urlscan.io logo urlscan.io
SecurityTrails logo

billing.goldentreelearning.com Open in urlscan Pro
217.182.134.191  Public Scan

Go To Rescan Add Verdict Report
URL: https://billing.goldentreelearning.com/
Submission: On September 30 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 8 HTTP transactions. The main IP is 217.182.134.191, located in France and belongs to OVH, FR. The main domain is billing.goldentreelearning.com.
TLS certificate: Issued by R3 on August 10th 2021. Valid for: 3 months.
This is the only time billing.goldentreelearning.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 217.182.134.191 16276 (OVH)
1 172.217.16.138 15169 (GOOGLE)
3 172.67.149.202 13335 (CLOUDFLAR...)
1 104.18.11.207 13335 (CLOUDFLAR...)
2 172.217.16.131 15169 (GOOGLE)
8 5
1    217.182.134.191 (France)

ASN16276 (OVH, FR)
PTR: excel.space4server.com
billing.goldentreelearning.com
1    172.217.16.138 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f138.1e100.net
fonts.googleapis.com
3    172.67.149.202 (United States)

ASN13335 (CLOUDFLARENET, US)
goldentreelearning.com
1    104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    172.217.16.131 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f131.1e100.net
fonts.gstatic.com
Domain Requested by
3 goldentreelearning.com billing.goldentreelearning.com
2 fonts.gstatic.com fonts.googleapis.com
1 maxcdn.bootstrapcdn.com billing.goldentreelearning.com
1 fonts.googleapis.com billing.goldentreelearning.com
1 billing.goldentreelearning.com
8 5

This site contains links to these domains. Also see Links.

Domain
goldentreelearning.com
Subject Issuer Validity Valid
webmail.goldentreelearning.com
R3		 2021-08-10 -
2021-11-08		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-04-24 -
2022-04-23		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://billing.goldentreelearning.com/
Frame ID: 09A1DAB9C337D56E1F45D230AC976E8B
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Golden Tree Learning

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

544 kB
Transfer

573 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
billing.goldentreelearning.com/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://billing.goldentreelearning.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.182.134.191 , France, ASN16276 (OVH, FR),
Reverse DNS
excel.space4server.com
Software
LiteSpeed / PHP/5.6.40
Resource Hash
e86c87e15da1ef9cab1ca7fa97ec928775516bfd33e26d2635ee08daa1bac2bf

Request headers

:method
GET
:authority
billing.goldentreelearning.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

x-powered-by
PHP/5.6.40
content-type
text/html; charset=UTF-8
etag
"12-1633019752;br"
x-litespeed-cache
hit
content-encoding
br
vary
Accept-Encoding
date
Thu, 30 Sep 2021 16:35:52 GMT
server
LiteSpeed
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Playfair+Display:700%7CMontserrat:400,700,400&subset=latin-ext,cyrillic,latin,vietnamese,cyrillic-ext
Requested by
Host: billing.goldentreelearning.com
URL: https://billing.goldentreelearning.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f138.1e100.net
Software
ESF /
Resource Hash
33a4870ed4306d838aa552b630aa416b86eaa1d8be356fc1706722ed166f0fd0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://billing.goldentreelearning.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 30 Sep 2021 16:35:52 GMT
server
ESF
date
Thu, 30 Sep 2021 16:35:52 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Thu, 30 Sep 2021 16:35:52 GMT
style.css
goldentreelearning.com/wp-content/plugins/cmp-coming-soon-maintenance/themes/hardwork/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://goldentreelearning.com/wp-content/plugins/cmp-coming-soon-maintenance/themes/hardwork/style.css?ver=3.5.5
Requested by
Host: billing.goldentreelearning.com
URL: https://billing.goldentreelearning.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.149.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3f700937521dcd3658f0bb169e49cbf92eb0f22e2df63d9e34fd908702a58d5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://billing.goldentreelearning.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 16:35:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 21 Jun 2019 12:42:50 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uHmXOtsx1yoP5uC59mE6pNdOkWsmn7%2FbCWeyVdSFYzNGap7rLgolwkhLvwQff4h85svXAO2y3LEJkYWl8fF6%2Bitc2JoCha%2FZl3KyLQ1R6Tlzxvq23ZGhhTMouwx%2BiRr2%2F%2Bp%2BfLi4aX8n"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
696eddefd8013b67-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 07 Oct 2021 16:35:52 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: billing.goldentreelearning.com
URL: https://billing.goldentreelearning.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://billing.goldentreelearning.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 16:35:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
722, 617
age
13892301
cdn-cachedat
2021-03-10 20:26:20
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
ac51d65409f7a6c773e04411dc506557
cf-ray
696eddef8cb02157-DUS
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
golden-tree-learning.png
goldentreelearning.com/wp-content/uploads/2017/06/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://goldentreelearning.com/wp-content/uploads/2017/06/golden-tree-learning.png
Requested by
Host: billing.goldentreelearning.com
URL: https://billing.goldentreelearning.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.149.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
174e7f6554a9ddf09b361c1d39055d4cde2c51de5bc33ed67c9ba0a10a8bbe87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://billing.goldentreelearning.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 16:35:53 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
46422
last-modified
Tue, 27 Jun 2017 10:50:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AmwRN8C0UGEaG%2BlCs4m4rd%2FDa7jhQv48kLOEMPg2tv3FmTrpcaZD8O%2FhT2EaflRkU12AB%2FJfv3mIEwwaVHXVXD3MqcerrE7Fk9kUf%2BIgdPtpp0sBGd4SQdYysgEbpIJuAFbae7dAOU%2BQ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
696eddefd8023b67-CDG
expires
Thu, 07 Oct 2021 16:35:52 GMT
hardwork_banner_full.jpg
goldentreelearning.com/wp-content/plugins/cmp-coming-soon-maintenance/themes/hardwork/img/ 		436 KB
436 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://goldentreelearning.com/wp-content/plugins/cmp-coming-soon-maintenance/themes/hardwork/img/hardwork_banner_full.jpg
Requested by
Host: billing.goldentreelearning.com
URL: https://billing.goldentreelearning.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.149.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
818dfd68804eaaf623a09f12471e8000eba32463335daf259c712581d9a61dfe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://billing.goldentreelearning.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 16:35:53 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
446097
last-modified
Fri, 21 Jun 2019 12:42:50 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rukwPeTS0fhOFCQkP5OOwiufEpfVC8pDzk%2BkvECgXFbxdiHdUwV1p%2FIxkWGv5pSQt2lGwG3mWl%2BKoKEU5IJEJ3TfMpkMnmCbYowAP%2F8jGM%2F6dgRcX807dJFJxqSWqcDqkJUGrpz4R5SA"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
696eddf049273b67-CDG
expires
Thu, 07 Oct 2021 16:35:53 GMT
nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKeiunDXbtM.woff2
fonts.gstatic.com/s/playfairdisplay/v22/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v22/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKeiunDXbtM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:700%7CMontserrat:400,700,400&subset=latin-ext,cyrillic,latin,vietnamese,cyrillic-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f131.1e100.net
Software
sffe /
Resource Hash
f3ef42f75130984131a4da37fca8f8a51d20ba814673e4f29e0a5d17fccfa812
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://billing.goldentreelearning.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:01:26 GMT
x-content-type-options
nosniff
age
113667
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29928
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 20:29:25 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Sep 2022 09:01:26 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:700%7CMontserrat:400,700,400&subset=latin-ext,cyrillic,latin,vietnamese,cyrillic-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f131.1e100.net
Software
sffe /
Resource Hash
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://billing.goldentreelearning.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 07:30:39 GMT
x-content-type-options
nosniff
age
291914
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19844
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:10 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 27 Sep 2022 07:30:39 GMT

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster function| init

0 Cookies