topheavensoffers.org Open in urlscan Pro
2606:4700:3032::ac43:d5d4 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://topheavensoffers.org/
Submission: On March 29 via api (March 29th 2024, 11:51:43 pm UTC) from US — Scanned from US

Summary HTTP 27 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 27 HTTP transactions. The main IP is 2606:4700:3032::ac43:d5d4, located in United States and belongs to CLOUDFLARENET, US. The main domain is topheavensoffers.org.
TLS certificate: Issued by GTS CA 1P5 on March 28th 2024. Valid for: 3 months.

This is the only time topheavensoffers.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3032::ac43:d5d4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	172.67.213.212 172.67.213.212	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2607:f8b0:400... 2607:f8b0:4004:c06::5f	15169 (GOOGLE) (GOOGLE)
1	172.64.163.29 172.64.163.29	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2607:f8b0:400... 2607:f8b0:4004:c07::5e	15169 (GOOGLE) (GOOGLE)
27	6

1 2606:4700:3032::ac43:d5d4 (United States)

ASN13335 (CLOUDFLARENET, US)

topheavensoffers.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.67.213.212 (United States)

ASN13335 (CLOUDFLARENET, US)

topheavensoffers.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4004:c06::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.163.29 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

fonts.cdnfonts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c07::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	topheavensoffers.org topheavensoffers.org	310 KB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	6 KB
4	gstatic.com fonts.gstatic.com	61 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 234	22 KB
1	cdnfonts.com fonts.cdnfonts.com — Cisco Umbrella Rank: 9308	686 B
27	5

	Domain	Requested by
11	topheavensoffers.org	topheavensoffers.org
9	fonts.googleapis.com	topheavensoffers.org
4	fonts.gstatic.com	fonts.googleapis.com
2	cdnjs.cloudflare.com	topheavensoffers.org
1	fonts.cdnfonts.com	topheavensoffers.org
27	5

This site contains links to these domains. Also see Links.

Domain
www.amazon.com

Subject Issuer	Validity	Valid
topheavensoffers.org GTS CA 1P5	`2024-03-28` - `2024-06-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
cdnfonts.com GTS CA 1P5	`2024-03-27` - `2024-06-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://topheavensoffers.org/
Frame ID: 04EE7E434CB62EDEA1CFFA182E67C748
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

topheavensoffers – topheavensoffers

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

27
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

5
Subdomains

6
IPs

2
Countries

400 kB
Transfer

763 kB
Size

0
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.amazon.com/Family-Sturdy-Storage-Travel-Friendly-Exclusive/dp/B07P6MZPK3/ref=sr_1_3?crid=1SXW2F9L34RN&keywords=uno&qid=1701179687&sprefix=uno%2Caps%2C216&sr=8-3
Title: Add To Cart

Search URL Search Domain Scan URL

URL: https://www.amazon.com/Liars-Dice-Game-Set-Professional/dp/B0876H8CJX/ref=sr_1_1_sspa?crid=1BGLLT3ZXBUBZ&keywords=Treasure+Chest+LIARS+DICE&qid=1701179782&sprefix=treasure+chest+liars+dice%2Caps%2C210&sr=8-1-spons&sp_csd=d2lkZ2V0TmFtZT1zcF9hdGY&psc=1
Title: Add To Cart

Search URL Search Domain Scan URL

URL: https://www.amazon.com/CardLords-Take-the-Gold/dp/B075QP93XR/ref=sr_1_6?crid=38CY7J1XG61OB&keywords=Take+The+Gold&qid=1701179831&sprefix=treasure+chest+liars+dice%2Caps%2C202&sr=8-6
Title: Add To Cart

Search URL Search Domain Scan URL

URL: https://www.amazon.com/Mattel-Games-Family-Amazon-Exclusive/dp/B07Y98T14Q/ref=sr_1_3?crid=284C6SWN84R6T&keywords=Phase+10&qid=1701179892&sprefix=take+the+gold%2Caps%2C249&sr=8-3
Title: Add To Cart

Search URL Search Domain Scan URL

URL: https://www.amazon.com/Microdice-Six-Sided-Tabletop-Wargames-Elementary/dp/B08MKDYRV6/ref=sr_1_1_sspa?crid=1QYZ2KBFWAJK1&keywords=Microdice&qid=1701179928&sprefix=microdice%2Caps%2C210&sr=8-1-spons&sp_csd=d2lkZ2V0TmFtZT1zcF9hdGY&psc=1
Title: Add To Cart

Search URL Search Domain Scan URL

URL: https://www.amazon.com/Sabotage-Mystery-Games-Cooperative-Players/dp/B09HWSVQG9/ref=sr_1_1?crid=1KZOCDRUM1C5X&keywords=clue%2Bsabotage%2Bon%2Bthe%2Bhigh%2Bseas&qid=1701179998&sprefix=Clue%2BSABOTAGE%2Caps%2C219&sr=8-1&th=1
Title: Add To Cart

Search URL Search Domain Scan URL

URL: https://www.amazon.com/Charades-Party-Game-Fast-paced-Perfect/dp/B07HXN1V51/ref=sr_1_2_sspa?crid=3AB86VXU967GS&keywords=Charades+SPEED&qid=1701180075&sprefix=charades+spee%2Caps%2C210&sr=8-2-spons&sp_csd=d2lkZ2V0TmFtZT1zcF9hdGY&psc=1
Title: Add To Cart

Search URL Search Domain Scan URL

URL: https://www.amazon.com/PS4-Vegas-Party-EU/dp/B073WY47FZ/ref=sr_1_1?crid=46KYG62MMSO6&keywords=vegas+party+ps4&qid=1701179551&sprefix=vegas+party+ps4%2Caps%2C212&sr=8-1
Title: Add To Cart

Search URL Search Domain Scan URL

URL: https://www.amazon.com/More-Poker-Keno-Players-Expansion/dp/B09M95B7GM/ref=sr_1_9?crid=3VXZPFLLITI7Y&keywords=Poker+Keno&qid=1701180128&sprefix=poker+keno%2Caps%2C203&sr=8-9
Title: Add To Cart

Search URL Search Domain Scan URL

URL: https://www.amazon.com/ACELION-Waterproof-Playing-Plastic-Diamond/dp/B0895Q8MRC/ref=sr_1_5?crid=2LGASOL0FDMLC&keywords=Poker%2BCARDS%2BBLACK&qid=1701180234&sprefix=poker%2Bcards%2Bblack%2Caps%2C221&sr=8-5&th=1
Title: Add To Cart

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
topheavensoffers.org/ 68 KB
12 KB 676ms
603ms Document
text/html 2606:4700:3032::ac43:d5d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://topheavensoffers.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:d5d4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.27

Resource Hash

40b695d71ab4412bd0f58570891f0ce47caf8971d54e9a5f213f17248ea34b2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86c3c4d84b0bda8b-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 29 Mar 2024 23:51:37 GMT
link: <https://topheavensoffers.org/wp-json/>; rel="https://api.w.org/" <https://topheavensoffers.org/wp-json/wp/v2/pages/826>; rel="alternate"; type="application/json" <https://topheavensoffers.org/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f0j3ToPglGrjV2xaxK3oz0e%2BdMsENvCDrIvPGNuz3ssKevi%2FyO9MHF%2B2%2FPLHkJ9ODuaLZ1gVhNexdSwmzjk4xmScs9WW6x6NI27HnjbkKQ6YhtN2QIzgQeb7jIpLKpPnkKRH5dBbBJKmBMlvRkYmRCZEMw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.1.27
x-turbo-charged-by: LiteSpeed

GET
H3 200 style.min.css
topheavensoffers.org/wp-includes/blocks/navigation/ 16 KB
3 KB 282ms
282ms Stylesheet
text/css 172.67.213.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://topheavensoffers.org/wp-includes/blocks/navigation/style.min.css?ver=6.4.3

Requested by

Host: topheavensoffers.org
URL: https://topheavensoffers.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.213.212 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38b1136cf93f9cb1dc433fd40347fed72ebce9522a55393f95feae15a8268233

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://topheavensoffers.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 23:51:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 26 Sep 2023 19:11:22 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NiHqCQS5C60KDDN4CLv%2FyY1yn6ES1i3s0mMcsqryS%2F4Y3O7M%2BBoZpAK6ROSIuBX8fx20SEm7ZBp9zvTWHxO1q%2Feb4QGBogMYlnhZfFG15cWDmqAa5pdoSpPaom6e7MdWs0AxUQdHhw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 86c3c4dc18d6030a-MIA
expires: Fri, 05 Apr 2024 23:51:37 GMT

GET
H3 200 spectra-block-positioning.min.css
topheavensoffers.org/wp-content/plugins/ultimate-addons-for-gutenberg/assets/css/ 225 B
657 B 286ms
284ms Stylesheet
text/css 172.67.213.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://topheavensoffers.org/wp-content/plugins/ultimate-addons-for-gutenberg/assets/css/spectra-block-positioning.min.css?ver=2.10.1

Requested by

Host: topheavensoffers.org
URL: https://topheavensoffers.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.213.212 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c4ff5665714c5f8e3c6517de0301463b384f0b57b472f92ad84f6dd4a7402e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://topheavensoffers.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 23:51:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 13 Nov 2023 15:35:29 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DTbnpHzUxfX8aPMYcOLOZdvWhRGkwQpJyMm6Vd2daNwEaqh6Jzpq7t4HJQgtXmhXkDBZ4NTDTN3MvIZMn6qluZ98eIIhbXZzQ5yKu7Zb27hKqRhtVPKCdXOETVq3gEwEeNCerlCxAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 86c3c4dc18e0030a-MIA
expires: Fri, 05 Apr 2024 23:51:37 GMT

GET
H3 200 uag-css-826-1711756297.css
topheavensoffers.org/wp-content/uploads/uag-plugin/assets/1000/ 111 KB
11 KB 287ms
283ms Stylesheet
text/css 172.67.213.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://topheavensoffers.org/wp-content/uploads/uag-plugin/assets/1000/uag-css-826-1711756297.css?ver=2.10.1

Requested by

Host: topheavensoffers.org
URL: https://topheavensoffers.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.213.212 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

655d0e9d28b398ee6300eb74d4b8e696e52ed8d151a0e0e45f006318df50c609

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://topheavensoffers.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 23:51:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 29 Mar 2024 23:51:37 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wtDRURPJZNjFZ5O0Y9AKCoqTMhBliHTKGhf%2FVjE3LDQU734DKxDM9eAn7Wydeo8wqkQfeGclNu%2FtvkB%2FpGvQSGP%2FDh6oYQ6Fzh1EN9ScPh12w4iKPQE0ms3Zghv7xqtukAJ699QxmA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 86c3c4dc28ed030a-MIA
expires: Fri, 05 Apr 2024 23:51:37 GMT

GET
H3 200 style.css
topheavensoffers.org/wp-content/themes/twentythird-child/ 1 KB
1 KB 282ms
278ms Stylesheet
text/css 172.67.213.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://topheavensoffers.org/wp-content/themes/twentythird-child/style.css?ver=6.4.3

Requested by

Host: topheavensoffers.org
URL: https://topheavensoffers.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.213.212 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28a927c91a09cff8c9d4c635a5fe111a9148e82cc7026562e096cbf913d57063

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://topheavensoffers.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 23:51:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Aug 2023 15:26:35 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=emfD4PXEM2mrWP7RpF2P93lSRW1GDz3Po4tD9CTtChltgUbVV2QjETOp56NYDt6cN6xonH%2B0c%2F1R%2BOt1O4VUdN0h%2F9MF9kuW8uGwt9JW586gjQnNR%2BGwlD6IPz%2FZEJNCMMoDHwiWMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 86c3c4dc28f2030a-MIA
expires: Fri, 05 Apr 2024 23:51:37 GMT

GET
H3 200 bootstrap-grid.min.css
cdnjs.cloudflare.com/ajax/libs/bootstrap/5.3.1/css/ 51 KB
3 KB 106ms
72ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bootstrap/5.3.1/css/bootstrap-grid.min.css?ver=6.4.3

Requested by

Host: topheavensoffers.org
URL: https://topheavensoffers.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a334d4114c911e8e852d3a8a6ba28ff3a2542dcc00555e97e419f5cbc3d610c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://topheavensoffers.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 23:51:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1394705
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2802
last-modified: Wed, 26 Jul 2023 10:01:22 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64c0eef2-af2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BuF9v%2FMzK9uls4MdvxfXtF0ndMuderhi0jQ6WTKokIsFEQwwFLJC1CEQ5F09RAYrlLOKys%2Bksj%2BEZlkhOqYhPiNRsOCtRbJoi7OLBSDAI66aDAc9BceyPzFsweiLIl6%2FChaZh%2Bw2"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 86c3c4dc5fb931e4-MIA
expires: Wed, 19 Mar 2025 23:51:37 GMT

GET
H3 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/ 100 KB
19 KB 78ms
45ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css?ver=6.4.3

Requested by

Host: topheavensoffers.org
URL: https://topheavensoffers.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://topheavensoffers.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 23:51:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 481436
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 18752
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6421d693-4940"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2b2wfKMwbS%2B%2FbYBPLntveSO3%2B%2FW70otpLsz1AzfImCSyNGhvxsxeOAcXOPFe%2BOTjiJy6JLbwGu9c2ZkZNJkOFefGAejDfRnX7nZZ%2FNxWFV9NX8Ai1f6cGx6tZm%2BTY9IAiTGzDgop"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 86c3c4dc5fb331e4-MIA
expires: Wed, 19 Mar 2025 23:51:37 GMT

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
614 B 183ms
71ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Sansita%3Aital%2Cwght%400%2C400%3B0%2C700%3B0%2C800%3B0%2C900%3B1%2C400%3B1%2C700%3B1%2C800%3B1%2C900&display=swap&ver=6.4.3

Requested by

Host: topheavensoffers.org
URL: https://topheavensoffers.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bcd709ac0a8b20755454fef08fe2cbe4c9c0e5e526e36ec792b6d6a08f32ab6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://topheavensoffers.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 29 Mar 2024 23:51:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 29 Mar 2024 23:51:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 Mar 2024 23:51:37 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
944 B 179ms
67ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Rowdies%3Awght%40300%3B400%3B700&display=swap&ver=6.4.3

Requested by

Host: topheavensoffers.org
URL: https://topheavensoffers.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5b539ac1287127db22d9783f88f17a8e69619d3e3d409e09dcf39781804d926e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://topheavensoffers.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 29 Mar 2024 23:51:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 29 Mar 2024 23:37:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 Mar 2024 23:51:37 GMT

GET
H2 200 css2
fonts.googleapis.com/ 16 KB
869 B 185ms
74ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat%3Aital%2Cwght%400%2C100%3B0%2C200%3B0%2C300%3B0%2C400%3B0%2C500%3B1%2C100%3B1%2C200%3B1%2C300%3B1%2C400&display=swap&ver=6.4.3

Requested by

Host: topheavensoffers.org
URL: https://topheavensoffers.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a2975fbfe80d2426cf58ffdaae92586be152fea438bc45f9169ddec9a5ff5e2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://topheavensoffers.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 29 Mar 2024 23:51:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 29 Mar 2024 23:51:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 Mar 2024 23:51:37 GMT

GET
H2 200 css2
fonts.googleapis.com/ 15 KB
762 B 229ms
118ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Work+Sans%3Aital%2Cwght%400%2C100%3B0%2C200%3B0%2C300%3B0%2C400%3B0%2C500%3B0%2C600%3B0%2C700%3B1%2C100%3B1%2C200%3B1%2C300%3B1%2C400%3B1%2C500%3B1%2C600&display=swap&ver=6.4.3

Requested by

Host: topheavensoffers.org
URL: https://topheavensoffers.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4a210dbbc5a9cc149de4f9e5e23385bea4256690f0cbafa5b5f03b32cabbaf1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://topheavensoffers.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 29 Mar 2024 23:51:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 29 Mar 2024 23:51:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 Mar 2024 23:51:37 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
685 B 179ms
68ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Comfortaa&display=swap&ver=6.4.3

Requested by

Host: topheavensoffers.org
URL: https://topheavensoffers.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dd8eb7cbd3a66f09b1e1c11e75987a9eba498c1ead3fd95f5c59d16bd526d21b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://topheavensoffers.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 29 Mar 2024 23:51:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 29 Mar 2024 23:46:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 Mar 2024 23:51:37 GMT

GET
H2 200 css2
fonts.googleapis.com/ 781 B
459 B 183ms
73ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins&display=swap&ver=6.4.3

Requested by

Host: topheavensoffers.org
URL: https://topheavensoffers.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

171ad06d195b0098c704a465fef9e726222a369c1dc39873a7a57ab6e0d74c9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://topheavensoffers.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 29 Mar 2024 23:51:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 29 Mar 2024 23:48:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 Mar 2024 23:51:37 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
859 B 179ms
69ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Rubik%3Awght%40400%3B500&display=swap&ver=6.4.3

Requested by

Host: topheavensoffers.org
URL: https://topheavensoffers.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2133a96e406366c4ce91f2daf953611743a01a39b93e31a4ba1ade5ac70ea287

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://topheavensoffers.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 29 Mar 2024 23:51:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 29 Mar 2024 23:51:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 Mar 2024 23:51:37 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
496 B 178ms
68ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato%3Awght%40400%3B700&display=swap&ver=6.4.3

Requested by

Host: topheavensoffers.org
URL: https://topheavensoffers.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6c5dbafb6c6411ed476ce3eb558ba96a7c9656ef62ce1f823ed5d7fcf4c1af6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://topheavensoffers.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 29 Mar 2024 23:51:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 29 Mar 2024 23:01:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 Mar 2024 23:51:37 GMT

GET
H3 200 segoe-ui-4
fonts.cdnfonts.com/css/ 660 B
686 B 104ms
37ms Stylesheet
text/css 172.64.163.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.cdnfonts.com/css/segoe-ui-4?ver=6.4.3
Requested by: Host: topheavensoffers.org
URL: https://topheavensoffers.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.163.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c11b532786e7156fb3f37199021cb9176a438caf83ba6838cdb67b3c6dc67d8f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://topheavensoffers.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 23:51:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 599077
cf-polished: origSize=786
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 23 Mar 2024 01:27:00 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z6N8K3ZMnQBVVWs6Dgbp9Pjr4TzSsvnOle9xOEpuYVv81PI0VdfLLGEtMUib%2F1DIVxRJHAbWO2S7xHaDMXVrW6NogVSmCVjCZmoOOXsGO8gbghI0r8N5c503WnEE3ICg05PRAhA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 86c3c4dc8b1b02f9-MIA

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
525 B 179ms
71ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Rosario%3Awght%40500&display=swap&ver=6.4.3

Requested by

Host: topheavensoffers.org
URL: https://topheavensoffers.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cc4be6ef9570692f6cfefa49712ce143b3b77f357f0e068b66ed950d68433607

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://topheavensoffers.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 29 Mar 2024 23:51:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 29 Mar 2024 23:51:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 Mar 2024 23:51:37 GMT

GET
H3 200 interactivity.min.js Show response
topheavensoffers.org/wp-includes/js/dist/ 32 KB
13 KB 285ms
285ms Script
text/javascript 172.67.213.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://topheavensoffers.org/wp-includes/js/dist/interactivity.min.js?ver=6.4.3

Requested by

Host: topheavensoffers.org
URL: https://topheavensoffers.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.213.212 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34019d3364166a309440c0b3e94391105694660f5ed76dc836eed8e4aedc1fb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://topheavensoffers.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 23:51:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 31 Jan 2024 06:12:09 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lP%2F%2F0X11k3%2Bbp6riK1n%2BgwyxmoVdMdIsOifC6lZDpEo34f450cWF0zPmL%2FumfXGPV%2Bw%2FwBmM7hOwcArOgtGtQpZMUL7xUKchw%2FX%2FRZgv3QvPeGFRYzq4IzOQ%2Bq03DPm0GrT%2BFiZgyg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 86c3c4dc4910030a-MIA

GET
H3 200 view.min.js Show response
topheavensoffers.org/wp-includes/blocks/navigation/ 4 KB
2 KB 289ms
289ms Script
text/javascript 172.67.213.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://topheavensoffers.org/wp-includes/blocks/navigation/view.min.js?ver=e3d6f3216904b5b42831

Requested by

Host: topheavensoffers.org
URL: https://topheavensoffers.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.213.212 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecfc357ad95e64230925cfe8fc310394fe5c1b4385eb08354b8fec69af0d6966

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://topheavensoffers.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 23:51:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 23 Oct 2023 18:46:33 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PctoQHCmgtE9j%2B2mNWDagvbDfUNQW3kUp8B08z5TXvyawT%2BdVNRwgM6%2FZy1KfyBfRBZHDqrj%2FogP6%2FyvH2j5JcLZtC3%2B1xBFpl6ZtpEBxHGPxNxUyvnpZEEkGrLSOCyDpRSy1wZCUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 86c3c4dc4912030a-MIA

GET
H3 200 spectra-block-positioning.min.js Show response
topheavensoffers.org/wp-content/plugins/ultimate-addons-for-gutenberg/assets/js/ 4 KB
2 KB 280ms
279ms Script
text/javascript 172.67.213.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://topheavensoffers.org/wp-content/plugins/ultimate-addons-for-gutenberg/assets/js/spectra-block-positioning.min.js?ver=2.10.1

Requested by

Host: topheavensoffers.org
URL: https://topheavensoffers.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.213.212 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24900e73afbb82ceb23bde1e083a1e19ba4b8a5df8f5da0123c985b06f72d03b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://topheavensoffers.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 23:51:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 13 Nov 2023 15:35:29 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uI6hbv9Mlk%2BNGkilMQlvq5HYRyyD59qixwtzdMyUE8MQLGMu5psxhCpAfbl%2FvqHN9vHFuzwNJ3Sq%2F43LqBk5xTYxm8zAyfMeEJjAzY5myU%2Be7dei4f8QQuxmmoFHXlBuFJyxI85L8g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 86c3c4dc28f4030a-MIA

GET
H3 200 DbUeIq7X0AEd_YK-.jpg
topheavensoffers.org/wp-content/uploads/2023/11/ 223 KB
223 KB 515ms
515ms Image
image/jpeg 172.67.213.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://topheavensoffers.org/wp-content/uploads/2023/11/DbUeIq7X0AEd_YK-.jpg

Requested by

Host: topheavensoffers.org
URL: https://topheavensoffers.org/wp-content/uploads/uag-plugin/assets/1000/uag-css-826-1711756297.css?ver=2.10.1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.213.212 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4504a1ca205573ab28e8567365cbbceef75d8acb04e499d3af995cf64d951a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://topheavensoffers.org/wp-content/uploads/uag-plugin/assets/1000/uag-css-826-1711756297.css?ver=2.10.1
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 23:51:38 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 228104
last-modified: Mon, 27 Nov 2023 09:23:43 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0czHXQeWoa7jAOXVFzc266I8XyOhWLkHTX7TtKp30QG9Izz6qg9Tjn9UPTXhUEGTgpYvWLHKG7VbwLnm6UbGkFItTzzB%2Flc7MZWX8HdYLDZ6nZaixuNvJVJqtMxm6QSnt94VAa9P6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 86c3c4de1b2f030a-MIA
expires: Fri, 05 Apr 2024 23:51:38 GMT

GET
H2 200 ptRJTieMYPNBAK21_rBDwQ.woff2
fonts.gstatic.com/s/rowdies/v17/ 17 KB
18 KB 160ms
53ms Font
font/woff2 2607:f8b0:4004:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rowdies/v17/ptRJTieMYPNBAK21_rBDwQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Rowdies%3Awght%40300%3B400%3B700&display=swap&ver=6.4.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7fb3f15ad90ac01c0659dd4e37336f6791e6c70e37c4da837500d607c96a58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://topheavensoffers.org
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 08:03:05 GMT
x-content-type-options: nosniff
age: 229713
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17704
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 17:22:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Mar 2025 08:03:05 GMT

GET
H2 200 ptRMTieMYPNBAK219gtm1On4KA.woff2
fonts.gstatic.com/s/rowdies/v17/ 18 KB
18 KB 175ms
68ms Font
font/woff2 2607:f8b0:4004:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rowdies/v17/ptRMTieMYPNBAK219gtm1On4KA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Rowdies%3Awght%40300%3B400%3B700&display=swap&ver=6.4.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02a80183348791039d7d275dbcbca4839e6dcf1f2069016a712051fc7163190e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://topheavensoffers.org
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 07:51:19 GMT
x-content-type-options: nosniff
age: 230419
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17952
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 17:25:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Mar 2025 07:51:19 GMT

GET
H2 200 xfuu0WDhWW_fOEoY8l_VPNZfB7jPM68qCVc0fec.woff2
fonts.gstatic.com/s/rosario/v31/ 15 KB
15 KB 222ms
115ms Font
font/woff2 2607:f8b0:4004:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rosario/v31/xfuu0WDhWW_fOEoY8l_VPNZfB7jPM68qCVc0fec.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Rosario%3Awght%40500&display=swap&ver=6.4.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b41c451aa25d3cee13bc00dc4a157e1336ee812a4df4408794db897e64004d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://topheavensoffers.org
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 21:37:10 GMT
x-content-type-options: nosniff
age: 8068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15684
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 21:14:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 29 Mar 2025 21:37:10 GMT

GET
H2 200 xfuu0WDhWW_fOEoY8l_VPNZfB7jPM68qCVc6fecXOw.woff2
fonts.gstatic.com/s/rosario/v31/ 10 KB
10 KB 229ms
132ms Font
font/woff2 2607:f8b0:4004:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rosario/v31/xfuu0WDhWW_fOEoY8l_VPNZfB7jPM68qCVc6fecXOw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Rosario%3Awght%40500&display=swap&ver=6.4.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c9ce5cffc567d23883962227d4f91614ddf72c78d5fe42aae8c0158595426d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://topheavensoffers.org
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 23:51:36 GMT
x-content-type-options: nosniff
age: 2
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10008
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 21:51:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 29 Mar 2025 23:51:36 GMT

GET
H3 200 FkBq9lsXwAUXwjJ-1024x367-1.jpg
topheavensoffers.org/wp-content/uploads/2023/11/ 39 KB
40 KB 400ms
400ms Image
image/jpeg 172.67.213.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://topheavensoffers.org/wp-content/uploads/2023/11/FkBq9lsXwAUXwjJ-1024x367-1.jpg

Requested by

Host: topheavensoffers.org
URL: https://topheavensoffers.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.213.212 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb6ba87bf05130399d14d4661426197435a78a40b1b3b74746cdc64f02db567b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://topheavensoffers.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 23:51:38 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 40289
last-modified: Mon, 27 Nov 2023 09:25:26 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cytd509GgI%2BmpTvdLNfXLJOdI3SsP%2BD2lR0yEQncCZJ3sHJQcaBNgmLDBWWoE0ES5Puh%2BMNKsZqGl%2BpnAlqQaDfJib%2B04hp%2BjS6AvmSIbHnzy6%2B0%2FmbBkdBW0uqkQ0NeCdbajiZwBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 86c3c4de3b49030a-MIA
expires: Fri, 05 Apr 2024 23:51:38 GMT

GET
H3 200 cropped-game-3116751_640-32x32.png
topheavensoffers.org/wp-content/uploads/2023/12/ 3 KB
3 KB 277ms
276ms Other
image/png 172.67.213.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://topheavensoffers.org/wp-content/uploads/2023/12/cropped-game-3116751_640-32x32.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.213.212 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cbcb384a51c8609c666d13acdae8a84abdb2dbfdaa9830cc595fd5a45a2c941

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://topheavensoffers.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 23:51:38 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 2761
last-modified: Fri, 01 Dec 2023 16:28:27 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nIcIrzn5gJek4JkDn9aALva4q%2B4UD2kaiBuEV29WZQXUruO4JfrBmUWFcxdwMSJdX24AGCgR%2BT2RYHn7qTBKuzTmJhhRS2Npcf9OQUuuFVSN9JEYr83cHcNwRZ3fk2bBlZ%2Bj63AYhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 86c3c4e2d895030a-MIA
expires: Fri, 05 Apr 2024 23:51:38 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal object| __WordPressPrivateInteractivityAPI__

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.cdnfonts.com
fonts.googleapis.com
fonts.gstatic.com
topheavensoffers.org
104.17.24.14
172.64.163.29
172.67.213.212
2606:4700:3032::ac43:d5d4
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c07::5e
02a80183348791039d7d275dbcbca4839e6dcf1f2069016a712051fc7163190e
171ad06d195b0098c704a465fef9e726222a369c1dc39873a7a57ab6e0d74c9d
1a334d4114c911e8e852d3a8a6ba28ff3a2542dcc00555e97e419f5cbc3d610c
1c9ce5cffc567d23883962227d4f91614ddf72c78d5fe42aae8c0158595426d5
1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf
2133a96e406366c4ce91f2daf953611743a01a39b93e31a4ba1ade5ac70ea287
24900e73afbb82ceb23bde1e083a1e19ba4b8a5df8f5da0123c985b06f72d03b
28a927c91a09cff8c9d4c635a5fe111a9148e82cc7026562e096cbf913d57063
34019d3364166a309440c0b3e94391105694660f5ed76dc836eed8e4aedc1fb5
38b1136cf93f9cb1dc433fd40347fed72ebce9522a55393f95feae15a8268233
40b695d71ab4412bd0f58570891f0ce47caf8971d54e9a5f213f17248ea34b2b
4a210dbbc5a9cc149de4f9e5e23385bea4256690f0cbafa5b5f03b32cabbaf1a
5b539ac1287127db22d9783f88f17a8e69619d3e3d409e09dcf39781804d926e
5c4ff5665714c5f8e3c6517de0301463b384f0b57b472f92ad84f6dd4a7402e3
655d0e9d28b398ee6300eb74d4b8e696e52ed8d151a0e0e45f006318df50c609
6c5dbafb6c6411ed476ce3eb558ba96a7c9656ef62ce1f823ed5d7fcf4c1af6e
6cbcb384a51c8609c666d13acdae8a84abdb2dbfdaa9830cc595fd5a45a2c941
a2975fbfe80d2426cf58ffdaae92586be152fea438bc45f9169ddec9a5ff5e2d
b41c451aa25d3cee13bc00dc4a157e1336ee812a4df4408794db897e64004d67
b4504a1ca205573ab28e8567365cbbceef75d8acb04e499d3af995cf64d951a2
bcd709ac0a8b20755454fef08fe2cbe4c9c0e5e526e36ec792b6d6a08f32ab6a
c11b532786e7156fb3f37199021cb9176a438caf83ba6838cdb67b3c6dc67d8f
cb6ba87bf05130399d14d4661426197435a78a40b1b3b74746cdc64f02db567b
cc4be6ef9570692f6cfefa49712ce143b3b77f357f0e068b66ed950d68433607
dd8eb7cbd3a66f09b1e1c11e75987a9eba498c1ead3fd95f5c59d16bd526d21b
de7fb3f15ad90ac01c0659dd4e37336f6791e6c70e37c4da837500d607c96a58
ecfc357ad95e64230925cfe8fc310394fe5c1b4385eb08354b8fec69af0d6966

topheavensoffers.org Open in urlscan Pro 2606:4700:3032::ac43:d5d4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

27 Requests

100 %HTTPS

50 %IPv6

5 Domains

5 Subdomains

6 IPs

2 Countries

400 kBTransfer

763 kBSize

0 Cookies

10 Outgoing links

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

topheavensoffers.org Open in urlscan Pro
2606:4700:3032::ac43:d5d4 Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

5
Subdomains

6
IPs

2
Countries

400 kB
Transfer

763 kB
Size

0
Cookies

27 HTTP transactions
0 data transactions