urlscan.io logo urlscan.io
SecurityTrails logo

www.heavenlycitizens.net Open in urlscan Pro
195.154.21.65  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.heavenlycitizens.net/
Effective URL: http://www.heavenlycitizens.net/
Submission: On October 14 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 23 HTTP transactions. The main IP is 195.154.21.65, located in France and belongs to AS12876, FR. The main domain is www.heavenlycitizens.net.
This is the only time www.heavenlycitizens.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 15 195.154.21.65 12876 (AS12876)
1 2a00:1450:400... 15169 (GOOGLE)
2 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 1 212.129.43.192 12876 (AS12876)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
23 6
15    195.154.21.65 (France)

ASN12876 (AS12876, FR)
www.heavenlycitizens.net
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
2    2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
maxcdn.bootstrapcdn.com
1    212.129.43.192 (Paris, France)

ASN12876 (AS12876, FR)
PTR: 212-129-43-192.rev.poneytelecom.eu
heavenlycitizens.e-monsite.com
2    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
3    2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
Domain Requested by
15 www.heavenlycitizens.net 1 redirects www.heavenlycitizens.net
3 fonts.gstatic.com www.heavenlycitizens.net
2 www.google-analytics.com www.heavenlycitizens.net
2 maxcdn.bootstrapcdn.com www.heavenlycitizens.net
1 www.googletagmanager.com www.heavenlycitizens.net
1 heavenlycitizens.e-monsite.com 1 redirects
1 fonts.googleapis.com www.heavenlycitizens.net
23 7

This site contains links to these domains. Also see Links.

Domain
heavenlycitizens.e-monsite.com
Subject Issuer Validity Valid
*.googleapis.com
GTS CA 1O1		 2019-10-03 -
2019-12-26		 3 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-14 -
2020-10-13		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-09-17 -
2019-12-10		 3 months crt.sh
*.google.com
GTS CA 1O1		 2019-09-17 -
2019-12-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://www.heavenlycitizens.net/
Frame ID: 182F0299B7686FCA37F94B693F56A0E0
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.heavenlycitizens.net/ HTTP 301
    http://www.heavenlycitizens.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • html /<!-- (?:End )?Google Tag Manager -->/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

23
Requests

39 %
HTTPS

71 %
IPv6

7
Domains

7
Subdomains

6
IPs

3
Countries

512 kB
Transfer

956 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.heavenlycitizens.net/ HTTP 301
    http://www.heavenlycitizens.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • http://heavenlycitizens.e-monsite.com/medias/images/the-way-to-heaven-1.jpg HTTP 302
  • http://www.heavenlycitizens.net/medias/images/the-way-to-heaven-1.jpg

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.heavenlycitizens.net/
Redirect Chain
  • https://www.heavenlycitizens.net/
  • http://www.heavenlycitizens.net/
14 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.heavenlycitizens.net/
Protocol
HTTP/1.1
Server
195.154.21.65 , France, ASN12876 (AS12876, FR),
Reverse DNS
Software
Apache / PHP/5.6.40
Resource Hash
29b7621b2565e932834565a4cd99e231db7b5129e0b77c7210701e7b3c7af13c

Request headers

Host
www.heavenlycitizens.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

Date
Mon, 14 Oct 2019 18:01:06 GMT
Server
Apache
X-Powered-By
PHP/5.6.40
Pragma
no-cache
Cache-Control
no-cache, must-revalidate
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Length
3184
Connection
close
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Mon, 14 Oct 2019 18:01:05 GMT
Server
Apache/2.4.38 (Unix) PHP/5.6.40
X-Powered-By
PHP/5.6.40
Location
http://www.heavenlycitizens.net/
Content-Length
0
Content-Type
text/html; charset=UTF-8
css
fonts.googleapis.com/ 		9 KB
889 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700%7CMerriweather:300,400,700%7COleo+Script:700
Requested by
Host: www.heavenlycitizens.net
URL: http://www.heavenlycitizens.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
3059d55fe11719e29be2a884c72a2862bae5d43ec0ec246850e4fdbbbcd755f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://www.heavenlycitizens.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 14 Oct 2019 18:01:08 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Mon, 14 Oct 2019 18:01:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 14 Oct 2019 18:01:08 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.heavenlycitizens.net
URL: http://www.heavenlycitizens.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://www.heavenlycitizens.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 18:01:08 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:35:20 GMT
status
200
etag
"1544639720"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
7050
combined.css
www.heavenlycitizens.net/themes/ 		137 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.heavenlycitizens.net/themes/combined.css?v=6_1547822345_5
Requested by
Host: www.heavenlycitizens.net
URL: http://www.heavenlycitizens.net/
Protocol
HTTP/1.1
Server
195.154.21.65 , France, ASN12876 (AS12876, FR),
Reverse DNS
Software
Apache/2.4.38 (Unix) PHP/5.6.40 / PHP/5.6.40
Resource Hash
df752fc45d14be28c6024bb7e82802de8d1c1d3b927e513fd3af319b9ab16060

Request headers

Referer
http://www.heavenlycitizens.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Oct 2019 18:01:08 GMT
Content-Encoding
gzip
Etag
6_1547822345_5
Server
Apache/2.4.38 (Unix) PHP/5.6.40
X-Powered-By
PHP/5.6.40
Vary
Accept-Encoding
Content-Type
text/css;charset=UTF-8
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
close
Expires
Sat, 14 Dec 2019 14:59:14 GMT
jquery.min.js
www.heavenlycitizens.net/medias/static/themes/ems_framework/js/ 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.heavenlycitizens.net/medias/static/themes/ems_framework/js/jquery.min.js
Requested by
Host: www.heavenlycitizens.net
URL: http://www.heavenlycitizens.net/
Protocol
HTTP/1.1
Server
195.154.21.65 , France, ASN12876 (AS12876, FR),
Reverse DNS
Software
Apache/2.4.12 (Unix) /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Request headers

Referer
http://www.heavenlycitizens.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 14 Oct 2019 18:01:07 GMT
Last-Modified
Fri, 06 Apr 2018 10:04:29 GMT
Server
Apache/2.4.12 (Unix)
Connection
close
Accept-Ranges
bytes
Content-Length
95992
Content-Type
application/javascript
ems-framework.min.js
www.heavenlycitizens.net/medias/static/themes/ems_framework/js/ 		62 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.heavenlycitizens.net/medias/static/themes/ems_framework/js/ems-framework.min.js?v=1180
Requested by
Host: www.heavenlycitizens.net
URL: http://www.heavenlycitizens.net/
Protocol
HTTP/1.1
Server
195.154.21.65 , France, ASN12876 (AS12876, FR),
Reverse DNS
Software
cloudflare /
Resource Hash
a57f28e2616a357613d7d1f0a1ab47b9974e82d857e72939a4e3e65e75201d59

Request headers

Referer
http://www.heavenlycitizens.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 14 Oct 2019 18:01:08 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Mon, 01 Apr 2019 07:32:13 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=432000
Transfer-Encoding
chunked
Connection
close
CF-RAY
525b74f54d559cab-AMS
Expires
Sat, 19 Oct 2019 18:01:08 GMT
content.js
www.heavenlycitizens.net/themes/ 		187 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.heavenlycitizens.net/themes/content.js
Requested by
Host: www.heavenlycitizens.net
URL: http://www.heavenlycitizens.net/
Protocol
HTTP/1.1
Server
195.154.21.65 , France, ASN12876 (AS12876, FR),
Reverse DNS
Software
Apache/2.4.38 (Unix) PHP/5.6.40 / PHP/5.6.40
Resource Hash
2669f489f3233360987df653fc4fc336768bb9e4e598b61b06afeab75e530524

Request headers

Referer
http://www.heavenlycitizens.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Oct 2019 18:01:06 GMT
Content-Encoding
gzip
Etag
6_1547822345_5
Server
Apache/2.4.38 (Unix) PHP/5.6.40
X-Powered-By
PHP/5.6.40
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
close
Expires
Sat, 14 Dec 2019 14:59:12 GMT
the-way-to-heaven-1.jpg
www.heavenlycitizens.net/medias/images/
Redirect Chain
  • http://heavenlycitizens.e-monsite.com/medias/images/the-way-to-heaven-1.jpg
  • http://www.heavenlycitizens.net/medias/images/the-way-to-heaven-1.jpg
25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.heavenlycitizens.net/medias/images/the-way-to-heaven-1.jpg
Requested by
Host: www.heavenlycitizens.net
URL: http://www.heavenlycitizens.net/
Protocol
HTTP/1.1
Server
195.154.21.65 , France, ASN12876 (AS12876, FR),
Reverse DNS
Software
Apache/2.4.38 (Unix) PHP/5.6.40 / PHP/5.6.40
Resource Hash
3cef3de3839391bab7061f527ed77c5b0889279a7b313cfac42ea80a9400619f

Request headers

Referer
http://www.heavenlycitizens.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Mon, 14 Oct 2019 18:01:06 GMT
ETag
"6412-59107c4809f29"
Last-Modified
Mon, 26 Aug 2019 16:37:11 GMT
Server
Apache/2.4.38 (Unix) PHP/5.6.40
X-Powered-By
PHP/5.6.40
Content-Type
image/jpeg
Cache-Control
public, max-age=5259486
Connection
close
Accept-Ranges
bytes
Content-Length
25618
Expires
Sat, 14 Dec 2019 14:59:12 GMT

Redirect headers

Location
http://www.heavenlycitizens.net/medias/images/the-way-to-heaven-1.jpg
Date
Mon, 14 Oct 2019 18:01:08 GMT
Server
Apache/2.4.38 (Unix) PHP/5.6.40
Connection
close
X-Powered-By
PHP/5.6.40
Content-Length
0
Content-Type
text/html; charset=UTF-8
jquery.mobile.custom.min.js
www.heavenlycitizens.net/medias/static/themes/ems_framework/js/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.heavenlycitizens.net/medias/static/themes/ems_framework/js/jquery.mobile.custom.min.js
Requested by
Host: www.heavenlycitizens.net
URL: http://www.heavenlycitizens.net/
Protocol
HTTP/1.1
Server
195.154.21.65 , France, ASN12876 (AS12876, FR),
Reverse DNS
Software
cloudflare /
Resource Hash
6e3cd0d6a67783d5edebf54214ae078c5ee70155b9caa354212fab2a0e947bfa

Request headers

Referer
http://www.heavenlycitizens.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 14 Oct 2019 18:01:08 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Fri, 06 Apr 2018 10:04:29 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=432000
Transfer-Encoding
chunked
Connection
close
CF-RAY
525b74f54be3d8b1-AMS
Expires
Sat, 19 Oct 2019 18:01:08 GMT
jquery.zoom.min.js
www.heavenlycitizens.net/medias/static/themes/ems_framework/js/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.heavenlycitizens.net/medias/static/themes/ems_framework/js/jquery.zoom.min.js
Requested by
Host: www.heavenlycitizens.net
URL: http://www.heavenlycitizens.net/
Protocol
HTTP/1.1
Server
195.154.21.65 , France, ASN12876 (AS12876, FR),
Reverse DNS
Software
Apache/2.4.12 (Unix) /
Resource Hash
5dd714b7bac8a949b94a98d6090001a3afadb230f6d85196863e4479ca8646dd

Request headers

Referer
http://www.heavenlycitizens.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 14 Oct 2019 18:01:07 GMT
Last-Modified
Thu, 11 Apr 2019 13:44:10 GMT
Server
Apache/2.4.12 (Unix)
Connection
close
Accept-Ranges
bytes
Content-Length
3664
Content-Type
application/javascript
masonry.pkgd.min.js
www.heavenlycitizens.net/medias/static/themes/ems_framework/js/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.heavenlycitizens.net/medias/static/themes/ems_framework/js/masonry.pkgd.min.js
Requested by
Host: www.heavenlycitizens.net
URL: http://www.heavenlycitizens.net/
Protocol
HTTP/1.1
Server
195.154.21.65 , France, ASN12876 (AS12876, FR),
Reverse DNS
Software
cloudflare /
Resource Hash
605003a102486058fe8ac757b2c30652b9ac54d6d50df3799bc8cf81537ef66e

Request headers

Referer
http://www.heavenlycitizens.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 14 Oct 2019 18:01:08 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Tue, 12 Mar 2019 10:03:54 GMT
Server
cloudflare
Age
1861
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=432000
Transfer-Encoding
chunked
Connection
close
CF-RAY
525b74f61aca9c93-AMS
Expires
Sat, 19 Oct 2019 18:01:08 GMT
imagesloaded.pkgd.min.js
www.heavenlycitizens.net/medias/static/themes/ems_framework/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.heavenlycitizens.net/medias/static/themes/ems_framework/js/imagesloaded.pkgd.min.js
Requested by
Host: www.heavenlycitizens.net
URL: http://www.heavenlycitizens.net/
Protocol
HTTP/1.1
Server
195.154.21.65 , France, ASN12876 (AS12876, FR),
Reverse DNS
Software
cloudflare /
Resource Hash
81732e25e1d2e678ec73dd14071f683bf50116c0bb946cdb4fb4c479b869fde0

Request headers

Referer
http://www.heavenlycitizens.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 14 Oct 2019 18:01:08 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Tue, 12 Mar 2019 10:03:54 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=432000
Transfer-Encoding
chunked
Connection
close
CF-RAY
525b74f64ce99d5a-AMS
Expires
Sat, 19 Oct 2019 18:01:08 GMT
imagelightbox.min.js
www.heavenlycitizens.net/medias/static/themes/ems_framework/js/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.heavenlycitizens.net/medias/static/themes/ems_framework/js/imagelightbox.min.js
Requested by
Host: www.heavenlycitizens.net
URL: http://www.heavenlycitizens.net/
Protocol
HTTP/1.1
Server
195.154.21.65 , France, ASN12876 (AS12876, FR),
Reverse DNS
Software
Apache/2.4.12 (Unix) /
Resource Hash
58ca6960e3b855b80bec609fcbbae7f2229cbd9b4741fe21c5cc4976cbd4b38a

Request headers

Referer
http://www.heavenlycitizens.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 14 Oct 2019 18:01:07 GMT
Last-Modified
Tue, 12 Mar 2019 10:03:54 GMT
Server
Apache/2.4.12 (Unix)
Connection
close
Accept-Ranges
bytes
Content-Length
4362
Content-Type
application/javascript
custom.js
www.heavenlycitizens.net/themes/ 		26 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.heavenlycitizens.net/themes/custom.js
Requested by
Host: www.heavenlycitizens.net
URL: http://www.heavenlycitizens.net/
Protocol
HTTP/1.1
Server
195.154.21.65 , France, ASN12876 (AS12876, FR),
Reverse DNS
Software
Apache/2.4.38 (Unix) PHP/5.6.40 / PHP/5.6.40
Resource Hash
d95a72a999b20917e70bc976d89b2c4434bb6156b99f7223f864104144e47504

Request headers

Referer
http://www.heavenlycitizens.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Oct 2019 18:01:08 GMT
Content-Encoding
gzip
Etag
6_1547822345_5
Server
Apache/2.4.38 (Unix) PHP/5.6.40
X-Powered-By
PHP/5.6.40
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Cache-Control
no-cache
Connection
close
Content-Length
5479
Expires
Sat, 14 Dec 2019 14:59:14 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.heavenlycitizens.net
URL: http://www.heavenlycitizens.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://www.heavenlycitizens.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
418
date
Mon, 14 Oct 2019 17:54:10 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Mon, 14 Oct 2019 19:54:10 GMT
gtm.js
www.googletagmanager.com/ 		47 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PVHF9DL
Requested by
Host: www.heavenlycitizens.net
URL: http://www.heavenlycitizens.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
90c9b6cb153a2a173071eb33e22a4f1a5cf5c821b683adee5d559d8d5491580a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://www.heavenlycitizens.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 18:01:08 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18323
x-xss-protection
0
expires
Mon, 14 Oct 2019 18:01:08 GMT
cork-wallet.png
www.heavenlycitizens.net/medias/static/themes/blogger/im/patterns/dark/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.heavenlycitizens.net/medias/static/themes/blogger/im/patterns/dark/cork-wallet.png
Requested by
Host: www.heavenlycitizens.net
URL: http://www.heavenlycitizens.net/
Protocol
HTTP/1.1
Server
195.154.21.65 , France, ASN12876 (AS12876, FR),
Reverse DNS
Software
cloudflare /
Resource Hash
f52f660fde8bedc73f105a868d5c7bb7d157bcd31e62c4d215c3a9e199d0b88f

Request headers

Referer
http://www.heavenlycitizens.net/themes/combined.css?v=6_1547822345_5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 14 Oct 2019 18:01:08 GMT
CF-Cache-Status
HIT
Last-Modified
Fri, 06 Apr 2018 10:04:20 GMT
Server
cloudflare
Age
1860
Cf-Polished
origSize=59651
Vary
Accept-Encoding
Content-Type
image/png
Cf-Bgj
imgq:100
Cache-Control
public, max-age=432000
Connection
close
Accept-Ranges
bytes
CF-RAY
525b74f66c379d6c-AMS
Content-Length
49662
Expires
Sat, 19 Oct 2019 18:01:08 GMT
textured-stripes.png
www.heavenlycitizens.net/medias/static/themes/blogger/im/patterns/light/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.heavenlycitizens.net/medias/static/themes/blogger/im/patterns/light/textured-stripes.png
Requested by
Host: www.heavenlycitizens.net
URL: http://www.heavenlycitizens.net/
Protocol
HTTP/1.1
Server
195.154.21.65 , France, ASN12876 (AS12876, FR),
Reverse DNS
Software
Apache/2.4.12 (Unix) /
Resource Hash
449d9ed9385addfd30ffa520272835c6d0992c62e0c9a5eb680550923e6f51d4

Request headers

Referer
http://www.heavenlycitizens.net/themes/combined.css?v=6_1547822345_5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 14 Oct 2019 18:01:07 GMT
Last-Modified
Fri, 06 Apr 2018 10:04:20 GMT
Server
Apache/2.4.12 (Unix)
Connection
close
Accept-Ranges
bytes
Content-Length
58952
Content-Type
image/png
raxkHieDvtMOe0iICsUccCDmnlrf0Tu2Krfu.woff2
fonts.gstatic.com/s/oleoscript/v8/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oleoscript/v8/raxkHieDvtMOe0iICsUccCDmnlrf0Tu2Krfu.woff2
Requested by
Host: www.heavenlycitizens.net
URL: http://www.heavenlycitizens.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ff42e1ae58bb9d0f9a28dd7fb759a1dff6bb53c1a1b12030fdbab2766f5848ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Lato:300,400,700%7CMerriweather:300,400,700%7COleo+Script:700
Origin
http://www.heavenlycitizens.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 09 Oct 2019 09:45:39 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 03:09:13 GMT
server
sffe
age
461729
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
12912
x-xss-protection
0
expires
Thu, 08 Oct 2020 09:45:39 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.heavenlycitizens.net
URL: http://www.heavenlycitizens.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Sec-Fetch-Mode
cors
Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin
http://www.heavenlycitizens.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 18:01:08 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:36:18 GMT
status
200
etag
"1544639778"
vary
Accept-Encoding
x-cache
HIT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
77171
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: www.heavenlycitizens.net
URL: http://www.heavenlycitizens.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Lato:300,400,700%7CMerriweather:300,400,700%7COleo+Script:700
Origin
http://www.heavenlycitizens.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 10 Oct 2019 11:38:01 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:55 GMT
server
sffe
age
368587
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
14044
x-xss-protection
0
expires
Fri, 09 Oct 2020 11:38:01 GMT
u-4n0qyriQwlOrhSvowK_l52xwNZWMf6hPvhPQ.woff2
fonts.gstatic.com/s/merriweather/v21/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v21/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6hPvhPQ.woff2
Requested by
Host: www.heavenlycitizens.net
URL: http://www.heavenlycitizens.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b986fbc59b4f9794ff0d1bd475093053df31b2b79b545daf4125f0abf912716b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Lato:300,400,700%7CMerriweather:300,400,700%7COleo+Script:700
Origin
http://www.heavenlycitizens.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 17:43:29 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:18:58 GMT
server
sffe
age
260259
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
12192
x-xss-protection
0
expires
Sat, 10 Oct 2020 17:43:29 GMT
collect
www.google-analytics.com/r/ 		35 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1348329675&t=pageview&_s=1&dl=http%3A%2F%2Fwww.heavenlycitizens.net%2F&ul=en-us&de=UTF-8&dt=holiness%20the%20only%20way%20for%20heaven.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1426431748&gjid=895464288&cid=1061500971.1571076069&tid=UA-874445-14&_gid=152260539.1571076069&_r=1&cd1=true&cd2=e-monsite&cd3=fr&cd4=true&cd5=true&z=1808967137
Requested by
Host: www.heavenlycitizens.net
URL: http://www.heavenlycitizens.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://www.heavenlycitizens.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Oct 2019 18:01:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery object| forms object| ems object| jQuery111309092555659641017 function| Carousel function| Collapse function| Dropdown function| Fix function| Validate function| Modal function| Parallax function| Scrollspy function| Subnav function| Tooltip object| $fullCalendarTrads object| modules object| plugins object| layout object| $zoomIn object| paymeans function| DP_jQuery_1571076068812 string| GoogleAnalyticsObject function| ga object| dataLayer object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry function| imagesLoaded object| lightbox

3 Cookies

Domain/Path Name / Value
.heavenlycitizens.net/ Name: _gat_brandTracker
Value: 1
.heavenlycitizens.net/ Name: _gid
Value: GA1.2.152260539.1571076069
.heavenlycitizens.net/ Name: _ga
Value: GA1.2.1061500971.1571076069

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
heavenlycitizens.e-monsite.com
maxcdn.bootstrapcdn.com
www.google-analytics.com
www.googletagmanager.com
www.heavenlycitizens.net
195.154.21.65
2001:4de0:ac19::1:b:3b
212.129.43.192
2a00:1450:4001:806::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:81a::2008
2a00:1450:4001:825::2003
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
2669f489f3233360987df653fc4fc336768bb9e4e598b61b06afeab75e530524
29b7621b2565e932834565a4cd99e231db7b5129e0b77c7210701e7b3c7af13c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3059d55fe11719e29be2a884c72a2862bae5d43ec0ec246850e4fdbbbcd755f6
3cef3de3839391bab7061f527ed77c5b0889279a7b313cfac42ea80a9400619f
449d9ed9385addfd30ffa520272835c6d0992c62e0c9a5eb680550923e6f51d4
58ca6960e3b855b80bec609fcbbae7f2229cbd9b4741fe21c5cc4976cbd4b38a
5dd714b7bac8a949b94a98d6090001a3afadb230f6d85196863e4479ca8646dd
605003a102486058fe8ac757b2c30652b9ac54d6d50df3799bc8cf81537ef66e
6e3cd0d6a67783d5edebf54214ae078c5ee70155b9caa354212fab2a0e947bfa
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
81732e25e1d2e678ec73dd14071f683bf50116c0bb946cdb4fb4c479b869fde0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
90c9b6cb153a2a173071eb33e22a4f1a5cf5c821b683adee5d559d8d5491580a
a57f28e2616a357613d7d1f0a1ab47b9974e82d857e72939a4e3e65e75201d59
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b986fbc59b4f9794ff0d1bd475093053df31b2b79b545daf4125f0abf912716b
d95a72a999b20917e70bc976d89b2c4434bb6156b99f7223f864104144e47504
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
df752fc45d14be28c6024bb7e82802de8d1c1d3b927e513fd3af319b9ab16060
f52f660fde8bedc73f105a868d5c7bb7d157bcd31e62c4d215c3a9e199d0b88f
ff42e1ae58bb9d0f9a28dd7fb759a1dff6bb53c1a1b12030fdbab2766f5848ff