www.demheads.com Open in urlscan Pro
18.196.84.222 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://demheads.com/
Effective URL:
https://www.demheads.com/
Submission: On June 13 via api (June 13th 2019, 12:56:33 am UTC) from DE

Summary HTTP 52 Redirects Behaviour Indicators

Summary

This website contacted 17 IPs in 4 countries across 12 domains to perform 52 HTTP transactions. The main IP is 18.196.84.222, located in Frankfurt am Main, Germany and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is www.demheads.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on June 7th 2019. Valid for: 3 months.

This is the only time www.demheads.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.183.102.22 54.183.102.22	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
8	18.196.84.222 18.196.84.222	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
14	2600:9000:200... 2600:9000:200d:2a00:f:858:b480:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:825::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
5	2600:9000:200... 2600:9000:200d:2400:7:859a:e9c0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
5	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	13.35.254.66 13.35.254.66	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
4	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
4	52.24.158.149 52.24.158.149	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE - Google LLC)
1	151.101.0.176 151.101.0.176	54113 (FASTLY) (FASTLY - Fastly)
1	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER - Twitter Inc.)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
52	17

1 54.183.102.22 (San Jose, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-183-102-22.us-west-1.compute.amazonaws.com

demheads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.196.84.222 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-196-84-222.eu-central-1.compute.amazonaws.com

www.demheads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2600:9000:200d:2a00:f:858:b480:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

static-assets.strikinglycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:200d:2400:7:859a:e9c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

user-images.strikinglycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.254.66 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-254-66.fra6.r.cloudfront.net

d26b395fwzu5fz.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.24.158.149 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-24-158-149.us-west-2.compute.amazonaws.com

api.keen.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.0.176 (United States)

ASN54113 (FASTLY - Fastly, US)

checkout.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:216:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States)

ASN13414 (TWITTER - Twitter Inc., US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	strikinglycdn.com static-assets.strikinglycdn.com user-images.strikinglycdn.com	3 MB
9	demheads.com 1 redirects demheads.com www.demheads.com	36 KB
5	twitter.com platform.twitter.com syndication.twitter.com	31 KB
5	gstatic.com fonts.gstatic.com	102 KB
4	keen.io api.keen.io	1 KB
3	facebook.com staticxx.facebook.com www.facebook.com
2	facebook.net connect.facebook.net	61 KB
2	google-analytics.com 1 redirects www.google-analytics.com	17 KB
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	34 KB
1	stripe.com checkout.stripe.com	26 KB
1	doubleclick.net stats.g.doubleclick.net	113 B
1	cloudfront.net d26b395fwzu5fz.cloudfront.net	10 KB
52	12

	Domain	Requested by
14	static-assets.strikinglycdn.com	www.demheads.com static-assets.strikinglycdn.com
8	www.demheads.com	static-assets.strikinglycdn.com
5	fonts.gstatic.com	www.demheads.com static-assets.strikinglycdn.com
5	user-images.strikinglycdn.com	www.demheads.com
4	api.keen.io	d26b395fwzu5fz.cloudfront.net www.demheads.com
4	platform.twitter.com	static-assets.strikinglycdn.com platform.twitter.com
2	www.facebook.com	connect.facebook.net
2	connect.facebook.net	static-assets.strikinglycdn.com connect.facebook.net
2	www.google-analytics.com	1 redirects www.demheads.com
1	syndication.twitter.com	www.demheads.com
1	staticxx.facebook.com	connect.facebook.net
1	checkout.stripe.com	static-assets.strikinglycdn.com
1	stats.g.doubleclick.net	www.demheads.com
1	d26b395fwzu5fz.cloudfront.net	static-assets.strikinglycdn.com
1	ajax.googleapis.com	www.demheads.com
1	fonts.googleapis.com	www.demheads.com
1	demheads.com	1 redirects
52	17

This site contains no links.

Subject Issuer	Validity	Valid
www.demheads.com Let's Encrypt Authority X3	`2019-06-07` - `2019-09-05`	3 months	crt.sh
*.strikinglycdn.com Amazon	`2018-05-14` - `2019-06-14`	a year	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-05-21` - `2019-08-13`	3 months	crt.sh
*.google.com Google Internet Authority G3	`2019-05-21` - `2019-08-13`	3 months	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-05-28` - `2019-08-20`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2018-10-08` - `2019-10-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-04-22` - `2019-07-21`	3 months	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2018-11-19` - `2019-11-27`	a year	crt.sh
*.keen.io Amazon	`2019-05-14` - `2020-06-14`	a year	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2019-05-21` - `2019-08-13`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2019-05-21` - `2019-09-03`	3 months	crt.sh
syndication.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-04-09` - `2020-04-01`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.demheads.com/
Frame ID: 4B5558E1D546F74911481A0CEE9597BB
Requests: 48 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d753e00c3e838c1b2558149bd3f6ecb8.html?origin=https%3A%2F%2Fwww.demheads.com
Frame ID: 7138E783F86E8C54FB4D55108CE36E17
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 05534CB0D7ED6E4D7A98146522927EEE
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.d753e00c3e838c1b2558149bd3f6ecb8.en.html
Frame ID: 680F2F5DACFAA5687A0045FA59876143
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/connect/ping?client_id=138736959550286&domain=www.demheads.com&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df21c78f39182ae4%26domain%3Dwww.demheads.com%26origin%3Dhttps%253A%252F%252Fwww.demheads.com%252Ff3f22b2efebd9a8%26relation%3Dparent&response_type=token%2Csigned_request&sdk=joey
Frame ID: EC84E01CB8C9D57C5DB2306FCF9E29A6
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/like.php?app_id=138736959550286&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df1f1c74123bf5cc%26domain%3Dwww.demheads.com%26origin%3Dhttps%253A%252F%252Fwww.demheads.com%252Ff3f22b2efebd9a8%26relation%3Dparent.parent&container_width=0&font=arial&href=http%3A%2F%2Fwww.demheads.com%2F&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=100
Frame ID: BDBB61483C204C1EAE465EED5AFA6D32
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://demheads.com/ HTTP 301
https://www.demheads.com/ Page URL

Detected technologies

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

env /^React$/i

BugSnag (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^BugSnag$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^gaGlobal$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

webpack (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

env /^webpackJsonp$/i

Page Statistics

52
Requests

100 %
HTTPS

65 %
IPv6

12
Domains

17
Subdomains

17
IPs

4
Countries

2885 kB
Transfer

7903 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://demheads.com/ HTTP 301
https://www.demheads.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://www.google-analytics.com/r/collect?v=1&_v=j76&aip=1&a=22988543&t=pageview&_s=1&dl=https%3A%2F%2Fwww.demheads.com%2F&ul=en-us&de=UTF-8&dt=Dem%20Heads&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aEBAAEABG~&jid=1885188705&gjid=847026311&cid=929233242.1560387375&tid=UA-25124444-6&_gid=1236861311.1560387375&_r=1&z=1896855841 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-25124444-6&cid=929233242.1560387375&jid=1885188705&_gid=1236861311.1560387375&gjid=847026311&_v=j76&z=1896855841

52 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.demheads.com/
Redirect Chain

http://demheads.com/
https://www.demheads.com/

92 KB
26 KB

175ms
107ms

Document
text/html

18.196.84.222
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.demheads.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.84.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-196-84-222.eu-central-1.compute.amazonaws.com
Software: openresty /
Resource Hash: cc83524555c84b2de25a31daad986fb2c4658f75cb2d0e05b627448041a4b907

Request headers

Host: www.demheads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: openresty
Date: Thu, 13 Jun 2019 00:56:14 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Strikingly-Cached: current
Strikingly-Cached-Version: 1532005011-0
Strikingly-Cache-Region: eu-central-1
Content-Encoding: gzip

Redirect headers

Server: openresty
Date: Thu, 13 Jun 2019 00:56:14 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://www.demheads.com/

GET
H2 200 _reset-e86dc20205eb267eb1803edb4281063d0db8db4dde3345771532819dae916332.css
static-assets.strikinglycdn.com/ 1 KB
990 B 81ms
8ms Stylesheet
text/css 2600:9000:200d:2a00:f:858:b480:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://static-assets.strikinglycdn.com/_reset-e86dc20205eb267eb1803edb4281063d0db8db4dde3345771532819dae916332.css
Requested by: Host: www.demheads.com
URL: https://www.demheads.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200d:2a00:f:858:b480:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e86dc20205eb267eb1803edb4281063d0db8db4dde3345771532819dae916332

Request headers

Referer: https://www.demheads.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 01 Jun 2019 19:30:17 GMT
content-encoding: gzip
last-modified: Fri, 18 Aug 2017 05:40:01 GMT
server: AmazonS3
age: 969958
etag: "9a6e5c5680ede363cb16d92d9a915ceb"
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
status: 200
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA50
accept-ranges: bytes
content-length: 610
via: 1.1 96c175ce63da79b249fc4597809077cc.cloudfront.net (CloudFront)
x-amz-cf-id: l1ZcqqV9cVy5ZQYi8UirgrD8O2QmbNE6Vo5joVl4sfR0mkKBCTbWzQ==

GET
H2 200 css
fonts.googleapis.com/ 43 KB
2 KB 30ms
30ms Stylesheet
text/css 2a00:1450:4001:808::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700|Roboto:300,700,300italic,700italic|Open+Sans:300italic,400italic,600italic,700italic,300,400,600,700|Playfair+Display:400,700,400italic,700italic|Vollkorn:400,400italic&subset=latin,latin-ext

Requested by

Host: www.demheads.com
URL: https://www.demheads.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

8d7540d316e1b508b3da774396e0e6eaca45b8e266c80b1d58d120736ea2349c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.demheads.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Thu, 13 Jun 2019 00:56:14 GMT
server: ESF
access-control-allow-origin: *
date: Thu, 13 Jun 2019 00:56:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Thu, 13 Jun 2019 00:56:14 GMT

GET
H2 200 main_v4.43bef4d23123dd0cb37c.bundle.css
static-assets.strikinglycdn.com/themes/minimal/ 588 KB
75 KB 81ms
8ms Stylesheet
text/css 2600:9000:200d:2a00:f:858:b480:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://static-assets.strikinglycdn.com/themes/minimal/main_v4.43bef4d23123dd0cb37c.bundle.css
Requested by: Host: www.demheads.com
URL: https://www.demheads.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200d:2a00:f:858:b480:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5f7ebb4ebf6b390120b134de9ceb027fbd620ec1ae662fa6224d60c7a9da98c9

Request headers

Referer: https://www.demheads.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 May 2019 07:43:47 GMT
content-encoding: gzip
last-modified: Thu, 23 May 2019 15:27:49 GMT
server: AmazonS3
age: 1444348
etag: "83a1031593c2f75333a1a5e5d64cfa4e"
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
status: 200
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA50
accept-ranges: bytes
content-length: 75839
via: 1.1 96c175ce63da79b249fc4597809077cc.cloudfront.net (CloudFront)
x-amz-cf-id: hCwbD6rsweSfaSWgNGEBeRZQcC79Z1Dqmtzt3IS5fUT5fzkv4gxtDA==

GET
H2 200 detectIE-c385c24313ef0e9e4e7a1e131bf5e59f0fbd468f9f9ef44fd6739ae84ef0c0a4.js Show response
static-assets.strikinglycdn.com/ 2 KB
1 KB 81ms
10ms Script
application/javascript 2600:9000:200d:2a00:f:858:b480:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://static-assets.strikinglycdn.com/detectIE-c385c24313ef0e9e4e7a1e131bf5e59f0fbd468f9f9ef44fd6739ae84ef0c0a4.js
Requested by: Host: www.demheads.com
URL: https://www.demheads.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200d:2a00:f:858:b480:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c385c24313ef0e9e4e7a1e131bf5e59f0fbd468f9f9ef44fd6739ae84ef0c0a4

Request headers

Referer: https://www.demheads.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 19 May 2019 18:31:45 GMT
content-encoding: gzip
last-modified: Tue, 26 Feb 2019 04:11:38 GMT
server: AmazonS3
age: 2096670
etag: "1a1ccb664791dd666f6f567c685dcc6c"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA50
accept-ranges: bytes
content-length: 1094
via: 1.1 96c175ce63da79b249fc4597809077cc.cloudfront.net (CloudFront)
x-amz-cf-id: 1q06h1gPYrXOW1wxIUx-AjOGmcrlNJAt-fnep_dj2iE_5lLkjyDhmw==

GET
H2 200 default.png
static-assets.strikinglycdn.com/images/fb_images/ 24 KB
24 KB 77ms
10ms Image
image/png 2600:9000:200d:2a00:f:858:b480:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-assets.strikinglycdn.com/images/fb_images/default.png
Requested by: Host: www.demheads.com
URL: https://www.demheads.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200d:2a00:f:858:b480:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a3ce66fe784837a03739b77db2fdec8a933861ab0299dc6538256a2aa7a81070

Request headers

Referer: https://www.demheads.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 28 May 2019 16:55:30 GMT
via: 1.1 96c175ce63da79b249fc4597809077cc.cloudfront.net (CloudFront)
last-modified: Tue, 20 Feb 2018 04:29:34 GMT
server: AmazonS3
age: 1324845
etag: "cb1359f49e3fadc66a59f3a0cc7b455b"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA50
accept-ranges: bytes
content-length: 24472
x-amz-cf-id: nX9QhRqrCLDF3Q4kLaKqNXjXflaC8TDFMK0HGxOsf7kIzt8hf4zRyQ==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.10.0/ 91 KB
32 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:825::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.10.0/jquery.min.js

Requested by

Host: www.demheads.com
URL: https://www.demheads.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

1e80de36726582824df3f9a7eb6ecdfe9827fc5a7c69f597b1502ebc13950ecd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.demheads.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 May 2019 23:59:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1040206
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 32964
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 May 2020 23:59:28 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 i18n-2ace11ac644d0b40fb8b7cb65e9dd1e553022750e0254118dacbe1fe50735e97.js Show response
static-assets.strikinglycdn.com/ 10 KB
4 KB 68ms
11ms Script
application/javascript 2600:9000:200d:2a00:f:858:b480:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://static-assets.strikinglycdn.com/i18n-2ace11ac644d0b40fb8b7cb65e9dd1e553022750e0254118dacbe1fe50735e97.js
Requested by: Host: www.demheads.com
URL: https://www.demheads.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200d:2a00:f:858:b480:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2ace11ac644d0b40fb8b7cb65e9dd1e553022750e0254118dacbe1fe50735e97

Request headers

Referer: https://www.demheads.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 02 Jun 2019 00:47:32 GMT
content-encoding: gzip
last-modified: Fri, 23 Mar 2018 11:54:19 GMT
server: AmazonS3
age: 950922
etag: "5e2b612b4864ba143b59cfef4959b1d1"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA50
accept-ranges: bytes
content-length: 3527
via: 1.1 96c175ce63da79b249fc4597809077cc.cloudfront.net (CloudFront)
x-amz-cf-id: J-BU6lTyLH5V6pmwbsp-XpYoACai_I7xWqQLTzxHO-3b1rbLOc5Uyw==

GET
H2 200 site-dll.69d97d155a9c69cdc394.js Show response
static-assets.strikinglycdn.com/webpack/ 2 MB
555 KB 77ms
20ms Script
application/javascript 2600:9000:200d:2a00:f:858:b480:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://static-assets.strikinglycdn.com/webpack/site-dll.69d97d155a9c69cdc394.js
Requested by: Host: www.demheads.com
URL: https://www.demheads.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200d:2a00:f:858:b480:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 400337b9adcc07c02489eef60c98c5cc63ee2dd20db2e21d6643bdd1071151ac

Request headers

Referer: https://www.demheads.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 11 Jun 2019 08:34:05 GMT
content-encoding: gzip
last-modified: Mon, 03 Jun 2019 10:56:43 GMT
server: AmazonS3
age: 145330
etag: "c7c0073b2394e8e06a431eaefcf00a9c"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA50
accept-ranges: bytes
content-length: 566987
via: 1.1 96c175ce63da79b249fc4597809077cc.cloudfront.net (CloudFront)
x-amz-cf-id: t8mInOEV2XjnCf74nGT_4bgRSYf_kXd9_xgqAXv9l92VJiMFrW-L3w==

GET
H2 200 page-site-bundle.9429f96460941ea2acd3.js Show response
static-assets.strikinglycdn.com/webpack/ 2 MB
481 KB 25ms
24ms Script
application/javascript 2600:9000:200d:2a00:f:858:b480:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://static-assets.strikinglycdn.com/webpack/page-site-bundle.9429f96460941ea2acd3.js
Requested by: Host: www.demheads.com
URL: https://www.demheads.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200d:2a00:f:858:b480:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e8e7a4170928b9dbd20fc08e61ac0af47dda897b53107582ce5cc958dcba5f0f

Request headers

Referer: https://www.demheads.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 11 Jun 2019 08:34:05 GMT
content-encoding: gzip
last-modified: Mon, 10 Jun 2019 19:58:00 GMT
server: AmazonS3
age: 145330
etag: "850c75e069723e542d4dbe410f09ddf7"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA50
accept-ranges: bytes
content-length: 491296
via: 1.1 96c175ce63da79b249fc4597809077cc.cloudfront.net (CloudFront)
x-amz-cf-id: iD9FzXB7Xa0Fs5xrpa_tIFm1uV5ArM4OFKj9dfvdjw_0Qc5atpjmgA==

GET
H2 200 photo-1456078003870-929d5986f0f5_atw7oi.jpg
user-images.strikinglycdn.com/res/hrscywv4p/image/upload/c_limit,fl_lossy,h_1500,w_2000,f_auto,q_auto/1/ 734 KB
735 KB 115ms
22ms Image
image/webp 2600:9000:200d:2400:7:859a:e9c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user-images.strikinglycdn.com/res/hrscywv4p/image/upload/c_limit,fl_lossy,h_1500,w_2000,f_auto,q_auto/1/photo-1456078003870-929d5986f0f5_atw7oi.jpg
Requested by: Host: www.demheads.com
URL: https://www.demheads.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200d:2400:7:859a:e9c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: /
Resource Hash: 809cf370321cbdef8dc3cf50c2d185fb6f536875ef5f2f94035a3bb58637390c

Request headers

Referer: https://www.demheads.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 12 Jun 2019 10:10:47 GMT
via: 1.1 59574f77a7cf2d23d64904db278e5711.cloudfront.net (CloudFront), 1.1 761f19bc2f5721b0be0a41147e1e925f.cloudfront.net (CloudFront)
age: 53127
x-amz-apigw-id: bKViHF_OtjMFlBQ=
x-amzn-requestid: 58d72c7a-8cfa-11e9-bf50-9bdc01c90bd5
x-cache: Hit from cloudfront
content-type: image/webp
status: 200
x-amzn-trace-id: Root=1-5d00cfa7-90f6bba0f77af360740226be;Sampled=0
x-amz-cf-pop: FRA53, FRA50
access-control-allow-origin: *
content-length: 751560
x-amz-cf-id: ZUdsmu3SCxwyhWsA3t-23e73neLRR728iot_IGsH24THG-j8OpGAvQ==

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wdhzg.ttf
fonts.gstatic.com/s/montserrat/v13/ 74 KB
37 KB 7ms
6ms Font
font/ttf 2a00:1450:4001:81e::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v13/JTUSjIg1_i6t8kCHKm459Wdhzg.ttf

Requested by

Host: www.demheads.com
URL: https://www.demheads.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

9077b93e8e83965b30c94e8e38de037646c593f3adf3dca8fceb3575b7de89cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.demheads.com/
Origin: https://www.demheads.com

Response headers

date: Sat, 01 Jun 2019 16:04:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 982308
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 38200
x-xss-protection: 0
last-modified: Mon, 25 Mar 2019 20:06:10 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 May 2020 16:04:26 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fChc9.ttf
fonts.gstatic.com/s/roboto/v19/ 54 KB
30 KB 9ms
7ms Font
font/ttf 2a00:1450:4001:81e::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmSU5fChc9.ttf

Requested by

Host: www.demheads.com
URL: https://www.demheads.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

1599ec54327a5d343da84196e547f94e01c17bae903eec8785c7f6a9df1c150d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.demheads.com/
Origin: https://www.demheads.com

Response headers

date: Sat, 01 Jun 2019 15:44:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 983507
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 30260
x-xss-protection: 0
last-modified: Mon, 25 Mar 2019 20:12:23 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 May 2020 15:44:27 GMT

GET
H2 200 jquery-f4e2137d267f77818d966e03df031337a38003039d43f15029422ddd171e14c4.js Show response
static-assets.strikinglycdn.com/ 91 KB
33 KB 25ms
25ms Script
application/javascript 2600:9000:200d:2a00:f:858:b480:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://static-assets.strikinglycdn.com/jquery-f4e2137d267f77818d966e03df031337a38003039d43f15029422ddd171e14c4.js
Requested by: Host: www.demheads.com
URL: https://www.demheads.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200d:2a00:f:858:b480:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f4e2137d267f77818d966e03df031337a38003039d43f15029422ddd171e14c4

Request headers

Referer: https://www.demheads.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 18 May 2019 08:41:03 GMT
content-encoding: gzip
last-modified: Fri, 23 Mar 2018 11:54:19 GMT
server: AmazonS3
age: 2218512
etag: "6575b8af74dcd925b6f6ce17c2b6e807"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA50
accept-ranges: bytes
content-length: 33038
via: 1.1 96c175ce63da79b249fc4597809077cc.cloudfront.net (CloudFront)
x-amz-cf-id: KzD1FJbxcLmr23Fyu9vbLV8gxyHvV8SsUzIPMfvn_UbMdwBbreR8UQ==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:820::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.demheads.com
URL: https://www.demheads.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.demheads.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 21 May 2019 23:53:44 GMT
server: Golfe2
age: 5019
date: Wed, 12 Jun 2019 23:32:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 17595
expires: Thu, 13 Jun 2019 01:32:35 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v13/ 13 KB
13 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:81e::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v13/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: www.demheads.com
URL: https://www.demheads.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,700|Roboto:300,700,300italic,700italic|Open+Sans:300italic,400italic,600italic,700italic,300,400,600,700|Playfair+Display:400,700,400italic,700italic|Vollkorn:400,400italic&subset=latin,latin-ext
Origin: https://www.demheads.com

Response headers

date: Sat, 01 Jun 2019 12:20:22 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:05:58 GMT
server: sffe
age: 995752
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13708
x-xss-protection: 0
expires: Sun, 31 May 2020 12:20:22 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v19/ 11 KB
11 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:81e::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: www.demheads.com
URL: https://www.demheads.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,700|Roboto:300,700,300italic,700italic|Open+Sans:300italic,400italic,600italic,700italic,300,400,600,700|Playfair+Display:400,700,400italic,700italic|Vollkorn:400,400italic&subset=latin,latin-ext
Origin: https://www.demheads.com

Response headers

date: Sun, 02 Jun 2019 21:49:12 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:14:42 GMT
server: sffe
age: 875222
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11180
x-xss-protection: 0
expires: Mon, 01 Jun 2020 21:49:12 GMT

GET
H/1.1 200
OK keen.min.js Show response
d26b395fwzu5fz.cloudfront.net/2.1.2/ 33 KB
10 KB 50ms
7ms Script
application/javascript 13.35.254.66
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d26b395fwzu5fz.cloudfront.net/2.1.2/keen.min.js
Requested by: Host: static-assets.strikinglycdn.com
URL: https://static-assets.strikinglycdn.com/webpack/page-site-bundle.9429f96460941ea2acd3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.254.66 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-35-254-66.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fc6361eb4e39345aaa4fb4e1aaff5341a60f5322f4887dabf5fae33e8023c7e4

Request headers

Referer: https://www.demheads.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 02 Nov 2018 17:44:25 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Jun 2014 18:40:07 GMT
Server: AmazonS3
Age: 19206710
ETag: "ed5707d69343c91c9221b6991e4187c2"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
Cache-Control: max-age=630720000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10132
X-Amz-Cf-Id: C5NtvMWg0iJ0BlXHBL91mE2f84X-aY5Hs2LAvuuR2enclLtsXmkmhw==
Expires: Wed, 01 Jun 2016 18:40:05 GMT

GET
H2 200 29.9429f96460941ea2acd3-site-bundle.js Show response
static-assets.strikinglycdn.com/webpack/ 124 KB
34 KB 9ms
8ms Script
application/javascript 2600:9000:200d:2a00:f:858:b480:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://static-assets.strikinglycdn.com/webpack/29.9429f96460941ea2acd3-site-bundle.js
Requested by: Host: static-assets.strikinglycdn.com
URL: https://static-assets.strikinglycdn.com/webpack/page-site-bundle.9429f96460941ea2acd3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200d:2a00:f:858:b480:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0f4c1c6c133aeb84e3e1ac0b397576b10731f3d013cc20d7b350f86a994c4c6f

Request headers

Referer: https://www.demheads.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 11 Jun 2019 08:34:08 GMT
content-encoding: gzip
last-modified: Mon, 10 Jun 2019 19:57:51 GMT
server: AmazonS3
age: 145327
etag: "1ab3e94ae9592787504ca8b5460a9ab3"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA50
accept-ranges: bytes
content-length: 34128
via: 1.1 96c175ce63da79b249fc4597809077cc.cloudfront.net (CloudFront)
x-amz-cf-id: _E9orRqVGrQJ57h5J5u96Rpe_7ohg7h6Bur98VbKibqPdVVjRN4lIw==

GET
H2 200 3.9429f96460941ea2acd3-site-bundle.js Show response
static-assets.strikinglycdn.com/webpack/ 471 KB
102 KB 67ms
66ms Script
application/javascript 2600:9000:200d:2a00:f:858:b480:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://static-assets.strikinglycdn.com/webpack/3.9429f96460941ea2acd3-site-bundle.js
Requested by: Host: static-assets.strikinglycdn.com
URL: https://static-assets.strikinglycdn.com/webpack/page-site-bundle.9429f96460941ea2acd3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200d:2a00:f:858:b480:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 907d0d0aae44d4ab5d07747e9da9ee465ddc83bb0374593a27403fd054115c8f

Request headers

Referer: https://www.demheads.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 11 Jun 2019 08:52:28 GMT
content-encoding: gzip
last-modified: Mon, 10 Jun 2019 19:57:51 GMT
server: AmazonS3
age: 144227
etag: "bf0e6b1d9fb9932e7ec0d24b427046dc"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA50
accept-ranges: bytes
content-length: 103907
via: 1.1 96c175ce63da79b249fc4597809077cc.cloudfront.net (CloudFront)
x-amz-cf-id: zf-nQsANTgEmudKO9Gz80ju5gszFni38_XexWC435vxPUimnLL7NTQ==

GET
H2 200 42.9429f96460941ea2acd3-site-bundle.js Show response
static-assets.strikinglycdn.com/webpack/ 56 KB
8 KB 12ms
12ms Script
application/javascript 2600:9000:200d:2a00:f:858:b480:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://static-assets.strikinglycdn.com/webpack/42.9429f96460941ea2acd3-site-bundle.js
Requested by: Host: static-assets.strikinglycdn.com
URL: https://static-assets.strikinglycdn.com/webpack/page-site-bundle.9429f96460941ea2acd3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200d:2a00:f:858:b480:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b1fcd3233a1200c090eb44a046e9b5423d52454059adf7a26ac81bbaa878597

Request headers

Referer: https://www.demheads.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 11 Jun 2019 08:52:28 GMT
content-encoding: gzip
last-modified: Mon, 10 Jun 2019 19:57:54 GMT
server: AmazonS3
age: 144227
etag: "1f9996e1600e9ea885d3109cae0c0c02"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA50
accept-ranges: bytes
content-length: 7312
via: 1.1 96c175ce63da79b249fc4597809077cc.cloudfront.net (CloudFront)
x-amz-cf-id: aG5moA0O8cgomXBNOXKdYHOpvZtUqFlOCd7GSAxbrIFI0NEoibuDzw==

GET
H2 200 photo-1450297428000-5f0b50540da9_ztaz1y.jpg
user-images.strikinglycdn.com/res/hrscywv4p/image/upload/c_limit,fl_lossy,h_9000,w_1200,f_auto,q_auto/1/ 180 KB
180 KB 23ms
22ms Image
image/webp 2600:9000:200d:2400:7:859a:e9c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user-images.strikinglycdn.com/res/hrscywv4p/image/upload/c_limit,fl_lossy,h_9000,w_1200,f_auto,q_auto/1/photo-1450297428000-5f0b50540da9_ztaz1y.jpg
Requested by: Host: www.demheads.com
URL: https://www.demheads.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200d:2400:7:859a:e9c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: /
Resource Hash: 76d7156219359a12132472ac5d7df0881e1649a9f3c310486ee2e6e08fb96f03

Request headers

Referer: https://www.demheads.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 12 Jun 2019 10:10:48 GMT
via: 1.1 0c23bed0dc9f1c700b571cf55c540239.cloudfront.net (CloudFront), 1.1 761f19bc2f5721b0be0a41147e1e925f.cloudfront.net (CloudFront)
age: 53126
x-amz-apigw-id: bKViSGdPtjMFrjw=
x-amzn-requestid: 5974a50d-8cfa-11e9-8e6c-af9ad3e1270c
x-cache: Hit from cloudfront
content-type: image/webp
status: 200
x-amzn-trace-id: Root=1-5d00cfa8-cd2b02c622193ea0a2673f17;Sampled=0
x-amz-cf-pop: FRA53, FRA50
access-control-allow-origin: *
content-length: 184082
x-amz-cf-id: DW82I46C58E5ub4X82eKbwWfi1GzARwAvrGzs-GWUc487WnIv6M1VQ==

GET
H/1.1 200
OK products Show response
www.demheads.com/r/v1/sites/12458764/ 1 KB
2 KB 542ms
541ms XHR
application/json 18.196.84.222
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.demheads.com/r/v1/sites/12458764/products?per=30&page=1

Requested by

Host: static-assets.strikinglycdn.com
URL: https://static-assets.strikinglycdn.com/jquery-f4e2137d267f77818d966e03df031337a38003039d43f15029422ddd171e14c4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.196.84.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-18-196-84-222.eu-central-1.compute.amazonaws.com

Software

openresty /

Resource Hash

74b26b5673f67125d8cc9194ba1bc3f7aa96c866f5f4813ed572a54b593bc85a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.demheads.com/
X-CSRF-Token: undefined
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
X-Requested-With: XMLHttpRequest
Content-Type: application/json; charset=UTF-8

Response headers

X-Runtime: 0.036881
Date: Thu, 13 Jun 2019 00:56:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: openresty
ETag: W/"da23f5b3ea47120b5cb5555667047a9c"
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Status: 200 OK
Cache-Control: max-age=10, public, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 486d187996e1bb9c98ddda3bea099074

GET
H/1.1 200
OK ecommerce Show response
www.demheads.com/r/v1/sites/12458764/ 1022 B
2 KB 581ms
548ms XHR
application/json 18.196.84.222
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.demheads.com/r/v1/sites/12458764/ecommerce

Requested by

Host: static-assets.strikinglycdn.com
URL: https://static-assets.strikinglycdn.com/jquery-f4e2137d267f77818d966e03df031337a38003039d43f15029422ddd171e14c4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.196.84.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-18-196-84-222.eu-central-1.compute.amazonaws.com

Software

openresty /

Resource Hash

20232685ef45a1b191b95c5ac37a687febf71af608f832307ef5c388a9ffceaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.demheads.com/
X-CSRF-Token: undefined
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
X-Requested-With: XMLHttpRequest
Content-Type: application/json; charset=UTF-8

Response headers

X-Runtime: 0.047117
Date: Thu, 13 Jun 2019 00:56:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: openresty
ETag: W/"d1525be3d469882eef139e390b78daae"
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Status: 200 OK
Cache-Control: max-age=0, public, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: beab2c4a229c37bea2a0b2a7acb87d70

GET
H/1.1 200
OK categories Show response
www.demheads.com/r/v1/sites/12458764/ 11 B
958 B 558ms
527ms XHR
application/json 18.196.84.222
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.demheads.com/r/v1/sites/12458764/categories

Requested by

Host: static-assets.strikinglycdn.com
URL: https://static-assets.strikinglycdn.com/jquery-f4e2137d267f77818d966e03df031337a38003039d43f15029422ddd171e14c4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.196.84.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-18-196-84-222.eu-central-1.compute.amazonaws.com

Software

openresty /

Resource Hash

8fe32e407a1038ee38753b70e5374b3a46d6ae9d5f16cd5b73c53abaca8f5ed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.demheads.com/
X-CSRF-Token: undefined
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
X-Requested-With: XMLHttpRequest
Content-Type: application/json; charset=UTF-8

Response headers

X-Runtime: 0.026835
Date: Thu, 13 Jun 2019 00:56:15 GMT
X-Content-Type-Options: nosniff
Server: openresty
ETag: W/"e0234245cb00aa260ccfa99a9a0b235e"
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Status: 200 OK
Cache-Control: max-age=0, public, must-revalidate
Connection: keep-alive
Content-Length: 11
X-XSS-Protection: 1; mode=block
X-Request-Id: f0f1de153fc0edd618a565f479b61bef

GET
H/1.1 200
OK products Show response
www.demheads.com/r/v1/sites/12458764/ 1 KB
2 KB 586ms
556ms XHR
application/json 18.196.84.222
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.demheads.com/r/v1/sites/12458764/products?per=30&page=1

Requested by

Host: static-assets.strikinglycdn.com
URL: https://static-assets.strikinglycdn.com/jquery-f4e2137d267f77818d966e03df031337a38003039d43f15029422ddd171e14c4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.196.84.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-18-196-84-222.eu-central-1.compute.amazonaws.com

Software

openresty /

Resource Hash

74b26b5673f67125d8cc9194ba1bc3f7aa96c866f5f4813ed572a54b593bc85a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.demheads.com/
X-CSRF-Token: undefined
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
X-Requested-With: XMLHttpRequest
Content-Type: application/json; charset=UTF-8

Response headers

X-Runtime: 0.053217
Date: Thu, 13 Jun 2019 00:56:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: openresty
ETag: W/"da23f5b3ea47120b5cb5555667047a9c"
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Status: 200 OK
Cache-Control: max-age=10, public, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: f6f95f66f7d78821b0ae52c11464458a

GET
H/1.1 200
OK ecommerce Show response
www.demheads.com/r/v1/sites/12458764/ 1022 B
2 KB 620ms
585ms XHR
application/json 18.196.84.222
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.demheads.com/r/v1/sites/12458764/ecommerce

Requested by

Host: static-assets.strikinglycdn.com
URL: https://static-assets.strikinglycdn.com/jquery-f4e2137d267f77818d966e03df031337a38003039d43f15029422ddd171e14c4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.196.84.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-18-196-84-222.eu-central-1.compute.amazonaws.com

Software

openresty /

Resource Hash

20232685ef45a1b191b95c5ac37a687febf71af608f832307ef5c388a9ffceaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.demheads.com/
X-CSRF-Token: undefined
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
X-Requested-With: XMLHttpRequest
Content-Type: application/json; charset=UTF-8

Response headers

X-Runtime: 0.079016
Date: Thu, 13 Jun 2019 00:56:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: openresty
ETag: W/"d1525be3d469882eef139e390b78daae"
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Status: 200 OK
Cache-Control: max-age=0, public, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 2eff0c7218647d4c0e9e8a346d212632

GET
H/1.1 200
OK categories Show response
www.demheads.com/r/v1/sites/12458764/ 11 B
954 B 560ms
526ms XHR
application/json 18.196.84.222
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.demheads.com/r/v1/sites/12458764/categories

Requested by

Host: static-assets.strikinglycdn.com
URL: https://static-assets.strikinglycdn.com/jquery-f4e2137d267f77818d966e03df031337a38003039d43f15029422ddd171e14c4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.196.84.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-18-196-84-222.eu-central-1.compute.amazonaws.com

Software

openresty /

Resource Hash

8fe32e407a1038ee38753b70e5374b3a46d6ae9d5f16cd5b73c53abaca8f5ed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.demheads.com/
X-CSRF-Token: undefined
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
X-Requested-With: XMLHttpRequest
Content-Type: application/json; charset=UTF-8

Response headers

X-Runtime: 0.024097
Date: Thu, 13 Jun 2019 00:56:15 GMT
X-Content-Type-Options: nosniff
Server: openresty
ETag: W/"e0234245cb00aa260ccfa99a9a0b235e"
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Status: 200 OK
Cache-Control: max-age=0, public, must-revalidate
Connection: keep-alive
Content-Length: 11
X-XSS-Protection: 1; mode=block
X-Request-Id: 30525df081dc14e44bad987955679bb0

POST
H/1.1 200
OK list_products Show response
www.demheads.com/r/v1/ 152 B
1 KB 1033ms
525ms XHR
application/json 18.196.84.222
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.demheads.com/r/v1/list_products

Requested by

Host: static-assets.strikinglycdn.com
URL: https://static-assets.strikinglycdn.com/jquery-f4e2137d267f77818d966e03df031337a38003039d43f15029422ddd171e14c4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.196.84.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-18-196-84-222.eu-central-1.compute.amazonaws.com

Software

openresty /

Resource Hash

5c6659c93ac45d4ee04a56b75e6f982915235a50c5926f1687a243366cc686f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.demheads.com/
Origin: https://www.demheads.com
X-CSRF-Token: undefined
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
X-Requested-With: XMLHttpRequest
Content-Type: application/json; charset=UTF-8

Response headers

X-Runtime: 0.020313
Date: Thu, 13 Jun 2019 00:56:16 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: openresty
ETag: W/"70b14267399671615910ad297f995069"
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Status: 200 OK
Cache-Control: max-age=10, public, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: e82abdfd44ff6d51021ac4783df79da4

GET
H2 200 ac1e37c7671842288c03fd994ae68b6e_gz76yk.jpg
user-images.strikinglycdn.com/res/hrscywv4p/image/upload/c_limit,fl_lossy,h_1500,w_2000,f_auto,q_auto/1/ 67 KB
67 KB 19ms
19ms Image
image/webp 2600:9000:200d:2400:7:859a:e9c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user-images.strikinglycdn.com/res/hrscywv4p/image/upload/c_limit,fl_lossy,h_1500,w_2000,f_auto,q_auto/1/ac1e37c7671842288c03fd994ae68b6e_gz76yk.jpg
Requested by: Host: www.demheads.com
URL: https://www.demheads.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200d:2400:7:859a:e9c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: /
Resource Hash: 341ddafcefcb4bca958bb22bcd4330a033191eb900f48e7fab8e01fdcc116e43

Request headers

Referer: https://www.demheads.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 12 Jun 2019 09:30:55 GMT
via: 1.1 150f249515041adfcc44683bff172916.cloudfront.net (CloudFront), 1.1 761f19bc2f5721b0be0a41147e1e925f.cloudfront.net (CloudFront)
age: 55520
x-amz-apigw-id: bKPsZGVKtjMFjVQ=
x-amzn-requestid: c72d62c1-8cf4-11e9-ab67-7b59c695c9c0
x-cache: Hit from cloudfront
content-type: image/webp
status: 200
x-amzn-trace-id: Root=1-5d00c64f-6883a78210d44ff6bb36c3ec;Sampled=0
x-amz-cf-pop: FRA53, FRA50
access-control-allow-origin: *
content-length: 68214
x-amz-cf-id: 3F4fyJPzKAmLrspiAzjbR7Qb4YChRSf_ruNfYW-xCU6qfM3NZftwPg==

GET
H2 200 loading.4f0d7a057ab9bf47148d131d6823bc61.gif
static-assets.strikinglycdn.com/images/ 11 KB
12 KB 10ms
10ms Image
image/gif 2600:9000:200d:2a00:f:858:b480:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-assets.strikinglycdn.com/images/loading.4f0d7a057ab9bf47148d131d6823bc61.gif
Requested by: Host: static-assets.strikinglycdn.com
URL: https://static-assets.strikinglycdn.com/webpack/page-site-bundle.9429f96460941ea2acd3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200d:2a00:f:858:b480:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 75ba5383bef46c14ea6a55926e5fdee7ae0be1a5867c442d31b51e2316203360

Request headers

Referer: https://static-assets.strikinglycdn.com/themes/minimal/main_v4.43bef4d23123dd0cb37c.bundle.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 02 Jun 2019 01:32:10 GMT
via: 1.1 96c175ce63da79b249fc4597809077cc.cloudfront.net (CloudFront)
last-modified: Tue, 05 Sep 2017 10:37:01 GMT
server: AmazonS3
age: 948245
etag: "4f0d7a057ab9bf47148d131d6823bc61"
x-cache: Hit from cloudfront
content-type: image/gif
status: 200
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA50
accept-ranges: bytes
content-length: 11701
x-amz-cf-id: J19pQWq4ZeJY_isM3lnDfteONDAebsFk7JQhnIRuAtNFzqU90__wVA==

GET
H2 200 31.9429f96460941ea2acd3-site-bundle.js Show response
static-assets.strikinglycdn.com/webpack/ 166 KB
42 KB 10ms
9ms Script
application/javascript 2600:9000:200d:2a00:f:858:b480:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://static-assets.strikinglycdn.com/webpack/31.9429f96460941ea2acd3-site-bundle.js
Requested by: Host: static-assets.strikinglycdn.com
URL: https://static-assets.strikinglycdn.com/webpack/page-site-bundle.9429f96460941ea2acd3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200d:2a00:f:858:b480:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d2ef72376cd86800b93475d253a9eaf1497c0014436347db249c65e59c8d607b

Request headers

Referer: https://www.demheads.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 11 Jun 2019 09:04:26 GMT
content-encoding: gzip
last-modified: Mon, 10 Jun 2019 19:57:51 GMT
server: AmazonS3
age: 143510
etag: "3dec95a1fbc194a0e40720e86a65d44d"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA50
accept-ranges: bytes
content-length: 42672
via: 1.1 96c175ce63da79b249fc4597809077cc.cloudfront.net (CloudFront)
x-amz-cf-id: 7ZbUyi_sAmbIZyay73sTsvuvXQ_jx8EbCULD56zAdIxK8mZPq-BE3w==

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 10ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: static-assets.strikinglycdn.com
URL: https://static-assets.strikinglycdn.com/webpack/page-site-bundle.9429f96460941ea2acd3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

fb5562bf119021ef13c242c74f34cc0f8e1d3e248da218728d212f7b5fa1ce0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.demheads.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: wHADkF9Q4GO+uMmqjx5/eA==
status: 200
date: Thu, 13 Jun 2019 00:56:15 GMT
vary: Accept-Encoding
content-length: 1781
x-fb-debug: S6enJuRqkwB3G+H4v5TbYtO74Np7KWIiYTXZq4ilFzmtMwBJuXqsqKeEjZqecH46De72vls3h/nBOy4iKlnjqA==
x-fb-content-md5: 84d11afbaa8534972f1b2ae3e98bc5da
etag: "7a10d78266d282d1ead417c22ff7ab56"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 13 Jun 2019 01:16:12 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 93 KB
28 KB 76ms
20ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: static-assets.strikinglycdn.com
URL: https://static-assets.strikinglycdn.com/webpack/page-site-bundle.9429f96460941ea2acd3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/419F) /
Resource Hash: 0870a4508bc178306a11ed2b23e17d129226ebc2de988534d82324ff915cf9a6

Request headers

Referer: https://www.demheads.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 13 Jun 2019 00:56:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Jun 2019 16:50:27 GMT
Server: ECS (fcn/419F)
Etag: "c0ccc06d58626dbfe4c4102bca9dfe9c+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 28050

GET
H2 200 0.9429f96460941ea2acd3-site-bundle.js Show response
static-assets.strikinglycdn.com/webpack/ 45 KB
15 KB 9ms
8ms Script
application/javascript 2600:9000:200d:2a00:f:858:b480:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://static-assets.strikinglycdn.com/webpack/0.9429f96460941ea2acd3-site-bundle.js
Requested by: Host: static-assets.strikinglycdn.com
URL: https://static-assets.strikinglycdn.com/webpack/page-site-bundle.9429f96460941ea2acd3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200d:2a00:f:858:b480:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f85c1c197876ae061919cf36aec7db8ca76621d7c81e0b453b4d30ed20c57209

Request headers

Referer: https://www.demheads.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 11 Jun 2019 08:34:11 GMT
content-encoding: gzip
last-modified: Mon, 10 Jun 2019 19:57:47 GMT
server: AmazonS3
age: 145325
etag: "87f40c1dcd5c2ae5d7fc32406ad623ec"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA50
accept-ranges: bytes
content-length: 14731
via: 1.1 96c175ce63da79b249fc4597809077cc.cloudfront.net (CloudFront)
x-amz-cf-id: 0lfjeL667WasfUbnO2YhCM-y5XZxHANKYWRWoSqkpHBtpJ6FpV4E8w==

OPTIONS
H2 200 strikingly_pageviews Show response
api.keen.io/3.0/projects/5317e03605cd66236a000002/events/ 0
363 B 538ms
164ms XHR
text/html 52.24.158.149
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.keen.io/3.0/projects/5317e03605cd66236a000002/events/strikingly_pageviews
Requested by: Host: d26b395fwzu5fz.cloudfront.net
URL: https://d26b395fwzu5fz.cloudfront.net/2.1.2/keen.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.24.158.149 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-24-158-149.us-west-2.compute.amazonaws.com
Software: TornadoServer/4.5.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://www.demheads.com
Referer: https://www.demheads.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: authorization,content-type

Response headers

pragma: no-cache
date: Thu, 13 Jun 2019 00:56:15 GMT
server: TornadoServer/4.5.1
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,POST,DELETE,PATCH,PUT
content-type: text/html; charset=UTF-8
status: 200
cache-control: private, no-cache, no-cache=Set-Cookie, max-age=0, s-maxage=0
access-control-allow-headers: origin, content-type, accept, authorization, user-agent, keen-compute-source, keen-sdk
content-length: 0
expires: Sat, 01 Jan 2000 01:01:01 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j76&aip=1&a=22988543&t=pageview&_s=1&dl=https%3A%2F%2Fwww.demheads.com%2F&ul=en-us&de=UTF-8&dt=Dem%20Heads&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-25124444-6&cid=929233242.1560387375&jid=1885188705&_gid=1236861311.1560387375&gjid=847026311&_v=j76&z=1896855841

35 B
113 B

15ms
15ms

Image
image/gif

2a00:1450:400c:c08::9b
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-25124444-6&cid=929233242.1560387375&jid=1885188705&_gid=1236861311.1560387375&gjid=847026311&_v=j76&z=1896855841

Requested by

Host: www.demheads.com
URL: https://www.demheads.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.demheads.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Thu, 13 Jun 2019 00:56:15 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 Jun 2019 00:56:15 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-25124444-6&cid=929233242.1560387375&jid=1885188705&_gid=1236861311.1560387375&gjid=847026311&_v=j76&z=1896855841
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 418
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 197 KB
59 KB 27ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=8940f8050c2001708fb9431e4099ce18&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

15d07aff786415ba8e1906e1a5342b99cb7db8030cd3e5bd2ec07006a80b6ac9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.demheads.com/
Origin: https://www.demheads.com

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Mh/ej40kCAJVm8Q/LS5fKA==
status: 200
date: Thu, 13 Jun 2019 00:56:15 GMT
vary: Accept-Encoding
content-length: 59885
x-fb-debug: /dKfgnXGa0awnUBEXwxieoF6//oGXvUFk6DvYbJO/pz1NMa+wfo7iRZHjkpC5S2IdH7hjJ40eW65Zcx4+9vmvA==
x-fb-content-md5: 15eef38997ddfdcf84c1c1b2f33e39d0
etag: "87945533d8ceb2cc3657e4ee35a8cb44"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Thu, 11 Jun 2020 23:55:59 GMT

GET
H2 200 checkout.js Show response
checkout.stripe.com/ 100 KB
26 KB 989ms
957ms Script
application/javascript 151.101.0.176
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://checkout.stripe.com/checkout.js?_=1560387374426

Requested by

Host: static-assets.strikinglycdn.com
URL: https://static-assets.strikinglycdn.com/jquery-f4e2137d267f77818d966e03df031337a38003039d43f15029422ddd171e14c4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9279d13072a366e3fc1c1947d880ccc2db23bcbf43d7d4ae1496c5f00877e344

Security Headers

Name

Value

Content-Security-Policy

default-src 'self'; connect-src 'self' https://api.stripe.com wss://verificator.stripe.com wss://verificator-main.stripe.com https://*.stripecdn.com https://errors.stripe.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://js.stripe.com https://*.stripecdn.com https://stripecdn.com https://api.stripe.com https://maps.googleapis.com https://maps.gstatic.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.stripecdn.com; frame-src 'self' stripecheckout: bitcoin: https://*.stripecdn.com https://js.stripe.com; img-src * data:; font-src 'none'; media-src 'none'; object-src 'self' https://*.stripecdn.com;

Strict-Transport-Security

max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://www.demheads.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 13 Jun 2019 00:56:16 GMT
content-encoding: gzip
content-type: application/javascript; charset=utf-8
age: 0
x-cache: MISS
status: 200
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-length: 26231
x-amz-id-2: 2H/TFVDBtXFZr6e0J8rBlaJUpMAlVYs74VawKZsWLact3SdDIJspx+lyHwkUngOiLuY47aclITk=
x-served-by: cache-fra19169-FRA
last-modified: Fri, 07 Dec 2018 01:19:00 GMT
server: AmazonS3
x-timer: S1560387376.639264,VS0,VE950
etag: "de373c5486f614ead16ba596773b636d"
vary: Accept-Encoding
x-amz-request-id: E72D57DF8BF80A68
via: 1.1 varnish
cache-control: no-cache
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com wss://verificator.stripe.com wss://verificator-main.stripe.com https://*.stripecdn.com https://errors.stripe.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://js.stripe.com https://*.stripecdn.com https://stripecdn.com https://api.stripe.com https://maps.googleapis.com https://maps.gstatic.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.stripecdn.com; frame-src 'self' stripecheckout: bitcoin: https://*.stripecdn.com https://js.stripe.com; img-src * data:; font-src 'none'; media-src 'none'; object-src 'self' https://*.stripecdn.com;
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0

GET
H/1.1 200
OK widget_iframe.d753e00c3e838c1b2558149bd3f6ecb8.html
platform.twitter.com/widgets/ Frame 7138 0
0 7ms
6ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.d753e00c3e838c1b2558149bd3f6ecb8.html?origin=https%3A%2F%2Fwww.demheads.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/419C) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: https://www.demheads.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.demheads.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 13 Jun 2019 00:56:15 GMT
Etag: "7d3f6ed140174a20e7c8be261a70a863+gzip"
Last-Modified: Wed, 05 Jun 2019 16:49:09 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/419C)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5816

GET
H/1.1 200
OK button.509719336ca39171c37a321231ccaf83.js Show response
platform.twitter.com/js/ 7 KB
3 KB 25ms
6ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.509719336ca39171c37a321231ccaf83.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40E6) /
Resource Hash: 748fd5acb7dc8340d5f4d220fc0e181b1a0caa8d532f398e727acbefbb427c7f

Request headers

Referer: https://www.demheads.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 13 Jun 2019 00:56:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Jun 2019 16:49:01 GMT
Server: ECS (fcn/40E6)
Etag: "b1ab34c2b2497b898d66dafcd50118ea+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 2294

GET
H2 200 xd_arbiter.php
staticxx.facebook.com/connect/ Frame 0553 0
0 43ms
6ms Document
text/html 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter.php?version=44

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=8940f8050c2001708fb9431e4099ce18&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter.php?version=44
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://www.demheads.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.demheads.com/

Response headers

status: 200
content-type: text/html; charset=utf-8
expires: Wed, 10 Jun 2020 07:02:15 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: br
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: public,max-age=31536000,immutable
x-fb-debug: sLHI2UajxFnm3jRMbxIr45/UkpZWlXt5354sE+xkPpsKUohjDbhCzhBK4bPB6dNKjLbS433M7WWoi8bDoyRYQA==
content-length: 11190
date: Thu, 13 Jun 2019 00:56:16 GMT

GET
H/1.1 200
OK tweet_button.d753e00c3e838c1b2558149bd3f6ecb8.en.html
platform.twitter.com/widgets/ Frame 680F 0
0 8ms
7ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.d753e00c3e838c1b2558149bd3f6ecb8.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40E5) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: https://www.demheads.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.demheads.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-control-allow-origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 13 Jun 2019 00:56:16 GMT
Etag: "d504cffd1f6efab1430f415cd8b3a497+gzip"
Last-Modified: Wed, 05 Jun 2019 16:49:06 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40E5)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 12257

GET
H2 200 photo-1450297428000-5f0b50540da9_ztaz1y.jpg
user-images.strikinglycdn.com/res/hrscywv4p/image/upload/c_limit,fl_lossy,h_9000,w_1200,f_auto,q_auto/1/ 180 KB
180 KB 21ms
19ms Image
image/webp 2600:9000:200d:2400:7:859a:e9c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user-images.strikinglycdn.com/res/hrscywv4p/image/upload/c_limit,fl_lossy,h_9000,w_1200,f_auto,q_auto/1/photo-1450297428000-5f0b50540da9_ztaz1y.jpg
Requested by: Host: www.demheads.com
URL: https://www.demheads.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200d:2400:7:859a:e9c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: /
Resource Hash: 76d7156219359a12132472ac5d7df0881e1649a9f3c310486ee2e6e08fb96f03

Request headers

Referer: https://www.demheads.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 12 Jun 2019 10:10:48 GMT
via: 1.1 0c23bed0dc9f1c700b571cf55c540239.cloudfront.net (CloudFront), 1.1 761f19bc2f5721b0be0a41147e1e925f.cloudfront.net (CloudFront)
age: 53127
x-amz-apigw-id: bKViSGdPtjMFrjw=
x-amzn-requestid: 5974a50d-8cfa-11e9-8e6c-af9ad3e1270c
x-cache: Hit from cloudfront
content-type: image/webp
status: 200
x-amzn-trace-id: Root=1-5d00cfa8-cd2b02c622193ea0a2673f17;Sampled=0
x-amz-cf-pop: FRA53, FRA50
access-control-allow-origin: *
content-length: 184082
x-amz-cf-id: mNceWGLw7r--gySk3mxuah54B8kPB9slH6Vk_1W4_MJmKbC5b_GxRg==

OPTIONS
H2 200 strikingly_ecommerce_buyer_landing Show response
api.keen.io/3.0/projects/5317e03605cd66236a000002/events/ 0
363 B 166ms
165ms XHR
text/html 52.24.158.149
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.keen.io/3.0/projects/5317e03605cd66236a000002/events/strikingly_ecommerce_buyer_landing
Requested by: Host: d26b395fwzu5fz.cloudfront.net
URL: https://d26b395fwzu5fz.cloudfront.net/2.1.2/keen.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.24.158.149 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-24-158-149.us-west-2.compute.amazonaws.com
Software: TornadoServer/4.5.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://www.demheads.com
Referer: https://www.demheads.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: authorization,content-type

Response headers

pragma: no-cache
date: Thu, 13 Jun 2019 00:56:15 GMT
server: TornadoServer/4.5.1
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,POST,DELETE,PATCH,PUT
content-type: text/html; charset=UTF-8
status: 200
cache-control: private, no-cache, no-cache=Set-Cookie, max-age=0, s-maxage=0
access-control-allow-headers: origin, content-type, accept, authorization, user-agent, keen-compute-source, keen-sdk
content-length: 0
expires: Sat, 01 Jan 2000 01:01:01 GMT

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
170 B 124ms
123ms Image
image/gif 104.244.42.136
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.demheads.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1560387375878%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%227e980dd%3A1559715853415%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: www.demheads.com
URL: https://www.demheads.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://www.demheads.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 13 Jun 2019 00:56:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 65
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 117
pragma: no-cache
last-modified: Thu, 13 Jun 2019 00:56:15 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 16802c362dcfeb6a111918d9be03b918
x-transaction: 00adb1ef007e6d91
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v19/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81e::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: static-assets.strikinglycdn.com
URL: https://static-assets.strikinglycdn.com/jquery-f4e2137d267f77818d966e03df031337a38003039d43f15029422ddd171e14c4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,700|Roboto:300,700,300italic,700italic|Open+Sans:300italic,400italic,600italic,700italic,300,400,600,700|Playfair+Display:400,700,400italic,700italic|Vollkorn:400,400italic&subset=latin,latin-ext
Origin: https://www.demheads.com

Response headers

date: Tue, 04 Jun 2019 03:22:30 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:14:03 GMT
server: sffe
age: 768825
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11020
x-xss-protection: 0
expires: Wed, 03 Jun 2020 03:22:30 GMT

GET
H2 200 415313_382210.png
user-images.strikinglycdn.com/res/hrscywv4p/image/upload/c_limit,fl_lossy,h_1000,w_500,f_auto,q_auto/776677/ 17 KB
17 KB 1092ms
1092ms Image
image/webp 2600:9000:200d:2400:7:859a:e9c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user-images.strikinglycdn.com/res/hrscywv4p/image/upload/c_limit,fl_lossy,h_1000,w_500,f_auto,q_auto/776677/415313_382210.png
Requested by: Host: www.demheads.com
URL: https://www.demheads.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200d:2400:7:859a:e9c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: /
Resource Hash: a6f41ab0138213ed0430c8f3ae024353a1c26cf5c69b1e275e3de61bcc23373e

Request headers

Referer: https://www.demheads.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 13 Jun 2019 00:56:16 GMT
via: 1.1 ac27d939fa02703c4b28926f53f95083.cloudfront.net (CloudFront), 1.1 761f19bc2f5721b0be0a41147e1e925f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53, FRA50
x-amz-apigw-id: bMXPlEojtjMFiFg=
x-amzn-requestid: 0c6a2147-8d76-11e9-9fad-69a1aca81c58
x-cache: Miss from cloudfront
content-type: image/webp
status: 200
x-amzn-trace-id: Root=1-5d019f30-bebbaa64b20946fc8aaaad54;Sampled=0
access-control-allow-origin: *
content-length: 17180
x-amz-cf-id: pJWoXXAidx7QCZ0nQXqdTH5W7AnRBo84E8BqNqn5ED1wTO10x-BM_g==

POST
H2 201 strikingly_ecommerce_buyer_landing Show response
api.keen.io/3.0/projects/5317e03605cd66236a000002/events/ 17 B
337 B 171ms
171ms XHR
application/json 52.24.158.149
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.keen.io/3.0/projects/5317e03605cd66236a000002/events/strikingly_ecommerce_buyer_landing
Requested by: Host: www.demheads.com
URL: https://www.demheads.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.24.158.149 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-24-158-149.us-west-2.compute.amazonaws.com
Software: TornadoServer/4.5.1 /
Resource Hash: d13639a80e70c978b854121f8b05ab680dcade2ec0ecbbbc45e86d5f6a6e8285

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.demheads.com/
Origin: https://www.demheads.com
Authorization: efd460f8e282891930ff1957321c12b64a6db50694fd0b4a01d01f347920dfa3ce48e8ca249b5ea9917f98865696cfc39bc6814e4743c39af0a4720bb711627d9cf0fe63d5d52c3866c9c1c3178aaec6cbfc1a9ab62a3c9a827d2846a9be93ecf4ee3d61ebee8baaa6a1d735bff6e37b
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 13 Jun 2019 00:56:16 GMT
server: TornadoServer/4.5.1
status: 201
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: private, no-cache, no-cache=Set-Cookie, max-age=0, s-maxage=0
access-control-allow-headers: origin, content-type, accept, authorization, user-agent, keen-compute-source, keen-sdk
content-length: 17
expires: Sat, 01 Jan 2000 01:01:01 GMT

POST
H2 201 strikingly_pageviews Show response
api.keen.io/3.0/projects/5317e03605cd66236a000002/events/ 17 B
337 B 170ms
170ms XHR
application/json 52.24.158.149
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.keen.io/3.0/projects/5317e03605cd66236a000002/events/strikingly_pageviews
Requested by: Host: www.demheads.com
URL: https://www.demheads.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.24.158.149 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-24-158-149.us-west-2.compute.amazonaws.com
Software: TornadoServer/4.5.1 /
Resource Hash: d13639a80e70c978b854121f8b05ab680dcade2ec0ecbbbc45e86d5f6a6e8285

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.demheads.com/
Origin: https://www.demheads.com
Authorization: efd460f8e282891930ff1957321c12b64a6db50694fd0b4a01d01f347920dfa3ce48e8ca249b5ea9917f98865696cfc39bc6814e4743c39af0a4720bb711627d9cf0fe63d5d52c3866c9c1c3178aaec6cbfc1a9ab62a3c9a827d2846a9be93ecf4ee3d61ebee8baaa6a1d735bff6e37b
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 13 Jun 2019 00:56:16 GMT
server: TornadoServer/4.5.1
status: 201
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: private, no-cache, no-cache=Set-Cookie, max-age=0, s-maxage=0
access-control-allow-headers: origin, content-type, accept, authorization, user-agent, keen-compute-source, keen-sdk
content-length: 17
expires: Sat, 01 Jan 2000 01:01:01 GMT

GET
H2 200 ping
www.facebook.com/connect/ Frame EC84 0
0 48ms
47ms Document
text/html 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/connect/ping?client_id=138736959550286&domain=www.demheads.com&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df21c78f39182ae4%26domain%3Dwww.demheads.com%26origin%3Dhttps%253A%252F%252Fwww.demheads.com%252Ff3f22b2efebd9a8%26relation%3Dparent&response_type=token%2Csigned_request&sdk=joey

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=8940f8050c2001708fb9431e4099ce18&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /connect/ping?client_id=138736959550286&domain=www.demheads.com&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df21c78f39182ae4%26domain%3Dwww.demheads.com%26origin%3Dhttps%253A%252F%252Fwww.demheads.com%252Ff3f22b2efebd9a8%26relation%3Dparent&response_type=token%2Csigned_request&sdk=joey
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://www.demheads.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.demheads.com/

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: text/html; charset="utf-8"
x-fb-debug: dXDjui+BhFOUe5hpJmIw7adaj0N60QhdUKE/tZ6bC1D4dLc3CMxdQAdkvYcdlgd+kxObhUDLaVOPbdoZFDug9A==
date: Thu, 13 Jun 2019 00:56:17 GMT

GET
H2 200 like.php
www.facebook.com/v3.2/plugins/ Frame BDBB 0
0 67ms
66ms Document
text/html 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v3.2/plugins/like.php?app_id=138736959550286&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df1f1c74123bf5cc%26domain%3Dwww.demheads.com%26origin%3Dhttps%253A%252F%252Fwww.demheads.com%252Ff3f22b2efebd9a8%26relation%3Dparent.parent&container_width=0&font=arial&href=http%3A%2F%2Fwww.demheads.com%2F&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=8940f8050c2001708fb9431e4099ce18&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v3.2/plugins/like.php?app_id=138736959550286&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df1f1c74123bf5cc%26domain%3Dwww.demheads.com%26origin%3Dhttps%253A%252F%252Fwww.demheads.com%252Ff3f22b2efebd9a8%26relation%3Dparent.parent&container_width=0&font=arial&href=http%3A%2F%2Fwww.demheads.com%2F&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=100
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://www.demheads.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.demheads.com/

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-content-type-options: nosniff
facebook-api-version: v3.2
x-xss-protection: 0
content-type: text/html; charset="utf-8"
x-fb-debug: iKsGZRbX1SkNAWYivdflZ8M5GP04SCphKM1Ey6JSmlFvpZ7Jxapq94aQd87UMctZ53tw30hlZuKMcI45VheyXQ==
date: Thu, 13 Jun 2019 00:56:17 GMT

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.demheads.com/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: Wui2sQa8Si5Gba4FoTaPNms8xlM5WRCyYb358Kd6kXq3rSkzWR7SiIQhB%2BbazU%2BGsXwH2k%2F5UOOng%2Fi2HsbYbQ%3D%3D
www.demheads.com/	1970-01-22 17:06:46	Name: _bobcat_session Value: YUhZeGlBakZudFpsdmFjc3hqRUV6bGpNeGZZTXNHcWloeTFEaktmZ1E5RENYZi9IbVJKK2JTNDF2OXVSK3F5WDlIYldsb3BJc3hRYTFxT2hRR1plUzVFQVRjdE40VjIxRnozSHhvRFdKTkwrRFYzWk1tZmxuSFkySEhIdXQvZnNqRzhpRm5xNlBkOHBMTHlhNFRIQWlBPT0tLVNSV3g4Mm5BTTkxaWtzTXpsM1JPa2c9PQ%3D%3D--5740dbad27262458b879b40d05c5792d7f3fdca7
www.demheads.com/	1970-01-19 10:12:03	Name: __strk_visitor_id Value: visotor-f309dc8aa3fe4109bcd7d247e35e8000

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://static-assets.strikinglycdn.com/webpack/page-site-bundle.9429f96460941ea2acd3.js(Line 7722) Message: [bugsnag]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.keen.io
checkout.stripe.com
connect.facebook.net
d26b395fwzu5fz.cloudfront.net
demheads.com
fonts.googleapis.com
fonts.gstatic.com
platform.twitter.com
static-assets.strikinglycdn.com
staticxx.facebook.com
stats.g.doubleclick.net
syndication.twitter.com
user-images.strikinglycdn.com
www.demheads.com
www.facebook.com
www.google-analytics.com
104.244.42.136
13.35.254.66
151.101.0.176
18.196.84.222
2600:9000:200d:2400:7:859a:e9c0:93a1
2600:9000:200d:2a00:f:858:b480:93a1
2606:2800:234:46c:e8b:1e2f:2bd:694
2a00:1450:4001:808::200a
2a00:1450:4001:81e::2003
2a00:1450:4001:820::200e
2a00:1450:4001:825::200a
2a00:1450:400c:c08::9b
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
52.24.158.149
54.183.102.22
0870a4508bc178306a11ed2b23e17d129226ebc2de988534d82324ff915cf9a6
0b1fcd3233a1200c090eb44a046e9b5423d52454059adf7a26ac81bbaa878597
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0f4c1c6c133aeb84e3e1ac0b397576b10731f3d013cc20d7b350f86a994c4c6f
1599ec54327a5d343da84196e547f94e01c17bae903eec8785c7f6a9df1c150d
15d07aff786415ba8e1906e1a5342b99cb7db8030cd3e5bd2ec07006a80b6ac9
1e80de36726582824df3f9a7eb6ecdfe9827fc5a7c69f597b1502ebc13950ecd
20232685ef45a1b191b95c5ac37a687febf71af608f832307ef5c388a9ffceaa
2ace11ac644d0b40fb8b7cb65e9dd1e553022750e0254118dacbe1fe50735e97
341ddafcefcb4bca958bb22bcd4330a033191eb900f48e7fab8e01fdcc116e43
400337b9adcc07c02489eef60c98c5cc63ee2dd20db2e21d6643bdd1071151ac
5c6659c93ac45d4ee04a56b75e6f982915235a50c5926f1687a243366cc686f7
5f7ebb4ebf6b390120b134de9ceb027fbd620ec1ae662fa6224d60c7a9da98c9
748fd5acb7dc8340d5f4d220fc0e181b1a0caa8d532f398e727acbefbb427c7f
74b26b5673f67125d8cc9194ba1bc3f7aa96c866f5f4813ed572a54b593bc85a
75ba5383bef46c14ea6a55926e5fdee7ae0be1a5867c442d31b51e2316203360
76d7156219359a12132472ac5d7df0881e1649a9f3c310486ee2e6e08fb96f03
809cf370321cbdef8dc3cf50c2d185fb6f536875ef5f2f94035a3bb58637390c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8d7540d316e1b508b3da774396e0e6eaca45b8e266c80b1d58d120736ea2349c
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
8fe32e407a1038ee38753b70e5374b3a46d6ae9d5f16cd5b73c53abaca8f5ed0
9077b93e8e83965b30c94e8e38de037646c593f3adf3dca8fceb3575b7de89cd
907d0d0aae44d4ab5d07747e9da9ee465ddc83bb0374593a27403fd054115c8f
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
9279d13072a366e3fc1c1947d880ccc2db23bcbf43d7d4ae1496c5f00877e344
a3ce66fe784837a03739b77db2fdec8a933861ab0299dc6538256a2aa7a81070
a6f41ab0138213ed0430c8f3ae024353a1c26cf5c69b1e275e3de61bcc23373e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c385c24313ef0e9e4e7a1e131bf5e59f0fbd468f9f9ef44fd6739ae84ef0c0a4
cc83524555c84b2de25a31daad986fb2c4658f75cb2d0e05b627448041a4b907
d13639a80e70c978b854121f8b05ab680dcade2ec0ecbbbc45e86d5f6a6e8285
d2ef72376cd86800b93475d253a9eaf1497c0014436347db249c65e59c8d607b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e86dc20205eb267eb1803edb4281063d0db8db4dde3345771532819dae916332
e8e7a4170928b9dbd20fc08e61ac0af47dda897b53107582ce5cc958dcba5f0f
f4e2137d267f77818d966e03df031337a38003039d43f15029422ddd171e14c4
f85c1c197876ae061919cf36aec7db8ca76621d7c81e0b453b4d30ed20c57209
fb5562bf119021ef13c242c74f34cc0f8e1d3e248da218728d212f7b5fa1ce0b
fc6361eb4e39345aaa4fb4e1aaff5341a60f5322f4887dabf5fae33e8023c7e4

www.demheads.com Open in urlscan Pro 18.196.84.222 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

52 Requests

100 %HTTPS

65 %IPv6

12 Domains

17 Subdomains

17 IPs

4 Countries

2885 kBTransfer

7903 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.demheads.com Open in urlscan Pro
18.196.84.222 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

100 %
HTTPS

65 %
IPv6

12
Domains

17
Subdomains

17
IPs

4
Countries

2885 kB
Transfer

7903 kB
Size

3
Cookies

52 HTTP transactions
1 data transactions