therosecleaning.com Open in urlscan Pro
188.114.96.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://therosecleaning.com/img/PISANG123/AMP/
Effective URL:
https://therosecleaning.com/img/PISANG123/AMP/
Submission Tags: @phish_report
Submission: On June 17 via api (June 17th 2024, 3:36:34 pm UTC) from FI — Scanned from NL

Summary HTTP 12 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 12 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is therosecleaning.com.
TLS certificate: Issued by GTS CA 1P5 on April 29th 2024. Valid for: 3 months.

This is the only time therosecleaning.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	151.101.0.238 151.101.0.238	54113 (FASTLY) (FASTLY)
1	192.124.249.13 192.124.249.13	30148 (SUCURI-SEC) (SUCURI-SEC)
1	158.220.108.219 158.220.108.219	51167 (CONTABO) (CONTABO)
1	2a02:26f0:350... 2a02:26f0:3500:11::215:14c7	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a04:4e42:8e::84 2a04:4e42:8e::84	54113 (FASTLY) (FASTLY)
1	172.217.18.1 172.217.18.1	15169 (GOOGLE) (GOOGLE)
12	9

3 188.114.96.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

therosecleaning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

media.tenor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.0.238 (San Francisco, United States)

ASN54113 (FASTLY, US)

images.squarespace-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.124.249.13 (United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10013.sucuri.net

www.iconpacks.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 158.220.108.219 (Düsseldorf, Germany)

ASN51167 (CONTABO, DE)
PTR: theta.epicdns.co.uk

thalassafestival.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:11::215:14c7 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn-icons-png.flaticon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:8e::84 (United States)

ASN54113 (FASTLY, US)

i.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.1 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 472	110 KB
3	therosecleaning.com 1 redirects therosecleaning.com	14 KB
1	pinimg.com i.pinimg.com — Cisco Umbrella Rank: 2454	6 MB
1	flaticon.com cdn-icons-png.flaticon.com — Cisco Umbrella Rank: 48753	22 KB
1	thalassafestival.com thalassafestival.com	9 KB
1	iconpacks.net www.iconpacks.net — Cisco Umbrella Rank: 603307	26 KB
1	squarespace-cdn.com images.squarespace-cdn.com — Cisco Umbrella Rank: 6050	286 KB
1	tenor.com media.tenor.com — Cisco Umbrella Rank: 7919	31 KB
12	8

	Domain	Requested by
4	cdn.ampproject.org	therosecleaning.com cdn.ampproject.org
3	therosecleaning.com	1 redirects
1	i.pinimg.com	therosecleaning.com
1	cdn-icons-png.flaticon.com	therosecleaning.com
1	thalassafestival.com	therosecleaning.com
1	www.iconpacks.net	therosecleaning.com
1	images.squarespace-cdn.com	therosecleaning.com
1	media.tenor.com	therosecleaning.com
12	8

This site contains links to these domains. Also see Links.

Domain
pukulan-ibu.web.app

Subject Issuer	Validity	Valid
therosecleaning.com GTS CA 1P5	`2024-04-29` - `2024-07-28`	3 months	crt.sh
misc-sni.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
c.tenor.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.squarespace-cdn.com R3	`2024-05-30` - `2024-08-28`	3 months	crt.sh
iconpacks.net Starfield Secure Certificate Authority - G2	`2024-03-30` - `2025-03-30`	a year	crt.sh
thalassafestival.com R3	`2024-05-20` - `2024-08-18`	3 months	crt.sh
*.flaticon.com E6	`2024-06-07` - `2024-09-05`	3 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-31` - `2024-08-07`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://therosecleaning.com/img/PISANG123/AMP/
Frame ID: 9B944E0E581678B34C3EB308F52F35A0
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PISANG123 - 🛟🕵️‍♂️ (＞ｍ＜) Golden Shamrock Putaran Seru dengan Jackpot Menggiurkan 🤸 Jungle Safari Jackpot Slot Harian dengan Hadiah Menarik👨‍🦳 PISANG123

Page URL History Show full URLs

http://therosecleaning.com/img/PISANG123/AMP/ HTTP 307
https://therosecleaning.com/img/PISANG123/AMP/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Lightbox (JavaScript Libraries) Expand

Page Statistics

12
Requests

92 %
HTTPS

44 %
IPv6

8
Domains

8
Subdomains

9
IPs

3
Countries

7053 kB
Transfer

7353 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://pukulan-ibu.web.app/MOSKOV

Search URL Search Domain Scan URL

URL: https://pukulan-ibu.web.app/MACANUNGU

Search URL Search Domain Scan URL

URL: https://pukulan-ibu.web.app/MACANPUTIH

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://therosecleaning.com/img/PISANG123/AMP/ HTTP 307
https://therosecleaning.com/img/PISANG123/AMP/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://therosecleaning.com/favicon.ico HTTP 302
https://therosecleaning.com/wp-content/uploads/2021/01/cropped-the-rose-foto-de-perfill-32x32.jpg

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
therosecleaning.com/img/PISANG123/AMP/
Redirect Chain

http://therosecleaning.com/img/PISANG123/AMP/
https://therosecleaning.com/img/PISANG123/AMP/

15 KB
5 KB

1249ms
572ms

Document
text/html

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://therosecleaning.com/img/PISANG123/AMP/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.25
Resource Hash: 029fe800bc6c3b2f5f51fa1173732fedfbdcb9ce2992163c94440ddd432839d3

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 89541d5e9fb918da-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 17 Jun 2024 15:36:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d4PPoShGpFtxzftJz3Q0GH%2BhdveX7fa%2BsWqfx6%2BI5qqCbNCLE%2BY%2B3vl%2FSXcSA69Pxb4a%2FyUw6mN5JAQDGt0So6Njwu7%2F1nQZoCmIZdL3q1Y8nFz1JWZz0DlecqHd13oTVNwFWM%2BC"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.25

Redirect headers

Location: https://therosecleaning.com/img/PISANG123/AMP/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 amp-carousel-0.1.js Show response
cdn.ampproject.org/v0/ 38 KB
11 KB 162ms
54ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-carousel-0.1.js

Requested by

Host: therosecleaning.com
URL: https://therosecleaning.com/img/PISANG123/AMP/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2083c3f0f58e0e43193babdddea7910fe42b507befa68fb882d816860f7619f6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://therosecleaning.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 17 Jun 2024 15:36:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11503
x-xss-protection: 0
server: sffe
etag: "8f9ae3a398b2bda8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 17 Jun 2024 15:36:22 GMT

GET
H2 200 amp-ad-0.1.js Show response
cdn.ampproject.org/v0/ 82 KB
24 KB 141ms
34ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-ad-0.1.js

Requested by

Host: therosecleaning.com
URL: https://therosecleaning.com/img/PISANG123/AMP/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6db253bcbf75b5b2e2645f0d5c80e543886fba003dd9c1779e6d5b63629bf94b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://therosecleaning.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 17 Jun 2024 15:36:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23217
x-xss-protection: 0
server: sffe
etag: "ea798107604fd052"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 17 Jun 2024 15:36:22 GMT

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
72 KB 53ms
19ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: therosecleaning.com
URL: https://therosecleaning.com/img/PISANG123/AMP/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d5e2003f798252335c0faf032c62d6cb9b2c6ef4756e301b868398a8346b236

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://therosecleaning.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 17 Jun 2024 15:36:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73073
x-xss-protection: 0
server: sffe
etag: "a97eff4b207291bf"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 17 Jun 2024 15:36:22 GMT

GET
H2 200 slot-gacor.gif
media.tenor.com/4llyfetmS-wAAAAi/ 30 KB
31 KB 143ms
30ms Image
image/gif 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.tenor.com/4llyfetmS-wAAAAi/slot-gacor.gif

Requested by

Host: therosecleaning.com
URL: https://therosecleaning.com/img/PISANG123/AMP/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baba8b3ea26129762e784079f925faff138c930f55bfdbdf68edb8874c684c40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://therosecleaning.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 13:07:12 GMT
x-content-type-options: nosniff
age: 8950
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-tenor-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30916
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 13:39:54 GMT
server: sffe
report-to: {"group":"media-tenor-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-tenor-team"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="media-tenor-team"
expires: Tue, 18 Jun 2024 13:07:12 GMT

GET
H2 200 zeus-slot.jpeg
images.squarespace-cdn.com/content/v1/662ce3ffe84dc3404b825da9/1715507378309-13FXEBVG0KB0LXW0OD8Z/ 286 KB
286 KB 312ms
137ms Image
image/jpeg 151.101.0.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/662ce3ffe84dc3404b825da9/1715507378309-13FXEBVG0KB0LXW0OD8Z/zeus-slot.jpeg
Requested by: Host: therosecleaning.com
URL: https://therosecleaning.com/img/PISANG123/AMP/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.238 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: de84eb9f9f6c5fe3b4ab89a13d600f12c6454cbff8099f94ecfd3af546829a6b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://therosecleaning.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 341, 0
date: Mon, 17 Jun 2024 15:36:22 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 1141076
x-cache: HIT, HIT
content-length: 292570
x-served-by: cache-iad-kcgs7200119-IAD, cache-mad22026-MAD
x-sqsp-accepted-scopes: EDITOR
x-timer: S1718638582.319463,VS0,VE1
etag: CP/3jYDrh4YDEAE=
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=31536000,s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *
x-sqsp-is-public: false
tracepoint: Fastly

GET
H2 200 free-user-login-icon-305-thumb.png
www.iconpacks.net/icons/1/ 26 KB
26 KB 994ms
5ms Image
image/png 192.124.249.13
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.iconpacks.net/icons/1/free-user-login-icon-305-thumb.png

Requested by

Host: therosecleaning.com
URL: https://therosecleaning.com/img/PISANG123/AMP/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.13 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10013.sucuri.net

Software

nginx /

Resource Hash

b726c1a68256843614ce39327692ef30022e32aad2d2d226d36a26e83cdea9e1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://therosecleaning.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 15:36:22 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 13 Feb 2019 17:04:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19013
accept-ranges: bytes
content-length: 26473
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 registration-icon-png-6.png
thalassafestival.com/wp-content/uploads/2019/12/ 9 KB
9 KB 393ms
17ms Image
image/png 158.220.108.219
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thalassafestival.com/wp-content/uploads/2019/12/registration-icon-png-6.png
Requested by: Host: therosecleaning.com
URL: https://therosecleaning.com/img/PISANG123/AMP/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.220.108.219 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: theta.epicdns.co.uk
Software: /
Resource Hash: 2edb9c6d69cdb3d5d362b51fc67b0f8f38a2b66a9eeeb3494e83604a8a4342e5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://therosecleaning.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 15:36:22 GMT
last-modified: Mon, 16 Dec 2019 20:17:18 GMT
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 8840
expires: Mon, 24 Jun 2024 15:36:22 GMT

GET
H2 200 2840204.png
cdn-icons-png.flaticon.com/512/2840/ 22 KB
22 KB 414ms
40ms Image
image/png 2a02:26f0:3500:11::215:14c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-icons-png.flaticon.com/512/2840/2840204.png
Requested by: Host: therosecleaning.com
URL: https://therosecleaning.com/img/PISANG123/AMP/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:11::215:14c7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f95e762684051ddb879355447e54e543393a7aca361ba205437d1ff23949699b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://therosecleaning.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 15:36:22 GMT
x-amz-meta-goog-reserved-file-mtime: 1587024303
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 22179
pragma: public
last-modified: Mon, 18 Sep 2023 22:53:07 GMT
etag: "b7924be0491dab0ccb9c00772a923ee8"
vary: Accept-Encoding
x-goog-generation: 1695077587384318
content-type: image/png
access-control-allow-origin: *
x-default-rule: YES
cache-control: public, max-age=31536000
x-goog-stored-content-length: 22179
x-amz-checksum-crc32c: jUZn4g==
accept-ranges: bytes
x-amz-meta-x-goog-reserved-source-generation: 1634231343539898
expires: Mon, 17 Jun 2024 15:36:22 GMT

GET
H2 200 44db938c4d86a7ea3ae51a511304a117.gif
i.pinimg.com/originals/44/db/93/ 6 MB
6 MB 379ms
18ms Image
image/gif 2a04:4e42:8e::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/44/db/93/44db938c4d86a7ea3ae51a511304a117.gif
Requested by: Host: therosecleaning.com
URL: https://therosecleaning.com/img/PISANG123/AMP/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8e::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c26643bdde9acd40117f7bca4cb328e3bd2dd8f18f56feceb3a7ba29eb4fc713

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://therosecleaning.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 15:36:22 GMT
x-cdn: fastly
etag: "52cca5ab1388a297029882a8befd15bd"
vary: Origin
content-type: image/gif
cache-control: max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443";ma=600
content-length: 6709196

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012405300626000/v0/ 8 KB
3 KB 229ms
105ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405300626000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f1.1e100.net

Software

sffe /

Resource Hash

74b2ab7f9b09d5a6f6ccd6e5f03f360b33f0f1f143f531b2b359a52954c8ee75

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://therosecleaning.com/
Origin: https://therosecleaning.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 16 Jun 2024 03:43:15 GMT
age: 129188
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2974
x-xss-protection: 0
server: sffe
etag: "d78510ac2b65c95f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 16 Jun 2025 03:43:15 GMT

GET
H3

200

cropped-the-rose-foto-de-perfill-32x32.jpg
therosecleaning.com/wp-content/uploads/2021/01/
Redirect Chain

https://therosecleaning.com/favicon.ico
https://therosecleaning.com/wp-content/uploads/2021/01/cropped-the-rose-foto-de-perfill-32x32.jpg

8 KB
9 KB

518ms
516ms

Other
image/jpeg

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://therosecleaning.com/wp-content/uploads/2021/01/cropped-the-rose-foto-de-perfill-32x32.jpg
Protocol: H3
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5f116c8b77dcd566c036e913f3a01e8be00f3c54de279af3314044792e69a5a

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://therosecleaning.com/img/PISANG123/AMP/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 17 Jun 2024 15:36:27 GMT
cf-cache-status: MISS
last-modified: Sat, 16 Jan 2021 02:04:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "21ea-5b8faea7dc8c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=msxGAQFe07oztC6r16bag8x9ekrgpx%2BvrCGzEuLDdj2fSGuThIFEehs6k1LMd4h19oPLShBE8lNTbVhJs7GkTT6FnvcVq0Ms9Nyt8VWZXDYeLzOLj0kKNU0%2Bm3co3aBk6UT%2BXR2m"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89541d7e4d099bd6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 8682

Redirect headers

date: Mon, 17 Jun 2024 15:36:26 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.25
x-redirect-by: WordPress
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q08ZoY0oWH5R7J%2BYC6BkVSR53xZa5uS6oHfQDkDaTWH4n0N8nNsvq%2B4qrn4lqJkguebf1wFJcNGNWRlbhJFvFko28hZNZL8uMZc%2B%2FrazDgjHwSnfV2aA%2B%2Ff2rWlsIhB3AEGb8LJH"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://therosecleaning.com/wp-content/uploads/2021/01/cropped-the-rose-foto-de-perfill-32x32.jpg
cf-ray: 89541d777b319bd6-FRA
link: <https://therosecleaning.com/wp-json/>; rel="https://api.w.org/"
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn-icons-png.flaticon.com
cdn.ampproject.org
i.pinimg.com
images.squarespace-cdn.com
media.tenor.com
thalassafestival.com
therosecleaning.com
www.iconpacks.net
151.101.0.238
158.220.108.219
172.217.18.1
188.114.96.3
192.124.249.13
2a00:1450:4001:800::200a
2a00:1450:4001:80b::2001
2a02:26f0:3500:11::215:14c7
2a04:4e42:8e::84
029fe800bc6c3b2f5f51fa1173732fedfbdcb9ce2992163c94440ddd432839d3
2083c3f0f58e0e43193babdddea7910fe42b507befa68fb882d816860f7619f6
2edb9c6d69cdb3d5d362b51fc67b0f8f38a2b66a9eeeb3494e83604a8a4342e5
6db253bcbf75b5b2e2645f0d5c80e543886fba003dd9c1779e6d5b63629bf94b
74b2ab7f9b09d5a6f6ccd6e5f03f360b33f0f1f143f531b2b359a52954c8ee75
9d5e2003f798252335c0faf032c62d6cb9b2c6ef4756e301b868398a8346b236
a5f116c8b77dcd566c036e913f3a01e8be00f3c54de279af3314044792e69a5a
b726c1a68256843614ce39327692ef30022e32aad2d2d226d36a26e83cdea9e1
baba8b3ea26129762e784079f925faff138c930f55bfdbdf68edb8874c684c40
c26643bdde9acd40117f7bca4cb328e3bd2dd8f18f56feceb3a7ba29eb4fc713
de84eb9f9f6c5fe3b4ab89a13d600f12c6454cbff8099f94ecfd3af546829a6b
f95e762684051ddb879355447e54e543393a7aca361ba205437d1ff23949699b

therosecleaning.com Open in urlscan Pro 188.114.96.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

92 %HTTPS

44 %IPv6

8 Domains

8 Subdomains

9 IPs

3 Countries

7053 kBTransfer

7353 kBSize

0 Cookies

3 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

0 Cookies

Indicators

therosecleaning.com Open in urlscan Pro
188.114.96.3 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

92 %
HTTPS

44 %
IPv6

8
Domains

8
Subdomains

9
IPs

3
Countries

7053 kB
Transfer

7353 kB
Size

0
Cookies

12 HTTP transactions
0 data transactions