urlscan.io logo urlscan.io
SecurityTrails logo

heads.fun Open in urlscan Pro
2a02:4780:dead:8280::1  Public Scan

Go To Rescan Add Verdict Report
URL: https://heads.fun/
Submission: On May 24 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 1 countries across 10 domains to perform 27 HTTP transactions. The main IP is 2a02:4780:dead:8280::1, located in United States and belongs to AWEX, CY. The main domain is heads.fun.
TLS certificate: Issued by RapidSSL Global TLS RSA4096 SHA256 20... on August 4th 2022. Valid for: a year.
This is the only time heads.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 2a02:4780:dea... 204915 (AWEX)
4 2600:141b:13:... 20940 (AKAMAI-ASN1)
8 2a02:6ea0:c40... 60068 (CDN77 ^_^)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 44.233.87.152 16509 (AMAZON-02)
1 54.200.52.185 16509 (AMAZON-02)
2 63.140.36.104 16509 (AMAZON-02)
1 1 3.221.177.199 14618 (AMAZON-AES)
27 10
6    2a02:4780:dead:8280::1 (United States)

ASN204915 (AWEX, CY)
heads.fun
4    2600:141b:13:798::1e80 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
8    2a02:6ea0:c400::12 (New York, United States)

ASN60068 (CDN77 ^_^, GB)
img.icons8.com
1    2606:4700::6811:a329 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.000webhost.com
1    2607:f8b0:4006:806::200a (Flushing, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2607:f8b0:4006:817::2008 (Flushing, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2607:f8b0:4006:817::2003 (Flushing, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    44.233.87.152 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-233-87-152.us-west-2.compute.amazonaws.com
dpm.demdex.net
1    54.200.52.185 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-200-52-185.us-west-2.compute.amazonaws.com
globantamerptrsd.demdex.net
2    63.140.36.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-36-104.data.adobedc.net
globantamericaspartnersandbox.sc.omtrdc.net
1    3.221.177.199 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-177-199.compute-1.amazonaws.com
cm.everesttech.net
Apex Domain
Subdomains		 Transfer
8 icons8.com
img.icons8.com — Cisco Umbrella Rank: 30222
27 KB
6 heads.fun
heads.fun
293 KB
4 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 448
63 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 200
globantamerptrsd.demdex.net
5 KB
2 omtrdc.net
globantamericaspartnersandbox.sc.omtrdc.net
622 B
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1022
517 B
1 gstatic.com
fonts.gstatic.com
31 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
40 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1003 B
1 000webhost.com
cdn.000webhost.com — Cisco Umbrella Rank: 105913
2 KB
27 10
Domain Requested by
8 img.icons8.com heads.fun
6 heads.fun heads.fun
4 assets.adobedtm.com heads.fun
assets.adobedtm.com
2 globantamericaspartnersandbox.sc.omtrdc.net assets.adobedtm.com
2 dpm.demdex.net assets.adobedtm.com
1 cm.everesttech.net 1 redirects
1 globantamerptrsd.demdex.net assets.adobedtm.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.googletagmanager.com heads.fun
1 fonts.googleapis.com heads.fun
1 cdn.000webhost.com heads.fun
27 11

This site contains links to these domains. Also see Links.

Domain
www.000webhost.com
Subject Issuer Validity Valid
*.000webhostapp.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-08-04 -
2023-07-10		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-19 -
2023-08-19		 a year crt.sh
1004834818.rsc.cdn77.org
R3		 2023-04-29 -
2023-07-28		 3 months crt.sh
*.000webhost.com
Sectigo RSA Domain Validation Secure Server CA		 2023-01-10 -
2024-02-10		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
*.sc.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-03-08		 a year crt.sh

This page contains 2 frames:

Primary Page: https://heads.fun/
Frame ID: BC1BCD7C92B36CEA72C05B2F669DA542
Requests: 26 HTTP requests in this frame

Frame: https://globantamerptrsd.demdex.net/dest5.html?d_nsid=0
Frame ID: 26695455C60A2C20FCADBDB3D71E7D5D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

My Website

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Page Statistics

27
Requests

74 %
HTTPS

64 %
IPv6

10
Domains

11
Subdomains

10
IPs

1
Countries

463 kB
Transfer

668 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://cm.everesttech.net/cm/dd?d_uuid=25561430135025360912915147002010583982 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZG3U0gAAAKa3IQOj

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
heads.fun/ 		19 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://heads.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:8280::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
7fe3174e3347b7f258cb77908ca67e4184a81a3e22131489ab4d20511f6edd74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 24 May 2023 09:11:45 GMT
server
awex
x-content-type-options
nosniff
x-request-id
db4e7ccb2ec5d0efdbf55e41fde87184
x-xss-protection
1; mode=block
style.css
heads.fun/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heads.fun/style.css
Requested by
Host: heads.fun
URL: https://heads.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:8280::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
1f0af1b6c67dfe356b1cb7275f47741afc65dafc61056fed246aba2c088e310c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heads.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 09:11:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 08 Sep 2022 23:28:35 GMT
server
awex
content-type
text/css
x-xss-protection
1; mode=block
x-request-id
0dfef37d045a9599019974afef9d9740
launch-ee7bbada1c06-development.min.js
assets.adobedtm.com/f4d96b14bdfd/b9044b95b075/ 		124 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/f4d96b14bdfd/b9044b95b075/launch-ee7bbada1c06-development.min.js
Requested by
Host: heads.fun
URL: https://heads.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:798::1e80 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
243c5c9822bf459f11634ca543366f2300bc39c198deb336ed6461734e7264e0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heads.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 09:11:45 GMT
content-encoding
gzip
last-modified
Mon, 03 Oct 2022 02:01:12 GMT
server
AkamaiNetStorage
etag
"48fd6db8aef9f8e822f59fef9ef65b4b:1664762472.208988"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://heads.fun
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
timing-allow-origin
*
content-length
40630
expires
Wed, 24 May 2023 09:11:45 GMT
services.png
img.icons8.com/bubbles/100/000000/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.icons8.com/bubbles/100/000000/services.png
Requested by
Host: heads.fun
URL: https://heads.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
0c0b5ba1fea01d4a9bb30501b2e25810c1ab68f757ee23efb0a740f2e0316aff
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heads.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
newyorkUSNY
date
Wed, 24 May 2023 09:11:45 GMT
strict-transport-security
max-age=15724800; includeSubDomains
version
0.0.29
icon-format
png
x-cache
HIT
x-77-cache
HIT
x-age
113243
x-accel-date
1684806262
content-length
4532
x-77-nzt
AVm7sQ90JH7/W7oBAA
x-accel-expires
@1685108662
not-found-platform
false
icon-size
100
last-modified
Fri, 28 Apr 2023 10:06:09
from-mongo-cache
true
server
CDN77-Turbo
x-77-nzt-ray
49be1408e38701f3d1d46d64603ea822
vary
Origin
from-redis-cache
false
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=302400
accept-ranges
bytes
icon-id
110192
img-1.png
heads.fun/img/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heads.fun/img/img-1.png
Requested by
Host: heads.fun
URL: https://heads.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:8280::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
dde29ad66f69d99c20356036fc45ab103234b08f8648bab745f4504640bf3ecc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heads.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 09:11:45 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Sep 2022 23:28:36 GMT
server
awex
content-type
image/png
accept-ranges
bytes
content-length
85093
x-xss-protection
1; mode=block
x-request-id
30e4749edd63bf6218fa55a021fc5b17
img-2.png
heads.fun/img/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heads.fun/img/img-2.png
Requested by
Host: heads.fun
URL: https://heads.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:8280::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
a1fe1b8bfbf76c59a6dcb8832dd3349762e3be1af8bc545fedf973bfbf20a47b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heads.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 09:11:45 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Sep 2022 23:28:36 GMT
server
awex
content-type
image/png
accept-ranges
bytes
content-length
38159
x-xss-protection
1; mode=block
x-request-id
72283f676123549951eb42dc056faabe
phone.png
img.icons8.com/bubbles/100/000000/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.icons8.com/bubbles/100/000000/phone.png
Requested by
Host: heads.fun
URL: https://heads.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
6d813e498c63e3d56416eeeccf6f6fc758ac54a2cdddb13e6e7206066baa7ddb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heads.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
newyorkUSNY
date
Wed, 24 May 2023 09:11:45 GMT
strict-transport-security
max-age=15724800; includeSubDomains
version
0.0.29
icon-format
png
x-cache
HIT
x-77-cache
HIT
x-age
277641
x-accel-date
1684641864
content-length
3279
x-77-nzt
AVm7sQ+c7k//iTwEAA
x-accel-expires
@1684944264
not-found-platform
false
icon-size
100
last-modified
Thu, 09 Mar 2023 10:27:22
from-mongo-cache
false
server
CDN77-Turbo
x-77-nzt-ray
49be1408e38701f3d1d46d6414a1b822
vary
Origin
from-redis-cache
false
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=302400
accept-ranges
bytes
icon-id
108644
new-post.png
img.icons8.com/bubbles/100/000000/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.icons8.com/bubbles/100/000000/new-post.png
Requested by
Host: heads.fun
URL: https://heads.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
61745aa47397a19d93802a94c00ffb3a8f2ef62ea7468be5379c3ab2e695f349
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heads.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
newyorkUSNY
date
Wed, 24 May 2023 09:11:45 GMT
strict-transport-security
max-age=15724800; includeSubDomains
version
0.0.29
icon-format
png
x-cache
HIT
x-77-cache
HIT
x-age
129234
x-accel-date
1684790271
content-length
2968
x-77-nzt
AVm7sQ/NVir/0vgBAA
x-accel-expires
@1685092671
not-found-platform
false
icon-size
100
last-modified
Tue, 09 May 2023 15:18:06
from-mongo-cache
true
server
CDN77-Turbo
x-77-nzt-ray
49be1408e38701f3d1d46d64eed8be22
vary
Origin
from-redis-cache
false
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=302400
accept-ranges
bytes
icon-id
108813
map-marker.png
img.icons8.com/bubbles/100/000000/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.icons8.com/bubbles/100/000000/map-marker.png
Requested by
Host: heads.fun
URL: https://heads.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
5035c91176f31b96ed25341ee7f45a24203c96c8e430a3616ccf3e06312a4d41
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heads.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
newyorkUSNY
date
Wed, 24 May 2023 09:11:45 GMT
strict-transport-security
max-age=15724800; includeSubDomains
version
0.0.29
icon-format
png
x-cache
HIT
x-77-cache
HIT
x-age
43494
x-accel-date
1684876011
content-length
3436
x-77-nzt
AVm7sQ+TSdz/5qkAAA
x-accel-expires
@1685178411
not-found-platform
false
icon-size
100
last-modified
Thu, 11 May 2023 06:25:31
from-mongo-cache
true
server
CDN77-Turbo
x-77-nzt-ray
49be1408e38701f3d1d46d64205fc822
vary
Origin
from-redis-cache
false
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=302400
accept-ranges
bytes
icon-id
114417
facebook-new.png
img.icons8.com/bubbles/100/000000/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.icons8.com/bubbles/100/000000/facebook-new.png
Requested by
Host: heads.fun
URL: https://heads.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
87eeead1c5d38ef4dd1c79401bc616e38e3726249c18e4d3275abf59def7d834
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heads.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
newyorkUSNY
date
Wed, 24 May 2023 09:11:45 GMT
strict-transport-security
max-age=15724800; includeSubDomains
version
0.0.29
icon-format
png
x-cache
HIT
x-77-cache
HIT
x-age
296780
x-accel-date
1684622725
content-length
3964
x-77-nzt
AVm7sQ98eK7/TIcEAA
x-accel-expires
@1684925125
not-found-platform
false
icon-size
100
last-modified
Fri, 19 May 2023 06:10:20
from-mongo-cache
true
server
CDN77-Turbo
x-77-nzt-ray
49be1408e38701f3d1d46d645ab9d022
vary
Origin
from-redis-cache
false
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=302400
accept-ranges
bytes
icon-id
118555
instagram-new.png
img.icons8.com/bubbles/100/000000/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.icons8.com/bubbles/100/000000/instagram-new.png
Requested by
Host: heads.fun
URL: https://heads.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
a853a334808689ff73ec656d84a28024dc9b90d826991f0d71794ff589d022ad
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heads.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
newyorkUSNY
date
Wed, 24 May 2023 09:11:45 GMT
strict-transport-security
max-age=15724800; includeSubDomains
version
0.0.29
icon-format
png
x-cache
HIT
x-77-cache
HIT
x-age
61804
x-accel-date
1684857701
content-length
2986
x-77-nzt
AVm7sQ9q/Sb/bPEAAA
x-accel-expires
@1685160101
not-found-platform
false
icon-size
100
last-modified
Tue, 23 May 2023 15:48:31
from-mongo-cache
true
server
CDN77-Turbo
x-77-nzt-ray
49be1408e38701f3d1d46d64b984d622
vary
Origin
from-redis-cache
false
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=302400
accept-ranges
bytes
icon-id
108646
twitter.png
img.icons8.com/bubbles/100/000000/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.icons8.com/bubbles/100/000000/twitter.png
Requested by
Host: heads.fun
URL: https://heads.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heads.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
behance.png
img.icons8.com/bubbles/100/000000/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.icons8.com/bubbles/100/000000/behance.png
Requested by
Host: heads.fun
URL: https://heads.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
e53f981bfc8e993d79f1f1c8eb85a5d900bc7ab4757a26624e596d255f6fa07a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heads.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
newyorkUSNY
date
Wed, 24 May 2023 09:11:45 GMT
strict-transport-security
max-age=15724800; includeSubDomains
version
0.0.29
icon-format
png
x-cache
HIT
x-77-cache
HIT
x-age
108323
x-accel-date
1684811182
content-length
3129
x-77-nzt
AVm7sQ/VKOjvI6cBAA
x-accel-expires
@1685113582
not-found-platform
false
icon-size
100
last-modified
Wed, 26 Apr 2023 05:22:29
from-mongo-cache
true
server
CDN77-Turbo
x-77-nzt-ray
49be1408e38701f3d1d46d649ce86723
vary
Origin
from-redis-cache
false
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=302400
accept-ranges
bytes
icon-id
Y6JKFKydve3L
app.js
heads.fun/ 		842 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heads.fun/app.js
Requested by
Host: heads.fun
URL: https://heads.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:8280::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
1555d8faef7d93c36cbde8f5a7bd68f2b27ccbe2e68e669821f6f23a7a1d508c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heads.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 09:11:45 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Sep 2022 23:28:58 GMT
server
awex
content-type
application/javascript
accept-ranges
bytes
content-length
842
x-xss-protection
1; mode=block
x-request-id
6b29ccfeaf631737973643205e5f7b37
footer-powered-by-000webhost-white2.png
cdn.000webhost.com/000webhost/logo/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.000webhost.com/000webhost/logo/footer-powered-by-000webhost-white2.png
Requested by
Host: heads.fun
URL: https://heads.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a329 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86f2673ec74a632865109a76b2232f4f5b3587daa219e07a17ef1d9c76a0fda5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heads.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 09:11:45 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
5299
cf-polished
origFmt=png, origSize=2046
content-disposition
inline; filename="footer-powered-by-000webhost-white2.webp"
x-hostinger-datacenter
nme
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1696
x-xss-protection
1; mode=block
cf-bgj
imgq:100,h2pri
last-modified
Mon, 15 May 2023 14:51:49 GMT
server
cloudflare
etag
"64624705-7fe"
vary
Accept
x-frame-options
sameorigin
content-type
image/webp
cache-control
public, max-age=14400
x-hostinger-node
sg-nme-cdn1
accept-ranges
bytes
cf-ray
7cc469bd8fda220f-MIA
expires
Wed, 24 May 2023 13:11:45 GMT
css
fonts.googleapis.com/ 		4 KB
1003 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:300,%20400,%20700&display=swap
Requested by
Host: heads.fun
URL: https://heads.fun/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::200a Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c0fa851eee30d168684f1e82829768fddd85b22b46182aa2c2696234aff25896
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heads.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 24 May 2023 09:11:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 24 May 2023 08:47:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 24 May 2023 09:11:45 GMT
gtm.js
www.googletagmanager.com/ 		102 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5FC9K5N
Requested by
Host: heads.fun
URL: https://heads.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
35c8306b99232198057e80c80e50034d341152ea6740421a2d2fbe2804b91abe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heads.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 09:11:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
40643
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 24 May 2023 09:11:45 GMT
hero-bg.png
heads.fun/img/ 		161 KB
161 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heads.fun/img/hero-bg.png
Requested by
Host: heads.fun
URL: https://heads.fun/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:8280::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
fa0a390934ea76e8b9696a73ffbde92084ec5cbea34b883d109ee1b4ad840b89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heads.fun/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 09:11:45 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Sep 2022 23:28:36 GMT
server
awex
content-type
image/png
accept-ranges
bytes
content-length
164662
x-xss-protection
1; mode=block
x-request-id
3b34e94a2bc404cd4841ae5139906d92
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,%20400,%20700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://heads.fun
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 06:24:00 GMT
x-content-type-options
nosniff
age
528465
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 May 2024 06:24:00 GMT
id
dpm.demdex.net/ 		375 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=79DD79CA584E7AAE0A495EEA%40AdobeOrg&d_nsid=0&ts=1684919505633
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/f4d96b14bdfd/b9044b95b075/launch-ee7bbada1c06-development.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.233.87.152 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-233-87-152.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ed8b2a8749230697bec9d8f48c3f87a25803e23fae8e0b2902f46e559b1e2ff1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://heads.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-usw2-1-v044-04a9e2893.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
xFHbRh/PTR4=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://heads.fun
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
317
Expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/f4d96b14bdfd/b9044b95b075/launch-ee7bbada1c06-development.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:798::1e80 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heads.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 09:11:45 GMT
content-encoding
gzip
last-modified
Thu, 22 Sep 2022 16:16:49 GMT
server
AkamaiNetStorage
etag
"dfdd9e1f988805f0c2fbb10cd6b8f034:1663863409.614694"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://heads.fun
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12384
expires
Wed, 24 May 2023 10:11:45 GMT
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/f4d96b14bdfd/b9044b95b075/launch-ee7bbada1c06-development.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:798::1e80 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heads.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 09:11:45 GMT
content-encoding
gzip
last-modified
Thu, 22 Sep 2022 16:16:49 GMT
server
AkamaiNetStorage
etag
"b89fcb8870ac40eecb6d3cc844d35389:1663863409.92483"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://heads.fun
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
1598
expires
Wed, 24 May 2023 10:11:45 GMT
AppMeasurement_Module_AudienceManagement.min.js
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_AudienceManagement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/f4d96b14bdfd/b9044b95b075/launch-ee7bbada1c06-development.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:798::1e80 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
b01bd01687b15585b2740273c8c3c6674dd9f559cfe52eeffdf43b1f93a12d05

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heads.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 09:11:45 GMT
content-encoding
gzip
last-modified
Thu, 22 Sep 2022 16:16:50 GMT
server
AkamaiNetStorage
etag
"d220d501715e0484d0dddeac614f902c:1663863410.217006"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://heads.fun
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
8755
expires
Wed, 24 May 2023 10:11:45 GMT
dest5.html
globantamerptrsd.demdex.net/ Frame 2669 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://globantamerptrsd.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/f4d96b14bdfd/b9044b95b075/launch-ee7bbada1c06-development.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.200.52.185 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-200-52-185.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://heads.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-usw2-1-v044-06499cf25.edge-usw2.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
pf85gG5IRyc=
content-encoding
gzip
date
Wed, 24 May 2023 09:11:46 GMT
last-modified
Wed, 10 May 2023 10:46:20 GMT
vary
accept-encoding
s11578346562162
globantamericaspartnersandbox.sc.omtrdc.net/b/ss/ageo1xxpnwwebtest/10/JS-2.23.0-LCXS/ 		117 B
429 B 		Script
General
Check archive.org
Download Go to
Full URL
https://globantamericaspartnersandbox.sc.omtrdc.net/b/ss/ageo1xxpnwwebtest/10/JS-2.23.0-LCXS/s11578346562162?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=24%2F4%2F2023%209%3A11%3A46%203%200&d.&nsid=0&jsonv=1&.d&mid=25794766273854763172936826433130163944&aamlh=9&ce=UTF-8&pageName=%25Page%20Name%25&g=https%3A%2F%2Fheads.fun%2F&cc=USD&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=79DD79CA584E7AAE0A495EEA%40AdobeOrg&AQE=1
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.36.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-36-104.data.adobedc.net
Software
jag /
Resource Hash
97a8b42e96f384e67d208e528c0bff1c437a6201b901da194b76b554bd27b07b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heads.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 09:11:46 GMT
x-content-type-options
nosniff
last-modified
Thu, 25 May 2023 09:11:46 GMT
server
jag
etag
3618337087487442944-4619591537839523421
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
content-type
application/x-javascript;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
117
x-xss-protection
1; mode=block
expires
Tue, 23 May 2023 09:11:46 GMT
ibs:dpid=411&dpuuid=ZG3U0gAAAKa3IQOj
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=25561430135025360912915147002010583982
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZG3U0gAAAKa3IQOj
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZG3U0gAAAKa3IQOj
Protocol
HTTP/1.1
Server
44.233.87.152 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-233-87-152.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heads.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v044-020e3e31c.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
4ONzskoIQog=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZG3U0gAAAKa3IQOj
Date
Wed, 24 May 2023 09:11:46 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
s18498102249261
globantamericaspartnersandbox.sc.omtrdc.net/b/ss/ageo1xxpnwwebtest/10/JS-2.23.0-LCXS/ 		117 B
193 B 		Script
General
Check archive.org
Download Go to
Full URL
https://globantamericaspartnersandbox.sc.omtrdc.net/b/ss/ageo1xxpnwwebtest/10/JS-2.23.0-LCXS/s18498102249261?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=24%2F4%2F2023%209%3A11%3A46%203%200&d.&nsid=0&jsonv=1&.d&mid=25794766273854763172936826433130163944&aamlh=9&ce=UTF-8&pageName=%25Page%20Name%25&g=https%3A%2F%2Fheads.fun%2F&cc=USD&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=79DD79CA584E7AAE0A495EEA%40AdobeOrg&AQE=1
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.36.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-36-104.data.adobedc.net
Software
jag /
Resource Hash
97a8b42e96f384e67d208e528c0bff1c437a6201b901da194b76b554bd27b07b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heads.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 09:11:46 GMT
x-content-type-options
nosniff
last-modified
Thu, 25 May 2023 09:11:46 GMT
server
jag
etag
3618337087590694912-4619656385067913062
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
content-type
application/x-javascript;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
117
x-xss-protection
1; mode=block
expires
Tue, 23 May 2023 09:11:46 GMT

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| aepData object| dataLayer function| getCookie undefined| wordpressAdminBody object| notification object| hostingerLogo undefined| mainContent undefined| googleFont undefined| css undefined| style undefined| sheet undefined| button undefined| link undefined| mainContentHolder undefined| h1Tag undefined| h2Tag undefined| paragraph undefined| list undefined| org_html undefined| new_html undefined| saleImage object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| google_tag_manager object| google_tag_data function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_AudienceManagement function| DIL function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s object| s_i_ageo1xxpnwwebtest

6 Cookies

Domain/Path Name / Value
.demdex.net/ Name: demdex
Value: 25561430135025360912915147002010583982
.heads.fun/ Name: AMCVS_79DD79CA584E7AAE0A495EEA%40AdobeOrg
Value: 1
.heads.fun/ Name: s_cc
Value: true
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZG3U0gAAAKa3IQOj
.dpm.demdex.net/ Name: dpm
Value: 25561430135025360912915147002010583982
.heads.fun/ Name: AMCV_79DD79CA584E7AAE0A495EEA%40AdobeOrg
Value: 1176715910%7CMCIDTS%7C19502%7CMCMID%7C25794766273854763172936826433130163944%7CMCAAMLH-1685524306%7C9%7CMCAAMB-1685524306%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1684926706s%7CNONE%7CMCSYNCSOP%7C411-19509%7CvVersion%7C5.4.0

1 Console Messages

Source Level URL
Text
network error URL: https://img.icons8.com/bubbles/100/000000/twitter.png
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
cdn.000webhost.com
cm.everesttech.net
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
globantamericaspartnersandbox.sc.omtrdc.net
globantamerptrsd.demdex.net
heads.fun
img.icons8.com
www.googletagmanager.com
2600:141b:13:798::1e80
2606:4700::6811:a329
2607:f8b0:4006:806::200a
2607:f8b0:4006:817::2003
2607:f8b0:4006:817::2008
2a02:4780:dead:8280::1
2a02:6ea0:c400::12
3.221.177.199
44.233.87.152
54.200.52.185
63.140.36.104
0c0b5ba1fea01d4a9bb30501b2e25810c1ab68f757ee23efb0a740f2e0316aff
1555d8faef7d93c36cbde8f5a7bd68f2b27ccbe2e68e669821f6f23a7a1d508c
1f0af1b6c67dfe356b1cb7275f47741afc65dafc61056fed246aba2c088e310c
243c5c9822bf459f11634ca543366f2300bc39c198deb336ed6461734e7264e0
35c8306b99232198057e80c80e50034d341152ea6740421a2d2fbe2804b91abe
5035c91176f31b96ed25341ee7f45a24203c96c8e430a3616ccf3e06312a4d41
61745aa47397a19d93802a94c00ffb3a8f2ef62ea7468be5379c3ab2e695f349
6d813e498c63e3d56416eeeccf6f6fc758ac54a2cdddb13e6e7206066baa7ddb
78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7fe3174e3347b7f258cb77908ca67e4184a81a3e22131489ab4d20511f6edd74
86f2673ec74a632865109a76b2232f4f5b3587daa219e07a17ef1d9c76a0fda5
87eeead1c5d38ef4dd1c79401bc616e38e3726249c18e4d3275abf59def7d834
97a8b42e96f384e67d208e528c0bff1c437a6201b901da194b76b554bd27b07b
a1fe1b8bfbf76c59a6dcb8832dd3349762e3be1af8bc545fedf973bfbf20a47b
a853a334808689ff73ec656d84a28024dc9b90d826991f0d71794ff589d022ad
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b01bd01687b15585b2740273c8c3c6674dd9f559cfe52eeffdf43b1f93a12d05
c0fa851eee30d168684f1e82829768fddd85b22b46182aa2c2696234aff25896
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf
dde29ad66f69d99c20356036fc45ab103234b08f8648bab745f4504640bf3ecc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e53f981bfc8e993d79f1f1c8eb85a5d900bc7ab4757a26624e596d255f6fa07a
ed8b2a8749230697bec9d8f48c3f87a25803e23fae8e0b2902f46e559b1e2ff1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa0a390934ea76e8b9696a73ffbde92084ec5cbea34b883d109ee1b4ad840b89