHDUjOS0HJWslJx10dw0zJgUDfhRbPSQTKgopEyBzMBkSOxMqABcBGFg6IxoTGigBPBAqFRECCz8TMhkPAWgmE3MKYQcnEzEUPBoFP2EDDg8qKQouAAEkFR... Frame A9DF 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dmetherearlyinhes.info/S0JpUUUqIAo8eip/C3cwOS5UdHcNZ1sXIXl0CDU3M3sKYit7Lxh/JictHDUjOS0HJWslJx10dw0zJgUDfhRbPSQTKgopEyBzMBkSOxMqABcBGFg6IxoTGigBPBAqFRECCz8TMhkPAWgmE3MKYQcnEzEUPBoFP2EDDg8qKQouAAEkFRx7KxcROxMwEyYFDjhhAAoEUWYGDSY+Aw0ODz9gDw4YAmgcHRAdIB0Zey8SESwBKxcUCgs4JSYaOh5oDQ12MRUBERc/F3EPEg4HEx4EET0JPDUPAh0BICoDLgQSDjUhEyVdOhEKMSsXPAUPKiYDAhhZMg8NB0Q+Ex8DGhMBIXYhFTIdITMSNigDWTozEzVZCB0MFDMGAA4IJiY9BBQrIn0KB1kEFjMEChIiERozF30oA1k9YHkEKD0DDQQtJQgIcSMyHx0uPwYHAjs9EDYJCgMYDh4uXAAmJzEjBC0OLis9Fx4aLgQzCAMnHSAdKTETdT8qPhMmChFbaAgINSwaCyx7MAA9CTs+Yn0OEQQTDQglDTcMJxMgdy84LQcheCwHHhgkchY/ISkmezA
Requested by
Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=905000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-46.fra60.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
71560b4568f9b6d3a4d331052dfd8206f6e096092542cb64e6e56f34a2df8e66

Request headers

Referer
https://steam-heven.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1262
content-type
text/html
date
Mon, 25 Mar 2024 02:32:39 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 9ec406dc5379d974fc3d9f41dd497bf0.cloudfront.net (CloudFront)
x-amz-cf-id
v8jUbKa-empHl8n-zT2NeSwDb7pc8ysJB_0ECUx0tGIEIgFZYOwVbw==
x-amz-cf-pop
FRA60-P7
x-cache
Miss from cloudfront
Ijska2orJAFkGhczBhcxGTAsAWgoLAlrYCsReGIcBDwGBTBXLi4FMCwXeRlvJgF4YBoEAS4VaxYnESQBPxAOETI5IBpgDQBbEjESAA4ZCiBWOAZiCgAiHjA6PEQOChApTx82M18hKQIVBDEJNGAoIhEYHBQ3Hzc0AR8qFR4FJCQ3LjxEDgoMKj8DGS87Py4VGT8iH...
dmetherearlyinhes.info/bnZIU1gPFCs+Zw9LKnUtHBp1dmooU3oVPFxAKTcqFk8rYDZeGzl9OwIZPTc+HBkmJ3YAEzx2aigdHwQSOhcPAm4qIngcDxdGBB1pOBIpBTwEIR5ifVwwDTodIDclAgokAXgVFitOfxcKJ04MG2giNTIBHSEkOx8WFjw9GT8vIg4AAV... Frame 03E6 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dmetherearlyinhes.info/bnZIU1gPFCs+Zw9LKnUtHBp1dmooU3oVPFxAKTcqFk8rYDZeGzl9OwIZPTc+HBkmJ3YAEzx2aigdHwQSOhcPAm4qIngcDxdGBB1pOBIpBTwEIR5ifVwwDTodIDclAgokAXgVFitOfxcKJ04MG2giNTIBHSEkOx8WFjw9GT8vIg4AAVk8P2cPLzU8BRA9IHkbGlpPEGESITUMNBUgMB4QCC8BPwUOOFN6FRkUFQMED18zAis/Ijska2orJAFkGhczBhcxGTAsAWgoLAlrYCsReGIcBDwGBTBXLi4FMCwXeRlvJgF4YBoEAS4VaxYnESQBPxAOETI5IBpgDQBbEjESAA4ZCiBWOAZiCgAiHjA6PEQOChApTx82M18hKQIVBDEJNGAoIhEYHBQ3Hzc0AR8qFR4FJCQ3LjxEDgoMKj8DGS87Py4VGT8iHgkoKhwnFxk2DhkKL1Y0BzQzVicdFSo7HAkSHgQvGB0zXyEAYhYGISMjKDoxHjINAx4FCjQeFS4VGgQxPwZ9XDAJKh0sJx8gMzQaPAc8XzAkBzAoHR0kfgQFJz0oUzgsGS8bJQsELD01eRcf
Requested by
Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=905000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-46.fra60.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
ed9a046811b4716ff349e950f6b824db3c8cc739b8fa97fe62c08a2b6e2f079b

Request headers

Referer
https://steam-heven.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1265
content-type
text/html
date
Mon, 25 Mar 2024 02:32:39 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 9ec406dc5379d974fc3d9f41dd497bf0.cloudfront.net (CloudFront)
x-amz-cf-id
NUF5RyyqU37v2Lra6klY7IyiDULz8EeRAGzYNs4dXE5D0njde2x65w==
x-amz-cf-pop
FRA60-P7
x-cache
Miss from cloudfront
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-136825651-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://steam-heven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 25 Mar 2024 01:48:08 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2671
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 25 Mar 2024 03:48:08 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/ 		407 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9624204658352581&plah=steam-heven.com&aplac=true&bust=31082078
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9624204658352581
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dd58e016a44ab287a8001ebfc1f711d1925d9472d0d42a99fa7077ebd31f68cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://steam-heven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:32:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141437
x-xss-protection
0
server
cafe
etag
14442868893392348853
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 25 Mar 2024 02:32:39 GMT
collect
www.google-analytics.com/j/ 		1 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=320570027&t=pageview&_s=1&dl=https%3A%2F%2Fsteam-heven.com%2F&ul=en-us&de=UTF-8&dt=Upload%20Files%20-%20Games%20Database%20-%20Free%20Games%20Library&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1444364685&gjid=1259426076&cid=1274981329.1711333959&tid=UA-136825651-4&_gid=220313036.1711333959&_r=1&gtm=457e43k0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&jsscut=1&npa=1&z=456620345
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://steam-heven.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 25 Mar 2024 02:32:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://steam-heven.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/pagead/ Frame 03AF 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9624204658352581&output=html&adk=1812271804&adf=3025194257&lmt=1711333959&plat=8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_l%7C500x540_r&format=0x0&url=https%3A%2F%2Fsteam-heven.com%2F&pra=5&wgl=1&easpi=1&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711333959079&bpp=2&bdt=321&idt=79&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7419247740724&frm=20&pv=2&ga_vid=1274981329.1711333959&ga_sid=1711333959&ga_hid=320570027&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31082022%2C44795922%2C95326316%2C31082078%2C95320378%2C95322399%2C95326918&oid=2&pvsid=4409943239387806&tmod=966927818&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=90
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9624204658352581&plah=steam-heven.com&aplac=true&bust=31082078
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://steam-heven.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 25 Mar 2024 02:32:39 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame EC1A 		603 B
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9624204658352581&output=html&h=280&slotname=2733830507&adk=2267609003&adf=1899011384&pi=t.ma~as.2733830507&w=1110&fwrn=4&fwrnh=100&lmt=1711333959&rafmt=1&format=1110x280&url=https%3A%2F%2Fsteam-heven.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711333959081&bpp=1&bdt=324&idt=100&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7419247740724&frm=20&pv=1&ga_vid=1274981329.1711333959&ga_sid=1711333959&ga_hid=320570027&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31082022%2C44795922%2C95326316%2C31082078%2C95320378%2C95322399%2C95326918&oid=2&pvsid=4409943239387806&tmod=966927818&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=103
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9624204658352581&plah=steam-heven.com&aplac=true&bust=31082078
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://steam-heven.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 25 Mar 2024 02:32:39 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
AlFFFDtMC3JcZVlVWBIyTAsBHjIKUl5QclsJUhElBlRUXGUvCANLeVkXB0thWBcAS29MCwEKNg9YQxByW38ESmBHCgdfIlQI
d26adrx9c3n0mq.cloudfront.net/qOTF5V2laXhcxVk1YHWpQCQRJZ1kfQQsyDwRCDTIIVBwRMh9cX1c0BlQXEyQGV0FEMCxOeBhuPW9BFTpQYBcNLQ0EAF87CFdWRHEMV1JEZk9YVRtqXR9FCTgCBFQAIQtcQxw9HF4XDDZUVF4DPgVVUFxlLwwfSXJbCRkOPg... Frame A9DF 		781 B
834 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d26adrx9c3n0mq.cloudfront.net/qOTF5V2laXhcxVk1YHWpQCQRJZ1kfQQsyDwRCDTIIVBwRMh9cX1c0BlQXEyQGV0FEMCxOeBhuPW9BFTpQYBcNLQ0EAF87CFdWRHEMV1JEZk9YVRtqXR9FCTgCBFQAIQtcQxw9HF4XDDZUVF4DPgVVUFxlLwwfSXJbCRkOPgddXg4kTAsBFyNMCwFIZ0cJFE-oVTAsBDj4HDwVcZCscA0kvXw0YXGVZWEEJOwxOVBs8AE0USxFcCgZXZF8cA0l/AlFFFDtMC3JcZVlVWBIyTAsBHjIKUl5QclsJUhElBlRUXGUvCANLeVkXB0thWBcAS29MCwEKNg9YQxByW38ESmBHCgdfIlQI
Requested by
Host: dmetherearlyinhes.info
URL: https://dmetherearlyinhes.info/S0JpUUUqIAo8eip/C3cwOS5UdHcNZ1sXIXl0CDU3M3sKYit7Lxh/JictHDUjOS0HJWslJx10dw0zJgUDfhRbPSQTKgopEyBzMBkSOxMqABcBGFg6IxoTGigBPBAqFRECCz8TMhkPAWgmE3MKYQcnEzEUPBoFP2EDDg8qKQouAAEkFRx7KxcROxMwEyYFDjhhAAoEUWYGDSY+Aw0ODz9gDw4YAmgcHRAdIB0Zey8SESwBKxcUCgs4JSYaOh5oDQ12MRUBERc/F3EPEg4HEx4EET0JPDUPAh0BICoDLgQSDjUhEyVdOhEKMSsXPAUPKiYDAhhZMg8NB0Q+Ex8DGhMBIXYhFTIdITMSNigDWTozEzVZCB0MFDMGAA4IJiY9BBQrIn0KB1kEFjMEChIiERozF30oA1k9YHkEKD0DDQQtJQgIcSMyHx0uPwYHAjs9EDYJCgMYDh4uXAAmJzEjBC0OLis9Fx4aLgQzCAMnHSAdKTETdT8qPhMmChFbaAgINSwaCyx7MAA9CTs+Yn0OEQQTDQglDTcMJxMgdy84LQcheCwHHhgkchY/ISkmezA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:3000:b:b271:7c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
6da7ee98917bc4da6066cc6f1e32d9017df94d2f42c5820b09187a352b4bb11a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dmetherearlyinhes.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:32:39 GMT
content-encoding
gzip
via
1.1 4d37a80c51c1368344134f5bdf1ea92e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P9
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
556
x-amz-cf-id
Y8ZY3nLVsxTTyMDd5JhecXsNvUU8Xt_PgC9bJaEjHpSypickVPbO9w==
AyEBQWskZltTd1FlThFkUw
d26adrx9c3n0mq.cloudfront.net/kWWJTaGQ6DT0OWy0LN1VdaVdjWV1/EiENAmQRJw0FNE87DRI8DH0LCzREORsLNxJuJgATFSY7Jw4WACtVHSV1HB49X2JOCDgMNFVCPAwwVVV/AzcKWW1EJxgLMl82ERI7ByENDiwFdR0FZA88Eg01DjJNVh9XfVhBa1J7Hw... Frame 03E6 		854 B
879 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d26adrx9c3n0mq.cloudfront.net/kWWJTaGQ6DT0OWy0LN1VdaVdjWV1/EiENAmQRJw0FNE87DRI8DH0LCzREORsLNxJuJgATFSY7Jw4WACtVHSV1HB49X2JOCDgMNFVCPAwwVVV/AzcKWW1EJxgLMl82ERI7ByENDiwFdR0FZA88Eg01DjJNVh9XfVhBa1J7Hw03BjwfF3xQYwYQfFBjWVR3Un-ZbJnxQYx8NN1RnTVcbR2FYHG9Wek1WaQMjGAg8FTYKDzAWdloibFFkRldvR2FYTDIKJwUIfFAQTVZpDjoDAXxQYw8BOgk8QUFrUjAAFjYPNk1WH1NhWkppTGVaUmhMYlpcfFBjGwU/AyEBQWskZltTd1FlThFkUw
Requested by
Host: dmetherearlyinhes.info
URL: https://dmetherearlyinhes.info/bnZIU1gPFCs+Zw9LKnUtHBp1dmooU3oVPFxAKTcqFk8rYDZeGzl9OwIZPTc+HBkmJ3YAEzx2aigdHwQSOhcPAm4qIngcDxdGBB1pOBIpBTwEIR5ifVwwDTodIDclAgokAXgVFitOfxcKJ04MG2giNTIBHSEkOx8WFjw9GT8vIg4AAVk8P2cPLzU8BRA9IHkbGlpPEGESITUMNBUgMB4QCC8BPwUOOFN6FRkUFQMED18zAis/Ijska2orJAFkGhczBhcxGTAsAWgoLAlrYCsReGIcBDwGBTBXLi4FMCwXeRlvJgF4YBoEAS4VaxYnESQBPxAOETI5IBpgDQBbEjESAA4ZCiBWOAZiCgAiHjA6PEQOChApTx82M18hKQIVBDEJNGAoIhEYHBQ3Hzc0AR8qFR4FJCQ3LjxEDgoMKj8DGS87Py4VGT8iHgkoKhwnFxk2DhkKL1Y0BzQzVicdFSo7HAkSHgQvGB0zXyEAYhYGISMjKDoxHjINAx4FCjQeFS4VGgQxPwZ9XDAJKh0sJx8gMzQaPAc8XzAkBzAoHR0kfgQFJz0oUzgsGS8bJQsELD01eRcf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:3000:b:b271:7c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c0658f7e72553aab0645dce6417c4de7779a616354cae74e9465fdb4d8e2ced7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dmetherearlyinhes.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:32:39 GMT
content-encoding
gzip
via
1.1 4d37a80c51c1368344134f5bdf1ea92e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P9
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
601
x-amz-cf-id
NoCE_FEAsBTtQUrXGO9padwMcxoqZqWYWjQlMYKO3F4BLAoEaHbtOg==
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240320&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9624204658352581&plah=steam-heven.com&aplac=true&bust=31082078
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
16a651a866ea30cb9deb0ed2b9dbe0d57692497e5cdb59c4132da100d34325a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://steam-heven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:32:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12191
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9624204658352581&plah=steam-heven.com&aplac=true&bust=31082078
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://steam-heven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:32:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 25 Mar 2024 02:32:39 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4583 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://steam-heven.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
25766
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 24 Mar 2024 19:23:13 GMT
expires
Mon, 24 Mar 2025 19:23:13 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js
pagead2.googlesyndication.com/bg/ Frame 4583 		40 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 20:38:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
21226
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15865
x-xss-protection
0
last-modified
Thu, 14 Mar 2024 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 24 Mar 2025 20:38:53 GMT
generate_204
tpc.googlesyndication.com/ Frame 4583 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?o5q3pQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:32:39 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240320&jk=4409943239387806&bg=!IyClIG_NAAZaswqNerM7ADQBe5WfOAQGN1PP5BDfodxxvy7xig7ZXbbYEzuseR3n9awwDppD4A9LK89sl9mC6TQtWA0VAgAAADJSAAAAAWgBB34ANYa4q2HQfF7mNh7bik_bHyeaWSMyLZ_secA3vfnadD98L9_cj4CW8_cqvusYcmBiWr04HoH0mQJ4v70TNdyred9805t2A75i52_k9Vzt7bsqcTUnfaOJtRL06bNJ3fEC5goLvGisFQPVFe70HeKn4SrNEedojIMS-b4rPY21QRz8P6Xq8zUyNWqMO1rLzglR_HvjlrEm_0blQqj7zPr5p6t3scOFHEtE8jpRliNxl0-QOGErJJX_02dO2bDzzYbZcBofzRjeids2aTEtfQlz9RB4a_HWOQOUIsysldxp7-0KhzI8KA6BvOa-AOCecGgf7sVHMfJDL8crjPURY7qdvOfFf-6gJ7sLFHC-GKC8WhoSjw3TlYgX8C8a1Cqjtt1CjMO2WzZL-KKx2Ql2zFX6RFaZnrlLEoSYW6TVHjs_xYsG40KA3mvLaDxheqw4HTizcSOSWhv9dIsln7PU-l8cynbpOoMKmxiSKZnwTLpf4lLJJx7-JzQh6A3fqor-mJcLE0Tx4erI__Vpn-Amu7vbkAfkrFAmpbO7_cUxU59KXe0PboCpglLan09IjatB7_8MH84vJLPpj5MYP0-3qwe0Isu_KNiZQkWpGWgCwJPkqn3zaFK1IN1ZosmWRdfCsDVhN35T8lt91-cN0WVH6VD4nUSmnAvjh5cOGCOdtwysRzHOk3vBJfBiiYvGidvgxbBbNT0SS5G-5T-VfAiZdZh_fsK-PwSL2RetGbc2Z6ymQNGhBmtaUKNrsctBO2hS6n-HfKd-2qhB3LYY7R4BcZbd7NWUHq4_9iRP3YUF86Gj9y_CUIMtElxorfuRYYVEjlTr4PHyvMeki2-gqJzxCu7NEJBUF7G9xLU3ZU4fjpP5XZb4LiwB6D0VsgTldQkxcsz_oCvqGdQOhwAlWUBwKd3WDxI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://steam-heven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| LOGGED_IN number| LAST_CORRECT_EVENT_TIME object| utr_905000 number| userTrackingInterval number| _1830025639 object| utr_905019 number| _232026178 object| adsbygoogle function| $ function| jQuery function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Flickity function| Unipointer function| Unidragger function| TapListener function| imagesLoaded function| Picker function| Granim object| smoothScroll object| mr function| mrFormsCaptchaInit function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| gaplugins object| gaGlobal object| gaData number| iinf function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

5 Cookies

Domain/Path Name / Value
steam-heven.com/ Name: filehosting
Value: ffiq3mdah3hm4gf2oc008l9n06
.steam-heven.com/ Name: _ga
Value: GA1.2.1274981329.1711333959
.steam-heven.com/ Name: _gid
Value: GA1.2.220313036.1711333959
.steam-heven.com/ Name: _gat_gtag_UA_136825651_4
Value: 1
pogothere.xyz/ Name: csu
Value: 208496368950285@1@1711333959

5 Console Messages

Source Level URL
Text
other warning URL: https://steam-heven.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKL7nTOwpCDy_Mc-kpHbjCONaEIUrzPNOayY6ztPBKjWqbuNVxfI9U5U1240AVVRPp_kU53B&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1190503899%3A1711333959089383&theme=mn&ddm=0
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKI9bJObMWqkgFMfZJkvjS1FryqOr9vCarq9hiDDgFhHHF50IoGwou4oPpJq8o0g-jHdrCk1&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S621626329%3A1711333959092664&theme=mn&ddm=0
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9624204658352581&output=html&h=280&slotname=2733830507&adk=2267609003&adf=1899011384&pi=t.ma~as.2733830507&w=1110&fwrn=4&fwrnh=100&lmt=1711333959&rafmt=1&format=1110x280&url=https%3A%2F%2Fsteam-heven.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711333959081&bpp=1&bdt=324&idt=100&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7419247740724&frm=20&pv=1&ga_vid=1274981329.1711333959&ga_sid=1711333959&ga_hid=320570027&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31082022%2C44795922%2C95326316%2C31082078%2C95320378%2C95322399%2C95326918&oid=2&pvsid=4409943239387806&tmod=966927818&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=103
Message:
Failed to load resource: the server responded with a status of 400 ()
other warning URL: https://steam-heven.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
d26adrx9c3n0mq.cloudfront.net
dmetherearlyinhes.info
fonts.googleapis.com
fonts.gstatic.com
games-database.com
pagead2.googlesyndication.com
pogothere.xyz
steam-heven.com
tpc.googlesyndication.com
weredthechild.info
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
104.21.48.128
188.114.97.3
2600:9000:235a:3000:b:b271:7c80:21
2a00:1450:4001:808::2008
2a00:1450:4001:80e::2001
2a00:1450:4001:812::2002
2a00:1450:4001:827::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2003
2a00:1450:400c:c09::54
2a03:2880:f177:83:face:b00c:0:25de
3.160.150.46
31.43.191.130
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
010e6ffb18715ededb10c4ae5a8518475c138fb63b83ec1c125d09b714ccdd8b
034c3e43e8e1585facd24dfdd3be42f8aa19cc8f11487f52cafda7a5f8e8ce58
0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4
0d1daf388c5b8879de6a11f0edf3618ffc9334ed7239eb9d1d11981b34b1fcf6
16a651a866ea30cb9deb0ed2b9dbe0d57692497e5cdb59c4132da100d34325a4
17a6b3f9cc81f3e1f9d4220cf51c8a7cba031558ad91264c35b2d8aa68c3f795
1c593f4a688585b14c31e71fc64bfaa81d768984cdf182bca40ba8c524582685
1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e
24bcddda50eaf71d092be5521482ff8cf3c4ea04f7bf0fe325c220b9f36b230f
2642f94894419d1cebdc4a010b9380a7403063dd6d28ea8a80bd5ebd01186732
2e26b59d5626f071d45c221036216b5a74deacea2bf76d1b392a3c8357d25261
31205df908aed9881f6d2d3ae7d38975252bf99e38268978b4236dc3c314754b
3c212fabe8e066c213ffd4e212ccc3e30f109c9ff859654ce929eae8d997d9e4
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
452410fef223a412e5608205fc069ecc35a4d919b413b3422a714a17ebfd0651
4ff08bea011633b67bb0320c3ab48a581e4d8056c95c415b00fc0c3e703d6fd4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6910b6609166588208a24355d3c3666140dd0d7fcb3884b31eedb72773e44794
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6da7ee98917bc4da6066cc6f1e32d9017df94d2f42c5820b09187a352b4bb11a
709debbdebf13d8d6c85571caee6e44629142518e9336ed1aa01d6e94ab4d056
71560b4568f9b6d3a4d331052dfd8206f6e096092542cb64e6e56f34a2df8e66
732db6d438882b58a811f2f25b06de57e56195456feab635f513791f82863fc6
804e3c2608de23694fa71684178e2f9815115d56ee022ec770e1fcb208847acc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a10549eed29cff62aa0098311b5c1c37601577a11de64f72095aacb90715c8a
8ef749c3869991924150dc932c48cd57bf69ac25a378bb2e14f8e1733c17406f
8f195573d6fa06641814b476fea2b92579c983cac46d683f356238207692c9f5
914df93a9770d8a0e132b6ce3e8f1cfba0e0fae8f3b9002a3f0eb47c3d0cc97b
95a14a4473ff130eb29f3cc02e135978505655e3c931b6c3726dedd4f558f843
aa4237d04f91355a0bef506ab449c358ca681e803fd5b5717f7182ce55e58a23
ac331833ebf1c06b0f8565caaeb4760c2184bd89d1cb5574c3947a8d0b6dca1c
aeda362b1d693480453b895cbcf8b92629f58240c42ba8c643f0d5d338baf805
b4855cc8ec721cbaf27f3c907345e101b1524858221c14faa79df34cb2f84991
b7318b359db394611fa6aec7a541ca1d365491e5459393a17eb196f51e5e581e
c0658f7e72553aab0645dce6417c4de7779a616354cae74e9465fdb4d8e2ced7
c0b706b9b1ca12b631496228a0eb0fe15ccb14f21ab554f6c4b4f20474e4d3a6
c5d7f0d9e646698b20734ce6dcc2c0a8ecf6ebe27b4b7625bfcf42c4416fb7ed
c785cd2538c38dcae7b864bfb1e2e32ffa488474d78d4f26aa86cb40eaccb4ac
c8dee41785c1f45859a70f3bb9a65b3cba83d866dd46ca0096d07067fec9d280
dd58e016a44ab287a8001ebfc1f711d1925d9472d0d42a99fa7077ebd31f68cd
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e14bd0ce479e16b029b0f0d9fdbc2c0708f7dd64779c9adfda766dd7fb8f42c2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70b27194b8793b68cccee28a6d8a1e39aae2ce5d28d5e71ac204d7a3ac164e3
ed9a046811b4716ff349e950f6b824db3c8cc739b8fa97fe62c08a2b6e2f079b
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
f9f33dca7f9a5a735a0a03502993e0a092df81d820beb1ed4071e4611a9630ed
fc190f724340fc20fd1d175f49c70e70f4acfdd9303ae4f68d9765a2a5958d9b
ff5fe542e37297733305fb7e68a41b3269a681d64145945f2131a646044c016a