willsims.xyz Open in urlscan Pro
185.199.108.153 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://willsims.xyz/
Effective URL:
https://willsims.xyz/
Submission: On November 22 via api (November 22nd 2023, 8:43:55 pm UTC) from US — Scanned from DE

Summary HTTP 15 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 15 HTTP transactions. The main IP is 185.199.108.153, located in United States and belongs to FASTLY, US. The main domain is willsims.xyz.
TLS certificate: Issued by R3 on October 28th 2023. Valid for: 3 months.

This is the only time willsims.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	185.199.111.153 185.199.111.153	54113 (FASTLY) (FASTLY)
4	185.199.108.153 185.199.108.153	54113 (FASTLY) (FASTLY)
1 8	2606:4700::68... 2606:4700::6813:9d17	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
15	5

1 185.199.111.153 (United States) 1 redirects

ASN54113 (FASTLY, US)
PTR: cdn-185-199-111-153.github.com

willsims.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.199.108.153 (United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-108-153.github.com

willsims.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6813:9d17 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

embeds.beehiiv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	beehiiv.com 1 redirects embeds.beehiiv.com — Cisco Umbrella Rank: 58019	131 KB
5	willsims.xyz 1 redirects willsims.xyz	844 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	2 KB
1	gstatic.com fonts.gstatic.com	19 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	46 KB
15	5

	Domain	Requested by
8	embeds.beehiiv.com	1 redirects willsims.xyz embeds.beehiiv.com
5	willsims.xyz	1 redirects willsims.xyz
2	fonts.googleapis.com	embeds.beehiiv.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.googletagmanager.com	embeds.beehiiv.com
15	5

This site contains links to these domains. Also see Links.

Domain
www.twitter.com
www.linkedin.com

Subject Issuer	Validity	Valid
willsims.xyz R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-24` - `2023-12-24`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://willsims.xyz/
Frame ID: 095063B96277DCA1906AE1401BA26D92
Requests: 4 HTTP requests in this frame

Frame: https://embeds.beehiiv.com/282140fe-3e01-469c-b0dd-233d04655614?slim=true
Frame ID: 912BF0684F4C32C9D17697B944AAD9C6
Requests: 9 HTTP requests in this frame

Frame: https://embeds.beehiiv.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Frame ID: 911CCD4ACF7CEA7322C1C9E31DCE012D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Will Sims | Exploring the future of entertainment.

Page URL History Show full URLs

http://willsims.xyz/ HTTP 301
https://willsims.xyz/ Page URL

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

15
Requests

93 %
HTTPS

67 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

1041 kB
Transfer

1395 kB
Size

2
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.twitter.com/thewillsims
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/thewillsims/
Title: LinkedIn

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://willsims.xyz/ HTTP 301
https://willsims.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://embeds.beehiiv.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://embeds.beehiiv.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
willsims.xyz/
Redirect Chain

http://willsims.xyz/
https://willsims.xyz/

5 KB
2 KB

136ms
110ms

Document
text/html

185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://willsims.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-108-153.github.com
Software: GitHub.com /
Resource Hash: b3b005dd11618f2faa5a7c4eb355f8c86f042a4b53005405a3198083cfd14879

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 0
cache-control: max-age=600
content-encoding: gzip
content-length: 1515
content-type: text/html; charset=utf-8
date: Wed, 22 Nov 2023 20:43:51 GMT
etag: W/"64fb1c15-1326"
expires: Wed, 22 Nov 2023 20:53:51 GMT
last-modified: Fri, 08 Sep 2023 13:05:25 GMT
server: GitHub.com
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-fastly-request-id: 452d99c3d51e29885002f584bdc26bbd23395978
x-github-request-id: D2A8:5D78:3B15749:3BF3BA6:655E6807
x-proxy-cache: MISS
x-served-by: cache-fra-etou8220031-FRA
x-timer: S1700685831.495173,VS0,VE103

Redirect headers

Accept-Ranges: bytes
Age: 0
Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Wed, 22 Nov 2023 20:43:51 GMT
Location: https://willsims.xyz/
Server: GitHub.com
Vary: Accept-Encoding
Via: 1.1 varnish
X-Cache: MISS
X-Cache-Hits: 0
X-Fastly-Request-ID: 8d966f22e15b3589776507b4c90f6e428e3ceb98
X-GitHub-Request-Id: 5464:52CE:3D69AB1:3E4ED96:655E6807
X-Served-By: cache-fra-etou8220058-FRA
X-Timer: S1700685831.365516,VS0,VE95

GET
H2 200 Headshot.jpg
willsims.xyz/assets/ 839 KB
840 KB 130ms
129ms Image
image/jpeg 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://willsims.xyz/assets/Headshot.jpg
Requested by: Host: willsims.xyz
URL: https://willsims.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-108-153.github.com
Software: GitHub.com /
Resource Hash: f2c3308d748fa749f1a340abe0f7bb58c33ebc2bc36fa0616d8097d4bb4f719c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://willsims.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-fastly-request-id: 185bc5a2b373c8ef1fb2d536f6a5f3369e15b127
date: Wed, 22 Nov 2023 20:43:51 GMT
via: 1.1 varnish
expires: Wed, 22 Nov 2023 20:53:51 GMT
age: 0
x-cache: MISS
x-proxy-cache: MISS
content-length: 859470
x-served-by: cache-fra-etou8220031-FRA
last-modified: Fri, 08 Sep 2023 13:05:25 GMT
server: GitHub.com
x-github-request-id: EBD2:5D78:3B1577A:3BF3BCA:655E6807
x-timer: S1700685832.614019,VS0,VE120
etag: "64fb1c15-d1d4e"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 twitter.webp
willsims.xyz/assets/ 1008 B
1 KB 144ms
143ms Image
image/webp 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://willsims.xyz/assets/twitter.webp
Requested by: Host: willsims.xyz
URL: https://willsims.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-108-153.github.com
Software: GitHub.com /
Resource Hash: 92cebd78c69212be370ddd216a3131d87f4be16fbfa5eeeba03a01da3640eec1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://willsims.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-fastly-request-id: 6757471009de28641d868d4bf2c8e9a9719b078d
date: Wed, 22 Nov 2023 20:43:51 GMT
via: 1.1 varnish
expires: Wed, 22 Nov 2023 20:53:51 GMT
age: 0
x-cache: MISS
x-proxy-cache: MISS
content-length: 1008
x-served-by: cache-fra-etou8220031-FRA
last-modified: Fri, 08 Sep 2023 13:05:25 GMT
server: GitHub.com
x-github-request-id: 98CA:119DA:3A70920:3B5504F:655E6807
x-timer: S1700685832.614019,VS0,VE122
etag: "64fb1c15-3f0"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 linkedin.webp
willsims.xyz/assets/ 636 B
784 B 115ms
114ms Image
image/webp 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://willsims.xyz/assets/linkedin.webp
Requested by: Host: willsims.xyz
URL: https://willsims.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-108-153.github.com
Software: GitHub.com /
Resource Hash: 2d6bb8508f363dce4f4d910a799b003457f15575bdb9de29ed12b8944291ab58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://willsims.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-fastly-request-id: 85cddc51b7f1ba23ca39786a07e32861d1a64612
date: Wed, 22 Nov 2023 20:43:51 GMT
via: 1.1 varnish
expires: Wed, 22 Nov 2023 20:53:51 GMT
age: 0
x-cache: MISS
x-proxy-cache: MISS
content-length: 636
x-served-by: cache-fra-etou8220031-FRA
last-modified: Fri, 08 Sep 2023 13:05:25 GMT
server: GitHub.com
x-github-request-id: 11DA:52CE:3D69AEB:3E4EDD3:655E6807
x-timer: S1700685832.613985,VS0,VE105
etag: "64fb1c15-27c"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 282140fe-3e01-469c-b0dd-233d04655614 Show response
embeds.beehiiv.com/ Frame 912B 4 KB
3 KB 218ms
146ms Document
text/html 2606:4700::6813:9d17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://embeds.beehiiv.com/282140fe-3e01-469c-b0dd-233d04655614?slim=true
Requested by: Host: willsims.xyz
URL: https://willsims.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9d17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0012182182e791f175a292d492fc57596e040532ef6e615faa943b34abcbcd5b

Request headers

Referer: https://willsims.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 82a401d00aa8bbd4-FRA
content-encoding: gzip
content-type: text/html
date: Wed, 22 Nov 2023 20:43:51 GMT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1700685831&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=Se8U0MnrsEeX1o9I4hrWU6GT147VZcb9qcweDzkCoUE%3D"}]}
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1700685831&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=Se8U0MnrsEeX1o9I4hrWU6GT147VZcb9qcweDzkCoUE%3D
server: cloudflare
vary: Origin
via: 1.1 vegur

GET
H2 200 css2
fonts.googleapis.com/ Frame 912B 3 KB
1 KB 37ms
15ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans&display=swap

Requested by

Host: embeds.beehiiv.com
URL: https://embeds.beehiiv.com/282140fe-3e01-469c-b0dd-233d04655614?slim=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fa1af1cbf201b91b7b02cc4531ded17078f035ca5daec87e9767ca7edb4b3328

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://embeds.beehiiv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 22 Nov 2023 20:43:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 22 Nov 2023 20:05:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Nov 2023 20:43:51 GMT

GET
H2 200 variables.js Show response
embeds.beehiiv.com/ Frame 912B 185 B
274 B 145ms
144ms Script
application/javascript 2606:4700::6813:9d17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://embeds.beehiiv.com/variables.js
Requested by: Host: embeds.beehiiv.com
URL: https://embeds.beehiiv.com/282140fe-3e01-469c-b0dd-233d04655614?slim=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9d17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3569c1d8e8848de9277360cf3625af126582e2df365f7cb06d431d0f0d7b6b19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://embeds.beehiiv.com/282140fe-3e01-469c-b0dd-233d04655614?slim=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 20:43:51 GMT
via: 1.1 vegur
content-encoding: gzip
cf-cache-status: MISS
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
last-modified: Wed, 22 Nov 2023 20:43:51 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1700685831&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=Se8U0MnrsEeX1o9I4hrWU6GT147VZcb9qcweDzkCoUE%3D"}]}
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
cf-ray: 82a401d10beebbd4-FRA
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1700685831&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=Se8U0MnrsEeX1o9I4hrWU6GT147VZcb9qcweDzkCoUE%3D

GET
H2 200 2.94f81a45.chunk.js Show response
embeds.beehiiv.com/static/js/ Frame 912B 382 KB
120 KB 41ms
41ms Script
application/javascript 2606:4700::6813:9d17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://embeds.beehiiv.com/static/js/2.94f81a45.chunk.js
Requested by: Host: embeds.beehiiv.com
URL: https://embeds.beehiiv.com/282140fe-3e01-469c-b0dd-233d04655614?slim=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9d17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fae885a5fe5ba0f691b69c7e8b88f69c981fed8e77bb1e9b3692351853bb2b34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://embeds.beehiiv.com/282140fe-3e01-469c-b0dd-233d04655614?slim=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 20:43:51 GMT
via: 1.1 vegur
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 15 Mar 2023 21:53:57 GMT
server: cloudflare
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 6180
cf-polished: origSize=391409
vary: Origin, Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1700015832&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=t0%2F0zLTR9ECodj1GU7eL3%2F10xXvt5yLLJmXDwlVgT%2Bo%3D"}]}
content-type: application/javascript
cf-ray: 82a401d10bf2bbd4-FRA
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1700015832&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=t0%2F0zLTR9ECodj1GU7eL3%2F10xXvt5yLLJmXDwlVgT%2Bo%3D

GET
H2 200 main.308836fd.chunk.js Show response
embeds.beehiiv.com/static/js/ Frame 912B 13 KB
4 KB 47ms
46ms Script
application/javascript 2606:4700::6813:9d17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://embeds.beehiiv.com/static/js/main.308836fd.chunk.js
Requested by: Host: embeds.beehiiv.com
URL: https://embeds.beehiiv.com/282140fe-3e01-469c-b0dd-233d04655614?slim=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9d17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 721a2cb896b2acb671c940e5db88ef45dc09368d1a52960c771c8d7c758c76fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://embeds.beehiiv.com/282140fe-3e01-469c-b0dd-233d04655614?slim=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 20:43:51 GMT
via: 1.1 vegur
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 15 Mar 2023 21:53:57 GMT
server: cloudflare
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 6114
cf-polished: origSize=13334
vary: Origin, Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1700015832&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=t0%2F0zLTR9ECodj1GU7eL3%2F10xXvt5yLLJmXDwlVgT%2Bo%3D"}]}
content-type: application/javascript
cf-ray: 82a401d10bf3bbd4-FRA
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1700015832&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=t0%2F0zLTR9ECodj1GU7eL3%2F10xXvt5yLLJmXDwlVgT%2Bo%3D

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 912B 119 KB
46 KB 40ms
16ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WJXL7FH

Requested by

Host: embeds.beehiiv.com
URL: https://embeds.beehiiv.com/282140fe-3e01-469c-b0dd-233d04655614?slim=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1d414a528697a8062f00a5a3ad986f89ee39383d4cba0eb2dfd42b3329000169

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://embeds.beehiiv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 20:43:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46767
x-xss-protection: 0
last-modified: Wed, 22 Nov 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 22 Nov 2023 20:43:52 GMT

GET
H2 200 282140fe-3e01-469c-b0dd-233d04655614 Show response
embeds.beehiiv.com/api/embeds/ Frame 912B 673 B
771 B 127ms
126ms XHR
application/json 2606:4700::6813:9d17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embeds.beehiiv.com/api/embeds/282140fe-3e01-469c-b0dd-233d04655614

Requested by

Host: embeds.beehiiv.com
URL: https://embeds.beehiiv.com/static/js/2.94f81a45.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9d17 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81f4afd46f4be2c28f1ebed826f383401f140bf0bd43396b7d6066e62a5f9c12

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://embeds.beehiiv.com/282140fe-3e01-469c-b0dd-233d04655614?slim=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 20:43:52 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
server: cloudflare
content-encoding: gzip
vary: Origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1700685832&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=e3YAKTj%2BOm%2FMQ%2FB7eJ7MqgQ2iYHhxexVfsE7ZaYafA0%3D"}]}
content-type: application/json
cf-ray: 82a401d21d8ebbd4-FRA
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1700685832&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=e3YAKTj%2BOm%2FMQ%2FB7eJ7MqgQ2iYHhxexVfsE7ZaYafA0%3D

GET
H2

200

main.js Show response
embeds.beehiiv.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/ Frame 911C
Redirect Chain

https://embeds.beehiiv.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://embeds.beehiiv.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

7 KB
4 KB

16ms
15ms

Script
application/javascript

2606:4700::6813:9d17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embeds.beehiiv.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

Protocol

Server

2606:4700::6813:9d17 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f75306a19a79f25aaaeffdc763888f84cf3ee889eb6690d5818ece74df98bd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 20:43:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 82a401d25dd2bbd4-FRA

Redirect headers

date: Wed, 22 Nov 2023 20:43:52 GMT
content-encoding: gzip
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
cache-control: max-age=300, public
cf-ray: 82a401d22da4bbd4-FRA

POST
H2 200 82a401d00aa8bbd4 Show response
embeds.beehiiv.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 911C 0
249 B 31ms
31ms XHR
text/plain 2606:4700::6813:9d17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://embeds.beehiiv.com/cdn-cgi/challenge-platform/h/g/jsd/r/82a401d00aa8bbd4
Requested by: Host: embeds.beehiiv.com
URL: https://embeds.beehiiv.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9d17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 22 Nov 2023 20:43:52 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 82a401d2feabbbd4-FRA
content-type: text/plain; charset=UTF-8

GET
H2 200 css
fonts.googleapis.com/ Frame 912B 2 KB
576 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:400,700

Requested by

Host: embeds.beehiiv.com
URL: https://embeds.beehiiv.com/static/js/2.94f81a45.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3ebcc90cf659bfe3a93df6f0371b1ceb3a833ab4fdfdf0123782b202992bc6d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://embeds.beehiiv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 22 Nov 2023 20:43:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 22 Nov 2023 20:16:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Nov 2023 20:43:52 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v36/ Frame 912B 18 KB
19 KB 29ms
8ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://embeds.beehiiv.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 01:43:43 GMT
x-content-type-options: nosniff
age: 414009
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18664
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:36:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Nov 2024 01:43:43 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.beehiiv.com/	1970-01-20 16:24:47	Name: __cf_bm Value: VBV81SpLB8sx2uVlNweqvOWsFEYYoaIq6xm1Bixwj7c-1700685831-0-AapBr3KFn8GWPt59vZsSfgesdVCcN+1un7hnsr3w+cb07HsVLgSysnUnquoJ8F4wJw3HtbfcK21KxLu3qKej4yE=
			.beehiiv.com/	1970-01-21 01:10:21	Name: cf_clearance Value: E8vJMqdRQRNhr7XnvuEEyT1aSvIe0NzW0vaYHc91820-1700685832-0-1-12bb08.25d38c5b.5713e4e8-0.2.1700685832

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

embeds.beehiiv.com
fonts.googleapis.com
fonts.gstatic.com
willsims.xyz
www.googletagmanager.com
185.199.108.153
185.199.111.153
2606:4700::6813:9d17
2a00:1450:4001:813::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82f::2008
0012182182e791f175a292d492fc57596e040532ef6e615faa943b34abcbcd5b
1d414a528697a8062f00a5a3ad986f89ee39383d4cba0eb2dfd42b3329000169
2d6bb8508f363dce4f4d910a799b003457f15575bdb9de29ed12b8944291ab58
3569c1d8e8848de9277360cf3625af126582e2df365f7cb06d431d0f0d7b6b19
3ebcc90cf659bfe3a93df6f0371b1ceb3a833ab4fdfdf0123782b202992bc6d6
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
721a2cb896b2acb671c940e5db88ef45dc09368d1a52960c771c8d7c758c76fc
81f4afd46f4be2c28f1ebed826f383401f140bf0bd43396b7d6066e62a5f9c12
8f75306a19a79f25aaaeffdc763888f84cf3ee889eb6690d5818ece74df98bd1
92cebd78c69212be370ddd216a3131d87f4be16fbfa5eeeba03a01da3640eec1
b3b005dd11618f2faa5a7c4eb355f8c86f042a4b53005405a3198083cfd14879
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2c3308d748fa749f1a340abe0f7bb58c33ebc2bc36fa0616d8097d4bb4f719c
fa1af1cbf201b91b7b02cc4531ded17078f035ca5daec87e9767ca7edb4b3328
fae885a5fe5ba0f691b69c7e8b88f69c981fed8e77bb1e9b3692351853bb2b34

willsims.xyz Open in urlscan Pro 185.199.108.153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

93 %HTTPS

67 %IPv6

5 Domains

5 Subdomains

5 IPs

2 Countries

1041 kBTransfer

1395 kBSize

2 Cookies

2 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

2 Cookies

Indicators

willsims.xyz Open in urlscan Pro
185.199.108.153 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

93 %
HTTPS

67 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

1041 kB
Transfer

1395 kB
Size

2
Cookies

15 HTTP transactions
0 data transactions