www.cleaningservice.stsltd.com Open in urlscan Pro
2a06:98c1:3121::a Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.cleaningservice.stsltd.com/
Submission: On May 11 via automatic, source certstream-suspicious (May 11th 2022, 11:58:02 am UTC) — Scanned from DE

Summary HTTP 15 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 5 domains to perform 15 HTTP transactions. The main IP is 2a06:98c1:3121::a, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.cleaningservice.stsltd.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 11th 2022. Valid for: a year.

This is the only time www.cleaningservice.stsltd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	2a06:98c1:312... 2a06:98c1:3121::a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3033::6815:355c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3032::6815:2e06	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:b758	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	4

11 2a06:98c1:3121::a (United States)

ASN13335 (CLOUDFLARENET, US)

www.cleaningservice.stsltd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.askfrank.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:355c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cnhv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:2e06 (United States)

ASN13335 (CLOUDFLARENET, US)

www.troyhunt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b758 (United States)

ASN13335 (CLOUDFLARENET, US)

troyhunt.report-uri.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	stsltd.com www.cleaningservice.stsltd.com	195 KB
1	report-uri.com troyhunt.report-uri.com — Cisco Umbrella Rank: 642337	686 B
1	askfrank.net www.askfrank.net
1	troyhunt.com www.troyhunt.com — Cisco Umbrella Rank: 780060
1	cnhv.co 1 redirects cnhv.co	822 B
15	5

	Domain	Requested by
10	www.cleaningservice.stsltd.com	www.cleaningservice.stsltd.com
1	troyhunt.report-uri.com	www.cleaningservice.stsltd.com
1	www.askfrank.net	www.cleaningservice.stsltd.com
1	www.troyhunt.com	www.cleaningservice.stsltd.com
1	cnhv.co	1 redirects
15	5

This site contains links to these domains. Also see Links.

Domain
www.violettcleaning.com
www.askfrank.net

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-10`	a year	crt.sh
*.report-uri.com R3	`2022-04-02` - `2022-07-01`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.cleaningservice.stsltd.com/
Frame ID: 6036062CF8D91C8B7B0969C0226EC9D8
Requests: 14 HTTP requests in this frame

Frame: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Frame ID: 8C22C03D34664A22EE29B5B015FE362F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Chicago Cleaning Company Violett Cleaning -Chicago Cleaning Services

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Page Statistics

15
Requests

87 %
HTTPS

100 %
IPv6

5
Domains

5
Subdomains

4
IPs

1
Countries

196 kB
Transfer

291 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.violettcleaning.com/
Title: Violett Cleaning

Search URL Search Domain Scan URL

URL: http://www.askfrank.net/
Title: AskFrank.net

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://cnhv.co/3h2b2 HTTP 301
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.cleaningservice.stsltd.com/ 31 KB
8 KB 3026ms
2487ms Document
text/html 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cleaningservice.stsltd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73265534680ba99dd1e84c40256f0324adeb1e592aae4ac85f2ab75a789d9c26

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-railgun: direct (starting new WAN connection)
cf-ray: 709abd5c3e255c50-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 11 May 2022 11:57:56 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link: <http://www.cleaningservice.stsltd.com/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4o1ELuQS1Zkuo8N5TLQMeWdfZMmvkCerJ4ivv%2F81e0F0%2Bt9jI6GU4SrkulN99B%2F13vBMx6Fud80zCZhP3fJR9k7Fs83VSYfit%2B9kVNpSWx59uD0kzMOGhKqQQo6AGwvwp3681e6wIprARl3VlRoTsWbeB5SZp9Zs%2BPNCXW8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent

GET
H2 200 style.css
www.cleaningservice.stsltd.com/wp-content/themes/violletcleaning/ 7 KB
2 KB 720ms
719ms Stylesheet
text/css 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cleaningservice.stsltd.com/wp-content/themes/violletcleaning/style.css
Requested by: Host: www.cleaningservice.stsltd.com
URL: https://www.cleaningservice.stsltd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7897a5dda3e24e5b9b1d13cf50194c5553f8ff80982462de9656fdac246e033c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cleaningservice.stsltd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 11:57:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 01 Mar 2013 04:09:24 GMT
server: cloudflare
etag: W/"1d25-4d6d52c276500-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bkyfMAFOeIAgl8Cs5mVIomvbs9KdeVvQJf8B6tuUNJeBWENEahpeKtRvJA1Ondz3E1pmHGAykaUT7hK1cC1Jq8teflHWlg6RhwgsSDoVAtHcdtQR%2F%2Bz8QWzMqOFYkheeOaFJhrm4UuFHtmmOfh3CZJDAxZwA3Vjh5%2B%2FdHyA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 709abd6becb65c50-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 10 Jun 2022 09:45:35 GMT

GET
H2

200

/
www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/ Frame 8C22
Redirect Chain

https://cnhv.co/3h2b2
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

0
0

176ms
118ms

Document
text/html

2606:4700:3032::6815:2e06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Requested by

Host: www.cleaningservice.stsltd.com
URL: https://www.cleaningservice.stsltd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:2e06 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; connect-src 'self' api.passwordpurgatory.com bloghelpers.troyhunt.com links.services.disqus.com www.google-analytics.com stats.g.doubleclick.net syndication.twitter.com; font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com; frame-src disqus.com c.disquscdn.com www.google.com www.youtube.com player.vimeo.com twitter.com platform.twitter.com syndication.twitter.com omny.fm pastebin.com; img-src 'self' c.disquscdn.com referrer.disqus.com stats.g.doubleclick.net www.google-analytics.com www.gstatic.com syndication.twitter.com platform.twitter.com www.gravatar.com .twimg.com data:; script-src 'self' passwordpurgatory.com c.disquscdn.com disqus.com troyhunt.disqus.com www.google.com www.google-analytics.com www.gstatic.com cdnjs.cloudflare.com platform.twitter.com cdn.syndication.twimg.com syndication.twitter.com gist.github.com/troyhunt/ 'sha256-dblwN9MUF0KZKfqYU7U9hiLjNSW2nX1koQRMVTelpsA=' 'sha256-4JqPqO/eQLWuWw1AE7dCvI9hPwiBcw0gy7uoLqS0ncg=' unpkg.com/@tryghost/; style-src 'self' 'unsafe-inline' c.disquscdn.com cdnjs.cloudflare.com fonts.googleapis.com platform.twitter.com ton.twimg.com assets-cdn.github.com github.githubassets.com; form-action .twitter.com; media-src 'self'; prefetch-src 'self' c.disquscdn.com disqus.com; frame-ancestors 'self' troyhunt.ghost.io; upgrade-insecure-requests; report-uri https://troyhunt.report-uri.com/r/d/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://troyhunt.report-uri.com/r/d/xss/enforce

Request headers

Referer: https://www.cleaningservice.stsltd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=14400
cf-cache-status: REVALIDATED
cf-ray: 709abd710b7d5c7a-FRA
content-encoding: br
content-security-policy: default-src 'none'; connect-src 'self' api.passwordpurgatory.com bloghelpers.troyhunt.com links.services.disqus.com www.google-analytics.com stats.g.doubleclick.net syndication.twitter.com; font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com; frame-src disqus.com c.disquscdn.com www.google.com www.youtube.com player.vimeo.com twitter.com platform.twitter.com syndication.twitter.com omny.fm pastebin.com; img-src 'self' c.disquscdn.com referrer.disqus.com stats.g.doubleclick.net www.google-analytics.com www.gstatic.com syndication.twitter.com platform.twitter.com www.gravatar.com *.twimg.com data:; script-src 'self' passwordpurgatory.com c.disquscdn.com disqus.com troyhunt.disqus.com www.google.com www.google-analytics.com www.gstatic.com cdnjs.cloudflare.com platform.twitter.com cdn.syndication.twimg.com syndication.twitter.com gist.github.com/troyhunt/ 'sha256-dblwN9MUF0KZKfqYU7U9hiLjNSW2nX1koQRMVTelpsA=' 'sha256-4JqPqO/eQLWuWw1AE7dCvI9hPwiBcw0gy7uoLqS0ncg=' unpkg.com/@tryghost/; style-src 'self' 'unsafe-inline' c.disquscdn.com cdnjs.cloudflare.com fonts.googleapis.com platform.twitter.com ton.twimg.com assets-cdn.github.com github.githubassets.com; form-action *.twitter.com; media-src 'self'; prefetch-src 'self' c.disquscdn.com disqus.com; frame-ancestors 'self' troyhunt.ghost.io; upgrade-insecure-requests; report-uri https://troyhunt.report-uri.com/r/d/csp/enforce
content-type: text/html; charset=utf-8
date: Wed, 11 May 2022 11:57:57 GMT
expect-ct: max-age=0, report-uri=https://troyhunt.report-uri.com/r/d/ct/reportOnly
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
ghost-age: 0
ghost-cache: MISS
ghost-fastly: true
nel: {"report_to":"default","max_age":10886400}
referrer-policy: no-referrer-when-downgrade
report-to: {"group":"default","max_age":10886400,"endpoints":[{"url":"https://troyhunt.report-uri.com/a/d/g"}],"include_subdomains":true}
server: cloudflare
status: 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding, Cookie
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 1, 118
x-content-type-options: nosniff
x-request-id: 703b09cbef86d2008f9e6fc87b8efe22 703b09cbef86d2008f9e6fc87b8efe22
x-served-by: cache-ams21046-AMS, cache-fra19141-FRA
x-timer: S1651907741.915811,VS0,VE0
x-xss-protection: 1; mode=block; report=https://troyhunt.report-uri.com/r/d/xss/enforce

Redirect headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 709abd6c5cb65c38-FRA
content-type: text/html; charset=utf-8
date: Wed, 11 May 2022 11:57:57 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ekdcU%2BWjNwzt7j8tMj2w4%2FZUPOlwHKMwufBuUgW0Fa1EDe8%2FOMzT1cS%2BVLZ1uJUq0rB21z8chrWqi3SU9Fnrpx6y%2F5LDJAf6na8mEUjvX1bepbL%2BR7ybYp3%2BTpEesJ%2FCEPr%2FRecA"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: ASP.NET

GET
H2 200 style.min.css
www.cleaningservice.stsltd.com/wp-includes/css/dist/block-library/ 81 KB
12 KB 213ms
213ms Stylesheet
text/css 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cleaningservice.stsltd.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3
Requested by: Host: www.cleaningservice.stsltd.com
URL: https://www.cleaningservice.stsltd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cleaningservice.stsltd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 11:57:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 06 Apr 2022 04:08:59 GMT
server: cloudflare
etag: W/"145db-5dbf4855c134f-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NZt8tBAR1vZldaj1YYWeI4P37NbSAa8HZFzf7d6mgXskpA6tfIWgZyaSIvaZ%2BtaqZ%2BcDfaE25cSnj2FSuA0sfZvEgXeblWZpL08aLd4j%2BJdUhD6quipmMWfVUefCDy%2F%2BeHwfGWcVx4X5o97khABvCDlyVYgFqhsTj6wU1ts%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 709abd6becc65c50-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 10 Jun 2022 09:45:36 GMT

GET
H2 200 styles.css
www.cleaningservice.stsltd.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 209ms
208ms Stylesheet
text/css 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cleaningservice.stsltd.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.4
Requested by: Host: www.cleaningservice.stsltd.com
URL: https://www.cleaningservice.stsltd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cleaningservice.stsltd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 11:57:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 06 Feb 2022 10:25:33 GMT
server: cloudflare
etag: W/"aab-5d756e775bab6-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hcdQVQChZRAZ9Bw%2FAtUg3qkHPt1pCdrXfoZCjC2sStn%2F4b2yHZZkfcu%2F4Cn%2FEieah1Y7ma%2B5JD1j57T34WYUkqxTy9s%2F9QQgSyODF2QhjC%2BNHvhI4JxMfsWe367a6bK3I5l5zYzZFhGN2uVqMbWcBb1IzHzAxcu9UOcXiWg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 709abd6becd45c50-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 10 Jun 2022 09:45:35 GMT

GET
H2 200 clean-home-200x300.jpg
www.cleaningservice.stsltd.com/wp-content/uploads/2010/01/ 18 KB
18 KB 29ms
29ms Image
image/jpeg 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cleaningservice.stsltd.com/wp-content/uploads/2010/01/clean-home-200x300.jpg
Requested by: Host: www.cleaningservice.stsltd.com
URL: https://www.cleaningservice.stsltd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b43587cf293c2bfe1196306b2f9d81d168720e06e015c01af07a0e49af9e864

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cleaningservice.stsltd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 11:57:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7928
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18103
last-modified: Sat, 30 Jan 2010 16:01:04 GMT
server: cloudflare
etag: "46b7-47e63dbf57000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q3iSOaVPVx0TP5dtc5LMlBVtxaCZascILd4zr0eq1qZWZz%2BjYK21nsv8%2FpSY0T9c%2F%2BhMrpzlU%2FAkO9ypnUgQ%2BcPD%2BFjtCg0%2FrfI%2FHE58M9VopDFj55xyt4w7Yp9YEePrp6jxfV5NuNpGUVlK5hWHCjSHG2POYO5vxU6LmzA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 709abd6bfcd85c50-FRA
expires: Fri, 10 Jun 2022 09:45:35 GMT

GET
H2 404 violett-qr180x180.png
www.askfrank.net/wp-content/uploads/2011/12/ 0
0 1190ms
616ms Image
text/html 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.askfrank.net/wp-content/uploads/2011/12/violett-qr180x180.png
Requested by: Host: www.cleaningservice.stsltd.com
URL: https://www.cleaningservice.stsltd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cleaningservice.stsltd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET wp-emoji-release.min.js
www.cleaningservice.stsltd.com/wp-includes/js/ 0
0

GET
H3 200 wrap.png
www.cleaningservice.stsltd.com/wp-content/themes/violletcleaning/images/ 143 B
735 B 221ms
221ms Image
image/png 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cleaningservice.stsltd.com/wp-content/themes/violletcleaning/images/wrap.png
Requested by: Host: www.cleaningservice.stsltd.com
URL: https://www.cleaningservice.stsltd.com/wp-content/themes/violletcleaning/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5418306ef0b408e1a151da2cf979a0db74990b6bed827b7dfbd43cc383c332c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cleaningservice.stsltd.com/wp-content/themes/violletcleaning/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 11:57:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 143
last-modified: Fri, 01 Mar 2013 04:09:24 GMT
server: cloudflare
etag: "8f-4d6d52c276500"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XEe0PS49PE1l7TPO5z1LR5go6DT%2BBMbBZpdq399CxTTH8vdcf7QTseh%2BEKoRPOp%2FoFx9qmury%2FriUmLL8LwV55L2ipmx3e65vvqEW0oPMK2Suu%2F4M9ZPFM6gwZJAOcTmTAKgDC%2Fj5cvjURHylEt8kFbWwtIMthR273x2Yjs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 709abd708a709944-FRA
expires: Fri, 10 Jun 2022 09:45:36 GMT

GET
H3 200 header.jpg
www.cleaningservice.stsltd.com/wp-content/themes/violletcleaning/images/ 65 KB
65 KB 316ms
316ms Image
image/jpeg 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cleaningservice.stsltd.com/wp-content/themes/violletcleaning/images/header.jpg
Requested by: Host: www.cleaningservice.stsltd.com
URL: https://www.cleaningservice.stsltd.com/wp-content/themes/violletcleaning/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5532bf74767aaf11f99e20b8aa127556fd149d3666283e329c182197fede37e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cleaningservice.stsltd.com/wp-content/themes/violletcleaning/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 11:57:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 66142
last-modified: Fri, 01 Mar 2013 04:09:24 GMT
server: cloudflare
etag: "1025e-4d6d52c276500"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2BaYqEmoErSybvX7v1N6GFzpiYN%2Fg4J1eQltpCtpiZBj%2BpK9JVSC2JRhDcX4a9HwBcrC28bFMAz34%2B8eGtosNYUwSdWiwm0vsv2Fy9WP70thSWv27YM%2BFWjagqRxEl%2BdvtRA2Lsay3YiFykUas1NnzJ3tRTdA4Pcd0rML80%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 709abd708a739944-FRA
expires: Fri, 10 Jun 2022 09:45:36 GMT

GET
H3 200 sidemagic.png
www.cleaningservice.stsltd.com/wp-content/themes/violletcleaning/images/ 63 KB
64 KB 36ms
35ms Image
image/png 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cleaningservice.stsltd.com/wp-content/themes/violletcleaning/images/sidemagic.png
Requested by: Host: www.cleaningservice.stsltd.com
URL: https://www.cleaningservice.stsltd.com/wp-content/themes/violletcleaning/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2ade54bd84ee702788c35dd5689bc69cd777508b0adf89f859600b50177bc32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cleaningservice.stsltd.com/wp-content/themes/violletcleaning/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 11:57:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7929
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 64782
last-modified: Fri, 01 Mar 2013 04:09:24 GMT
server: cloudflare
etag: "fd0e-4d6d52c276500"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BQwCmW%2BGlEWP83tP9Ay6z4q3a6MaoVeUi2E67HnsjGhB9Qudq6jqQoizQjeLe%2BKPEmZIybXfd0GNNcUDCnZ%2F5M4UZz7%2ByieBXQ%2FHBSGEBZQcY7V61%2BlZ%2BcxnE1wnEUe8Y49ENWYMpavfnQZOp9g%2B89VTDVuk25qhmvh0G%2Bs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 709abd708a769944-FRA
expires: Fri, 10 Jun 2022 09:45:36 GMT

GET
H3 200 chicago-office-cleaning-services-225x300.jpg
www.cleaningservice.stsltd.com/wp-content/uploads/2010/01/ 19 KB
19 KB 59ms
59ms Image
image/jpeg 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cleaningservice.stsltd.com/wp-content/uploads/2010/01/chicago-office-cleaning-services-225x300.jpg
Requested by: Host: www.cleaningservice.stsltd.com
URL: https://www.cleaningservice.stsltd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a60fa9f9c063b254401d02a83b7e0a99f49df87a7a270057f3aa5139d0efe5c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cleaningservice.stsltd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 11:57:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7928
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19276
last-modified: Sat, 30 Jan 2010 06:29:25 GMT
server: cloudflare
etag: "4b4c-47e5bdf943b40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bv2Cv7p%2FyHYu0mq0U1pjpfBklfICuZRSsFU2kCg%2FgVwAL4At8UHkyyInl5m4SUHSLEdKONidzNvdK2ISgbLZAaRFkcthR0gY0BuTsKx%2FqvL%2BdNo9cUuktkWtqeDKJ4iMqVhnM7Id8dZxKzO7OOhBqVdiRvprein3fiuYbSY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 709abd709a999944-FRA
expires: Fri, 10 Jun 2022 09:45:35 GMT

GET clean-house-chicago-dream-300x207.jpg
www.cleaningservice.stsltd.com/wp-content/uploads/2013/03/ 0
0

GET
H3 200 footer.png
www.cleaningservice.stsltd.com/wp-content/themes/violletcleaning/images/ 4 KB
4 KB 263ms
263ms Image
image/png 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cleaningservice.stsltd.com/wp-content/themes/violletcleaning/images/footer.png
Requested by: Host: www.cleaningservice.stsltd.com
URL: https://www.cleaningservice.stsltd.com/wp-content/themes/violletcleaning/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 057da2654f54e32c25cecebc27ccc1db0d5f18fe1385f3a95f9ce7d3c1162c3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cleaningservice.stsltd.com/wp-content/themes/violletcleaning/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 11:57:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3897
last-modified: Fri, 01 Mar 2013 04:09:24 GMT
server: cloudflare
etag: "f39-4d6d52c276500"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V14xKWBdr%2Fy%2BuHMQxxPZ74S6T14456qAbB4g3Nwqxh0vvDZ1CM7%2F5wnYkDEhb%2FVxdUTIHaIQpgOCllJ%2BJL3nzuWwvOoF3OoDk9ZQnHCEIpkLH9S22NLcuehS5ylJKUWc3Zhm%2Bd6dXHD%2BN88CHb5H2P9HJvbf5EqKgBAm9%2BY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 709abd70aa9f9944-FRA
expires: Fri, 10 Jun 2022 09:45:36 GMT

POST
H2 201 enforce
troyhunt.report-uri.com/r/d/csp/ 0
686 B 122ms
65ms Other
text/plain 2606:4700::6811:b758
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://troyhunt.report-uri.com/r/d/csp/enforce

Requested by

Host: www.cleaningservice.stsltd.com
URL: https://www.cleaningservice.stsltd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b758 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904; includeSubDomains; preload

Request headers

Referer: https://www.cleaningservice.stsltd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 11 May 2022 11:57:57 GMT
nel: {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=63113904; includeSubDomains; preload
cf-ray: 709abd722afb68f5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.cleaningservice.stsltd.com
URL: http://www.cleaningservice.stsltd.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3

Domain: www.cleaningservice.stsltd.com
URL: http://www.cleaningservice.stsltd.com/wp-content/uploads/2013/03/clean-house-chicago-dream-300x207.jpg

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.cnhv.co/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 03162c5fb5bcdbeba70ac60be15b5262381392b93b18ebea9a3965fdf0c88c55

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://www.cleaningservice.stsltd.com/(Line 22) Message: Mixed Content: The page at 'https://www.cleaningservice.stsltd.com/' was loaded over HTTPS, but requested an insecure element 'http://www.askfrank.net/wp-content/uploads/2011/12/violett-qr180x180.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://www.cleaningservice.stsltd.com/(Line 52) Message: Mixed Content: The page at 'https://www.cleaningservice.stsltd.com/' was loaded over HTTPS, but requested an insecure script 'http://www.cleaningservice.stsltd.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.cleaningservice.stsltd.com/(Line 183) Message: Mixed Content: The page at 'https://www.cleaningservice.stsltd.com/' was loaded over HTTPS, but requested an insecure image 'http://www.cleaningservice.stsltd.com/wp-content/uploads/2013/03/clean-house-chicago-dream-300x207.jpg'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://www.cleaningservice.stsltd.com/(Line 219) Message: Mixed Content: The page at 'https://www.cleaningservice.stsltd.com/' was loaded over HTTPS, but requested an insecure element 'http://www.askfrank.net/wp-content/uploads/2011/12/violett-qr180x180.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	Message: Refused to frame 'https://www.troyhunt.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self' troyhunt.ghost.io".
network	error	URL: https://www.askfrank.net/wp-content/uploads/2011/12/violett-qr180x180.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cnhv.co
troyhunt.report-uri.com
www.askfrank.net
www.cleaningservice.stsltd.com
www.troyhunt.com
www.cleaningservice.stsltd.com
2606:4700:3032::6815:2e06
2606:4700:3033::6815:355c
2606:4700::6811:b758
2a06:98c1:3121::a
057da2654f54e32c25cecebc27ccc1db0d5f18fe1385f3a95f9ce7d3c1162c3d
0b43587cf293c2bfe1196306b2f9d81d168720e06e015c01af07a0e49af9e864
5418306ef0b408e1a151da2cf979a0db74990b6bed827b7dfbd43cc383c332c9
73265534680ba99dd1e84c40256f0324adeb1e592aae4ac85f2ab75a789d9c26
7897a5dda3e24e5b9b1d13cf50194c5553f8ff80982462de9656fdac246e033c
a60fa9f9c063b254401d02a83b7e0a99f49df87a7a270057f3aa5139d0efe5c6
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
e2ade54bd84ee702788c35dd5689bc69cd777508b0adf89f859600b50177bc32
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
e5532bf74767aaf11f99e20b8aa127556fd149d3666283e329c182197fede37e

www.cleaningservice.stsltd.com Open in urlscan Pro 2a06:98c1:3121::a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

15 Requests

87 %HTTPS

100 %IPv6

5 Domains

5 Subdomains

4 IPs

1 Countries

196 kBTransfer

291 kBSize

1 Cookies

2 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

1 Cookies

6 Console Messages

Indicators

www.cleaningservice.stsltd.com Open in urlscan Pro
2a06:98c1:3121::a Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

87 %
HTTPS

100 %
IPv6

5
Domains

5
Subdomains

4
IPs

1
Countries

196 kB
Transfer

291 kB
Size

1
Cookies

15 HTTP transactions
0 data transactions