urlscan.io logo urlscan.io
SecurityTrails logo

visit.ws Open in urlscan Pro
2606:4700:3030::6815:e49  Public Scan

Go To Rescan Add Verdict Report
URL: https://visit.ws/widget/banner
Submission: On November 07 via manual from NL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 9 domains to perform 22 HTTP transactions. The main IP is 2606:4700:3030::6815:e49, located in United States and belongs to CLOUDFLARENET, US. The main domain is visit.ws. The Cisco Umbrella rank of the primary domain is 374245.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 5th 2022. Valid for: a year.
This is the only time visit.ws was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

9    2606:4700:3030::6815:e49 (United States)

ASN13335 (CLOUDFLARENET, US)
visit.ws
3    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2606:4700:20::681a:ee0 (United States)

ASN13335 (CLOUDFLARENET, US)
www.wordseed.com
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.nl
Apex Domain
Subdomains		 Transfer
9 visit.ws
visit.ws — Cisco Umbrella Rank: 374245
467 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 121
203 KB
2 wordseed.com
www.wordseed.com
5 KB
2 gstatic.com
fonts.gstatic.com
www.gstatic.com
204 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 17
1 KB
1 google.nl
www.google.nl — Cisco Umbrella Rank: 6051
548 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2041
342 B
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
1 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 118
1 KB
22 9
Domain Requested by
9 visit.ws visit.ws
3 www.googletagmanager.com visit.ws
www.googletagmanager.com
2 www.wordseed.com visit.ws
2 www.google.com visit.ws
1 www.google.nl visit.ws
1 region1.google-analytics.com www.googletagmanager.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 www.gstatic.com www.google.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com visit.ws
22 10

This site contains links to these domains. Also see Links.

Domain
www.wordseed.com
www.linkedin.com
www.facebook.com
www.instagram.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-05 -
2023-04-05		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
*.google.nl
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://visit.ws/widget/banner
Frame ID: 0812771759E08CD3840201517B747F42
Requests: 19 HTTP requests in this frame

Frame: https://visit.ws/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1667851200
Frame ID: 4E3BF480ECAACD7B1C35C292171838A7
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Oh no! | WordSeed

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

22
Requests

100 %
HTTPS

100 %
IPv6

9
Domains

10
Subdomains

10
IPs

2
Countries

883 kB
Transfer

1957 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request banner
visit.ws/widget/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://visit.ws/widget/banner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:e49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
380943e6b2807709acb2366d00928bfd367c7ef5377340e160caa60e3d5f0ce2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
BYPASS
cf-ray
766925fc9bb390a3-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 07 Nov 2022 21:26:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ph8u4m7zxJle72qXWEVB7uaoY9znlxauOZPbbpJFB00Id0hWYikkp2ekd0N1KcVuxfHspgER46022B0MM2N3RSUsbEVW52ZJtMWxyT%2FM8KT2XO1p8eD4ciF1Buo7NaktCFSYog8AoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
site.css
visit.ws/css/ 		163 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://visit.ws/css/site.css?id=f7b5ed68f8f61e1f07d451f70acc5886
Requested by
Host: visit.ws
URL: https://visit.ws/widget/banner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:e49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2225656ea0e9471f25895848d4c8f4724a9633f3c722ca7f06edeb62703962e9
Security Headers
Name Value
Content-Security-Policy frame-ancestors www.wordseed.com wordseed.test 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://visit.ws/widget/banner
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 21:26:39 GMT
content-security-policy
frame-ancestors www.wordseed.com wordseed.test 'self'
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6264
cf-polished
origSize=166878
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Mon, 07 Nov 2022 14:11:08 GMT
server
cloudflare
etag
W/"636911fc-28bde"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PUlwP%2BLtRZAb2U9y7Sn6Sml3hjIhFBF1GIxo%2BD6nWKy%2BbfGcZNc0yNuujW%2BSCgk%2Fctzqca4NUDO7NAw9F6YgjEIA1U3cTyLec0fHHd8OjT3o5%2BdBwqpHCQMaagxZFVvQbzngjlt17A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
766925fdbd3190a3-FRA
js
www.googletagmanager.com/gtag/ 		211 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-65S2M7YN83
Requested by
Host: visit.ws
URL: https://visit.ws/widget/banner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
29cdedec4ba04a9e9bce618db5d39e841a056277921e98bd1de40acb56701506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://visit.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 21:26:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75922
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 07 Nov 2022 21:26:39 GMT
arrow-right-nav.svg
visit.ws/img/site/ 		633 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visit.ws/img/site/arrow-right-nav.svg
Requested by
Host: visit.ws
URL: https://visit.ws/widget/banner
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:e49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd5a18f82ad08a5e768e2b65fa43529fb03e41a4ba74fb4692d4990521339c1
Security Headers
Name Value
Content-Security-Policy frame-ancestors www.wordseed.com wordseed.test 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://visit.ws/widget/banner
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 21:26:39 GMT
content-security-policy
frame-ancestors www.wordseed.com wordseed.test 'self'
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6264
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 07 Nov 2022 14:11:02 GMT
server
cloudflare
etag
W/"636911f6-279"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=10kPXriBalluxfcf9QisfkkpS4GuRGmyNPkNedtwdl1bvFuC9a1U5PnolA%2BXfaguuxcVnxvoUIdVytGgsex%2Be%2BjQf5awj3aVrw9djfrFc7E5Y%2Bb6hmBhVUYcva8JW74S042Fl%2B7oow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
766925fdef3b9165-FRA
site.js
visit.ws/js/ 		430 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://visit.ws/js/site.js?id=edc6afa55c23958c8fcb17b7d7b23d10
Requested by
Host: visit.ws
URL: https://visit.ws/widget/banner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:e49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61e6964b458727299d3931cb5fa6fe40321b9e4b06a4f0fe13d2ecc8bd7ef2d9
Security Headers
Name Value
Content-Security-Policy frame-ancestors www.wordseed.com wordseed.test 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://visit.ws/widget/banner
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 21:26:39 GMT
content-security-policy
frame-ancestors www.wordseed.com wordseed.test 'self'
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6264
cf-polished
origSize=440041
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Mon, 07 Nov 2022 14:11:43 GMT
server
cloudflare
etag
W/"6369121f-6b6e9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yq2v1kDm5UfFHX9mGo3AaAh1mUWnNckcraHXw4MiIzExIuasCW1v0YOObxM5VechS%2Bo3fbiS%2FwOlG9od8J8pGdq0d9Xv22DOb%2FiyD4QrKipzR0hTRN4ItdCg8QLVrypf3CA0%2BQ9sPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
766925fded8090a3-FRA
api.js
www.google.com/recaptcha/ 		910 B
996 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=CaptchaCallback&render=explicit
Requested by
Host: visit.ws
URL: https://visit.ws/widget/banner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d3d807fc5d35fad1b2140143b7ee8fea9e314409d5bbea4e6f499badf1ff61b4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://visit.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 21:26:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
583
x-xss-protection
1; mode=block
expires
Mon, 07 Nov 2022 21:26:39 GMT
gtm.js
www.googletagmanager.com/ 		142 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WG8GSSB
Requested by
Host: visit.ws
URL: https://visit.ws/widget/banner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
98fd2deb976b0dc81646e3c832fe7727241a323818ca5938fe748407a80a45fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://visit.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 21:26:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55257
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 07 Nov 2022 21:26:39 GMT
css2
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600&display=swap
Requested by
Host: visit.ws
URL: https://visit.ws/css/site.css?id=f7b5ed68f8f61e1f07d451f70acc5886
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ccfc4dbb24ff0ef3597f4903c997d2d68ee45f164ddde7e77e15a73ff070135e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://visit.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 07 Nov 2022 21:26:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 20:55:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 07 Nov 2022 21:26:39 GMT
error-illustration.png
visit.ws/img/site/ 		234 KB
235 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visit.ws/img/site/error-illustration.png
Requested by
Host: visit.ws
URL: https://visit.ws/css/site.css?id=f7b5ed68f8f61e1f07d451f70acc5886
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:e49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c7ee85cccbaa65bfe4f393a1dc55c58b068a4d77b2ccb20ed24747a68e27c01
Security Headers
Name Value
Content-Security-Policy frame-ancestors www.wordseed.com wordseed.test 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://visit.ws/css/site.css?id=f7b5ed68f8f61e1f07d451f70acc5886
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 21:26:39 GMT
content-security-policy
frame-ancestors www.wordseed.com wordseed.test 'self'
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6263
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
240023
x-xss-protection
1; mode=block
last-modified
Tue, 29 Mar 2022 13:48:03 GMT
server
cloudflare
etag
"62430e13-3a997"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M1G6jZsmct302qdxQ6o8ovtCD6TD62YIyhUCHX6un%2Fp2YhshnBEEjdfGrxe3yyjx1tXGpYa2hTrYXmgZ1O8cSPtFvZ1vtAmRtuFAi8AiIq9jEhlv8uDxZ0UzQeP9whp2BhabCcQc3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
766925ff099a9165-FRA
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://visit.ws
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 18:50:34 GMT
x-content-type-options
nosniff
age
9365
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Nov 2023 18:50:34 GMT
latinotype_-_recoleta_bold-webfont.woff2
visit.ws/fonts/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://visit.ws/fonts/latinotype_-_recoleta_bold-webfont.woff2
Requested by
Host: visit.ws
URL: https://visit.ws/css/site.css?id=f7b5ed68f8f61e1f07d451f70acc5886
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:e49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a35666ab7747b617aa0c3175965b9e690a9f0bd7df140a6a1be5893d7e719de0
Security Headers
Name Value
Content-Security-Policy frame-ancestors www.wordseed.com wordseed.test 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://visit.ws/css/site.css?id=f7b5ed68f8f61e1f07d451f70acc5886
Origin
https://visit.ws
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 21:26:39 GMT
content-security-policy
frame-ancestors www.wordseed.com wordseed.test 'self'
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37532
x-xss-protection
1; mode=block
last-modified
Tue, 29 Mar 2022 13:47:57 GMT
server
cloudflare
etag
"62430e0d-929c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dn7g7Mdca43Zmrer9Q%2BJ%2FQvYeMP28vFpP1RhCwqpfSxC4D8aukU6PnyxQHOURXOmnQpmKVfASwklEn8Kla%2BRQi17VkKsrzrOY3DCo6r7bqWMS7X80hyT4YGls9teN6VTOah89KT62Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
766925ff09a79165-FRA
wordseed-logo.svg
www.wordseed.com/img/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wordseed.com/img/wordseed-logo.svg
Requested by
Host: visit.ws
URL: https://visit.ws/widget/banner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ee0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98e4d64c0b6282301403dc044549eb9ca5adad18ede5190a7781d647e8246f05
Security Headers
Name Value
Content-Security-Policy frame-ancestors www.wordseed.com wordseed.test 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://visit.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 21:26:39 GMT
content-security-policy
frame-ancestors www.wordseed.com wordseed.test 'self'
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Tue, 29 Mar 2022 13:48:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
etag
W/"62430e18-e58"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qOTOc%2BJMGD5hfWqVKu7OSRdjBTB3GUCYp9OkMgg05t9Pbpc%2BNoWwiK1CCqnlkG4KDPcGLs5e39D4EF3z3t%2BlLwC4r7OMD%2FNbzkmcYaqA1w34tSVIsV11uHe1RbRl3FKIKjcS8zykL4KxEh4MrMc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cf-ray
766925ff9b2c9259-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
wordseedcom-logomark.svg
www.wordseed.com/img/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wordseed.com/img/wordseedcom-logomark.svg
Requested by
Host: visit.ws
URL: https://visit.ws/widget/banner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ee0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fb6a9cd3f6985d2c01b01fe94b2e77e32087bcd0a1ebe64dfc69a2325dde992
Security Headers
Name Value
Content-Security-Policy frame-ancestors www.wordseed.com wordseed.test 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://visit.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 21:26:39 GMT
content-security-policy
frame-ancestors www.wordseed.com wordseed.test 'self'
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Tue, 29 Mar 2022 13:49:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
etag
W/"62430e5b-1816"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aCrj3y6IWuixLdOUk%2B9zn4MHa0quTvsvjtVX%2FMga2i6fR85c2r2HuI3QwJgZWdigd2YzWHzEQOrID%2FXFCLoTEbvszdUV%2Bd8uiWZnGYf0q%2BtKVkHBRRKTwPU8FyCcdbmvxY8q7gNNPI8yu%2BZE2BA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cf-ray
766925ff9b319259-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
invisible.js
visit.ws/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 4E3B 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://visit.ws/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1667851200
Requested by
Host: visit.ws
URL: https://visit.ws/widget/banner
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:e49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b4d3d0e8783ddb0254632e961836100b069c58bc6b20b03770097513137d95e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 21:26:39 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mdckn4belWMz0DhORa8d%2FXzLVNs13f4qfnIcWFA3zPovKKPWHS7uITYMSHTgdrLB0vFm8SRm1KrAExtKfTfN%2Bbx%2FlD6mzc%2Fcm0LGB17FPjgdv5EnUkzg36JAZ9vOnTBXZ0%2F3X96xpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
766925ff4a1b9165-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
recaptcha__nl.js
www.gstatic.com/recaptcha/releases/Ixi5IiChXmIG6rRkjUa1qXHT/ 		399 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Ixi5IiChXmIG6rRkjUa1qXHT/recaptcha__nl.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=CaptchaCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
681a577ee06bc028646ddcaef870c9c0677251da5fd690d89565fa1a9f74ce64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://visit.ws/
Origin
https://visit.ws
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 12:45:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
376875
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
162810
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 04:02:45 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Nov 2023 12:45:24 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/969219427/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/969219427/?random=1667856399241&cv=11&fst=1667856399241&bg=ffffff&guid=ON&async=1&gtm=2wgb20&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fvisit.ws%2Fwidget%2Fbanner&tiba=Oh%20no!%20%7C%20WordSeed&auid=1288377142.1667856399&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WG8GSSB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b0b7055f7b25d782631ad075d3edee6efce0f9eeadd270c357322c91669fca4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://visit.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 21:26:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
864
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		211 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-65S2M7YN83&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WG8GSSB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c22034418fdfc1a8ae42542e321fa12a7ed59a90b7acdb1d431a044ab593568c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://visit.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 21:26:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75913
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 07 Nov 2022 21:26:39 GMT
collect
region1.google-analytics.com/g/ 		0
342 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-65S2M7YN83&gtm=2oeb20&_p=48709909&cid=980376665.1667856399&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1667856399&sct=1&seg=0&dl=https%3A%2F%2Fvisit.ws%2Fwidget%2Fbanner&dt=Oh%20no!%20%7C%20WordSeed&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-65S2M7YN83
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://visit.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 21:26:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://visit.ws
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pica.js
visit.ws/cdn-cgi/challenge-platform/h/g/scripts/ Frame 4E3B 		21 KB
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://visit.ws/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by
Host: visit.ws
URL: https://visit.ws/widget/banner
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:e49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13394fb392e8bbfee01d072833db25be2fdca26cdc8502aaf54fbaff5634f59b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 21:26:39 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wYjOyVRfZM2S2FiA6xkv6JJKdaaOEt9pzpNBBzml%2BI93FWibr%2BVd0OOIMLNmYO6ICkfGUFRnLozFmyhT0k2PLYFL17DYRBg8u6anmFBVDIvKLOTsf3DHdCNLU3aL7eXP6cBAiPxYcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
766925ffcb209165-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
www.google.com/pagead/1p-user-list/969219427/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/969219427/?random=1667856399241&cv=11&fst=1667854800000&bg=ffffff&guid=ON&async=1&gtm=2wgb20&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fvisit.ws%2Fwidget%2Fbanner&tiba=Oh%20no!%20%7C%20WordSeed&fmt=3&is_vtc=1&random=2746084561&rmt_tld=0&ipr=y
Requested by
Host: visit.ws
URL: https://visit.ws/widget/banner
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://visit.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 21:26:39 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.nl/pagead/1p-user-list/969219427/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/pagead/1p-user-list/969219427/?random=1667856399241&cv=11&fst=1667854800000&bg=ffffff&guid=ON&async=1&gtm=2wgb20&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fvisit.ws%2Fwidget%2Fbanner&tiba=Oh%20no!%20%7C%20WordSeed&fmt=3&is_vtc=1&random=2746084561&rmt_tld=1&ipr=y
Requested by
Host: visit.ws
URL: https://visit.ws/widget/banner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://visit.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 21:26:39 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
766925fc9bb390a3
visit.ws/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 4E3B 		2 B
647 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://visit.ws/cdn-cgi/challenge-platform/h/g/cv/result/766925fc9bb390a3
Requested by
Host: visit.ws
URL: https://visit.ws/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1667851200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:e49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 07 Nov 2022 21:26:39 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AMoUzF3yGRALI5DaN08UFTInsXf4l5qOjKspWsYTpw1JNAO5%2F9TKWmMtoa3rz6ug1R23FSj9JEsZDOQYNjD%2BifP1cU5A4YKcSKYUZd7lHTyAkAcEoBbCBrvDm9KRXr6y9WS7zoVLsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7669260279699165-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| dataLayer object| webpackChunk function| _ object| lazyLoadInstance object| _ws function| Popper function| jQuery function| $ object| intlTelInputGlobals object| ws function| axios function| CaptchaCallback object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager object| google_tag_data object| GooglebQhCsO function| onYouTubeIframeAPIReady object| gaGlobal object| recaptcha

5 Cookies

Domain/Path Name / Value
.visit.ws/ Name: _gcl_au
Value: 1.1.1288377142.1667856399
.visit.ws/ Name: _ga_65S2M7YN83
Value: GS1.1.1667856399.1.0.1667856399.0.0.0
.visit.ws/ Name: _ga
Value: GA1.1.980376665.1667856399
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.visit.ws/ Name: __cf_bm
Value: ivwMGfk553kbMFjiKHknUpxKZzkCgL998mvuT4EsxHg-1667856399-0-Aak3SB3ORzWuHbeMK6HjMUBnIeZD3cNXXEs5p4kBoGp8O25kbIgyXNfViLvbAUvfmR59FFr9NjAdLkpYoVbx/svy7KJmFdP81l8kdQ4UPL/oAaZwYIjVF0Rg5etRCKk0hw==

1 Console Messages

Source Level URL
Text
network error URL: https://visit.ws/widget/banner
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
region1.google-analytics.com
visit.ws
www.google.com
www.google.nl
www.googletagmanager.com
www.gstatic.com
www.wordseed.com
2001:4860:4802:32::36
2606:4700:20::681a:ee0
2606:4700:3030::6815:e49
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::200a
2a00:1450:4001:812::2003
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2002
2a00:1450:4001:831::2003
13394fb392e8bbfee01d072833db25be2fdca26cdc8502aaf54fbaff5634f59b
2225656ea0e9471f25895848d4c8f4724a9633f3c722ca7f06edeb62703962e9
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
29cdedec4ba04a9e9bce618db5d39e841a056277921e98bd1de40acb56701506
2b0b7055f7b25d782631ad075d3edee6efce0f9eeadd270c357322c91669fca4
380943e6b2807709acb2366d00928bfd367c7ef5377340e160caa60e3d5f0ce2
3fb6a9cd3f6985d2c01b01fe94b2e77e32087bcd0a1ebe64dfc69a2325dde992
61e6964b458727299d3931cb5fa6fe40321b9e4b06a4f0fe13d2ecc8bd7ef2d9
681a577ee06bc028646ddcaef870c9c0677251da5fd690d89565fa1a9f74ce64
6b4d3d0e8783ddb0254632e961836100b069c58bc6b20b03770097513137d95e
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
98e4d64c0b6282301403dc044549eb9ca5adad18ede5190a7781d647e8246f05
98fd2deb976b0dc81646e3c832fe7727241a323818ca5938fe748407a80a45fa
9c7ee85cccbaa65bfe4f393a1dc55c58b068a4d77b2ccb20ed24747a68e27c01
a35666ab7747b617aa0c3175965b9e690a9f0bd7df140a6a1be5893d7e719de0
c22034418fdfc1a8ae42542e321fa12a7ed59a90b7acdb1d431a044ab593568c
ccfc4dbb24ff0ef3597f4903c997d2d68ee45f164ddde7e77e15a73ff070135e
d3d807fc5d35fad1b2140143b7ee8fea9e314409d5bbea4e6f499badf1ff61b4
ddd5a18f82ad08a5e768e2b65fa43529fb03e41a4ba74fb4692d4990521339c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629