headstream.potatohead.co Open in urlscan Pro
2606:4700:21::681b:cb59 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.headstream.digital/
Effective URL:
https://headstream.potatohead.co/
Submission: On November 11 via api (November 11th 2024, 3:33:59 pm UTC) from US — Scanned from DE

Summary HTTP 17 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 17 HTTP transactions. The main IP is 2606:4700:21::681b:cb59, located in United States and belongs to CLOUDFLARENET, US. The main domain is headstream.potatohead.co.
TLS certificate: Issued by WE1 on October 20th 2024. Valid for: 3 months.

This is the only time headstream.potatohead.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.33.251.168 3.33.251.168	16509 (AMAZON-02) (AMAZON-02)
1 9	2606:4700:21:... 2606:4700:21::681b:cb59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	116.203.215.64 116.203.215.64	24940 (HETZNER-AS) (HETZNER-AS)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
17	6

1 3.33.251.168 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com

www.headstream.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:21::681b:cb59 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

headstream.potatohead.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.203.215.64 (Munich, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: resolver.streamnerd.nl

player.streamnerd.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	potatohead.co 1 redirects headstream.potatohead.co seminyak.potatohead.co Failed	355 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3643
1	streamnerd.nl player.streamnerd.nl
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 683	7 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	101 KB
1	headstream.digital 1 redirects www.headstream.digital	321 B
17	6

	Domain	Requested by
9	headstream.potatohead.co	1 redirects headstream.potatohead.co static.cloudflareinsights.com
2	region1.google-analytics.com	www.googletagmanager.com
1	player.streamnerd.nl	headstream.potatohead.co
1	static.cloudflareinsights.com	headstream.potatohead.co
1	www.googletagmanager.com	headstream.potatohead.co
1	www.headstream.digital	1 redirects
0	seminyak.potatohead.co Failed
17	7

This site contains links to these domains. Also see Links.

Domain
potatohead.co
www.facebook.com
www.instagram.com
open.spotify.com

Subject Issuer	Validity	Valid
potatohead.co WE1	`2024-10-20` - `2025-01-18`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
cloudflareinsights.com WE1	`2024-11-01` - `2025-01-30`	3 months	crt.sh
player.streamnerd.nl E5	`2024-11-05` - `2025-02-03`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://headstream.potatohead.co/
Frame ID: 93303E4FB1AF603B938CE8878931601D
Requests: 15 HTTP requests in this frame

Frame: https://player.streamnerd.nl/potatohead/potatohead
Frame ID: F162070C26377CB85942848D24C88B10
Requests: 1 HTTP requests in this frame

Frame: https://headstream.potatohead.co/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js
Frame ID: 410B3ACB8E2584FEC8EE301A6A50B32C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Headstream by Potato Head

Page URL History Show full URLs

https://www.headstream.digital/ HTTP 301
https://headstream.potatohead.co/ Page URL

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

17
Requests

71 %
HTTPS

67 %
IPv6

6
Domains

7
Subdomains

6
IPs

2
Countries

463 kB
Transfer

869 kB
Size

4
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://potatohead.co/
Title: Potato Head

Search URL Search Domain Scan URL

URL: https://www.facebook.com/potatoheadbali/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/potatoheadbali/

Search URL Search Domain Scan URL

URL: https://open.spotify.com/user/potatoheadmusic?si=zdw2KuXcRjG3J1pWdg0gkA&nd=1

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.headstream.digital/ HTTP 301
https://headstream.potatohead.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://headstream.potatohead.co/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://headstream.potatohead.co/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js

Request Chain 12

https://potatohead.co/wp-content/uploads/2021/05/cropped-PH_GLBL_ICON_BLACK-01_favicon-1.png HTTP 301
https://seminyak.potatohead.co/wp-content/uploads/2021/05/cropped-PH_GLBL_ICON_BLACK-01_favicon-1.png

Request Chain 13

https://potatohead.co/wp-content/uploads/2021/05/cropped-PH_GLBL_ICON_BLACK-01_favicon-1-32x32.png HTTP 301
https://seminyak.potatohead.co/wp-content/uploads/2021/05/cropped-PH_GLBL_ICON_BLACK-01_favicon-1-32x32.png

Request Chain 14

https://potatohead.co/wp-content/uploads/2021/05/cropped-PH_GLBL_ICON_BLACK-01_favicon-1-192x192.png HTTP 301
https://seminyak.potatohead.co/wp-content/uploads/2021/05/cropped-PH_GLBL_ICON_BLACK-01_favicon-1-192x192.png

17 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
headstream.potatohead.co/
Redirect Chain

https://www.headstream.digital/
https://headstream.potatohead.co/

190 KB
67 KB

12602ms
12263ms

Document
text/html

2606:4700:21::681b:cb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://headstream.potatohead.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:cb59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61dcc1ca0089ce54769685629040bff1d42de622725abe3c6239c6fd0e88ff37

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8e0f57890e6e676e-ATL
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 11 Nov 2024 15:33:51 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ThiI2COxU8JvHfSja9sNygogDWm38rBnCbZsJYzw8ppfS7BG2%2Fz%2BN5%2FHceO%2FnAopJiOqzZ5ACqU2tSFxnPXYSBH%2BhXPAbHFSOacHz42OURZ3Ut9JCsrr1WipR1XdteHrVANTqtekZu5fFd6vHbphp%2BpyJ0g%2BKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC" cfL4;desc="?proto=TCP&rtt=158241&sent=8&recv=11&lost=0&retrans=0&sent_bytes=4004&recv_bytes=2332&delivery_rate=27916&cwnd=34&unsent_bytes=0&cid=3861256f9c9828cd&ts=12267&x=0"
vary: accept-encoding

Redirect headers

Connection: close
Content-Length: 68
Content-Type: text/html; charset=utf-8
Date: Mon, 11 Nov 2024 15:33:38 GMT
Location: https://headstream.potatohead.co/
Server: ip-100-74-4-13.eu-west-2.compute.internal
Vary: Accept-Encoding
X-Request-Id: b4f84784-d3b8-468d-b69c-52afe9d709ef

GET
H2 200 Monotype-HelveticaNowDisplayMedium.otf
headstream.potatohead.co/webfonts/ 117 KB
117 KB 258ms
257ms Font
application/octet-stream 2606:4700:21::681b:cb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://headstream.potatohead.co/webfonts/Monotype-HelveticaNowDisplayMedium.otf
Requested by: Host: headstream.potatohead.co
URL: https://headstream.potatohead.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:cb59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d62d2a1a9db713c494360b996d6d462339900c5957691ce630ee0a2f5c110a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://headstream.potatohead.co
Referer: https://headstream.potatohead.co/

Response headers

cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
etag: "65fd1383-1d314"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pXvjGPBhOaGt8FlpLEj2Y4aako1cvweW3XQR8y%2Fo%2BCzhxGnljXGsyfwyroo5SlvWLmPibeTulxRjXcNBUajEHBPdOKXQ7lY3f0jnx186f2xFa5Jvn%2BxLYqE8FD%2FjE4IzM79Ogd7aX%2BkqQNmm8WrunCOttewFKA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e0f57d65925676e-ATL
accept-ranges: bytes
server-timing: cfL4;desc="?proto=TCP&rtt=141830&sent=68&recv=36&lost=0&retrans=0&sent_bytes=73755&recv_bytes=2793&delivery_rate=311280&cwnd=84&unsent_bytes=0&cid=3861256f9c9828cd&ts=12630&x=0"
content-length: 119572
date: Mon, 11 Nov 2024 15:33:51 GMT
content-type: application/octet-stream
last-modified: Fri, 22 Mar 2024 05:13:39 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 Monotype-HelveticaNowDisplayXBold.otf
headstream.potatohead.co/webfonts/ 118 KB
119 KB 365ms
365ms Font
application/octet-stream 2606:4700:21::681b:cb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://headstream.potatohead.co/webfonts/Monotype-HelveticaNowDisplayXBold.otf
Requested by: Host: headstream.potatohead.co
URL: https://headstream.potatohead.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:cb59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88c1f1bf6b15018f1e5d8300d837e9d674294435495dc0325537094259ece2a1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://headstream.potatohead.co
Referer: https://headstream.potatohead.co/

Response headers

cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
etag: "65fd1384-1d908"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7f3AuN5wmm9D07SOcVaz81USUVgQUoAzJm30jCSk3r%2B1NaST1QW6HuGB0Iso2hyDh5xnlLzjU3l7tojHj4C2fao5fXpCB%2F%2BoU4TFS61kdJC7TJ6C9jMfS4cUe8ykT2zu%2FrhTYqCRWCN5uIte7tvcV4zKCL1d%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e0f57d65927676e-ATL
accept-ranges: bytes
server-timing: cfL4;desc="?proto=TCP&rtt=147255&sent=101&recv=37&lost=0&retrans=0&sent_bytes=114858&recv_bytes=2793&delivery_rate=240862&cwnd=85&unsent_bytes=25940&cid=3861256f9c9828cd&ts=12664&x=0"
content-length: 121096
date: Mon, 11 Nov 2024 15:33:51 GMT
content-type: application/octet-stream
last-modified: Fri, 22 Mar 2024 05:13:40 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 headstream4.css
headstream.potatohead.co/css/ 26 KB
7 KB 354ms
354ms Stylesheet
text/css 2606:4700:21::681b:cb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://headstream.potatohead.co/css/headstream4.css?rand=HS4
Requested by: Host: headstream.potatohead.co
URL: https://headstream.potatohead.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:cb59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd510f849ae10e2245a37a03d1161c74939e0e574471a85f42672679faf65b9d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://headstream.potatohead.co/

Response headers

cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: REVALIDATED
etag: W/"65fd136b-679f"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pQVOnHuZ%2FssbzDfpuU794UpNj2kza3JsBs1J1UUD5dYXRWn7gcE5No1xxHQmkA6No%2B2BM%2F0EWaw4q%2B6H9%2Bj5Vwz2W2g8%2B%2BoGfjWzd5uLUE2vJ07QoGeuz9nR8RfV%2BC2JHzT%2FAgYk%2FRL%2F9Up8DvJAYwZUP%2FckuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e0f57d65923676e-ATL
server-timing: cfL4;desc="?proto=TCP&rtt=141830&sent=83&recv=36&lost=0&retrans=0&sent_bytes=91512&recv_bytes=2793&delivery_rate=311280&cwnd=84&unsent_bytes=49286&cid=3861256f9c9828cd&ts=12640&x=0"
date: Mon, 11 Nov 2024 15:33:51 GMT
content-type: text/css
last-modified: Fri, 22 Mar 2024 05:13:15 GMT
vary: Accept-Encoding
server: cloudflare

GET
DATA 200
OK truncated
/ 59 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f3fb2a595c574cc8626a8055bf31f8eace9d374272c8d3f05f304ccb8790a6b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 294 KB
101 KB 152ms
61ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DE1JLZL8QQ

Requested by

Host: headstream.potatohead.co
URL: https://headstream.potatohead.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7986c8f31aec01d5ae07f2caca0ba7a5beb226369bc0db73313931099b450e61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://headstream.potatohead.co/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 11 Nov 2024 15:33:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 11 Nov 2024 15:33:51 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 102998
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 157ms
58ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: headstream.potatohead.co
URL: https://headstream.potatohead.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://headstream.potatohead.co
Referer: https://headstream.potatohead.co/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 8e0f57d74fda35e0-FRA
access-control-allow-origin: *
date: Mon, 11 Nov 2024 15:33:51 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK potatohead
player.streamnerd.nl/potatohead/ Frame F162 0
0 188ms
37ms Document
text/html 116.203.215.64
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.streamnerd.nl/potatohead/potatohead
Requested by: Host: headstream.potatohead.co
URL: https://headstream.potatohead.co/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.203.215.64 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: resolver.streamnerd.nl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://headstream.potatohead.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 11 Nov 2024 15:33:52 GMT
ETag: W/"63480607-842"
Last-Modified: Thu, 13 Oct 2022 12:35:19 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

GET
H2 206 glob3_72829_01844.mp4
headstream.potatohead.co/files/ 38 KB
39 KB 294ms
287ms Media
video/mp4 2606:4700:21::681b:cb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://headstream.potatohead.co/files/glob3_72829_01844.mp4
Requested by: Host: headstream.potatohead.co
URL: https://headstream.potatohead.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:cb59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94af029017f36e25a326839710645d1a7572ca59c4b2dd879a7740687749ffcd

Request headers

Referer: https://headstream.potatohead.co/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "65fd1372-98ab"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z2NvRkRvq%2FvoRfWOLORf20SkoHRgzFd8NiUqlVvr86vlBL9uGLM7Lah%2BDQizCP%2FXZOKNnwN566FwktTMySj2RojrMv2DWBuY4DtdDBUVVNc5nij3zHt7k1W0tB3vloZy2NL2gEjsfXiPporNk8nGeBASwhZZKw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Range: bytes 0-39082/39083
cf-ray: 8e0f57da5f46676e-ATL
server-timing: cfL4;desc="?proto=TCP&rtt=142138&sent=274&recv=221&lost=0&retrans=10&sent_bytes=337112&recv_bytes=2897&delivery_rate=672973&cwnd=141&unsent_bytes=0&cid=3861256f9c9828cd&ts=13309&x=0"
Content-Length: 39083
date: Mon, 11 Nov 2024 15:33:52 GMT
content-type: video/mp4
last-modified: Fri, 22 Mar 2024 05:13:22 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2

200

main.js Show response
headstream.potatohead.co/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/ Frame 410B
Redirect Chain

https://headstream.potatohead.co/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://headstream.potatohead.co/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?

8 KB
4 KB

157ms
157ms

Script
application/javascript

2606:4700:21::681b:cb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://headstream.potatohead.co/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?

Requested by

Host: headstream.potatohead.co
URL: https://headstream.potatohead.co/

Protocol

Server

2606:4700:21::681b:cb59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b789711badafb74ab57704e2e2ec798161214969e16b9be4cabc78f3db116f31

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qYxm7AdoaU2g3jfe%2FPnXTHMZEFHrcxD%2B2%2FED%2BiOpkZdf6mpEIfgTFX6ZYfk4xt0Y%2FvdA%2BjAvOXWe2ix4313Pyxfsk7PLoFg6%2Fhs3oaN5O0MUvM85D0dKjzZsHpsWIn9tmqlzPdFS7jbz%2BSnhm%2BKZH7v1LWRhrA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8e0f57dc5ab1676e-ATL
server-timing: cfL4;desc="?proto=TCP&rtt=139290&sent=308&recv=256&lost=0&retrans=10&sent_bytes=377466&recv_bytes=3147&delivery_rate=672973&cwnd=174&unsent_bytes=0&cid=3861256f9c9828cd&ts=13491&x=0"
date: Mon, 11 Nov 2024 15:33:52 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3FuKo8kzctcZBTSJdXGQtET7PNV%2BBke6PFnVwliv5JfpSD87zsnssACFgAq2o71Z%2FjpNlE3JXmu5BbjsALZIt80os4t1zcaRwYkefo0bEBU66dZ%2BAPULcJUkOlGsRGLDRasUYDcafayzQXthNEm5Q6jjihJJpA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e0f57db5909676e-ATL
access-control-allow-origin: *
server-timing: cfL4;desc="?proto=TCP&rtt=142138&sent=307&recv=222&lost=0&retrans=10&sent_bytes=376866&recv_bytes=2986&delivery_rate=672973&cwnd=141&unsent_bytes=0&cid=3861256f9c9828cd&ts=13332&x=0"
content-length: 0
date: Mon, 11 Nov 2024 15:33:52 GMT
vary: Accept-Encoding
server: cloudflare

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 152ms
48ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-DE1JLZL8QQ&gtm=45je4b70v880688387za200&_p=1731339232285&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629~102067554&cid=937940703.1731339232&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731339232&sct=1&seg=0&dl=https%3A%2F%2Fheadstream.potatohead.co%2F&dt=Headstream%20by%20Potato%20Head&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=13907
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DE1JLZL8QQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://headstream.potatohead.co/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://headstream.potatohead.co
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 11 Nov 2024 15:33:52 GMT
content-type: text/plain
server: Golfe2

POST
H2 200 8e0f57890e6e676e Show response
headstream.potatohead.co/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 410B 0
992 B 298ms
292ms XHR
text/plain 2606:4700:21::681b:cb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://headstream.potatohead.co/cdn-cgi/challenge-platform/h/b/jsd/r/8e0f57890e6e676e
Requested by: Host: headstream.potatohead.co
URL: https://headstream.potatohead.co/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:cb59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Eb0dmw5QbCJULM3ENaRj63NAOgkO7lT2BbPTx1cXUFRSQf0IR6Xxaj2AxsnxCVanHsLfsgduhyHjXD8YM5VaaEl553SyXOkcb6ksIkKuTvPekXTT4h3EnZ%2Ben%2Fj0Vdt7UYkvXrGmsYOic1oND%2BNaEtY6gzI%2Byw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e0f57de3d78676e-ATL
server-timing: cfL4;desc="?proto=TCP&rtt=144685&sent=322&recv=275&lost=0&retrans=10&sent_bytes=382031&recv_bytes=21585&delivery_rate=672973&cwnd=179&unsent_bytes=0&cid=3861256f9c9828cd&ts=13930&x=0"
content-length: 0
date: Mon, 11 Nov 2024 15:33:53 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare

POST
H2 204 rum Show response
headstream.potatohead.co/cdn-cgi/ 0
187 B 207ms
205ms XHR
text/plain 2606:4700:21::681b:cb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://headstream.potatohead.co/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:21::681b:cb59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: application/json
Referer: https://headstream.potatohead.co/

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
cf-ray: 8e0f57df1f0a676e-ATL
access-control-allow-origin: https://headstream.potatohead.co
date: Mon, 11 Nov 2024 15:33:53 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

GET

cropped-PH_GLBL_ICON_BLACK-01_favicon-1.png
seminyak.potatohead.co/wp-content/uploads/2021/05/
Redirect Chain

https://potatohead.co/wp-content/uploads/2021/05/cropped-PH_GLBL_ICON_BLACK-01_favicon-1.png
https://seminyak.potatohead.co/wp-content/uploads/2021/05/cropped-PH_GLBL_ICON_BLACK-01_favicon-1.png

0
0

GET

cropped-PH_GLBL_ICON_BLACK-01_favicon-1-32x32.png
seminyak.potatohead.co/wp-content/uploads/2021/05/
Redirect Chain

https://potatohead.co/wp-content/uploads/2021/05/cropped-PH_GLBL_ICON_BLACK-01_favicon-1-32x32.png
https://seminyak.potatohead.co/wp-content/uploads/2021/05/cropped-PH_GLBL_ICON_BLACK-01_favicon-1-32x32.png

0
0

GET

cropped-PH_GLBL_ICON_BLACK-01_favicon-1-192x192.png
seminyak.potatohead.co/wp-content/uploads/2021/05/
Redirect Chain

https://potatohead.co/wp-content/uploads/2021/05/cropped-PH_GLBL_ICON_BLACK-01_favicon-1-192x192.png
https://seminyak.potatohead.co/wp-content/uploads/2021/05/cropped-PH_GLBL_ICON_BLACK-01_favicon-1-192x192.png

0
0

POST headstream_livecheck.php
headstream.potatohead.co/ 0
0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 52ms
51ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-DE1JLZL8QQ&gtm=45je4b70v880688387za200&_p=1731339232285&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629~102067554&cid=937940703.1731339232&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1731339232&sct=1&seg=0&dl=https%3A%2F%2Fheadstream.potatohead.co%2F&dt=Headstream%20by%20Potato%20Head&en=scroll&epn.percent_scrolled=90&_et=5&tfd=18912
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DE1JLZL8QQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://headstream.potatohead.co/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://headstream.potatohead.co
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 11 Nov 2024 15:33:57 GMT
content-type: text/plain
server: Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: seminyak.potatohead.co
URL: https://seminyak.potatohead.co/wp-content/uploads/2021/05/cropped-PH_GLBL_ICON_BLACK-01_favicon-1.png

Domain: seminyak.potatohead.co
URL: https://seminyak.potatohead.co/wp-content/uploads/2021/05/cropped-PH_GLBL_ICON_BLACK-01_favicon-1-32x32.png

Domain: seminyak.potatohead.co
URL: https://seminyak.potatohead.co/wp-content/uploads/2021/05/cropped-PH_GLBL_ICON_BLACK-01_favicon-1-192x192.png

Domain: headstream.potatohead.co
URL: https://headstream.potatohead.co/headstream_livecheck.php

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
headstream.potatohead.co/	1969-12-31 23:59:59	Name: PHPSESSID Value: u0vpm6tfgq2f45vg0746nvuutq
.potatohead.co/	1970-01-21 10:31:39	Name: _ga Value: GA1.1.937940703.1731339232
.potatohead.co/	1970-01-21 10:31:39	Name: _ga_DE1JLZL8QQ Value: GS1.1.1731339232.1.0.1731339232.0.0.0
.potatohead.co/	1970-01-21 09:41:15	Name: cf_clearance Value: aE7VI3pDI3jULN9kPGZ3NAyyJOsrkwR9ujMXGkW31qU-1731339233-1.2.1.1-fodrnhxK0MTRDeJcS0WNRseH8zeYUci7yb6hcrT_i_fMgXp.6S15ynV29DU9VKlbWy3_lbCA73N1dLIIDEZ2OKsiXjyre3TtQmZ.vWy62hunTpqb7MiTjNO6.15mEbH_p..phYifpxwAAd8YjI1WhkfihEJO6wlAi67boi6MyV9Eh9KzOR9EkVK1W0Fw0cEWXLSyOj7Lm.MPwNNyjSCYTcUE5xM2k3S3fNZWuZ18HK2.hTVHprhf7hzHvayoROn3ZROzwUWr9rtSljgP2B902xZzH9GsJfUViea8OOfRxLNRO.7ENvsuB1uB1U7_zRmwO6wQWXfV5xL9dOcTrzaImECPn3NJZBbTEHQMb1Y3hGgPtgLhN7.FsSg7yDW7hrTx

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

headstream.potatohead.co
player.streamnerd.nl
region1.google-analytics.com
seminyak.potatohead.co
static.cloudflareinsights.com
www.googletagmanager.com
www.headstream.digital
headstream.potatohead.co
seminyak.potatohead.co
116.203.215.64
2001:4860:4802:32::36
2606:4700:21::681b:cb59
2606:4700::6810:5049
2a00:1450:4001:81c::2008
3.33.251.168
5f3fb2a595c574cc8626a8055bf31f8eace9d374272c8d3f05f304ccb8790a6b
61dcc1ca0089ce54769685629040bff1d42de622725abe3c6239c6fd0e88ff37
7986c8f31aec01d5ae07f2caca0ba7a5beb226369bc0db73313931099b450e61
82d62d2a1a9db713c494360b996d6d462339900c5957691ce630ee0a2f5c110a
88c1f1bf6b15018f1e5d8300d837e9d674294435495dc0325537094259ece2a1
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
94af029017f36e25a326839710645d1a7572ca59c4b2dd879a7740687749ffcd
b789711badafb74ab57704e2e2ec798161214969e16b9be4cabc78f3db116f31
cd510f849ae10e2245a37a03d1161c74939e0e574471a85f42672679faf65b9d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

headstream.potatohead.co Open in urlscan Pro 2606:4700:21::681b:cb59 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

71 %HTTPS

67 %IPv6

6 Domains

7 Subdomains

6 IPs

2 Countries

463 kBTransfer

869 kBSize

4 Cookies

4 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

4 Cookies

Indicators

headstream.potatohead.co Open in urlscan Pro
2606:4700:21::681b:cb59 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

71 %
HTTPS

67 %
IPv6

6
Domains

7
Subdomains

6
IPs

2
Countries

463 kB
Transfer

869 kB
Size

4
Cookies

17 HTTP transactions
1 data transactions