headstream.potatohead.co Open in urlscan Pro
2606:4700:21::681b:cc59 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.headstream.digital/
Effective URL:
https://headstream.potatohead.co/
Submission: On November 16 via api (November 16th 2024, 12:08:50 pm UTC) from US — Scanned from DE

Summary HTTP 17 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 17 HTTP transactions. The main IP is 2606:4700:21::681b:cc59, located in United States and belongs to CLOUDFLARENET, US. The main domain is headstream.potatohead.co.
TLS certificate: Issued by WE1 on October 20th 2024. Valid for: 3 months.

This is the only time headstream.potatohead.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.33.251.168 3.33.251.168	16509 (AMAZON-02) (AMAZON-02)
1 9	2606:4700:21:... 2606:4700:21::681b:cc59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	116.203.215.64 116.203.215.64	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
17	6

1 3.33.251.168 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com

www.headstream.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:21::681b:cc59 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

headstream.potatohead.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.203.215.64 (Munich, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: resolver.streamnerd.nl

player.streamnerd.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	potatohead.co 1 redirects headstream.potatohead.co seminyak.potatohead.co Failed	355 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3353
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 617	7 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	102 KB
1	streamnerd.nl player.streamnerd.nl
1	headstream.digital 1 redirects www.headstream.digital	321 B
17	6

	Domain	Requested by
9	headstream.potatohead.co	1 redirects headstream.potatohead.co static.cloudflareinsights.com
2	region1.google-analytics.com	www.googletagmanager.com
1	static.cloudflareinsights.com	headstream.potatohead.co
1	www.googletagmanager.com	headstream.potatohead.co
1	player.streamnerd.nl	headstream.potatohead.co
1	www.headstream.digital	1 redirects
0	seminyak.potatohead.co Failed
17	7

This site contains links to these domains. Also see Links.

Domain
potatohead.co
www.facebook.com
www.instagram.com
open.spotify.com

Subject Issuer	Validity	Valid
potatohead.co WE1	`2024-10-20` - `2025-01-18`	3 months	crt.sh
player.streamnerd.nl E5	`2024-11-05` - `2025-02-03`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
cloudflareinsights.com WE1	`2024-11-01` - `2025-01-30`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://headstream.potatohead.co/
Frame ID: 6E7A4DF5C234144CDA3BC5C27AFFDB91
Requests: 15 HTTP requests in this frame

Frame: https://player.streamnerd.nl/potatohead/potatohead
Frame ID: 1E8CB622300EDF189EBFC7FA1985480C
Requests: 1 HTTP requests in this frame

Frame: https://headstream.potatohead.co/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js
Frame ID: C2B6E56FF5C528DB5DBFAEA554275CC7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Headstream by Potato Head

Page URL History Show full URLs

https://www.headstream.digital/ HTTP 301
https://headstream.potatohead.co/ Page URL

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

17
Requests

71 %
HTTPS

67 %
IPv6

6
Domains

7
Subdomains

6
IPs

2
Countries

463 kB
Transfer

869 kB
Size

4
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://potatohead.co/
Title: Potato Head

Search URL Search Domain Scan URL

URL: https://www.facebook.com/potatoheadbali/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/potatoheadbali/

Search URL Search Domain Scan URL

URL: https://open.spotify.com/user/potatoheadmusic?si=zdw2KuXcRjG3J1pWdg0gkA&nd=1

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.headstream.digital/ HTTP 301
https://headstream.potatohead.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://headstream.potatohead.co/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://headstream.potatohead.co/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js

Request Chain 12

https://potatohead.co/wp-content/uploads/2021/05/cropped-PH_GLBL_ICON_BLACK-01_favicon-1.png HTTP 301
https://seminyak.potatohead.co/wp-content/uploads/2021/05/cropped-PH_GLBL_ICON_BLACK-01_favicon-1.png

Request Chain 13

https://potatohead.co/wp-content/uploads/2021/05/cropped-PH_GLBL_ICON_BLACK-01_favicon-1-32x32.png HTTP 301
https://seminyak.potatohead.co/wp-content/uploads/2021/05/cropped-PH_GLBL_ICON_BLACK-01_favicon-1-32x32.png

Request Chain 14

https://potatohead.co/wp-content/uploads/2021/05/cropped-PH_GLBL_ICON_BLACK-01_favicon-1-192x192.png HTTP 301
https://seminyak.potatohead.co/wp-content/uploads/2021/05/cropped-PH_GLBL_ICON_BLACK-01_favicon-1-192x192.png

17 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
headstream.potatohead.co/
Redirect Chain

https://www.headstream.digital/
https://headstream.potatohead.co/

190 KB
67 KB

5760ms
5652ms

Document
text/html

2606:4700:21::681b:cc59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://headstream.potatohead.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:cc59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd8b820f1208109b739e3c8b1c994f90d7295f2c8852a1d54f7ad00d097b5397

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8e375e13fd3994a7-LHR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 16 Nov 2024 12:08:43 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pgsz5tr0fKkPdBare2PA2Vi0vCCe8ewDGGdbPcGmSikeLVEhIi0yrx1yUQuaLyZwl8Pf4ls92x1VZWzw3M4ZuWtLQSe1LlqsmP6Jl07Z4GhkHdPUEMCbSQk4qtSEJSeWKRs6ddmuhgXJ8buFwiPkmsEnNFQ9zA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC" cfL4;desc="?proto=TCP&rtt=17821&sent=8&recv=12&lost=0&retrans=0&sent_bytes=4040&recv_bytes=2396&delivery_rate=244477&cwnd=40&unsent_bytes=0&cid=d2d9cf16765b8e29&ts=5691&x=0"
vary: accept-encoding

Redirect headers

Connection: close
Content-Length: 68
Content-Type: text/html; charset=utf-8
Date: Sat, 16 Nov 2024 12:08:37 GMT
Location: https://headstream.potatohead.co/
Server: ip-100-74-4-13.eu-west-2.compute.internal
Vary: Accept-Encoding
X-Request-Id: 1f894a58-b3e9-4bb3-a1ba-ddbffc0cd89a

GET
H2 200 Monotype-HelveticaNowDisplayMedium.otf
headstream.potatohead.co/webfonts/ 117 KB
117 KB 40ms
39ms Font
application/octet-stream 2606:4700:21::681b:cc59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://headstream.potatohead.co/webfonts/Monotype-HelveticaNowDisplayMedium.otf
Requested by: Host: headstream.potatohead.co
URL: https://headstream.potatohead.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:cc59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d62d2a1a9db713c494360b996d6d462339900c5957691ce630ee0a2f5c110a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://headstream.potatohead.co
Referer: https://headstream.potatohead.co/

Response headers

cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "65fd1383-1d314"
age: 6785
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NAtLy5Ta7YjUy3iyBxW4xrAkSWJCjMnnrVi4VHqptgdVWNLxMrenpnE6Njw%2BtGR6CaKVfQblrVKKjwm6hwR%2BKNFpBHAsqhAiXt90UlL1K7VI1JpXhIadGv%2B1DaeHkoynHj5Qe3SyBZh4BIExItMMIJK45B4NVw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e375e37e94094a7-LHR
accept-ranges: bytes
server-timing: cfL4;desc="?proto=TCP&rtt=18236&sent=69&recv=25&lost=0&retrans=0&sent_bytes=73899&recv_bytes=2856&delivery_rate=1999032&cwnd=92&unsent_bytes=0&cid=d2d9cf16765b8e29&ts=5825&x=0"
content-length: 119572
date: Sat, 16 Nov 2024 12:08:43 GMT
content-type: application/octet-stream
last-modified: Fri, 22 Mar 2024 05:13:39 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 Monotype-HelveticaNowDisplayXBold.otf
headstream.potatohead.co/webfonts/ 118 KB
119 KB 48ms
47ms Font
application/octet-stream 2606:4700:21::681b:cc59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://headstream.potatohead.co/webfonts/Monotype-HelveticaNowDisplayXBold.otf
Requested by: Host: headstream.potatohead.co
URL: https://headstream.potatohead.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:cc59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88c1f1bf6b15018f1e5d8300d837e9d674294435495dc0325537094259ece2a1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://headstream.potatohead.co
Referer: https://headstream.potatohead.co/

Response headers

cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "65fd1384-1d908"
age: 6785
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eYGLnjj4VTG%2B3XhMIdNYTU3dcqyyuXpf1D4DtKZnqpHJvJCF1vkan%2F8VZqsNdDKj3KwV6FYnnhdPZXyykiNVpZnHoQUNPgoIZthqGggBfTCNvpPBYNJYYvboqwOhy%2FYSNgkLZJirUbrL3k0iQQedAdryrZg9SQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e375e37e94294a7-LHR
accept-ranges: bytes
server-timing: cfL4;desc="?proto=TCP&rtt=18236&sent=79&recv=25&lost=0&retrans=0&sent_bytes=85322&recv_bytes=2856&delivery_rate=1999032&cwnd=92&unsent_bytes=25232&cid=d2d9cf16765b8e29&ts=5826&x=0"
content-length: 121096
date: Sat, 16 Nov 2024 12:08:43 GMT
content-type: application/octet-stream
last-modified: Fri, 22 Mar 2024 05:13:40 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 headstream4.css
headstream.potatohead.co/css/ 26 KB
7 KB 47ms
46ms Stylesheet
text/css 2606:4700:21::681b:cc59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://headstream.potatohead.co/css/headstream4.css?rand=HS4
Requested by: Host: headstream.potatohead.co
URL: https://headstream.potatohead.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:cc59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd510f849ae10e2245a37a03d1161c74939e0e574471a85f42672679faf65b9d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://headstream.potatohead.co/

Response headers

cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"65fd136b-679f"
age: 6785
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F%2F06jEDhbv2iTBQrWlGzp1hrjWLOzJefAliy6DmfZ1h9qA8nJrop%2BsRCr1BHM2teyHgugdSEnBJQ8i1%2FTX21FyHxLykQM2oJTjDD16WFXsLfTctEP7wmpAfLKxe6pDY8CXi82mS%2BWAL6hMbn%2BgLzSJ7qJ2OPEg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e375e37e93d94a7-LHR
server-timing: cfL4;desc="?proto=TCP&rtt=18236&sent=89&recv=25&lost=0&retrans=0&sent_bytes=98602&recv_bytes=2856&delivery_rate=1999032&cwnd=92&unsent_bytes=11952&cid=d2d9cf16765b8e29&ts=5828&x=0"
date: Sat, 16 Nov 2024 12:08:43 GMT
content-type: text/css
last-modified: Fri, 22 Mar 2024 05:13:15 GMT
vary: Accept-Encoding
server: cloudflare

GET
DATA 200
OK truncated
/ 59 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f3fb2a595c574cc8626a8055bf31f8eace9d374272c8d3f05f304ccb8790a6b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H/1.1 200
OK potatohead
player.streamnerd.nl/potatohead/ Frame 1E8C 0
0 118ms
19ms Document
text/html 116.203.215.64
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://player.streamnerd.nl/potatohead/potatohead
Requested by: Host: headstream.potatohead.co
URL: https://headstream.potatohead.co/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.203.215.64 Munich, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: resolver.streamnerd.nl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://headstream.potatohead.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sat, 16 Nov 2024 12:08:43 GMT
ETag: W/"63480607-842"
Last-Modified: Thu, 13 Oct 2022 12:35:19 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 294 KB
102 KB 113ms
40ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DE1JLZL8QQ

Requested by

Host: headstream.potatohead.co
URL: https://headstream.potatohead.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7c19e7a759d28a56afb50e2b161ad9bf88cc70e515e13434d8734e5ffb3044db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://headstream.potatohead.co/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 16 Nov 2024 12:08:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 12:08:43 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 103411
x-xss-protection: 0
server: Google Tag Manager

GET
H2 206 glob3_72829_01844.mp4
headstream.potatohead.co/files/ 38 KB
39 KB 56ms
51ms Media
video/mp4 2606:4700:21::681b:cc59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://headstream.potatohead.co/files/glob3_72829_01844.mp4
Requested by: Host: headstream.potatohead.co
URL: https://headstream.potatohead.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:cc59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94af029017f36e25a326839710645d1a7572ca59c4b2dd879a7740687749ffcd

Request headers

Referer: https://headstream.potatohead.co/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "65fd1372-98ab"
age: 6784
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VCSU930VF6EU8I5lnYOhFepf54aKRgUb4srHhs31eS%2Fi4BYbO%2FGf0lMC0IdSh5ECDvAFpThw462zFpZiO1TmjFh0D2FWE3l1ScArmL2eWz73SIVYF2A1pxir8Wz5yjlZgfaKjDjtpgAGcNpvYHId5i1EThBZMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Range: bytes 0-39082/39083
cf-ray: 8e375e39dbe594a7-LHR
server-timing: cfL4;desc="?proto=TCP&rtt=21740&sent=260&recv=122&lost=0&retrans=0&sent_bytes=324208&recv_bytes=2960&delivery_rate=2510527&cwnd=245&unsent_bytes=0&cid=d2d9cf16765b8e29&ts=6136&x=0"
Content-Length: 39083
date: Sat, 16 Nov 2024 12:08:43 GMT
content-type: video/mp4
last-modified: Fri, 22 Mar 2024 05:13:22 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 341ms
21ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: headstream.potatohead.co
URL: https://headstream.potatohead.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://headstream.potatohead.co
Referer: https://headstream.potatohead.co/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 8e375e3bcc91d289-FRA
access-control-allow-origin: *
date: Sat, 16 Nov 2024 12:08:44 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 237ms
15ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-DE1JLZL8QQ&gtm=45je4bc0v880688387za200&_p=1731758923742&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855&cid=809892328.1731758924&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731758923&sct=1&seg=0&dl=https%3A%2F%2Fheadstream.potatohead.co%2F&dt=Headstream%20by%20Potato%20Head&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=6483
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DE1JLZL8QQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://headstream.potatohead.co/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://headstream.potatohead.co
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 12:08:44 GMT
content-type: text/plain
server: Golfe2

GET
H2

200

main.js Show response
headstream.potatohead.co/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/ Frame C2B6
Redirect Chain

https://headstream.potatohead.co/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://headstream.potatohead.co/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?

8 KB
4 KB

26ms
26ms

Script
application/javascript

2606:4700:21::681b:cc59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://headstream.potatohead.co/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?

Requested by

Host: headstream.potatohead.co
URL: https://headstream.potatohead.co/

Protocol

Server

2606:4700:21::681b:cc59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51cb6e24dbbe7cd2c6a2535cb6fef58c908425b27711c9782b4c3c1c52a302de

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EkatD9WAzoIIWGKX69ZXvMiHLC58LH9Wr7%2B2%2FV%2F9VDL8T9V%2BeCXXV%2BT%2Fua%2FFkOr%2FFt%2BmTEF7jA8vIt0coE46fYbF2EcPanXVGZD%2FMM0kMRmwMygPUbwpE4q7l%2BW5eYfhcdEWDE0VUEdXtmMafXEoYZl27XhGcg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8e375e3c4ef794a7-LHR
server-timing: cfL4;desc="?proto=TCP&rtt=16881&sent=293&recv=157&lost=0&retrans=0&sent_bytes=364557&recv_bytes=3212&delivery_rate=2510527&cwnd=278&unsent_bytes=0&cid=d2d9cf16765b8e29&ts=6512&x=0"
date: Sat, 16 Nov 2024 12:08:44 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PaN8cNZpa%2FzBECvfU949mcVrkyayiA6v%2FBCr0%2BJ2yoFzVks8bidtYZ8T4L7RC%2F6PBB3HGN0FuBnYE2OGL%2BoD7lnDZoFJXcGdrcA05vBY9B7ENif6TLi6mu4w4u6woImjntEiRhxEbNMqR%2BueHBO0nMbXKkfVSA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e375e3c1ec394a7-LHR
access-control-allow-origin: *
server-timing: cfL4;desc="?proto=TCP&rtt=16982&sent=292&recv=155&lost=0&retrans=0&sent_bytes=363931&recv_bytes=3114&delivery_rate=2510527&cwnd=277&unsent_bytes=0&cid=d2d9cf16765b8e29&ts=6485&x=0"
content-length: 0
date: Sat, 16 Nov 2024 12:08:44 GMT
vary: Accept-Encoding
server: cloudflare

POST
H2 200 8e375e13fd3994a7 Show response
headstream.potatohead.co/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame C2B6 0
992 B 78ms
60ms XHR
text/plain 2606:4700:21::681b:cc59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://headstream.potatohead.co/cdn-cgi/challenge-platform/h/b/jsd/r/8e375e13fd3994a7
Requested by: Host: headstream.potatohead.co
URL: https://headstream.potatohead.co/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:cc59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=khgCQc%2FKgv6%2Fr%2FDWaiu506eYGHwxEX4qGWdaz7PPeg6ifr2%2F9PT7t%2FrgzmJW41rXBIAbCzADU2B83bmvcPItLiTXchkZU5%2F5QVXEAe83YK8y7an48jXjPaaCnrd3lRJbR8BXP68WIY4e1L3b9UD0%2FuSTX2nd%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e375e3da8f094a7-LHR
server-timing: cfL4;desc="?proto=TCP&rtt=22996&sent=303&recv=174&lost=0&retrans=0&sent_bytes=368943&recv_bytes=19565&delivery_rate=2510527&cwnd=283&unsent_bytes=0&cid=d2d9cf16765b8e29&ts=6780&x=0"
content-length: 0
date: Sat, 16 Nov 2024 12:08:44 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare

POST
H2 204 rum Show response
headstream.potatohead.co/cdn-cgi/ 0
164 B 99ms
17ms XHR
text/plain 2606:4700:21::681b:cc59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://headstream.potatohead.co/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:21::681b:cc59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: application/json
Referer: https://headstream.potatohead.co/

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
cf-ray: 8e375e3fec7794a7-LHR
access-control-allow-origin: https://headstream.potatohead.co
date: Sat, 16 Nov 2024 12:08:44 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

GET

cropped-PH_GLBL_ICON_BLACK-01_favicon-1.png
seminyak.potatohead.co/wp-content/uploads/2021/05/
Redirect Chain

https://potatohead.co/wp-content/uploads/2021/05/cropped-PH_GLBL_ICON_BLACK-01_favicon-1.png
https://seminyak.potatohead.co/wp-content/uploads/2021/05/cropped-PH_GLBL_ICON_BLACK-01_favicon-1.png

0
0

GET

cropped-PH_GLBL_ICON_BLACK-01_favicon-1-32x32.png
seminyak.potatohead.co/wp-content/uploads/2021/05/
Redirect Chain

https://potatohead.co/wp-content/uploads/2021/05/cropped-PH_GLBL_ICON_BLACK-01_favicon-1-32x32.png
https://seminyak.potatohead.co/wp-content/uploads/2021/05/cropped-PH_GLBL_ICON_BLACK-01_favicon-1-32x32.png

0
0

GET

cropped-PH_GLBL_ICON_BLACK-01_favicon-1-192x192.png
seminyak.potatohead.co/wp-content/uploads/2021/05/
Redirect Chain

https://potatohead.co/wp-content/uploads/2021/05/cropped-PH_GLBL_ICON_BLACK-01_favicon-1-192x192.png
https://seminyak.potatohead.co/wp-content/uploads/2021/05/cropped-PH_GLBL_ICON_BLACK-01_favicon-1-192x192.png

0
0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 16ms
15ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-DE1JLZL8QQ&gtm=45je4bc0v880688387za200&_p=1731758923742&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855&cid=809892328.1731758924&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1731758923&sct=1&seg=0&dl=https%3A%2F%2Fheadstream.potatohead.co%2F&dt=Headstream%20by%20Potato%20Head&en=scroll&epn.percent_scrolled=90&_et=7&tfd=11490
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DE1JLZL8QQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://headstream.potatohead.co/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://headstream.potatohead.co
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 12:08:48 GMT
content-type: text/plain
server: Golfe2

POST headstream_livecheck.php
headstream.potatohead.co/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: seminyak.potatohead.co
URL: https://seminyak.potatohead.co/wp-content/uploads/2021/05/cropped-PH_GLBL_ICON_BLACK-01_favicon-1.png

Domain: seminyak.potatohead.co
URL: https://seminyak.potatohead.co/wp-content/uploads/2021/05/cropped-PH_GLBL_ICON_BLACK-01_favicon-1-32x32.png

Domain: seminyak.potatohead.co
URL: https://seminyak.potatohead.co/wp-content/uploads/2021/05/cropped-PH_GLBL_ICON_BLACK-01_favicon-1-192x192.png

Domain: headstream.potatohead.co
URL: https://headstream.potatohead.co/headstream_livecheck.php

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
headstream.potatohead.co/	1969-12-31 23:59:59	Name: PHPSESSID Value: eq5vj8fe23a1cqhmec1di60v4v
.potatohead.co/	1970-01-21 10:38:38	Name: _ga Value: GA1.1.809892328.1731758924
.potatohead.co/	1970-01-21 10:38:38	Name: _ga_DE1JLZL8QQ Value: GS1.1.1731758923.1.0.1731758923.0.0.0
.potatohead.co/	1970-01-21 09:48:14	Name: cf_clearance Value: 960f5ODPy39Zqk4BmyUbZ_J1EAmF5o21iDoemYnwN2k-1731758924-1.2.1.1-meGE9XqcPQ7pemlElOhBJN0HEHnGZBqpMG1ar.LZCIWg7UEWCRpA6wN1ebBTd0knReIpCyuSdL4quEGGTlmgPAHGMGDcgtz5xKE4znh734DHx8DW3qkKkg90jB9QeM3KopS_YNqVJGiSSSEbSmee7p4Gyjia9Tfx.pGi3oaJRrovEC5tKVF2uBxl3Qxsy4j0PW_3iGPwm9cfFRgc.QRLPqq1Ir.E8nfgjpCmp.siYi_ROx6A1eCjenk5w7ShYEQe6G35MxdU7hIXkEtcM05s5oEOfBsdxJYULdMMC3lxl7_aGBTpnpOgsy7st5_ov_Syz_ZjLiAp64h_wXYArbvjU9sSGH0Np9r8Q3.adMbWLwm80SBB3V.r8eIjEnLt.Lbn

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

headstream.potatohead.co
player.streamnerd.nl
region1.google-analytics.com
seminyak.potatohead.co
static.cloudflareinsights.com
www.googletagmanager.com
www.headstream.digital
headstream.potatohead.co
seminyak.potatohead.co
116.203.215.64
2001:4860:4802:32::36
2606:4700:21::681b:cc59
2606:4700::6810:4f49
2a00:1450:4001:827::2008
3.33.251.168
51cb6e24dbbe7cd2c6a2535cb6fef58c908425b27711c9782b4c3c1c52a302de
5f3fb2a595c574cc8626a8055bf31f8eace9d374272c8d3f05f304ccb8790a6b
7c19e7a759d28a56afb50e2b161ad9bf88cc70e515e13434d8734e5ffb3044db
82d62d2a1a9db713c494360b996d6d462339900c5957691ce630ee0a2f5c110a
88c1f1bf6b15018f1e5d8300d837e9d674294435495dc0325537094259ece2a1
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
94af029017f36e25a326839710645d1a7572ca59c4b2dd879a7740687749ffcd
cd510f849ae10e2245a37a03d1161c74939e0e574471a85f42672679faf65b9d
dd8b820f1208109b739e3c8b1c994f90d7295f2c8852a1d54f7ad00d097b5397
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

headstream.potatohead.co Open in urlscan Pro 2606:4700:21::681b:cc59 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

71 %HTTPS

67 %IPv6

6 Domains

7 Subdomains

6 IPs

2 Countries

463 kBTransfer

869 kBSize

4 Cookies

4 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

4 Cookies

Indicators

headstream.potatohead.co Open in urlscan Pro
2606:4700:21::681b:cc59 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

71 %
HTTPS

67 %
IPv6

6
Domains

7
Subdomains

6
IPs

2
Countries

463 kB
Transfer

869 kB
Size

4
Cookies

17 HTTP transactions
1 data transactions