willm.xyz Open in urlscan Pro
2606:4700:3035::681f:46c2 Public Scan

URL:
https://willm.xyz/
Submission: On August 11 via manual (August 11th 2020, 2:16:24 pm UTC) from US

Summary HTTP 37 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 13 domains to perform 37 HTTP transactions. The main IP is 2606:4700:3035::681f:46c2, located in United States and belongs to CLOUDFLARENET, US. The main domain is willm.xyz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 8th 2020. Valid for: a year.

This is the only time willm.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	2606:4700:303... 2606:4700:3035::681f:46c2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700:10:... 2606:4700:10::6816:227d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:825::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3037::6812:39dd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3032::681c:1515	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:825::2001	15169 (GOOGLE) (GOOGLE)
1	3.93.138.230 3.93.138.230	14618 (AMAZON-AES) (AMAZON-AES)
1	185.33.220.240 185.33.220.240	29990 (ASN-APPNEX) (ASN-APPNEX)
37	11

12 2606:4700:3035::681f:46c2 (United States)

ASN13335 (CLOUDFLARENET, US)

willm.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:10::6816:227d (United States)

ASN13335 (CLOUDFLARENET, US)

s.nitropay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracker.nitropay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6812:39dd (United States)

ASN13335 (CLOUDFLARENET, US)

img.derock.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::681c:1515 (United States)

ASN13335 (CLOUDFLARENET, US)

img.shields.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.93.138.230 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-93-138-230.compute-1.amazonaws.com

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.220.240 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	willm.xyz willm.xyz	682 KB
7	nitropay.com s.nitropay.com tracker.nitropay.com	216 KB
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	141 KB
2	doubleclick.net googleads.g.doubleclick.net
2	shields.io img.shields.io	3 KB
1	adnxs.com ib.adnxs.com	1 KB
1	33across.com ssc.33across.com	641 B
1	googletagservices.com www.googletagservices.com	27 KB
1	gstatic.com fonts.gstatic.com	9 KB
1	google.com adservice.google.com	829 B
1	google.de adservice.google.de	829 B
1	derock.dev img.derock.dev	3 MB
1	googleapis.com fonts.googleapis.com	1 KB
37	13

	Domain	Requested by
12	willm.xyz	willm.xyz
6	s.nitropay.com	willm.xyz s.nitropay.com
4	pagead2.googlesyndication.com	willm.xyz pagead2.googlesyndication.com
2	tpc.googlesyndication.com	s.nitropay.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	img.shields.io	willm.xyz
1	ib.adnxs.com	s.nitropay.com
1	ssc.33across.com	s.nitropay.com
1	tracker.nitropay.com	s.nitropay.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	fonts.gstatic.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	img.derock.dev	willm.xyz
1	fonts.googleapis.com	willm.xyz
37	15

This site contains links to these domains. Also see Links.

Domain
bruhapi.xyz
user-id.willm.xyz
id-user.willm.xyz
playlists.willm.xyz
tts.willm.xyz
www.youtube.com
firecloud.tech
github.com
quacky.js.org
nitropay.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-08` - `2021-07-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2019-10-01` - `2021-09-30`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh

This page contains 4 frames:

Primary Page: https://willm.xyz/
Frame ID: 010424F64AA6AA5A2C0E22597313A96E
Requests: 34 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200805/r20190131/zrt_lookup.html
Frame ID: 7A4F8BE21EAA3E25DACDA42AC62B432D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2084797560093439&output=html&adk=1812271804&adf=3025194257&lmt=1597117646&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwillm.xyz%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1597155367266&bpp=18&bdt=92&idt=85&shv=r20200805&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5972902291285&frm=20&pv=2&ga_vid=2048382388.1597155367&ga_sid=1597155367&ga_hid=1420103187&ga_fc=0&iag=0&icsg=35519&dssz=10&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530557%2C42530559%2C42530588%2C21066897%2C21066392&oid=3&pvsid=2250001414733053&pem=734&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=101
Frame ID: 6BFD939CA80FB2B6B55A4B7F790F98FA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 5F24CD3CAE42B115E8FC39C42A446CDA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

37
Requests

100 %
HTTPS

82 %
IPv6

13
Domains

15
Subdomains

11
IPs

3
Countries

4211 kB
Transfer

5343 kB
Size

2
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://bruhapi.xyz/
Title: BruhAPI

Search URL Search Domain Scan URL

URL: https://user-id.willm.xyz/
Title: Roblox Username to ID

Search URL Search Domain Scan URL

URL: https://id-user.willm.xyz/
Title: Roblox ID to Username

Search URL Search Domain Scan URL

URL: https://playlists.willm.xyz/
Title: Spotify Playlist Checker

Search URL Search Domain Scan URL

URL: https://tts.willm.xyz/
Title: Text to Speech

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=010_LS7gyB0

Search URL Search Domain Scan URL

URL: https://firecloud.tech/?utm_source=taco&utm_medium=websitead&utm_campaign=wills_website

Search URL Search Domain Scan URL

URL: https://github.com/whasonyt/willm-2020
Title: View source code.

Search URL Search Domain Scan URL

URL: https://quacky.js.org/
Title: Check out Quacky Bot!

Search URL Search Domain Scan URL

URL: https://nitropay.com/
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
willm.xyz/ 4 KB
2 KB 166ms
115ms Document
text/html 2606:4700:3035::681f:46c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://willm.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:46c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cb0c7b01496f4309e5f29aeeb1b6bf4f5a6e1d24ab00e100fffa7c0b2434445

Request headers

:method: GET
:authority: willm.xyz
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 11 Aug 2020 14:16:07 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d86b0788407b06e3ac110be11cadbc5881597155367; expires=Thu, 10-Sep-20 14:16:07 GMT; path=/; domain=.willm.xyz; HttpOnly; SameSite=Lax; Secure
last-modified: Tue, 11 Aug 2020 03:47:26 GMT
access-control-allow-origin: *
expires: Tue, 11 Aug 2020 14:26:07 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 4690:78D7:9A71E:BDFC8:5F32A825
via: 1.1 varnish
age: 0
x-served-by: cache-fra19179-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1597155367.069204,VS0,VE96
vary: Accept-Encoding
x-fastly-request-id: f7e215aa02eb961a60e71f2db9cd86b8d509d648
cf-cache-status: DYNAMIC
cf-request-id: 047f79f090000005c8661ce200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5c12929418d305c8-FRA
content-encoding: br

GET
H2 200 ads-463.js Show response
s.nitropay.com/ 312 KB
102 KB 612ms
565ms Script
application/javascript 2606:4700:10::6816:227d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.nitropay.com/ads-463.js

Requested by

Host: willm.xyz
URL: https://willm.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:227d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

056d2d31275b61b2bc55ef9c043711fe04a7ddb29bb863905250d48417e3ca1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://willm.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 11 Aug 2020 14:16:07 GMT
content-encoding: gzip
cf-cache-status: MISS
x-goog-meta-goog-reserved-file-mtime: 1596824489
status: 200
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-guploader-uploadid: AAANsUl8wnkFUqJabc78owFzPKhyu9TNPQpnJQaStzusDapgeIJcIG0Bh66o6Y2wvFIX-PEZKZbPFMikZ7CjDsbgGBR9_Yt3pw
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=2592000; includeSubDomains
content-type: application/javascript
cf-request-id: 047f79f13800001f3dfb3e9200000001
last-modified: Tue, 11 Aug 2020 04:55:04 GMT
server: cloudflare
etag: W/"7952009488beb5a5e902d9d359511630:1597121704000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=/azzwA==, md5=eVIAlIi+taXpAtnTWVEWMA==
x-goog-generation: 1596824550848666
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: private, max-age=600
x-goog-stored-content-length: 293383
cf-ray: 5c1292952ebf1f3d-FRA
expires: Tue, 11 Aug 2020 15:16:07 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 124 KB
44 KB 65ms
22ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: willm.xyz
URL: https://willm.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7464e65c32cc503e9fcfe2e6706f328cfd80c989de90070e762199439f66d3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://willm.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 11 Aug 2020 14:16:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 44444
x-xss-protection: 0
server: cafe
etag: 972076397728626502
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 11 Aug 2020 14:16:07 GMT

GET
H2 200 font-awesome.min.css
willm.xyz/assets/css/ 30 KB
7 KB 129ms
128ms Stylesheet
text/css 2606:4700:3035::681f:46c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://willm.xyz/assets/css/font-awesome.min.css
Requested by: Host: willm.xyz
URL: https://willm.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:46c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer: https://willm.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: 76dffd4c47c875ca82551cc0e3304e9aaa834522
date: Tue, 11 Aug 2020 14:16:07 GMT
via: 1.1 varnish
cf-cache-status: MISS
x-cache: MISS
status: 200
x-cache-hits: 0
content-encoding: br
x-origin-cache: HIT
cf-request-id: 047f79f10b000005c8661de200000001
x-served-by: cache-fra19144-FRA
last-modified: Tue, 11 Aug 2020 03:47:26 GMT
server: cloudflare
x-github-request-id: 7796:17EF:123DE4:168D92:5F32A827
x-timer: S1597155367.192903,VS0,VE101
etag: W/"5f3214ce-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 5c129294db6005c8-FRA
x-proxy-cache: MISS
expires: Tue, 11 Aug 2020 14:26:07 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 57ms
15ms Stylesheet
text/css 2a00:1450:4001:825::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: willm.xyz
URL: https://willm.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a8252492db56de6a43a1e52010746aa4b09c216f522dfaa82a62169a811e3405

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://willm.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 11 Aug 2020 13:14:30 GMT
server: ESF
date: Tue, 11 Aug 2020 14:16:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Aug 2020 14:16:07 GMT

GET
H2 200 bulma.min.css
willm.xyz/assets/css/ 175 KB
20 KB 119ms
119ms Stylesheet
text/css 2606:4700:3035::681f:46c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://willm.xyz/assets/css/bulma.min.css
Requested by: Host: willm.xyz
URL: https://willm.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:46c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf96252465952d2e6143ea38f1f07308a1c43f6bcc36c92ee7bc770a8b18ca47

Request headers

Referer: https://willm.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: b4403248586e1a98fe02fbe0f7f3fab6eb18aefb
date: Tue, 11 Aug 2020 14:16:07 GMT
via: 1.1 varnish
cf-cache-status: MISS
x-cache: MISS
status: 200
x-cache-hits: 0
content-encoding: br
x-origin-cache: HIT
cf-request-id: 047f79f10b000005c8661df200000001
x-served-by: cache-fra19177-FRA
last-modified: Tue, 11 Aug 2020 03:47:26 GMT
server: cloudflare
x-github-request-id: 081A:7897:49B05:5C6CC:5F32A826
x-timer: S1597155367.190214,VS0,VE97
etag: W/"5f3214ce-2bddb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 5c129294db6305c8-FRA
x-proxy-cache: MISS
expires: Tue, 11 Aug 2020 14:26:07 GMT

GET
H2 200 willm.jpg
willm.xyz/ 311 KB
312 KB 290ms
289ms Image
image/jpeg 2606:4700:3035::681f:46c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://willm.xyz/willm.jpg
Requested by: Host: willm.xyz
URL: https://willm.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:46c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90e6538daaed69926ffebbe3b9c6c50d1963cd5939f7c3e7a7a265a6201b8078

Request headers

Referer: https://willm.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: 6368a1b90edd18dcfd90f7159d4c2ad7e2deccce
date: Tue, 11 Aug 2020 14:16:07 GMT
via: 1.1 varnish
cf-cache-status: MISS
x-cache: MISS
status: 200
x-cache-hits: 0
x-origin-cache: HIT
content-length: 318487
cf-request-id: 047f79f10f000005c8661e3200000001
x-served-by: cache-fra19146-FRA
last-modified: Tue, 11 Aug 2020 03:47:26 GMT
server: cloudflare
x-github-request-id: DE52:4517:12FD06:1765CA:5F32A825
x-timer: S1597155367.193039,VS0,VE271
etag: "5f3214ce-4dc17"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5c129294eb7405c8-FRA
x-proxy-cache: MISS
expires: Tue, 11 Aug 2020 14:26:07 GMT

GET
H2 200 q6H3E9.gif
img.derock.dev/ 3 MB
3 MB 585ms
500ms Image
image/gif 2606:4700:3037::6812:39dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.derock.dev/q6H3E9.gif
Requested by: Host: willm.xyz
URL: https://willm.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3037::6812:39dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd5359a7e40fe0958e51dd743553e27167ab74f9ed209eb106ddb9479270137f

Request headers

Referer: https://willm.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 11 Aug 2020 14:16:07 GMT
cf-cache-status: MISS
last-modified: Mon, 13 Jul 2020 18:58:48 GMT
server: cloudflare
etag: "5f0caee8-30d338"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5c1292956fadd6d9-FRA
content-length: 3199800
cf-request-id: 047f79f1620000d6d920207200000001

GET
H2 200 json
img.shields.io/badge/dynamic/ 2 KB
1 KB 841ms
802ms Image
image/svg+xml 2606:4700:3032::681c:1515
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.shields.io/badge/dynamic/json?color=1DB954&style=for-the-badge&logo=spotify&label=SPOTIFY&query=res&url=https://bruhapi.xyz/spotify
Requested by: Host: willm.xyz
URL: https://willm.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681c:1515 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9be4ffe7ac5aeddd7deac6d3bda5a266e747ef40ee83310f23886292a4cd2f43

Request headers

Referer: https://willm.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 11 Aug 2020 14:16:08 GMT
via: 1.1 vegur
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 5c12929529c796e6-FRA
content-type: image/svg+xml;charset=utf-8
status: 200
cache-control: max-age=120, s-maxage=120
content-encoding: br
cf-request-id: 047f79f135000096e6da858200000001
expires: Tue, 11 Aug 2020 14:18:07 GMT

GET
H2 200 339188357253038092
img.shields.io/discord/ 3 KB
2 KB 720ms
682ms Image
image/svg+xml 2606:4700:3032::681c:1515
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.shields.io/discord/339188357253038092?color=7289DA&logo=discord&style=for-the-badge
Requested by: Host: willm.xyz
URL: https://willm.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681c:1515 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5819659ea7ee6c244bbaa2b84700c68d04bd8c93838c2f57bb1d3c36396db97f

Request headers

Referer: https://willm.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 11 Aug 2020 14:16:07 GMT
via: 1.1 vegur
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 5c12929529cb96e6-FRA
content-type: image/svg+xml;charset=utf-8
status: 200
cache-control: max-age=30, s-maxage=30
content-encoding: br
cf-request-id: 047f79f135000096e6da859200000001
expires: Tue, 11 Aug 2020 14:16:37 GMT

GET
H2 200 jquery-3.2.1.min.js Show response
willm.xyz/assets/js/ 85 KB
29 KB 122ms
120ms Script
application/javascript 2606:4700:3035::681f:46c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://willm.xyz/assets/js/jquery-3.2.1.min.js
Requested by: Host: willm.xyz
URL: https://willm.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:46c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Referer: https://willm.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: c4b4b5015946c1edf5fce35bad290d22b2e32c5a
date: Tue, 11 Aug 2020 14:16:07 GMT
via: 1.1 varnish
cf-cache-status: MISS
x-cache: MISS
status: 200
x-cache-hits: 0
content-encoding: br
x-origin-cache: HIT
cf-request-id: 047f79f10e000005c8661e0200000001
x-served-by: cache-fra19151-FRA
last-modified: Tue, 11 Aug 2020 03:47:26 GMT
server: cloudflare
x-github-request-id: 41DC:2BBE:4B5C2:5E9DF:5F32A827
x-timer: S1597155367.196385,VS0,VE95
etag: W/"5f3214ce-15283"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 5c129294eb6b05c8-FRA
x-proxy-cache: MISS
expires: Tue, 11 Aug 2020 14:26:07 GMT

GET
H2 200 bulma.js Show response
willm.xyz/assets/js/ 35 KB
5 KB 115ms
113ms Script
application/javascript 2606:4700:3035::681f:46c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://willm.xyz/assets/js/bulma.js
Requested by: Host: willm.xyz
URL: https://willm.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:46c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d3749a3291a851ca82d8bbe0b403b012a802bf0933ec279c48d548dcc94793f

Request headers

Referer: https://willm.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: ce37f361335995c8fca86a4899baad37d7981c9a
date: Tue, 11 Aug 2020 14:16:07 GMT
via: 1.1 varnish
cf-cache-status: MISS
x-cache: MISS
status: 200
x-cache-hits: 0
content-encoding: br
x-origin-cache: HIT
cf-request-id: 047f79f10f000005c8661e1200000001
x-served-by: cache-fra19178-FRA
last-modified: Tue, 11 Aug 2020 03:47:26 GMT
server: cloudflare
x-github-request-id: 9E36:20D0:139D85:1819A1:5F32A827
x-timer: S1597155367.193768,VS0,VE92
etag: W/"5f3214ce-8a9b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 5c129294eb7005c8-FRA
x-proxy-cache: MISS
expires: Tue, 11 Aug 2020 14:26:07 GMT

GET
H2 200 main.js Show response
willm.xyz/assets/js/ 166 B
285 B 118ms
117ms Script
application/javascript 2606:4700:3035::681f:46c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://willm.xyz/assets/js/main.js
Requested by: Host: willm.xyz
URL: https://willm.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:46c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e9b35584efbace1a9795793cf4c23a95f4308375f8000de819f6cb70a403179

Request headers

Referer: https://willm.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: 91198943a395def4477ceb91206587f800917583
date: Tue, 11 Aug 2020 14:16:07 GMT
via: 1.1 varnish
cf-cache-status: MISS
x-cache: MISS
status: 200
x-cache-hits: 0
content-encoding: br
x-origin-cache: HIT
cf-request-id: 047f79f10f000005c8661e2200000001
x-served-by: cache-fra19141-FRA
last-modified: Tue, 11 Aug 2020 03:47:26 GMT
server: cloudflare
x-github-request-id: E912:4B93:2297:50B1:5F32A826
x-timer: S1597155367.193024,VS0,VE99
etag: W/"5f3214ce-a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 5c129294eb7205c8-FRA
x-proxy-cache: MISS
expires: Tue, 11 Aug 2020 14:26:07 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
829 B 36ms
15ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=willm.xyz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://willm.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 11 Aug 2020 14:16:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
829 B 38ms
15ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=willm.xyz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://willm.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 11 Aug 2020 14:16:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200805/r20190131/ 223 KB
84 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200805/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c483b07112a63520c42ab64a30374679fbb23f841771bf1b15db5518526da5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://willm.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 11 Aug 2020 14:16:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 85672
x-xss-protection: 0
server: cafe
etag: 12756933714787842258
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Aug 2020 14:16:07 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 26ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans
Origin: https://willm.xyz

Response headers

date: Fri, 07 Aug 2020 05:25:45 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 377422
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Sat, 07 Aug 2021 05:25:45 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200805/r20190131/ Frame 7A4F 0
0 29ms
7ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200805/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200805/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://willm.xyz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://willm.xyz/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 06 Aug 2020 08:27:20 GMT
expires: Thu, 20 Aug 2020 08:27:20 GMT
content-type: text/html; charset=UTF-8
etag: 1809543571055990350
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4277
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 452927
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 navbar.html Show response
willm.xyz/ 3 KB
1018 B 119ms
119ms XHR
text/html 2606:4700:3035::681f:46c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://willm.xyz/navbar.html
Requested by: Host: willm.xyz
URL: https://willm.xyz/assets/js/jquery-3.2.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:46c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ee1818046c8c81b0b99180b1bb9aa88cf4b8fcc854ee29ab1f9a2cc64a72791

Request headers

Accept: text/html, */*; q=0.01
Referer: https://willm.xyz/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: a27fc8f6443fa33cfe3524770b264e8d3f957b73
date: Tue, 11 Aug 2020 14:16:07 GMT
via: 1.1 varnish
cf-cache-status: DYNAMIC
age: 0
x-cache: MISS
status: 200
x-cache-hits: 0
content-encoding: br
x-origin-cache: HIT
cf-request-id: 047f79f1b2000005c8661f5200000001
x-served-by: cache-fra19140-FRA
last-modified: Tue, 11 Aug 2020 03:47:26 GMT
server: cloudflare
x-github-request-id: 41DC:2BBE:4B5C5:5E9E0:5F32A827
x-timer: S1597155367.360742,VS0,VE93
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
cf-ray: 5c129295eecd05c8-FRA
x-proxy-cache: MISS
expires: Tue, 11 Aug 2020 14:26:07 GMT

GET
H2 200 footer.html Show response
willm.xyz/ 308 B
628 B 105ms
104ms XHR
text/html 2606:4700:3035::681f:46c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://willm.xyz/footer.html
Requested by: Host: willm.xyz
URL: https://willm.xyz/assets/js/jquery-3.2.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:46c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 772f7d384b6876c21991b2c18cbcd2cdd3df3fb01e5931bab03953ebc13070ae

Request headers

Accept: text/html, */*; q=0.01
Referer: https://willm.xyz/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: 3195269c223bd66148cb4f69f6bf58481adedc7f
date: Tue, 11 Aug 2020 14:16:07 GMT
via: 1.1 varnish
cf-cache-status: DYNAMIC
age: 0
x-cache: MISS
status: 200
x-cache-hits: 0
content-encoding: br
x-origin-cache: HIT
cf-request-id: 047f79f1b2000005c8661f6200000001
x-served-by: cache-fra19124-FRA
last-modified: Tue, 11 Aug 2020 03:47:26 GMT
server: cloudflare
x-github-request-id: 311A:3BC1:967A2:BA77E:5F32A827
x-timer: S1597155367.352813,VS0,VE92
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
cf-ray: 5c129295eed205c8-FRA
x-proxy-cache: MISS
expires: Tue, 11 Aug 2020 14:26:07 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 6BFD 0
0 24ms
24ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2084797560093439&output=html&adk=1812271804&adf=3025194257&lmt=1597117646&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwillm.xyz%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1597155367266&bpp=18&bdt=92&idt=85&shv=r20200805&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5972902291285&frm=20&pv=2&ga_vid=2048382388.1597155367&ga_sid=1597155367&ga_hid=1420103187&ga_fc=0&iag=0&icsg=35519&dssz=10&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530557%2C42530559%2C42530588%2C21066897%2C21066392&oid=3&pvsid=2250001414733053&pem=734&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200805/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2084797560093439&output=html&adk=1812271804&adf=3025194257&lmt=1597117646&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwillm.xyz%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1597155367266&bpp=18&bdt=92&idt=85&shv=r20200805&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5972902291285&frm=20&pv=2&ga_vid=2048382388.1597155367&ga_sid=1597155367&ga_hid=1420103187&ga_fc=0&iag=0&icsg=35519&dssz=10&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530557%2C42530559%2C42530588%2C21066897%2C21066392&oid=3&pvsid=2250001414733053&pem=734&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=101
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://willm.xyz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://willm.xyz/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 11 Aug 2020 14:16:07 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 11-Aug-2020 14:31:07 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Tue, 11 Aug 2020 14:16:07 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 71 KB
27 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200805/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

394415bedb33f0d07d610f1ac10439e12098d7a747aca0510cddabca81a9092d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://willm.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 11 Aug 2020 14:16:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1597059737948561"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27037
x-xss-protection: 0
expires: Tue, 11 Aug 2020 14:16:07 GMT

GET
H2 200 fontawesome-webfont.woff2
willm.xyz/assets/fonts/ 75 KB
76 KB 295ms
295ms Font
font/woff2 2606:4700:3035::681f:46c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://willm.xyz/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: willm.xyz
URL: https://willm.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:46c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://willm.xyz/assets/css/font-awesome.min.css
Origin: https://willm.xyz

Response headers

x-fastly-request-id: edb87b554ed2df0ceeabe3f50e6ac28243ec96b6
date: Tue, 11 Aug 2020 14:16:07 GMT
via: 1.1 varnish
cf-cache-status: DYNAMIC
age: 0
x-cache: MISS
status: 200
x-origin-cache: HIT
content-length: 77160
cf-request-id: 047f79f224000005c866202200000001
x-served-by: cache-fra19140-FRA
last-modified: Tue, 11 Aug 2020 03:47:26 GMT
server: cloudflare
x-github-request-id: 1034:49C8:629A:9EC9:5F32A827
x-timer: S1597155367.474149,VS0,VE275
etag: "5f3214ce-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
expires: Tue, 11 Aug 2020 14:26:07 GMT
cache-control: max-age=600
accept-ranges: bytes
cf-ray: 5c129296a92305c8-FRA
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 tooltips.css
willm.xyz/assets/css/ 382 B
397 B 110ms
110ms Stylesheet
text/css 2606:4700:3035::681f:46c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://willm.xyz/assets/css/tooltips.css
Requested by: Host: willm.xyz
URL: https://willm.xyz/assets/js/jquery-3.2.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:46c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2fb68b531b5b4d994f88c91cb69c0de25b96784081cc56cafa67c36375e9948

Request headers

Referer: https://willm.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: aa5d88f34c28a5db028b12b8051891b2074f8de4
date: Tue, 11 Aug 2020 14:16:07 GMT
via: 1.1 varnish
cf-cache-status: MISS
x-cache: MISS
status: 200
x-cache-hits: 0
content-encoding: br
x-origin-cache: HIT
cf-request-id: 047f79f22d000005c866203200000001
x-served-by: cache-fra19139-FRA
last-modified: Tue, 11 Aug 2020 03:47:26 GMT
server: cloudflare
x-github-request-id: FAA2:4CC3:11FB22:16440C:5F32A827
x-timer: S1597155367.477925,VS0,VE91
etag: W/"5f3214ce-17e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 5c129296a94905c8-FRA
x-proxy-cache: MISS
expires: Tue, 11 Aug 2020 14:26:07 GMT

GET
H2 200 mr_quackers.png
willm.xyz/ 229 KB
229 KB 135ms
135ms Image
image/png 2606:4700:3035::681f:46c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://willm.xyz/mr_quackers.png
Requested by: Host: willm.xyz
URL: https://willm.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:46c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eceb932f8bec4331900af6d8480c01f27c22c4bb853d1ba94980fe0d132b4140

Request headers

Referer: https://willm.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: 7869578fe61f84e78be4c33caebc0cac085a60d2
date: Tue, 11 Aug 2020 14:16:07 GMT
via: 1.1 varnish
cf-cache-status: MISS
x-cache: MISS
status: 200
x-cache-hits: 0
x-origin-cache: HIT
content-length: 234366
cf-request-id: 047f79f22e000005c866204200000001
x-served-by: cache-fra19131-FRA
last-modified: Tue, 11 Aug 2020 03:47:26 GMT
server: cloudflare
x-github-request-id: D246:49CD:128ED5:16E278:5F32A826
x-timer: S1597155367.485284,VS0,VE96
etag: "5f3214ce-3937e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5c129296b94e05c8-FRA
x-proxy-cache: MISS
expires: Tue, 11 Aug 2020 14:26:07 GMT

GET
H2 200 ncmp-2017.min.js Show response
s.nitropay.com/ 363 KB
87 KB 19ms
19ms Script
text/javascript 2606:4700:10::6816:227d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.nitropay.com/ncmp-2017.min.js

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-463.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:227d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c3a079f734ee2c72edc302268e6f23ca611bef4f62ec4d4209909e1593f76b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://willm.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 11 Aug 2020 14:16:07 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 2554
x-guploader-uploadid: AAANsUnbdu_85yeh3OJGHtXU7qVVpdkCEH9u0--j8iaj6zYD11QtU8zauK5e3diPbQzbofJNz6nXoTRZgmUNLkMUDg
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: text/javascript
cf-request-id: 047f79f3a000001f3dfb00d200000001
last-modified: Thu, 18 Jun 2020 22:49:06 GMT
server: cloudflare
etag: W/"f4581a90e7f7cf120eeb2f4455fbb079"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
x-goog-hash: crc32c=MY6qgA==, md5=9FgakOf3zxIO6y9EVfuweQ==
x-goog-generation: 1592520546278453
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 371810
cf-ray: 5c1292990f8e1f3d-FRA
expires: Tue, 11 Aug 2020 14:33:33 GMT

GET
H2 200 analytics
tracker.nitropay.com/sites/463/ 0
0 180ms
152ms Fetch 2606:4700:10::6816:227d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracker.nitropay.com/sites/463/analytics?ab=eyJocmVmIjoiaHR0cHM6Ly93aWxsbS54eXovIn0%3D

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-463.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:227d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://willm.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 11 Aug 2020 14:16:08 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
status: 200
cf-ray: 5c1292993b29c26d-FRA
content-length: 0
cf-request-id: 047f79f3be0000c26d68a1d200000001

GET
H2 200 vendor-list.json Show response
s.nitropay.com/ 133 KB
21 KB 51ms
51ms XHR
application/json 2606:4700:10::6816:227d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.nitropay.com/vendor-list.json

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ncmp-2017.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:227d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e34b5af640687a681b50428e734fd0053b3123fe0f5f875c1c6963b81fb1d4cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://willm.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 11 Aug 2020 14:16:07 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
age: 2143
x-guploader-uploadid: AAANsUlYCRj3HTNBmjFyS61VCelGsSbtUmBhnKI1M73ld3T_ob6qus1OKGUw3toNPtadCc6io6K7EEJ7-q1eu1BlfOMp_pq4WA
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
content-type: application/json
cf-request-id: 047f79f3ed0000c26d68a23200000001
last-modified: Thu, 06 Aug 2020 16:15:02 GMT
server: cloudflare
etag: W/"07737f4984544a39ce59a610067d91db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
x-goog-hash: crc32c=hGnoVQ==, md5=B3N/SYRUSjnOWaYQBn2R2w==
x-goog-generation: 1596730502927080
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800
x-goog-stored-content-length: 136692
cf-ray: 5c1292997beec26d-FRA
expires: Tue, 18 Aug 2020 13:40:24 GMT

GET
H2 200 lang-alt.png
s.nitropay.com/assets/ 2 KB
2 KB 14ms
13ms Image
image/png 2606:4700:10::6816:227d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.nitropay.com/assets/lang-alt.png

Requested by

Host: willm.xyz
URL: https://willm.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:227d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eda5ec1c59939f001bdc15f557f3a905110aac0a60afc5a1eb92d8cdc2d2cbb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://willm.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 11 Aug 2020 14:16:07 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 3065
x-guploader-uploadid: AAANsUkIV2ZD6hHb8alLvOjJ_2TG4kiCPBq3ckhSFgz51260fYiRYgHmsfPflCEiFC5diNXLnGd-2PjQUp_Mc7rsnw
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 1887
cf-request-id: 047f79f43200001f3dfb018200000001
last-modified: Sun, 14 Jun 2020 01:12:51 GMT
server: cloudflare
etag: "ca072a3965f49a2c242c45d535163a53"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
x-goog-hash: crc32c=7x+tRA==, md5=ygcqOWX0miwkLEXVNRY6Uw==
x-goog-generation: 1592097171393463
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 1887
accept-ranges: bytes
cf-ray: 5c129299e9b51f3d-FRA
expires: Tue, 11 Aug 2020 14:25:02 GMT

GET
H2 200 cancel-w.png
s.nitropay.com/assets/ 1 KB
2 KB 19ms
18ms Image
image/png 2606:4700:10::6816:227d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.nitropay.com/assets/cancel-w.png

Requested by

Host: willm.xyz
URL: https://willm.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:227d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89863d0411e5273c7c2befe50bceeab57034e26b5df8751cc13c3bd78c73511d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://willm.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 11 Aug 2020 14:16:07 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 3299
x-guploader-uploadid: AAANsUkaWo9oi49yY58lYg7PY2qdrOTV_Ag_7IWkar4EWYm97I3rb9GQquOSDUka8GONwrKHDE2Jtoo1am6W01Fk6A
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 1302
cf-request-id: 047f79f43200001f3dfb019200000001
last-modified: Wed, 26 Sep 2018 06:50:42 GMT
server: cloudflare
etag: "c707b2d501a53bc2c66e98e4e5cabefb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
x-goog-hash: crc32c=QrhBNA==, md5=xwey1QGlO8LGbpjk5cq++w==
x-goog-generation: 1537944642617286
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 1302
accept-ranges: bytes
cf-ray: 5c129299e9b71f3d-FRA
expires: Tue, 11 Aug 2020 14:21:08 GMT

GET
H2 200 np-cmp-n2.png
s.nitropay.com/assets/ 3 KB
3 KB 13ms
12ms Image
image/png 2606:4700:10::6816:227d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.nitropay.com/assets/np-cmp-n2.png

Requested by

Host: willm.xyz
URL: https://willm.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:227d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d8fea63a817b75ec9bfbc153b60b576dd31392e4d2afbec0d83cc813f8aca4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://willm.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 11 Aug 2020 14:16:07 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 3299
x-guploader-uploadid: AAANsUklmAfCcBLiLBnglmtmm20O0bv-1TcONPvEh1_rZIAMMpeMehVVuYpTeDVPv-fS86CGm9D-49N_KzyqPTs7tA
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 2592
cf-request-id: 047f79f43200001f3dfb01a200000001
expires: Tue, 11 Aug 2020 14:21:08 GMT
last-modified: Tue, 21 Apr 2020 13:05:46 GMT
server: cloudflare
etag: "940aa5b81e99bbb7414acc474a89bad9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
x-goog-hash: crc32c=naGVVg==, md5=lAqluB6Zu7dBSsxHSom62Q==
x-goog-generation: 1587474346178492
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 2592
accept-ranges: bytes
cf-ray: 5c129299e9bb1f3d-FRA
cf-bgj: h2pri

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 36ms
17ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200805&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200805/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

64b3b82009064f5bc840d8ae7b149f7191ba10b4799ff414d1310bcf170fd587

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://willm.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 11 Aug 2020 14:16:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6160
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-463.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://willm.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 11 Aug 2020 14:16:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Tue, 11 Aug 2020 14:16:08 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 5F24 0
0 6ms
6ms Document
text/html 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-463.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://willm.xyz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://willm.xyz/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Tue, 11 Aug 2020 13:48:39 GMT
expires: Wed, 11 Aug 2021 13:48:39 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1649
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
120 B 40ms
40ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200805&jk=2250001414733053&bg=!SkmlSVFYqyFRE3GoRLoCAAAARVIAAAAMmQGgzsSzvUc4o-nAbeI1PkXGVmUzpAtae5TcxY7NwmyVn84JsZPSTrkg7CvplW6sQ02Hp2_P4RNnHuWQTeYcVDFaEg6Z3cBEoxLS1g4OUljIV_n4U_IlJ8a4-aUBFlL_GxCRIY5uNty2MMYTOKTeI3UuHe9Ic7JsOvdncZ0YfgUj4q82y13SlxDZFyXTVnjN2lME7G8yBJkdM9He7RZDO9nxlWvXlE1d7d7zugzQahfGinXHiDWSZ0AuDP8nM1XAURWBIN5YjsXX-utmu4b6ZTsoGwy2CvH5PGpopjS_sWvps4pS51ngDLHNZ1ateWaEqtyPKysw8s_pSWQbanJEoMnBDt1s2KqkSLX6LhcOb7b_X0myAw-zgilsEKfZamGTf4Q5UUvNRC4hPGaFoV-aKxPppWYBkR29wACdeMDRwkAEpooAkZYz0lEHqzJnAbvcAXWHbeadj0DSujLOnu9MJo4n_OcUEZS24MxU1O6QdYj24sr1NAyvEGd4gWBq_PRxdxH2yzlE_9XuckG0mnNIBWuzxlqUY410YnYWYqHH3gUD0Gs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://willm.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Aug 2020 14:16:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 65 B
641 B 387ms
132ms XHR
application/json 3.93.138.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-463.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.93.138.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-93-138-230.compute-1.amazonaws.com
Software: / 33Across
Resource Hash: 6f0e448775b5ec78e28e6b7e479805ec764f7e656df8ecdab62d3879194c94a5

Request headers

Referer: https://willm.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 11 Aug 2020 14:16:18 GMT
content-encoding: gzip
status: 200, 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://willm.xyz
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 119ms
49ms XHR
application/json 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-463.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

42426cf6c21e2ffb407fbd6e8c97bb10f6e70d31ad0e15254db10c8ca4074722

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://willm.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 11 Aug 2020 14:16:17 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 717.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.69:80
AN-X-Request-Uuid: e83d5bb8-efd9-40c9-9b66-9c95fe76fda1
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://willm.xyz
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 11:39:16	Name: test_cookie Value: CheckForPermission
			.willm.xyz/	1970-01-19 12:22:27	Name: __cfduid Value: d86b0788407b06e3ac110be11cadbc5881597155367

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	(Line 1) Message: %cNever gonna give you up Never gonna let you down Never gonna run around and desert you Never gonna make you cry Never gonna say goodbye Never gonna tell a lie and hurt you color: red; font-size: small;
console-api	info	URL: https://s.nitropay.com/ads-463.js(Line 1) Message: NitroAds: Loaded. Version: 20200807-aeda8f0, Geo: DE Timeout: 2000.
console-api	info	URL: https://s.nitropay.com/ads-463.js(Line 1) Message: NitroAds: Ad Unit: nitropay, display, 32a20430-95e8-4b88-a161-f19054fc10d8

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
img.derock.dev
img.shields.io
pagead2.googlesyndication.com
s.nitropay.com
ssc.33across.com
tpc.googlesyndication.com
tracker.nitropay.com
willm.xyz
www.googletagservices.com
185.33.220.240
2606:4700:10::6816:227d
2606:4700:3032::681c:1515
2606:4700:3035::681f:46c2
2606:4700:3037::6812:39dd
2a00:1450:4001:802::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:825::2001
2a00:1450:4001:825::200a
3.93.138.230
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
056d2d31275b61b2bc55ef9c043711fe04a7ddb29bb863905250d48417e3ca1d
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
1e9b35584efbace1a9795793cf4c23a95f4308375f8000de819f6cb70a403179
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c3a079f734ee2c72edc302268e6f23ca611bef4f62ec4d4209909e1593f76b3
394415bedb33f0d07d610f1ac10439e12098d7a747aca0510cddabca81a9092d
42426cf6c21e2ffb407fbd6e8c97bb10f6e70d31ad0e15254db10c8ca4074722
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5819659ea7ee6c244bbaa2b84700c68d04bd8c93838c2f57bb1d3c36396db97f
64b3b82009064f5bc840d8ae7b149f7191ba10b4799ff414d1310bcf170fd587
6d8fea63a817b75ec9bfbc153b60b576dd31392e4d2afbec0d83cc813f8aca4d
6ee1818046c8c81b0b99180b1bb9aa88cf4b8fcc854ee29ab1f9a2cc64a72791
6f0e448775b5ec78e28e6b7e479805ec764f7e656df8ecdab62d3879194c94a5
772f7d384b6876c21991b2c18cbcd2cdd3df3fb01e5931bab03953ebc13070ae
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c483b07112a63520c42ab64a30374679fbb23f841771bf1b15db5518526da5a
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
89863d0411e5273c7c2befe50bceeab57034e26b5df8751cc13c3bd78c73511d
8cb0c7b01496f4309e5f29aeeb1b6bf4f5a6e1d24ab00e100fffa7c0b2434445
90e6538daaed69926ffebbe3b9c6c50d1963cd5939f7c3e7a7a265a6201b8078
9be4ffe7ac5aeddd7deac6d3bda5a266e747ef40ee83310f23886292a4cd2f43
9d3749a3291a851ca82d8bbe0b403b012a802bf0933ec279c48d548dcc94793f
a7464e65c32cc503e9fcfe2e6706f328cfd80c989de90070e762199439f66d3a
a8252492db56de6a43a1e52010746aa4b09c216f522dfaa82a62169a811e3405
bf96252465952d2e6143ea38f1f07308a1c43f6bcc36c92ee7bc770a8b18ca47
c2fb68b531b5b4d994f88c91cb69c0de25b96784081cc56cafa67c36375e9948
e34b5af640687a681b50428e734fd0053b3123fe0f5f875c1c6963b81fb1d4cc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eceb932f8bec4331900af6d8480c01f27c22c4bb853d1ba94980fe0d132b4140
eda5ec1c59939f001bdc15f557f3a905110aac0a60afc5a1eb92d8cdc2d2cbb5
fd5359a7e40fe0958e51dd743553e27167ab74f9ed209eb106ddb9479270137f

willm.xyz Open in urlscan Pro 2606:4700:3035::681f:46c2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

37 Requests

100 %HTTPS

82 %IPv6

13 Domains

15 Subdomains

11 IPs

3 Countries

4211 kBTransfer

5343 kBSize

2 Cookies

10 Outgoing links

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

willm.xyz Open in urlscan Pro
2606:4700:3035::681f:46c2 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

100 %
HTTPS

82 %
IPv6

13
Domains

15
Subdomains

11
IPs

3
Countries

4211 kB
Transfer

5343 kB
Size

2
Cookies

37 HTTP transactions
0 data transactions