Submitted URL: http://headshot.su/
Effective URL: https://headshot.su/
Submission: On October 23 via api from US — Scanned from DE

Summary

This website contacted 7 IPs in 3 countries across 5 domains to perform 34 HTTP transactions. The main IP is 128.140.73.113, located in Germany and belongs to HETZNER-AS, DE. The main domain is headshot.su.
TLS certificate: Issued by R10 on September 24th 2024. Valid for: 3 months.
This is the only time headshot.su was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
21 128.140.73.113 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
6 104.17.25.14 13335 (CLOUDFLAR...)
1 2 104.18.94.41 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.227 15169 (GOOGLE)
34 7
Apex Domain
Subdomains
Transfer
21 headshot.su
headshot.su
4 MB
8 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
challenges.cloudflare.com — Cisco Umbrella Rank: 3443
313 KB
1 gstatic.com
fonts.gstatic.com
20 KB
1 youtube-nocookie.com
www.youtube-nocookie.com — Cisco Umbrella Rank: 3607
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
30 KB
34 5
Domain Requested by
21 headshot.su headshot.su
6 cdnjs.cloudflare.com headshot.su
cdnjs.cloudflare.com
2 challenges.cloudflare.com 1 redirects headshot.su
1 fonts.gstatic.com fonts.googleapis.com
1 www.youtube-nocookie.com headshot.su
1 fonts.googleapis.com headshot.su
34 6

This site contains links to these domains. Also see Links.

Domain
azrael.sellix.io
www.facebook.com
vk.com
tele.click
www.youtube.com
Subject Issuer Validity Valid
headshot.su
R10
2024-09-24 -
2024-12-23
3 months crt.sh
upload.video.google.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
cdnjs.cloudflare.com
WE1
2024-09-28 -
2024-12-27
3 months crt.sh
*.google.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.gstatic.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh

This page contains 2 frames:

Primary Page: https://headshot.su/
Frame ID: 3A1044542CA596F2DFCD51945049CC09
Requests: 35 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/videoseries?list=PLL5Qa2JD_kAzR0I7TPWbF3cJycJ-YGo9u
Frame ID: 19EE431DEF72DEEADE0173AB5A4B33E0
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Headshot - superior cheat provider

Page URL History Show full URLs

  1. http://headshot.su/ HTTP 307
    https://headshot.su/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <div id="particles-js">

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • /popper\.js/([0-9.]+)

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

34
Requests

88 %
HTTPS

33 %
IPv6

5
Domains

6
Subdomains

7
IPs

3
Countries

4184 kB
Transfer

12793 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://headshot.su/ HTTP 307
    https://headshot.su/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://challenges.cloudflare.com/turnstile/v0/api.js HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/g/f2bbd6738e15/api.js

34 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
headshot.su/
Redirect Chain
  • http://headshot.su/
  • https://headshot.su/
68 KB
21 KB
Document
General
Full URL
https://headshot.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.140.73.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
113.73.140.128.in-addr.arpa
Software
/
Resource Hash
9079bb703d8f9bd96a68d3ebdedbb0893455ebab1168be488d2baaea5647df0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 23 Oct 2024 20:28:30 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Location
https://headshot.su/
Non-Authoritative-Reason
HttpsUpgrades
bootstrap.css
headshot.su/assets/css/
191 KB
192 KB
Stylesheet
General
Full URL
https://headshot.su/assets/css/bootstrap.css
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.140.73.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
113.73.140.128.in-addr.arpa
Software
/
Resource Hash
c9e6f2019d9e629275a16a0df591ebb13382b572dc0ecc9a1666b08401805956
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://headshot.su/

Response headers

etag
"61bf3d6c-2fdfe"
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
accept-ranges
bytes
content-length
196094
x-xss-protection
1; mode=block
date
Wed, 23 Oct 2024 20:28:30 GMT
content-type
text/css
last-modified
Sun, 19 Dec 2021 14:10:52 GMT
x-frame-options
SAMEORIGIN
main.css
headshot.su/assets/css/
7 KB
7 KB
Stylesheet
General
Full URL
https://headshot.su/assets/css/main.css
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.140.73.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
113.73.140.128.in-addr.arpa
Software
/
Resource Hash
afbbe8df5172cac000fc39dffed6615c00b94b7ff3c6eeebdbd437ae8d809d39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://headshot.su/

Response headers

etag
"666ac9d8-1ca7"
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
accept-ranges
bytes
content-length
7335
x-xss-protection
1; mode=block
date
Wed, 23 Oct 2024 20:28:30 GMT
content-type
text/css
last-modified
Thu, 13 Jun 2024 10:28:40 GMT
x-frame-options
SAMEORIGIN
css
fonts.googleapis.com/
110 KB
30 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=RocknRoll%20One
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5d23c697d6e95a1e7cbd755a99e78627d5b1f583cd247da404180e5cc1425af7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://headshot.su/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 23 Oct 2024 20:28:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 20:28:30 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 23 Oct 2024 20:28:30 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/
82 KB
15 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a361e7885c36bacb3fd9cb068da207c3b9329962cac022d06e28923939f575e8
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://headshot.su
Referer

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"619c057b-3a02"
age
13275
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xH3W85SPs9H%2BcBrP0erR9LLLojtNi61p6gVZbRGKsc%2FJB386lxuKJlRT3p43A7HaarC%2Fmrd%2BqN2Wv1Vu5rM45grcuZoSy%2FgCZ%2BSRpFHWKRUktx9STK%2FIcrbX7iyIot5zILDLFdkg"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 13 Oct 2025 20:28:30 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 23 Oct 2024 20:28:30 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 22 Nov 2021 21:02:51 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d747951ea9b2be4-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
14850
server
cloudflare
favicon.png
headshot.su/assets/images/
27 KB
27 KB
Image
General
Full URL
https://headshot.su/assets/images/favicon.png
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.140.73.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
113.73.140.128.in-addr.arpa
Software
/
Resource Hash
578d95421061b1f7888bb7f54c1e696fc9676efba4efd863c40e587c1eb48cb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://headshot.su/

Response headers

etag
"60b3f74e-6a93"
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
accept-ranges
bytes
content-length
27283
x-xss-protection
1; mode=block
date
Wed, 23 Oct 2024 20:28:30 GMT
content-type
image/png
last-modified
Sun, 30 May 2021 20:36:30 GMT
x-frame-options
SAMEORIGIN
logo.png
headshot.su/assets/images/
109 KB
109 KB
Image
General
Full URL
https://headshot.su/assets/images/logo.png
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.140.73.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
113.73.140.128.in-addr.arpa
Software
/
Resource Hash
3d8ce63d9c303774ef00fb3a80a3ec8d7c7c85d43347d964e53dfa8f147d87e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://headshot.su/

Response headers

etag
"60b3f74e-1b258"
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
accept-ranges
bytes
content-length
111192
x-xss-protection
1; mode=block
date
Wed, 23 Oct 2024 20:28:30 GMT
content-type
image/png
last-modified
Sun, 30 May 2021 20:36:30 GMT
x-frame-options
SAMEORIGIN
ark.png
headshot.su/assets/images/
4 KB
4 KB
Image
General
Full URL
https://headshot.su/assets/images/ark.png
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.140.73.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
113.73.140.128.in-addr.arpa
Software
/
Resource Hash
a68004d7e0c7102d256c53907b1ce5bbbf50e0e373a118d6a2bf782637d65675
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://headshot.su/

Response headers

etag
"61029a73-1055"
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
accept-ranges
bytes
content-length
4181
x-xss-protection
1; mode=block
date
Wed, 23 Oct 2024 20:28:30 GMT
content-type
image/png
last-modified
Thu, 29 Jul 2021 12:09:23 GMT
x-frame-options
SAMEORIGIN
windows.png
headshot.su/assets/images/
817 B
1 KB
Image
General
Full URL
https://headshot.su/assets/images/windows.png
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.140.73.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
113.73.140.128.in-addr.arpa
Software
/
Resource Hash
b0cf3efe15d9b149dbcececa4ed6aa29317794ff600235aed924a663ce7ce6fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://headshot.su/

Response headers

etag
"610328bc-331"
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
accept-ranges
bytes
content-length
817
x-xss-protection
1; mode=block
date
Wed, 23 Oct 2024 20:28:30 GMT
content-type
image/png
last-modified
Thu, 29 Jul 2021 22:16:28 GMT
x-frame-options
SAMEORIGIN
microsoftstore.png
headshot.su/assets/images/
921 B
1 KB
Image
General
Full URL
https://headshot.su/assets/images/microsoftstore.png
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.140.73.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
113.73.140.128.in-addr.arpa
Software
/
Resource Hash
199fed5202fa14ce2cbcc5933171a4224040bf60e80955952cd6298d883ad142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://headshot.su/

Response headers

etag
"61032933-399"
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
accept-ranges
bytes
content-length
921
x-xss-protection
1; mode=block
date
Wed, 23 Oct 2024 20:28:30 GMT
content-type
image/png
last-modified
Thu, 29 Jul 2021 22:18:27 GMT
x-frame-options
SAMEORIGIN
discord.png
headshot.su/assets/images/socialmedia/
5 KB
6 KB
Image
General
Full URL
https://headshot.su/assets/images/socialmedia/discord.png
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.140.73.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
113.73.140.128.in-addr.arpa
Software
/
Resource Hash
f9f0de6637badeeae5fcaa5c87ff425f48fd3e4a79de010be14e4bec7ddb57ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://headshot.su/

Response headers

etag
"6124f6b6-15df"
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
accept-ranges
bytes
content-length
5599
x-xss-protection
1; mode=block
date
Wed, 23 Oct 2024 20:28:30 GMT
content-type
image/png
last-modified
Tue, 24 Aug 2021 13:40:06 GMT
x-frame-options
SAMEORIGIN
api.js
challenges.cloudflare.com/turnstile/v0/g/f2bbd6738e15/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js
  • https://challenges.cloudflare.com/turnstile/v0/g/f2bbd6738e15/api.js
46 KB
16 KB
Script
General
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/f2bbd6738e15/api.js
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H3
Server
104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b75ac6f98994352699841dffa6e562725ebbd0005c539946ad3625ec550eb0f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://headshot.su/

Response headers

cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding
br
cross-origin-resource-policy
cross-origin
cf-ray
8d747953a9c6cad5-HAM
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Wed, 23 Oct 2024 20:28:30 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 18 Oct 2024 17:38:58 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
location
/turnstile/v0/g/f2bbd6738e15/api.js
cross-origin-resource-policy
cross-origin
cf-ray
8d7479534938cad5-HAM
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 23 Oct 2024 20:28:30 GMT
vary
Accept-Encoding
server
cloudflare
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/
87 KB
28 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://headshot.su
Referer

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"603e8adc-15d9d"
age
14780
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nqBO4b4v5P%2BHe6TTcNmmd8n%2FRuKtp7bjXfuEHIMRGWQSBbcSnPl5%2F3zfgXQmXlvAYIy1AlgJcfpTNto0PRCgPNiLiNfylz4z9B%2FG9vxQHJI8wgpwgD0muibE0rcbRMrf%2Fd5znTJJ"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 13 Oct 2025 20:28:30 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 23 Oct 2024 20:28:30 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d747952eb912be4-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
27938
server
cloudflare
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/2.11.0/umd/
19 KB
7 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/2.11.0/umd/popper.min.js
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c83dceabf8fb8a39041cae0996f421962b2332c25d03796ea77614a4291fdbae
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://headshot.su
Referer

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"61a2f80f-18b8"
age
555173
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FrvuZ09%2BY4LAgWveCW%2FZju8F9y%2FwqhO0iilTkPfkBBsBvPQPFwYwDgHq8BkMCbufJonwm8pZ960%2BaDx5DdRFKXj53Y%2FT9Tp8PU%2FWuLoHO3%2FqYz6t9pWayvfso47xEdgdiz%2F%2Bx0VW"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 13 Oct 2025 20:28:30 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 23 Oct 2024 20:28:30 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 28 Nov 2021 03:31:27 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d747952eb962be4-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
6328
server
cloudflare
bootstrap.bundle.min.js
cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.3/js/
76 KB
21 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.3/js/bootstrap.bundle.min.js
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://headshot.su
Referer

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"6161dfe3-502a"
age
158627
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2Q8tVJMwsFWgbUWcblf9AY4h%2BJ4YFDdViA344vo%2B47TIbcPqKuIq8lEhvEYetU99oYCR%2BNTLnGb9ykgLv5VGsX2I1Gfv12VyYHlWshO39nSO3BGj%2FMJJAlAn7YppNPjJ2CIsaOLv"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 13 Oct 2025 20:28:30 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 23 Oct 2024 20:28:30 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 09 Oct 2021 18:30:59 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d747952eb9c2be4-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
20522
server
cloudflare
particle.js
headshot.su/assets/js/
22 KB
23 KB
Script
General
Full URL
https://headshot.su/assets/js/particle.js
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.140.73.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
113.73.140.128.in-addr.arpa
Software
/
Resource Hash
8a4d18065308f2c197c0337ed782ae40114c82e37d4784e933837ad539ad2c30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://headshot.su/

Response headers

etag
"6037c315-59e0"
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
accept-ranges
bytes
content-length
23008
x-xss-protection
1; mode=block
date
Wed, 23 Oct 2024 20:28:30 GMT
content-type
application/javascript
last-modified
Thu, 25 Feb 2021 15:32:37 GMT
x-frame-options
SAMEORIGIN
main.js
headshot.su/assets/js/
6 KB
6 KB
Script
General
Full URL
https://headshot.su/assets/js/main.js
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.140.73.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
113.73.140.128.in-addr.arpa
Software
/
Resource Hash
33cefbdd68cc78ab3a941d421ee22c34b20798c68c81df716e0c6baeaca8f5c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://headshot.su/

Response headers

etag
"65ebb702-17b1"
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
accept-ranges
bytes
content-length
6065
x-xss-protection
1; mode=block
date
Wed, 23 Oct 2024 20:28:30 GMT
content-type
application/javascript
last-modified
Sat, 09 Mar 2024 01:10:26 GMT
x-frame-options
SAMEORIGIN
videoseries
www.youtube-nocookie.com/embed/ Frame 19EE
0
0
Document
General
Full URL
https://www.youtube-nocookie.com/embed/videoseries?list=PLL5Qa2JD_kAzR0I7TPWbF3cJycJ-YGo9u
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://headshot.su/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy
require-trusted-types-for 'script'
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Wed, 23 Oct 2024 20:28:30 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AsnbWYr3bqK88n/C2BgXPMpBC+msV4jf6vsgnAir+gFnHw3zXZEKmz271E4vhxTja+7SD2q3dr2BxZlHzvj9HA0AAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
truncated
/
137 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b307c4ae27381c0bc19983833f7bc324bb100468b4f22bdd7594b179c836aa4a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/
137 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3bc188ffa450c649d95d661372fddb6bbdf17e7d63578d499ab98b984da8381

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml;charset=utf8
kmK7ZqspGAfCeUiW6FFlmEC9suJrsg.woff2
fonts.gstatic.com/s/rocknrollone/v14/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/rocknrollone/v14/kmK7ZqspGAfCeUiW6FFlmEC9suJrsg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=RocknRoll%20One
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
055585b32edef3ee1a2cef7cf12cae49c6d758855d5faf66f756164944c5aa6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://headshot.su
Referer
https://fonts.googleapis.com/

Response headers

age
98941
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 22 Oct 2025 16:59:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 16:59:29 GMT
last-modified
Tue, 06 Aug 2024 21:34:23 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
20644
x-xss-protection
0
server
sffe
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/
122 KB
123 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94e1bbc1c2a41ebc73fa5253fd563256c0035b4d69181e48f9aef9e474a11251
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://headshot.su
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css

Response headers

cf-cdnjs-via
cfworker/kv
cf-cache-status
HIT
etag
"619c057b-1e888"
age
5051
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8uCcsB6d3fQaGMK0McwURvWBFSYddmB0qWgGkCTnao%2BLIcKhu%2FMtrBkqID6gFzdUz8b66Dz2iaKsKSjBN5ULVQVCUUmd7UZCaxwOVRoUCrGLc%2FdNCCezJXqqGODB9oDj8IIT8jkt"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 13 Oct 2025 20:28:30 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 23 Oct 2024 20:28:30 GMT
content-type
application/octet-stream; charset=utf-8
last-modified
Mon, 22 Nov 2021 21:02:51 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d7479536c032be4-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
125064
server
cloudflare
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/
103 KB
103 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33a252d6393cbd6debe0ac517229c7aa258a0ee68fc0253f8be6a7cee8b65ee9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://headshot.su
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css

Response headers

cf-cdnjs-via
cfworker/kv
cf-cache-status
HIT
etag
"619c057b-19af4"
age
67103
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yJ2eaPLytyvGofNIAWfQlbFgSHBfRdq%2BLZjKb4hRMlTTykH2f7JNpoDj14Zz0fstTHMvhlrqpYi8PXu2tB4F6SUxuGesRsu8ygK7P4uLxJ4ckkEpA%2FmtX%2BwA5ZDVgieBu%2FzVwOO3"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 13 Oct 2025 20:28:30 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 23 Oct 2024 20:28:30 GMT
content-type
application/octet-stream; charset=utf-8
last-modified
Mon, 22 Nov 2021 21:02:51 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d7479536c052be4-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
105204
server
cloudflare
btc.png
headshot.su/assets/images/payment/
3 KB
3 KB
Image
General
Full URL
https://headshot.su/assets/images/payment/btc.png
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.140.73.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
113.73.140.128.in-addr.arpa
Software
/
Resource Hash
e4ad9faef77eea77ab3c35e7520addd633b091faf53e079671500afe059445a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://headshot.su/

Response headers

etag
"60b3f74e-d09"
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
accept-ranges
bytes
content-length
3337
x-xss-protection
1; mode=block
date
Wed, 23 Oct 2024 20:28:30 GMT
content-type
image/png
last-modified
Sun, 30 May 2021 20:36:30 GMT
x-frame-options
SAMEORIGIN
sol.png
headshot.su/assets/images/payment/
3 KB
3 KB
Image
General
Full URL
https://headshot.su/assets/images/payment/sol.png
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.140.73.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
113.73.140.128.in-addr.arpa
Software
/
Resource Hash
afb2e2488b3ec9e407b62ecdbf0112a02ffa3d3f7d90bcd7160217e939d09df1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://headshot.su/

Response headers

etag
"62569102-c85"
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
accept-ranges
bytes
content-length
3205
x-xss-protection
1; mode=block
date
Wed, 23 Oct 2024 20:28:30 GMT
content-type
image/png
last-modified
Wed, 13 Apr 2022 08:59:46 GMT
x-frame-options
SAMEORIGIN
ltc.png
headshot.su/assets/images/payment/
3 KB
3 KB
Image
General
Full URL
https://headshot.su/assets/images/payment/ltc.png
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.140.73.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
113.73.140.128.in-addr.arpa
Software
/
Resource Hash
b48d17ac4006e260ea901b6b52ec7a2fd0178788e5e5a78ba3bab26c355b13c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://headshot.su/

Response headers

etag
"60b3f74e-b1a"
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
accept-ranges
bytes
content-length
2842
x-xss-protection
1; mode=block
date
Wed, 23 Oct 2024 20:28:30 GMT
content-type
image/png
last-modified
Sun, 30 May 2021 20:36:30 GMT
x-frame-options
SAMEORIGIN
xmr.png
headshot.su/assets/images/payment/
3 KB
4 KB
Image
General
Full URL
https://headshot.su/assets/images/payment/xmr.png
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.140.73.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
113.73.140.128.in-addr.arpa
Software
/
Resource Hash
e7e8e4e6d265dce9630bd5812e433a0729847f251acfbb27342fa8f3c0c66273
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://headshot.su/

Response headers

etag
"60b3f74e-df2"
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
accept-ranges
bytes
content-length
3570
x-xss-protection
1; mode=block
date
Wed, 23 Oct 2024 20:28:30 GMT
content-type
image/png
last-modified
Sun, 30 May 2021 20:36:30 GMT
x-frame-options
SAMEORIGIN
usa-uk.png
headshot.su/assets/images/flags/
4 KB
4 KB
Image
General
Full URL
https://headshot.su/assets/images/flags/usa-uk.png
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.140.73.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
113.73.140.128.in-addr.arpa
Software
/
Resource Hash
03c3d11e7c43148ea1658fb395679b2d6c0a8fb1ea486f7cac88ba07c638cb26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://headshot.su/

Response headers

etag
"61265cab-ff9"
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
accept-ranges
bytes
content-length
4089
x-xss-protection
1; mode=block
date
Wed, 23 Oct 2024 20:28:30 GMT
content-type
image/png
last-modified
Wed, 25 Aug 2021 15:07:23 GMT
x-frame-options
SAMEORIGIN
russian-federation.png
headshot.su/assets/images/flags/
2 KB
2 KB
Image
General
Full URL
https://headshot.su/assets/images/flags/russian-federation.png
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.140.73.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
113.73.140.128.in-addr.arpa
Software
/
Resource Hash
16dcb4ae4b7ff49e9583c92a033f7607e9194395c0465450dceb2411a171c1b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://headshot.su/

Response headers

etag
"61260cd6-7b1"
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
accept-ranges
bytes
content-length
1969
x-xss-protection
1; mode=block
date
Wed, 23 Oct 2024 20:28:30 GMT
content-type
image/png
last-modified
Wed, 25 Aug 2021 09:26:46 GMT
x-frame-options
SAMEORIGIN
ukraine.png
headshot.su/assets/images/flags/
2 KB
2 KB
Image
General
Full URL
https://headshot.su/assets/images/flags/ukraine.png
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.140.73.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
113.73.140.128.in-addr.arpa
Software
/
Resource Hash
8dcd2f07eabc776a4f4bff1dd561cef15b9256e2d6e74bcf6d9b9931ae7671a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://headshot.su/

Response headers

etag
"61260cd6-7cc"
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
accept-ranges
bytes
content-length
1996
x-xss-protection
1; mode=block
date
Wed, 23 Oct 2024 20:28:30 GMT
content-type
image/png
last-modified
Wed, 25 Aug 2021 09:26:46 GMT
x-frame-options
SAMEORIGIN
esp.webm
headshot.su/assets/videos/
3 MB
3 MB
Media
General
Full URL
https://headshot.su/assets/videos/esp.webm
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.140.73.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
113.73.140.128.in-addr.arpa
Software
/
Resource Hash
11397d4afb3f060dde3db46cdc682c623ba8ea14c8107e1c2e45d6df4b800efc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://headshot.su/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

etag
"60ba969f-351991"
Content-Range
bytes 0-3479952/3479953
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
Content-Length
3479953
x-xss-protection
1; mode=block
date
Wed, 23 Oct 2024 20:28:30 GMT
content-type
video/webm
last-modified
Fri, 04 Jun 2021 21:09:51 GMT
x-frame-options
SAMEORIGIN
aimbot.webm
headshot.su/assets/videos/
4 MB
0
Media
General
Full URL
https://headshot.su/assets/videos/aimbot.webm
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.140.73.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
113.73.140.128.in-addr.arpa
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://headshot.su/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

etag
"60ba960b-b36643"
Content-Range
bytes 0-11757122/11757123
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
Content-Length
11757123
x-xss-protection
1; mode=block
date
Wed, 23 Oct 2024 20:28:30 GMT
content-type
video/webm
last-modified
Fri, 04 Jun 2021 21:07:23 GMT
x-frame-options
SAMEORIGIN
autoarmor.webm
headshot.su/assets/videos/
4 MB
0
Media
General
Full URL
https://headshot.su/assets/videos/autoarmor.webm
Requested by
Host: headshot.su
URL: https://headshot.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.140.73.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
113.73.140.128.in-addr.arpa
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://headshot.su/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

etag
"60ba9686-11086f5"
Content-Range
bytes 0-17860340/17860341
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
Content-Length
17860341
x-xss-protection
1; mode=block
date
Wed, 23 Oct 2024 20:28:30 GMT
content-type
video/webm
last-modified
Fri, 04 Jun 2021 21:09:26 GMT
x-frame-options
SAMEORIGIN
favicon.png
headshot.su/assets/images/
27 KB
0
Other
General
Full URL
https://headshot.su/assets/images/favicon.png
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
578d95421061b1f7888bb7f54c1e696fc9676efba4efd863c40e587c1eb48cb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://headshot.su/

Response headers

etag
"60b3f74e-6a93"
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
accept-ranges
bytes
content-length
27283
date
Wed, 23 Oct 2024 20:28:30 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Sun, 30 May 2021 20:36:30 GMT
x-frame-options
SAMEORIGIN
aimbot.webm
headshot.su/assets/videos/
0
0

autoarmor.webm
headshot.su/assets/videos/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
headshot.su
URL
https://headshot.su/assets/videos/aimbot.webm
Domain
headshot.su
URL
https://headshot.su/assets/videos/autoarmor.webm

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| shuffle function| shuffleArray function| $ function| jQuery object| Popper number| uidEvent object| bootstrap function| hexToRgb function| clamp function| isInArray function| pJS function| requestAnimFrame function| cancelRequestAnimFrame object| pJSDom function| particlesJS object| turnstile

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
challenges.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
headshot.su
www.youtube-nocookie.com
headshot.su
104.17.25.14
104.18.94.41
128.140.73.113
142.250.185.227
2a00:1450:4001:80b::200a
2a00:1450:4001:810::200e
03c3d11e7c43148ea1658fb395679b2d6c0a8fb1ea486f7cac88ba07c638cb26
055585b32edef3ee1a2cef7cf12cae49c6d758855d5faf66f756164944c5aa6c
11397d4afb3f060dde3db46cdc682c623ba8ea14c8107e1c2e45d6df4b800efc
16dcb4ae4b7ff49e9583c92a033f7607e9194395c0465450dceb2411a171c1b1
199fed5202fa14ce2cbcc5933171a4224040bf60e80955952cd6298d883ad142
33a252d6393cbd6debe0ac517229c7aa258a0ee68fc0253f8be6a7cee8b65ee9
33cefbdd68cc78ab3a941d421ee22c34b20798c68c81df716e0c6baeaca8f5c6
3d8ce63d9c303774ef00fb3a80a3ec8d7c7c85d43347d964e53dfa8f147d87e5
578d95421061b1f7888bb7f54c1e696fc9676efba4efd863c40e587c1eb48cb2
5b75ac6f98994352699841dffa6e562725ebbd0005c539946ad3625ec550eb0f
5d23c697d6e95a1e7cbd755a99e78627d5b1f583cd247da404180e5cc1425af7
8a4d18065308f2c197c0337ed782ae40114c82e37d4784e933837ad539ad2c30
8dcd2f07eabc776a4f4bff1dd561cef15b9256e2d6e74bcf6d9b9931ae7671a3
9079bb703d8f9bd96a68d3ebdedbb0893455ebab1168be488d2baaea5647df0d
94e1bbc1c2a41ebc73fa5253fd563256c0035b4d69181e48f9aef9e474a11251
a361e7885c36bacb3fd9cb068da207c3b9329962cac022d06e28923939f575e8
a68004d7e0c7102d256c53907b1ce5bbbf50e0e373a118d6a2bf782637d65675
afb2e2488b3ec9e407b62ecdbf0112a02ffa3d3f7d90bcd7160217e939d09df1
afbbe8df5172cac000fc39dffed6615c00b94b7ff3c6eeebdbd437ae8d809d39
b0cf3efe15d9b149dbcececa4ed6aa29317794ff600235aed924a663ce7ce6fd
b307c4ae27381c0bc19983833f7bc324bb100468b4f22bdd7594b179c836aa4a
b3bc188ffa450c649d95d661372fddb6bbdf17e7d63578d499ab98b984da8381
b48d17ac4006e260ea901b6b52ec7a2fd0178788e5e5a78ba3bab26c355b13c3
c83dceabf8fb8a39041cae0996f421962b2332c25d03796ea77614a4291fdbae
c9e6f2019d9e629275a16a0df591ebb13382b572dc0ecc9a1666b08401805956
e4ad9faef77eea77ab3c35e7520addd633b091faf53e079671500afe059445a5
e7e8e4e6d265dce9630bd5812e433a0729847f251acfbb27342fa8f3c0c66273
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
f9f0de6637badeeae5fcaa5c87ff425f48fd3e4a79de010be14e4bec7ddb57ab
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e