URL: https://www.cleaner-post-mortem.com/
Submission: On May 09 via automatic, source certstream-suspicious

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 10 HTTP transactions. The main IP is 128.65.195.180, located in Switzerland and belongs to INFOMANIAK-AS, CH. The main domain is www.cleaner-post-mortem.com.
TLS certificate: Issued by R3 on March 8th 2021. Valid for: 3 months.
This is the only time www.cleaner-post-mortem.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 128.65.195.180 29222 (INFOMANIA...)
1 152.199.19.160 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
10 5
Domain Requested by
6 www.cleaner-post-mortem.com www.cleaner-post-mortem.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com ajax.googleapis.com
1 ajax.googleapis.com www.cleaner-post-mortem.com
1 ajax.aspnetcdn.com www.cleaner-post-mortem.com
10 5

This site contains no links.

Subject Issuer Validity Valid
cleaner-post-mortem.com
R3
2021-03-08 -
2021-06-06
3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA
2020-11-16 -
2021-11-10
a year crt.sh
upload.video.google.com
GTS CA 1O1
2021-04-13 -
2021-07-06
3 months crt.sh
*.google.com
GTS CA 1O1
2021-04-13 -
2021-07-06
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.cleaner-post-mortem.com/
Frame ID: 38771CE765910AE63F5BD81FD978DE6D
Requests: 10 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Debian/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
  • script /googleapis\.com\/.+webfont/i

Page Statistics

10
Requests

100 %
HTTPS

60 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

134 kB
Transfer

222 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.cleaner-post-mortem.com/
12 KB
4 KB
Document
General
Full URL
https://www.cleaner-post-mortem.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
128.65.195.180 , Switzerland, ASN29222 (INFOMANIAK-AS, CH),
Reverse DNS
h2park-8d750cc5.infomaniak.ch
Software
Apache/2.4.25 (Debian) /
Resource Hash
889d0797b71ccd949a8d5e5666b2e2bb45eb66ee3e0b58618fc1ae8e237b22bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Host
www.cleaner-post-mortem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 23:21:15 GMT
Server
Apache/2.4.25 (Debian)
Strict-Transport-Security
max-age=31536000
Last-Modified
Tue, 29 Mar 2016 22:08:08 GMT
ETag
"30b5-52f3743a2c200-gzip"
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
3715
Content-Type
text/html
main.css
www.cleaner-post-mortem.com/sandvox_SlateManifest_blue/
22 KB
6 KB
Stylesheet
General
Full URL
https://www.cleaner-post-mortem.com/sandvox_SlateManifest_blue/main.css
Requested by
Host: www.cleaner-post-mortem.com
URL: https://www.cleaner-post-mortem.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
128.65.195.180 , Switzerland, ASN29222 (INFOMANIAK-AS, CH),
Reverse DNS
h2park-8d750cc5.infomaniak.ch
Software
Apache/2.4.25 (Debian) /
Resource Hash
5d3b8ddc5809f183eae5ca4c31f400c1b57f9ccc9e565ce0936e03511c655e6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.cleaner-post-mortem.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.cleaner-post-mortem.com/
Connection
keep-alive
Referer
https://www.cleaner-post-mortem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 23:21:15 GMT
Content-Encoding
gzip
Last-Modified
Sat, 20 Feb 2016 22:35:31 GMT
Server
Apache/2.4.25 (Debian)
ETag
"587f-52c3b3798b2c0-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Content-Length
5783
jquery-1.9.1.min.js
ajax.aspnetcdn.com/ajax/jQuery/
90 KB
32 KB
Script
General
Full URL
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.9.1.min.js
Requested by
Host: www.cleaner-post-mortem.com
URL: https://www.cleaner-post-mortem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B4E) /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cleaner-post-mortem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 May 2021 23:21:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23071988
x-cache
HIT
content-length
32857
x-xss-protection
1; mode=block
last-modified
Mon, 31 Oct 2016 23:11:01 GMT
server
ECAcc (ama/8B4E)
etag
"8030b6bcc33d21:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/
13 KB
6 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Requested by
Host: www.cleaner-post-mortem.com
URL: https://www.cleaner-post-mortem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cleaner-post-mortem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 20:26:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
183272
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 May 2022 20:26:43 GMT
css
fonts.googleapis.com/
378 B
399 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Droid+Serif
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a077c7b9edbcb6ec11b426dc9ba583f364b6d6674895c8f76082826bf692f445
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.cleaner-post-mortem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 09 May 2021 21:41:44 GMT
server
ESF
date
Sun, 09 May 2021 23:21:15 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 09 May 2021 23:21:15 GMT
main.jpg
www.cleaner-post-mortem.com/sandvox_SlateManifest_blue/
61 KB
61 KB
Image
General
Full URL
https://www.cleaner-post-mortem.com/sandvox_SlateManifest_blue/main.jpg
Requested by
Host: www.cleaner-post-mortem.com
URL: https://www.cleaner-post-mortem.com/sandvox_SlateManifest_blue/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
128.65.195.180 , Switzerland, ASN29222 (INFOMANIAK-AS, CH),
Reverse DNS
h2park-8d750cc5.infomaniak.ch
Software
Apache/2.4.25 (Debian) /
Resource Hash
7380ba5a760d1e649966462c1e1d657ceb58774e76775077a0c193803c857372
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.cleaner-post-mortem.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.cleaner-post-mortem.com/sandvox_SlateManifest_blue/main.css
Connection
keep-alive
Referer
https://www.cleaner-post-mortem.com/sandvox_SlateManifest_blue/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 23:21:15 GMT
Last-Modified
Sat, 20 Feb 2016 22:35:31 GMT
Server
Apache/2.4.25 (Debian)
ETag
"f290-52c3b3798b2c0"
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
62096
main-bg.png
www.cleaner-post-mortem.com/sandvox_SlateManifest_blue/
428 B
702 B
Image
General
Full URL
https://www.cleaner-post-mortem.com/sandvox_SlateManifest_blue/main-bg.png
Requested by
Host: www.cleaner-post-mortem.com
URL: https://www.cleaner-post-mortem.com/sandvox_SlateManifest_blue/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
128.65.195.180 , Switzerland, ASN29222 (INFOMANIAK-AS, CH),
Reverse DNS
h2park-8d750cc5.infomaniak.ch
Software
Apache/2.4.25 (Debian) /
Resource Hash
94a609ad36b382e2c09983629cb0b8b320dcaa5795808f86558957e4b8a586b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.cleaner-post-mortem.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.cleaner-post-mortem.com/sandvox_SlateManifest_blue/main.css
Connection
keep-alive
Referer
https://www.cleaner-post-mortem.com/sandvox_SlateManifest_blue/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 23:21:15 GMT
Last-Modified
Sat, 20 Feb 2016 22:35:32 GMT
Server
Apache/2.4.25 (Debian)
ETag
"1ac-52c3b37a7f500"
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
428
clip-top.png
www.cleaner-post-mortem.com/sandvox_SlateManifest_blue/
407 B
681 B
Image
General
Full URL
https://www.cleaner-post-mortem.com/sandvox_SlateManifest_blue/clip-top.png
Requested by
Host: www.cleaner-post-mortem.com
URL: https://www.cleaner-post-mortem.com/sandvox_SlateManifest_blue/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
128.65.195.180 , Switzerland, ASN29222 (INFOMANIAK-AS, CH),
Reverse DNS
h2park-8d750cc5.infomaniak.ch
Software
Apache/2.4.25 (Debian) /
Resource Hash
c0cdd29a1e753c02a7afc269e79045b98c8bcca531d270f42adec5d7dff59c8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.cleaner-post-mortem.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.cleaner-post-mortem.com/sandvox_SlateManifest_blue/main.css
Connection
keep-alive
Referer
https://www.cleaner-post-mortem.com/sandvox_SlateManifest_blue/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 23:21:15 GMT
Last-Modified
Sat, 20 Feb 2016 22:35:34 GMT
Server
Apache/2.4.25 (Debian)
ETag
"197-52c3b37c67980"
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
407
clip.png
www.cleaner-post-mortem.com/sandvox_SlateManifest_blue/
640 B
914 B
Image
General
Full URL
https://www.cleaner-post-mortem.com/sandvox_SlateManifest_blue/clip.png
Requested by
Host: www.cleaner-post-mortem.com
URL: https://www.cleaner-post-mortem.com/sandvox_SlateManifest_blue/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
128.65.195.180 , Switzerland, ASN29222 (INFOMANIAK-AS, CH),
Reverse DNS
h2park-8d750cc5.infomaniak.ch
Software
Apache/2.4.25 (Debian) /
Resource Hash
bafa1bbb5f233a97553aa2e9e6736ba0be396d33c5639c70353005d35a23c0d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.cleaner-post-mortem.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.cleaner-post-mortem.com/sandvox_SlateManifest_blue/main.css
Connection
keep-alive
Referer
https://www.cleaner-post-mortem.com/sandvox_SlateManifest_blue/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 23:21:15 GMT
Last-Modified
Sat, 20 Feb 2016 22:35:29 GMT
Server
Apache/2.4.25 (Debian)
ETag
"280-52c3b377a2e40"
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
640
tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2
fonts.gstatic.com/s/droidserif/v13/
22 KB
22 KB
Font
General
Full URL
https://fonts.gstatic.com/s/droidserif/v13/tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Serif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f0624a5f72fa4c0942c21c83960fd1f80b6a49391d27a616a758b098672a00a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.cleaner-post-mortem.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 11:02:00 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:03:23 GMT
server
sffe
age
303555
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22492
x-xss-protection
0
expires
Fri, 06 May 2022 11:02:00 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| WebFontConfig object| WebFont function| $ function| jQuery

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000