visual.ly - urlscan.io

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 5 HTTP transactions. The main IP is 2606:4700:20::681a:a49, located in United States and belongs to CLOUDFLARENET, US. The main domain is visual.ly. The Cisco Umbrella rank of the primary domain is 481251.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 6th 2023. Valid for: a year.

This is the only time visual.ly was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3030::ac43:b3c3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	2606:4700:20:... 2606:4700:20::681a:a49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2

1 2606:4700:3030::ac43:b3c3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

sunnet-online.s-alrt.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::681a:a49 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

visual.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	visual.ly 1 redirects visual.ly — Cisco Umbrella Rank: 481251	7 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1212	7 KB
1	s-alrt.id 1 redirects sunnet-online.s-alrt.id	582 B
5	3

	Domain	Requested by
5	visual.ly	1 redirects static.cloudflareinsights.com visual.ly
1	static.cloudflareinsights.com	visual.ly
1	sunnet-online.s-alrt.id	1 redirects
5	3

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-06` - `2024-02-06`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://visual.ly/what-are-odds
Frame ID: 279B5BC72D29BEE4AB3E2874074EF8A2
Requests: 3 HTTP requests in this frame

Frame: https://visual.ly/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
Frame ID: BDEBF14895E585CA3138D2031DD09E00
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://sunnet-online.s-alrt.id/auth.php?oauth HTTP 302
https://visual.ly/what-are-odds Page URL

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Page Statistics

5
Requests

80 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

13 kB
Transfer

28 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://sunnet-online.s-alrt.id/auth.php?oauth HTTP 302
https://visual.ly/what-are-odds Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://visual.ly/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://visual.ly/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js

5 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

503

Primary Request what-are-odds Show response
visual.ly/
Redirect Chain

https://sunnet-online.s-alrt.id/auth.php?oauth
https://visual.ly/what-are-odds

2 KB
2 KB

422ms
374ms

Document
text/html

2606:4700:20::681a:a49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://visual.ly/what-are-odds
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94fdf653c97f895ee5fb418256c4c6de1285a46e28334d0053b05cfad50b0adc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7f79b0b5cc319a09-FRA
content-type: text/html
date: Wed, 16 Aug 2023 12:30:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kYygzLEv3sz2fLrKyBwEr%2BMnIBNKedjnRt2R87RICYGam7PL9gRnx4Xz1VS7ab5K8kOQNHNgXyoD7Lzf4WoTV2ImOUuB0%2FB39NHgVjgDZUE9BPU3oywI5sZSecbF0VykxvFy2IoEWw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7f79b0b348c09b70-FRA
content-type: text/html; charset=UTF-8
date: Wed, 16 Aug 2023 12:30:44 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://visual.ly/what-are-odds
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=55rQ3wVnjkQflZiTwEhA%2F%2FIohh9UO4DCODA6LWVB9uUdgzBNYkSemWXJzZWFXYxj8fUZC0bYX0z%2BNLlHVYShn0Pq7PUjD7cIp%2FEG0Ku%2B0a7Xh4rO2EGObq70RfBoXRmiPwltUXGctwPZiImy03MJ%2BDUNeWHghQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 71ms
36ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by: Host: visual.ly
URL: https://visual.ly/what-are-odds
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer: https://visual.ly/
Origin: https://visual.ly
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 12:30:44 GMT
content-encoding: gzip
last-modified: Thu, 20 Jul 2023 18:10:27 GMT
server: cloudflare
etag: W/"2023.7.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7f79b0b86fd78fef-FRA

GET
H3

200

invisible.js Show response
visual.ly/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/ Frame BDEB
Redirect Chain

https://visual.ly/cdn-cgi/challenge-platform/scripts/invisible.js
https://visual.ly/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js

7 KB
4 KB

17ms
17ms

Script
application/javascript

2606:4700:20::681a:a49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://visual.ly/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js

Protocol

H3

Server

2606:4700:20::681a:a49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db348d35ad252d1e63428c6caee549e0f497cdc5ccbe921a9618f48b53251d84

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 12:30:44 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MzOEcPzDA5isyadsxcGgflhyGFSV7DVCbOveEQwksH9Fm1SmnotsSFdsDoteXQK7OTZK34l9rgVd4DqUrd1fmIuUFDU5K5GkEyNC2juJgD8bWaqfLyb2B4cxo87uVVMKSopEVG5D1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7f79b0b8dbb603e4-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 16 Aug 2023 12:30:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ESPRLytjUcizUSfEqkXBT3eZeqd3oky2jtFOFbOx7UfonBSEw2V9k33MM9%2FWl%2FKWNBlXU%2FtqcEbFt61sf1tPv8ZmricLXJ3shCD11SVMAG4RPmh76hxF1CYfYLnv%2Brpb3%2FUCeQvoSg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
cache-control: max-age=300, public
cf-ray: 7f79b0b8c81d9a09-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 204 rum Show response
visual.ly/cdn-cgi/ 0
178 B 11ms
10ms XHR
text/plain 2606:4700:20::681a:a49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://visual.ly/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://visual.ly/what-are-odds
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
content-type: application/json

Response headers

date: Wed, 16 Aug 2023 12:30:44 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://visual.ly
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7f79b0b8c8239a09-FRA

POST
H3 200 7f79b0b5cc319a09 Show response
visual.ly/cdn-cgi/challenge-platform/h/g/cv/result/ Frame BDEB 0
550 B 27ms
27ms XHR
text/plain 2606:4700:20::681a:a49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://visual.ly/cdn-cgi/challenge-platform/h/g/cv/result/7f79b0b5cc319a09
Requested by: Host: visual.ly
URL: https://visual.ly/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:a49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 16 Aug 2023 12:30:44 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bpd6olrPbB0YuHnoKETIJeSl7B%2FxK8UoAXr2uqecJP2wLHXenQgodjDdE%2BJrbl8JRs7iNnRLpjixSE95ObxXaaBlKPC%2B85BB2p7y03hn%2FuOS6o0fy1z6cL1xKjV2%2FrPSsaRcgAC7wg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7f79b0ba3db803e4-FRA
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| __cfBeacon

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			sunnet-online.s-alrt.id/	1969-12-31 23:59:59	Name: PHPSESSID Value: 09e25c68b6ab5d0d7dc73bce48ed642a
			.visual.ly/	1970-01-20 22:48:45	Name: cf_clearance Value: X5IaVQe8.aTFA3kKKg8W8DiaoePilfbqlgYNeXlUvWU-1692189044-0-1-4928999f.7bf76947.ab638058-0.2.1692189044

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://visual.ly/what-are-odds Message: Failed to load resource: the server responded with a status of 503 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

static.cloudflareinsights.com
sunnet-online.s-alrt.id
visual.ly
2606:4700:20::681a:a49
2606:4700:3030::ac43:b3c3
2606:4700::6810:3865
94fdf653c97f895ee5fb418256c4c6de1285a46e28334d0053b05cfad50b0adc
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
db348d35ad252d1e63428c6caee549e0f497cdc5ccbe921a9618f48b53251d84
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

visual.ly Open in urlscan Pro 2606:4700:20::681a:a49 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

5 Requests

80 %HTTPS

100 %IPv6

3 Domains

3 Subdomains

2 IPs

1 Countries

13 kBTransfer

28 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

2 Cookies

1 Console Messages

Indicators

visual.ly Open in urlscan Pro
2606:4700:20::681a:a49 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

80 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

13 kB
Transfer

28 kB
Size

2
Cookies

5 HTTP transactions
0 data transactions