urlscan.io logo urlscan.io
SecurityTrails logo

headshot.su Open in urlscan Pro
128.140.73.113  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://vielverdiener.com/
Effective URL: https://headshot.su/
Submission: On July 30 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 34 HTTP transactions. The main IP is 128.140.73.113, located in Germany and belongs to HETZNER-AS, DE. The main domain is headshot.su.
TLS certificate: Issued by R10 on June 24th 2024. Valid for: 3 months.
This is the only time headshot.su was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2001:8d8:100f... 8560 (IONOS-AS ...)
21 128.140.73.113 24940 (HETZNER-AS)
1 2607:f8b0:400... 15169 (GOOGLE)
6 104.17.24.14 13335 (CLOUDFLAR...)
1 2 104.18.94.41 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
34 7
1    2001:8d8:100f:f000::200 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
vielverdiener.com
21    128.140.73.113 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: 113.73.140.128.in-addr.arpa
headshot.su
1    2607:f8b0:4004:c08::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    104.18.94.41 (None, )

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
1    2607:f8b0:4004:c06::5b (Washington, United States)

ASN15169 (GOOGLE, US)
www.youtube-nocookie.com
1    2607:f8b0:4004:c0b::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
21 headshot.su
headshot.su
4 MB
8 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336
challenges.cloudflare.com — Cisco Umbrella Rank: 3877
311 KB
1 gstatic.com
fonts.gstatic.com
21 KB
1 youtube-nocookie.com
www.youtube-nocookie.com — Cisco Umbrella Rank: 4316
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
30 KB
1 vielverdiener.com
vielverdiener.com
102 B
34 6
Domain Requested by
21 headshot.su headshot.su
6 cdnjs.cloudflare.com headshot.su
cdnjs.cloudflare.com
2 challenges.cloudflare.com 1 redirects headshot.su
1 fonts.gstatic.com fonts.googleapis.com
1 www.youtube-nocookie.com headshot.su
1 fonts.googleapis.com headshot.su
1 vielverdiener.com 1 redirects
34 7

This site contains links to these domains. Also see Links.

Domain
azrael.sellix.io
www.facebook.com
vk.com
tele.click
www.youtube.com
Subject Issuer Validity Valid
headshot.su
R10		 2024-06-24 -
2024-09-22		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
*.google.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://headshot.su/
Frame ID: D448437A5BDD236F0B91DAA18630BA19
Requests: 35 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/videoseries?list=PLL5Qa2JD_kAzR0I7TPWbF3cJycJ-YGo9u
Frame ID: 80949985DECEA8B165893A9C2E7D0810
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Headshot - superior cheat provider

Page URL History Show full URLs

  1. https://vielverdiener.com/ HTTP 302
    https://headshot.su/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <div id="particles-js">
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

34
Requests

88 %
HTTPS

57 %
IPv6

6
Domains

7
Subdomains

7
IPs

3
Countries

4184 kB
Transfer

20158 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://vielverdiener.com/ HTTP 302
    https://headshot.su/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://challenges.cloudflare.com/turnstile/v0/api.js HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/b/8c81cb09042c/api.js

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
headshot.su/
Redirect Chain
  • https://vielverdiener.com/
  • https://headshot.su/
68 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://headshot.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.140.73.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
113.73.140.128.in-addr.arpa
Software
/
Resource Hash
9079bb703d8f9bd96a68d3ebdedbb0893455ebab1168be488d2baaea5647df0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 30 Jul 2024 07:18:18 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache
content-length
0
content-type
text/html
date
Tue, 30 Jul 2024 07:18:17 GMT
location
https://headshot.su/
server
Apache
bootstrap.css
headshot.su/assets/css/ 		191 KB
192 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://headshot.su/assets/css/bootstrap.css
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.140.73.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
113.73.140.128.in-addr.arpa
Software
/
Resource Hash
c9e6f2019d9e629275a16a0df591ebb13382b572dc0ecc9a1666b08401805956
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://headshot.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 07:18:18 GMT
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 19 Dec 2021 14:10:52 GMT
etag
"61bf3d6c-2fdfe"
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
196094
x-xss-protection
1; mode=block
main.css
headshot.su/assets/css/ 		7 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://headshot.su/assets/css/main.css
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.140.73.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
113.73.140.128.in-addr.arpa
Software
/
Resource Hash
afbbe8df5172cac000fc39dffed6615c00b94b7ff3c6eeebdbd437ae8d809d39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://headshot.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 07:18:18 GMT
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 13 Jun 2024 10:28:40 GMT
etag
"666ac9d8-1ca7"
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
7335
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ 		110 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=RocknRoll%20One
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
60e96e2cf323ca0052a9a0a923bcac7771742864662b61abd8a493f2ca4c8913
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://headshot.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 30 Jul 2024 07:18:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 30 Jul 2024 07:18:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 30 Jul 2024 07:18:19 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/ 		82 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a361e7885c36bacb3fd9cb068da207c3b9329962cac022d06e28923939f575e8
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://headshot.su
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 07:18:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2711
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
14850
last-modified
Mon, 22 Nov 2021 21:02:51 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"619c057b-3a02"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w5kyAsef%2FoJ%2FXG3p9H%2BI7sPrYcOv8VcDNhmj20WP8jAgDicwMZiTWdPFzEb8uBGVrVMuvxIH%2BwuYkTsYQIucnVmwoyac2lh51s3t5ekTLcCIIenZeLMeSgRqnqIv2DioAKHv6vVQ"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8ab392f02ba5747f-MIA
expires
Sun, 20 Jul 2025 07:18:18 GMT
favicon.png
headshot.su/assets/images/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://headshot.su/assets/images/favicon.png
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.140.73.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
113.73.140.128.in-addr.arpa
Software
/
Resource Hash
578d95421061b1f7888bb7f54c1e696fc9676efba4efd863c40e587c1eb48cb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://headshot.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 07:18:18 GMT
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 30 May 2021 20:36:30 GMT
etag
"60b3f74e-6a93"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
27283
x-xss-protection
1; mode=block
logo.png
headshot.su/assets/images/ 		109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://headshot.su/assets/images/logo.png
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.140.73.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
113.73.140.128.in-addr.arpa
Software
/
Resource Hash
3d8ce63d9c303774ef00fb3a80a3ec8d7c7c85d43347d964e53dfa8f147d87e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://headshot.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 07:18:18 GMT
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 30 May 2021 20:36:30 GMT
etag
"60b3f74e-1b258"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
111192
x-xss-protection
1; mode=block
ark.png
headshot.su/assets/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://headshot.su/assets/images/ark.png
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.140.73.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
113.73.140.128.in-addr.arpa
Software
/
Resource Hash
a68004d7e0c7102d256c53907b1ce5bbbf50e0e373a118d6a2bf782637d65675
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://headshot.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 07:18:19 GMT
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 29 Jul 2021 12:09:23 GMT
etag
"61029a73-1055"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
4181
x-xss-protection
1; mode=block
windows.png
headshot.su/assets/images/ 		817 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://headshot.su/assets/images/windows.png
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.140.73.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
113.73.140.128.in-addr.arpa
Software
/
Resource Hash
b0cf3efe15d9b149dbcececa4ed6aa29317794ff600235aed924a663ce7ce6fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://headshot.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 07:18:19 GMT
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 29 Jul 2021 22:16:28 GMT
etag
"610328bc-331"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
817
x-xss-protection
1; mode=block
microsoftstore.png
headshot.su/assets/images/ 		921 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://headshot.su/assets/images/microsoftstore.png
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.140.73.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
113.73.140.128.in-addr.arpa
Software
/
Resource Hash
199fed5202fa14ce2cbcc5933171a4224040bf60e80955952cd6298d883ad142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://headshot.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 07:18:19 GMT
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 29 Jul 2021 22:18:27 GMT
etag
"61032933-399"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
921
x-xss-protection
1; mode=block
discord.png
headshot.su/assets/images/socialmedia/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://headshot.su/assets/images/socialmedia/discord.png
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.140.73.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
113.73.140.128.in-addr.arpa
Software
/
Resource Hash
f9f0de6637badeeae5fcaa5c87ff425f48fd3e4a79de010be14e4bec7ddb57ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://headshot.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 07:18:19 GMT
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 24 Aug 2021 13:40:06 GMT
etag
"6124f6b6-15df"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
5599
x-xss-protection
1; mode=block
api.js
challenges.cloudflare.com/turnstile/v0/b/8c81cb09042c/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js
  • https://challenges.cloudflare.com/turnstile/v0/b/8c81cb09042c/api.js
43 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/8c81cb09042c/api.js
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H3
Server
104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25b1f543c4682618e2fff0c607d70a896ecfc080ce500c41ce00b7ffad0ec411

Request headers

Referer
https://headshot.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 07:18:19 GMT
content-encoding
br
last-modified
Fri, 26 Jul 2024 18:15:35 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
cross-origin-resource-policy
cross-origin
cf-ray
8ab392f43f85a4f8-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 30 Jul 2024 07:18:19 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-origin
*
location
/turnstile/v0/b/8c81cb09042c/api.js
cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
cross-origin-resource-policy
cross-origin
cf-ray
8ab392f3df55a4f8-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://headshot.su
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 07:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
485597
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27938
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"603e8adc-15d9d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=63huK9WUDmE94otOPfGzsC8OL66ktFcTBGTbETSEJTTOHHmKiEs34v0m11E3pxoSI6271CNLZC01ZCiYsEO5UI2y2xQ407a%2FOE787wDiPQ2qHtEuhhjBDQrz08prTqcslV6%2FFo8j"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8ab392f39d40747f-MIA
expires
Sun, 20 Jul 2025 07:18:19 GMT
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/2.11.0/umd/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/2.11.0/umd/popper.min.js
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c83dceabf8fb8a39041cae0996f421962b2332c25d03796ea77614a4291fdbae
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://headshot.su
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 07:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
483542
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6328
last-modified
Sun, 28 Nov 2021 03:31:27 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"61a2f80f-18b8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L%2FGxfYxQoJp1N98NYtFAVd4naqh0asEN%2BEpINO%2FnSYsusZ1lrREZ%2Bku%2BgMmQGPVdShkjF%2FNG2PCUTw7GugXntR6RXhXgEOqst7K2WJq709QVdZxXx7iotQAM9gSAycatXWnjtAOl"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8ab392f39d46747f-MIA
expires
Sun, 20 Jul 2025 07:18:19 GMT
bootstrap.bundle.min.js
cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.3/js/ 		76 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.3/js/bootstrap.bundle.min.js
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://headshot.su
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 07:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1011643
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20522
last-modified
Sat, 09 Oct 2021 18:30:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6161dfe3-502a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p2IRlaOaqHm9PFf1d%2Bpuxo7FwZ8ysMq6GSmUF4G%2B6XlonqNBvxATs9uf3W0ulV4y0n5MeS7rwiad8GP7RUPrJkmiHOT0V6obxNOgKRnNyaRMLefubwhXGB1gVO4Pf6Adfr513y8F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8ab392f39d47747f-MIA
expires
Sun, 20 Jul 2025 07:18:19 GMT
particle.js
headshot.su/assets/js/ 		22 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://headshot.su/assets/js/particle.js
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.140.73.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
113.73.140.128.in-addr.arpa
Software
/
Resource Hash
8a4d18065308f2c197c0337ed782ae40114c82e37d4784e933837ad539ad2c30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://headshot.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 07:18:19 GMT
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 25 Feb 2021 15:32:37 GMT
etag
"6037c315-59e0"
x-frame-options
SAMEORIGIN
content-type
application/javascript
accept-ranges
bytes
content-length
23008
x-xss-protection
1; mode=block
main.js
headshot.su/assets/js/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://headshot.su/assets/js/main.js
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.140.73.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
113.73.140.128.in-addr.arpa
Software
/
Resource Hash
33cefbdd68cc78ab3a941d421ee22c34b20798c68c81df716e0c6baeaca8f5c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://headshot.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 07:18:19 GMT
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 09 Mar 2024 01:10:26 GMT
etag
"65ebb702-17b1"
x-frame-options
SAMEORIGIN
content-type
application/javascript
accept-ranges
bytes
content-length
6065
x-xss-protection
1; mode=block
videoseries
www.youtube-nocookie.com/embed/ Frame 8094 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/videoseries?list=PLL5Qa2JD_kAzR0I7TPWbF3cJycJ-YGo9u
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://headshot.su/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jul 2024 07:18:19 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AsnbWYr3bqK88n/C2BgXPMpBC+msV4jf6vsgnAir+gFnHw3zXZEKmz271E4vhxTja+7SD2q3dr2BxZlHzvj9HA0AAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ 		137 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b307c4ae27381c0bc19983833f7bc324bb100468b4f22bdd7594b179c836aa4a

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		137 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3bc188ffa450c649d95d661372fddb6bbdf17e7d63578d499ab98b984da8381

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
kmK7ZqspGAfCeUiW6FFlmEC9suJrsg.woff2
fonts.gstatic.com/s/rocknrollone/v13/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rocknrollone/v13/kmK7ZqspGAfCeUiW6FFlmEC9suJrsg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=RocknRoll%20One
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
055585b32edef3ee1a2cef7cf12cae49c6d758855d5faf66f756164944c5aa6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://headshot.su
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 20:58:15 GMT
x-content-type-options
nosniff
age
37204
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20644
x-xss-protection
0
last-modified
Wed, 01 May 2024 20:32:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Jul 2025 20:58:15 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/ 		122 KB
123 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94e1bbc1c2a41ebc73fa5253fd563256c0035b4d69181e48f9aef9e474a11251
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css
Origin
https://headshot.su
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 07:18:19 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
489871
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
125064
last-modified
Mon, 22 Nov 2021 21:02:51 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"619c057b-1e888"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TGzPzky5sH4F7uAuVrviY0dzzR0JRcB8dygRyW5vNf9azZprUXNPUiBQE8n4rvGROSjSRkO7o8j0jpwsE6pODjrLc7goq8691%2FQ0XXjwFR66JInE9ylxERfwCX1vfMQTd8JR4mdL"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8ab392f40d7b747f-MIA
expires
Sun, 20 Jul 2025 07:18:19 GMT
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/ 		103 KB
103 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33a252d6393cbd6debe0ac517229c7aa258a0ee68fc0253f8be6a7cee8b65ee9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css
Origin
https://headshot.su
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 07:18:19 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1078687
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
105204
last-modified
Mon, 22 Nov 2021 21:02:51 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"619c057b-19af4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F1s72sYVz%2BInGFGqk%2Fg%2FwWVjmdvEftupteYCVOiThlUvsI52VGO0mWdxWD%2FMDgSoblzxFUp2gBGHKNzf5WlMzATda5zXmnm0ZGXKkNUOEaX%2BVBjyI7aAdbNza2sdzCGhUJiS50p6"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8ab392f40d7c747f-MIA
expires
Sun, 20 Jul 2025 07:18:19 GMT
btc.png
headshot.su/assets/images/payment/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://headshot.su/assets/images/payment/btc.png
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.140.73.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
113.73.140.128.in-addr.arpa
Software
/
Resource Hash
e4ad9faef77eea77ab3c35e7520addd633b091faf53e079671500afe059445a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://headshot.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 07:18:19 GMT
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 30 May 2021 20:36:30 GMT
etag
"60b3f74e-d09"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
3337
x-xss-protection
1; mode=block
sol.png
headshot.su/assets/images/payment/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://headshot.su/assets/images/payment/sol.png
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.140.73.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
113.73.140.128.in-addr.arpa
Software
/
Resource Hash
afb2e2488b3ec9e407b62ecdbf0112a02ffa3d3f7d90bcd7160217e939d09df1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://headshot.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 07:18:19 GMT
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 13 Apr 2022 08:59:46 GMT
etag
"62569102-c85"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
3205
x-xss-protection
1; mode=block
ltc.png
headshot.su/assets/images/payment/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://headshot.su/assets/images/payment/ltc.png
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.140.73.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
113.73.140.128.in-addr.arpa
Software
/
Resource Hash
b48d17ac4006e260ea901b6b52ec7a2fd0178788e5e5a78ba3bab26c355b13c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://headshot.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 07:18:19 GMT
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 30 May 2021 20:36:30 GMT
etag
"60b3f74e-b1a"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
2842
x-xss-protection
1; mode=block
xmr.png
headshot.su/assets/images/payment/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://headshot.su/assets/images/payment/xmr.png
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.140.73.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
113.73.140.128.in-addr.arpa
Software
/
Resource Hash
e7e8e4e6d265dce9630bd5812e433a0729847f251acfbb27342fa8f3c0c66273
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://headshot.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 07:18:19 GMT
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 30 May 2021 20:36:30 GMT
etag
"60b3f74e-df2"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
3570
x-xss-protection
1; mode=block
usa-uk.png
headshot.su/assets/images/flags/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://headshot.su/assets/images/flags/usa-uk.png
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.140.73.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
113.73.140.128.in-addr.arpa
Software
/
Resource Hash
03c3d11e7c43148ea1658fb395679b2d6c0a8fb1ea486f7cac88ba07c638cb26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://headshot.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 07:18:19 GMT
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 25 Aug 2021 15:07:23 GMT
etag
"61265cab-ff9"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
4089
x-xss-protection
1; mode=block
russian-federation.png
headshot.su/assets/images/flags/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://headshot.su/assets/images/flags/russian-federation.png
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.140.73.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
113.73.140.128.in-addr.arpa
Software
/
Resource Hash
16dcb4ae4b7ff49e9583c92a033f7607e9194395c0465450dceb2411a171c1b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://headshot.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 07:18:19 GMT
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 25 Aug 2021 09:26:46 GMT
etag
"61260cd6-7b1"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
1969
x-xss-protection
1; mode=block
ukraine.png
headshot.su/assets/images/flags/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://headshot.su/assets/images/flags/ukraine.png
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.140.73.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
113.73.140.128.in-addr.arpa
Software
/
Resource Hash
8dcd2f07eabc776a4f4bff1dd561cef15b9256e2d6e74bcf6d9b9931ae7671a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://headshot.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 07:18:19 GMT
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 25 Aug 2021 09:26:46 GMT
etag
"61260cd6-7cc"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
1996
x-xss-protection
1; mode=block
esp.webm
headshot.su/assets/videos/ 		3 MB
3 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://headshot.su/assets/videos/esp.webm
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.140.73.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
113.73.140.128.in-addr.arpa
Software
/
Resource Hash
11397d4afb3f060dde3db46cdc682c623ba8ea14c8107e1c2e45d6df4b800efc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://headshot.su/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 30 Jul 2024 07:18:19 GMT
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 04 Jun 2021 21:09:51 GMT
etag
"60ba969f-351991"
x-frame-options
SAMEORIGIN
content-type
video/webm
Content-Range
bytes 0-3479952/3479953
Content-Length
3479953
x-xss-protection
1; mode=block
aimbot.webm
headshot.su/assets/videos/ 		8 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://headshot.su/assets/videos/aimbot.webm
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.140.73.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
113.73.140.128.in-addr.arpa
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://headshot.su/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 30 Jul 2024 07:18:19 GMT
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 04 Jun 2021 21:07:23 GMT
etag
"60ba960b-b36643"
x-frame-options
SAMEORIGIN
content-type
video/webm
Content-Range
bytes 0-11757122/11757123
Content-Length
11757123
x-xss-protection
1; mode=block
autoarmor.webm
headshot.su/assets/videos/ 		8 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://headshot.su/assets/videos/autoarmor.webm
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.140.73.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
113.73.140.128.in-addr.arpa
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://headshot.su/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 30 Jul 2024 07:18:19 GMT
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 04 Jun 2021 21:09:26 GMT
etag
"60ba9686-11086f5"
x-frame-options
SAMEORIGIN
content-type
video/webm
Content-Range
bytes 0-17860340/17860341
Content-Length
17860341
x-xss-protection
1; mode=block
favicon.png
headshot.su/assets/images/ 		27 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://headshot.su/assets/images/favicon.png
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
578d95421061b1f7888bb7f54c1e696fc9676efba4efd863c40e587c1eb48cb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://headshot.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 07:18:18 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Sun, 30 May 2021 20:36:30 GMT
etag
"60b3f74e-6a93"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
27283
x-xss-protection
1; mode=block
autoarmor.webm
headshot.su/assets/videos/ 		0
0
aimbot.webm
headshot.su/assets/videos/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
headshot.su
URL
https://headshot.su/assets/videos/autoarmor.webm
Domain
headshot.su
URL
https://headshot.su/assets/videos/aimbot.webm

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| shuffle function| shuffleArray function| $ function| jQuery object| Popper number| uidEvent object| bootstrap function| hexToRgb function| clamp function| isInArray function| pJS function| requestAnimFrame function| cancelRequestAnimFrame object| pJSDom function| particlesJS object| turnstile

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
challenges.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
headshot.su
vielverdiener.com
www.youtube-nocookie.com
headshot.su
104.17.24.14
104.18.94.41
128.140.73.113
2001:8d8:100f:f000::200
2607:f8b0:4004:c06::5b
2607:f8b0:4004:c08::5f
2607:f8b0:4004:c0b::5e
03c3d11e7c43148ea1658fb395679b2d6c0a8fb1ea486f7cac88ba07c638cb26
055585b32edef3ee1a2cef7cf12cae49c6d758855d5faf66f756164944c5aa6c
11397d4afb3f060dde3db46cdc682c623ba8ea14c8107e1c2e45d6df4b800efc
16dcb4ae4b7ff49e9583c92a033f7607e9194395c0465450dceb2411a171c1b1
199fed5202fa14ce2cbcc5933171a4224040bf60e80955952cd6298d883ad142
25b1f543c4682618e2fff0c607d70a896ecfc080ce500c41ce00b7ffad0ec411
33a252d6393cbd6debe0ac517229c7aa258a0ee68fc0253f8be6a7cee8b65ee9
33cefbdd68cc78ab3a941d421ee22c34b20798c68c81df716e0c6baeaca8f5c6
3d8ce63d9c303774ef00fb3a80a3ec8d7c7c85d43347d964e53dfa8f147d87e5
578d95421061b1f7888bb7f54c1e696fc9676efba4efd863c40e587c1eb48cb2
60e96e2cf323ca0052a9a0a923bcac7771742864662b61abd8a493f2ca4c8913
8a4d18065308f2c197c0337ed782ae40114c82e37d4784e933837ad539ad2c30
8dcd2f07eabc776a4f4bff1dd561cef15b9256e2d6e74bcf6d9b9931ae7671a3
9079bb703d8f9bd96a68d3ebdedbb0893455ebab1168be488d2baaea5647df0d
94e1bbc1c2a41ebc73fa5253fd563256c0035b4d69181e48f9aef9e474a11251
a361e7885c36bacb3fd9cb068da207c3b9329962cac022d06e28923939f575e8
a68004d7e0c7102d256c53907b1ce5bbbf50e0e373a118d6a2bf782637d65675
afb2e2488b3ec9e407b62ecdbf0112a02ffa3d3f7d90bcd7160217e939d09df1
afbbe8df5172cac000fc39dffed6615c00b94b7ff3c6eeebdbd437ae8d809d39
b0cf3efe15d9b149dbcececa4ed6aa29317794ff600235aed924a663ce7ce6fd
b307c4ae27381c0bc19983833f7bc324bb100468b4f22bdd7594b179c836aa4a
b3bc188ffa450c649d95d661372fddb6bbdf17e7d63578d499ab98b984da8381
b48d17ac4006e260ea901b6b52ec7a2fd0178788e5e5a78ba3bab26c355b13c3
c83dceabf8fb8a39041cae0996f421962b2332c25d03796ea77614a4291fdbae
c9e6f2019d9e629275a16a0df591ebb13382b572dc0ecc9a1666b08401805956
e4ad9faef77eea77ab3c35e7520addd633b091faf53e079671500afe059445a5
e7e8e4e6d265dce9630bd5812e433a0729847f251acfbb27342fa8f3c0c66273
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
f9f0de6637badeeae5fcaa5c87ff425f48fd3e4a79de010be14e4bec7ddb57ab
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e